Uber agrees to protect rider data

Audrey Hill
August 16, 2017

This system, along with a 2014 data breach that exposed the information of 50,000 drivers, ended up costing Uber $20,000 in fines from the state of NY following an investigation into the company's privacy and data security practices.

The FTC said Uber failed to stop employees from inappropriately accessing user data, and that the company failed to provide "reasonable security" for the data it stored on Amazon Web Services.

News of an investigation by the FTC into Uber's privacy practices first came to light in mid-June, days before Travis Kalanick resigned as CEO of the company. In addition, the company will have to implement a new, comprehensive privacy program that directly addresses the risks related to new and existing products.

The company developed an automated system for monitoring employee access in December 2014 but stopped using it less than a year after it was put in place, according to the agency.

Uber Technologies Inc has agreed to two decades of audits after United States regulators found the ride-services company failed to protect the personal information of drivers and passengers and deceived the public about efforts to prevent snooping by its employees.

In a statement, FTC acting chairman Maureen K. Olhausen said that Uber had failed its customers in two ways.

Uber has settled with federal regulators that accused the start-up of "deceptive privacy and data security claims".

More news: Sheriff: 3 dead in shooting at Wis. racetrack
More news: Arsene Wenger : Manager braced for knife-edge Arsenal season
More news: White nationalist rally in Virginia sparks violent clashes, emergency declaration

In 2014, Uber executives had a devious little hobby: spying on everyone from Beyoncé to their ex-girlfriends.

Uber's "God View" software, which some employees reportedly had used to track the real-time locations of passengers including politicians, celebrities like Beyonce, and even ex-girlfriends, was a key FTC concern.

Uber's agreement with the FTC includes the company basically admitting that it wasn't keeping tabs on employee and customer data - and who did or did not have access to it - as closely as they said they were.

Uber has reached a settlement with the US government following charges it "deceived customers" by not properly protecting their private information.

A FTC spokesperson told Gizmodo that Uber won't pay anything to settle the case, an arrangement that's typical for companies being hit with their first FTC complaint. "It's going to make them take privacy into account every day".

An Uber spokesman said in an e-mailed statement that the company was pleased the FTC investigation had ended, adding: "We've significantly strengthened our privacy and data security practices since then and will continue to invest heavily in these programmes". The company recently rolled out an internal differential privacy tool that will let its engineers work with customer data without accessing sensitive personal information.

Other reports by MaliBehiribAe

Discuss This Article