European Union privacy regulators will discuss ride-hailing app Uber's massive data breach cover-up next week and could create a task-force to coordinate investigations.
Uber faces regulatory scrutiny after CEO Dara Khosrowshahi said the company covered up a data breach last year that exposed personal data from around 57 million accounts.
The chair of the group of European data protection authorities - known as the Article 29 Working Party - said the data breach would be discussed at its meeting on November 28 and 29.
While EU data protection authorities cannot impose joint sanctions, they can set up task-forces to coordinate national investigations.
When a new EU data protection law comes into force next May, regulators will have the power to impose much higher fines - up to 4% of global turnover - and coordinate more closely.
Uber paid hackers $100,000 to keep secret the massive breach.
The stolen information included names, email addresses and mobile phone numbers of Uber users around the world, and the names and licence numbers of 600,000 US drivers, Khosrowshahi said. Uber declined to say what other countries may be affected.
"We cannot but voice our strong concern for the breach suffered by Uber, which was reported belatedly by the US company. We initiated our inquiries and are gathering all the information that can help us assess the scope of the data breach and take the appropriate steps to protect any Italian citizens involved," said Antonello Soro, President of the Italian Data Protection Authority.
The British data protection authority also said the concealment of the breach raised "huge concerns" about Uber's data policies and ethics. The Office of the Data Protection Commissioner in Dublin is also looking into the breach.