Uber settles suit over privacy violations

US Federal Trade Commission said taxi firm’s ‘deception’ harmed consumers

Uber has agreed to implement new data protection measures to settle complaints that it failed to prevent improper snooping on driver and customer information. Photograph: Mark Ralston/AFP/Getty
Uber has agreed to implement new data protection measures to settle complaints that it failed to prevent improper snooping on driver and customer information. Photograph: Mark Ralston/AFP/Getty

Uber has settled a complaint accusing it of giving drivers free rein to access customers' information, including the ability to follow the paths of their journeys, and of failing to protect its drivers' personal data from hackers.

The head of the US Federal Trade Commission said Uber's "deception" about its behaviour caused "substantial harm" to consumers and also hurt competition by giving it an "unwarranted advantage" over rivals that were more honest about privacy practices.

Uber also “failed to provide reasonable security” against hackers, the FTC alleged, leading to a 2014 break-in that allowed intruders to access data related to more than 100,000 drivers, including unencrypted names and drivers’ licence numbers.

The ride-hailing company must now submit to audits of its privacy and security systems every two years for 20 years, as part of Tuesday's settlement with the FTC. The sanctions echo similar FTC settlements with Google, Facebook and Snap in past years and mean Uber could face fines if it is found misrepresenting its privacy practices again.

READ SOME MORE

Legal burden

The FTC’s requirements add another legal burden to Uber’s mounting problems. It is battling shareholder Benchmark over its search for a chief executive and is immersed in a court case with Alphabet’s Waymo unit over self-driving technology. The US department of justice is also investigating Greyball, a software tool used by Uber to evade regulators.

"This case shows that, even if you're a fast-growing company, you can't leave consumers behind: you must honour your privacy and security promises," said Maureen Ohlhausen, the FTC's acting chairman.

The FTC's investigation began in late 2014 after reports that Uber employees were able to watch customers' rides using a live mapping tool known internally as "God View". Comments made by a top executive, Emil Michael, that the company should investigate the "personal lives" of critical journalists, also raised concerns.

Mr Michael left Uber in June of this year in the wave of executive departures that has also included Travis Kalanick, its chief executive.

In a statement, Uber said it was “pleased to bring the FTC’s investigation to a close”. – (Copyright The Financial Times Limited 2017)