Uber’s user privacy policies are back in the spotlight after a story from the Center for Investigative Reporting on Dec. 13 led with this shocking claim: “Internal Uber employees helped ex-boyfriends stalk their ex-girlfriends and searched for the trip information of celebrities such as Beyoncé.” The accusations come from Ward Spangenberg, Uber’s former forensic investigator, who is suing the company for age discrimination and has alleged abuses of user data in a court declaration.
The claims dredge up painful history for Uber, which came under fire in late 2014 when one of its executives suggested digging up dirt on journalists at a private dinner, and another used a “God View” mode to track a reporter’s location without her permission. Uber paid $20,000 to settle a probe into God View by the New York attorney general earlier this year.
The damning assertion in the CIR story (not to mention the Orwellian gif illustrating it) is that Uber never really reformed. “Five former Uber security professionals” told CIR that “the company continued to allow broad access” to users’ trip information even after claiming to impose limits on it. “When I was at the company, you could stalk an ex or look up anyone’s ride with the flimsiest of justifications,” Michael Sierchio, a senior security engineer at Uber from early 2015 to June 2016, told CIR.
Uber in a statement said it is “absolutely untrue that ‘all’ or ‘nearly all’ employees have access to customer data, with or without approval.” The company said it has “hundreds of security and privacy experts working around the clock to protect our data,” which includes “enforcing strict policies and technical controls to limit access to user data to authorized employees.” Uber emphasized that certain employees—like those in anti-fraud—have “legitimate reasons to access customer data.”
In an email to Uber employees yesterday, John “Four” Flynn, the company’s chief information security officer, wrote that “much of the information” in the CIR story “is out of date and doesn’t accurately reflect the state of our practices today.” User trust is paramount for Uber, which shook up the established taxi industry in large part by convincing people that it was OK to get into a stranger’s car, so long as that person had been vetted and dispatched by the Uber app.
Uber has been on thin ice with privacy-conscious users since late November, when its app update asked iOS users to grant Uber the ability to track their location continuously. Before the update, users had been able to choose between three settings for location tracking: “Never,” “While Using the App,” and “Always.” Uber eliminated the “While Using the App” option, which it said only allowed for data collection while its app was open on someone’s home screen and hindered its ability to glean important details of trips. The company said riders who wished to opt out of constant location tracking could select “Never” and enter their pickups and destinations manually.
That explanation didn’t sit well with privacy advocates. The change has “absolutely no respect for user privacy, just none,” Nate Cardozo, senior staff attorney at the Electronic Frontier Foundation, told Quartz. Cardozo says Uber could still get the user data it wants with more limited location tracking. The new setup, he says, is “ripe for abuse.” Uber has “removed the technical controls that could prevent abuse along the lines that are described in [the CIR] story.”
Uber can obviously fight Spangenberg’s lawsuit, and other claims that might bubble up about past privacy abuses. But in terms of reassuring riders today, one fix seems pretty simple: The company could reinstate the more lenient “While Using the App” option for location tracking on iOS. Entering your pickup and drop-off points manually is a pain, as Uber certainly knows. For an on-demand transportation app, the choice between no location services and no privacy is a false one at best. So long as Uber refuses to change, privacy-sensitive customers might be better off taking Lyft.