Uber agrees to protect rider data
DETROIT — Ride-hailing service Uber has agreed to protect data and audit use of rider information to settle a complaint from the federal government that it deceived customers.
The Federal Trade Commission, in a complaint settled on Tuesday, alleged that Uber failed to secure data about rider trips and neglected to monitor employee access to the information. It’s another in a long string of missteps for the San Francisco-based company, which faces a separate federal investigation for allegedly using a phony app to block city inspectors from monitoring its service.
Uber misrepresented how well it monitored employee access to personal information about users and drivers, and it misstated that it took steps to secure customer data, FTC Acting Chairman Maureen Ohlhausen said in a statement. “This case shows that even if you’re a fast-growing company, you can’t leave consumers behind: You must honor your privacy and security promises,” she said.
Uber said the allegations date to 2014, and before the government complaint, it had already put safeguards in place to protect data. Since then, it has strengthened privacy and data security and will keep investing in security programs, the company said.
But the FTC alleged in its complaint that after news reports of Uber employees improperly accessing customer data, the company issued a statement in November of 2014 that it had a strict policy prohibiting employees from viewing the data except for legitimate business purposes. The company also said employee access would be closely monitored.
But Uber stopped using a monitoring system less than a year later and for nine months, rarely monitored access to customer and driver information.