BY MATT DAUS
IN-DEPTH WITH DAUS – It’s about time that the arrogance and Wild West approach of Uber is facing the appropriate criticism. This turn of events in the media started with the Washington Post’s report that Uber had an employee allegedly share what’s called “God View,” which allowed the company to track users. This followed a flurry of reports that Uber is misusing and possibly exploiting private passenger data, and that Uber Senior VP Emil Michael pledged $1 million to dig up dirt on a journalist; the next day, a senior editor at San Francisco Magazine wrote how her sources at Uber warned her that execs could be spying on her via Uber usage. The editor was cautious to say that she did not know whether her information was accessed or whether her sources were overzealous, but the general sense is that viewing users’ private data is fairly easy at Uber, and that “the company stokes paranoia in its employees about talking to the press.”
Some say this is just consumer data collection, while others feel that it is nothing short of spying. If TNCs are engaging in the collection, use, and monitoring of data that is not pursuant to a legitimate business or regulatory purpose, with personal details and customer information so readily available that an intern or possibly a hacker could acquire them, there is a potential privacy and security issue. This raises a question: What kind of spy we are dealing with? Is our culprit a cunning, James Bond-esque operative, or are we dealing with the clumsy joker or goofy spy seen in Get Smart or Austin Powers?
There is no question that the TNCs of the world are immature, cocky, and inexperienced, doing things that are not thought-out well or just plain stupid. But there is a more nefarious aspect to this that seeks to turn the collection of data and tracking of TNC users into gold. This data value capture probably supports a large portion of the alleged multi-billion dollar valuation of companies such as Uber. Of all the issues to surface during the TNC debate so far, nothing could be quite as damning or damaging economically to the new breed of data-hungry TNCs than government regulations limiting the collection or use of such data.
These concerns have caught the attention of Minnesota Senator Al Franken, who recently served as chairman of a Senate subcommittee that focuses on privacy, technology, and the law. On November 19, 2014, Senator Franken wrote a letter to Uber CEO Travis Kalanick asking how the company handles its users’ information and how it plans to treat journalists. Among other things, Senator Franken questioned Uber’s indefinite storage of consumer data as well as the lack of transparency in its privacy policy, which states that the company may share customers’ personal and usage information with its “parent, subsidiaries, and affiliates for internal reasons.”
… the general sense is that viewing users’ private data is fairly easy at Uber, and that ‘the company stokes paranoia in its employees about talking to the press.’ ”
The Federal Trade Commission (FTC) and other regulators have become increasingly concerned with the privacy implications of mobile and geolocation data and mobile app data security. While no law currently exists on the collection of geolocation information without consumer consent, it is unlawful for companies’ privacy policies to be “unfair and deceptive” under FTC’s longstanding rules and regulations. In the FTC’s seminal 2012 report, Protecting Consumer Privacy in an Era of Rapid Change, the commission made plain its “particular concerns of location data in the mobile context” and called on “entities involved in the mobile ecosystem to work together to establish standards that address data collection, transfer, use, and disposal, particularly for location data.” Since then, FTC has issued further guidelines on best practices with respect to the development of privacy policies and practices.
Whether or not changes are on the way on a national legislative level, it is completely within the power of state and local legislators or government transportation regulators to require, as a condition to the licensure of TNCs, that privacy protections be put into place. When I was commissioner of the NYC Taxi and Limousine Commission (TLC), we enacted regulations—working closely with the New York Civil Liberties Union—that required the vendors that were authorized to install the taxicab technology systems (the credit card machines, screens, monitors, and GPS systems) in NYC yellow taxicabs to adhere to strict security and privacy protocols to protect the public from credit card fraud, identity theft, and other unlawful hacking of such data. Data categorized as private or confidential must not be transitioned to removable media without TLC approval. A copy of these NYC rules and regulations can be found at on.nyc.gov/1JocOUJ.
TLC is entitled to only a limited amount of data, which include those relative to taxicab pickups and drop-offs, as well as certain GPS location information. TLC does not typically obtain (and is generally shielded from reviewing) GPS pings of the taxicab and its location throughout the route. This is precisely the type of information—the tracking of a passenger trip—that Uber was alleged to have been monitoring as part of its “God View.” TLC typically obtains important data on the number of rides, taxi fare information, and other general information that include “blips or dots on a screen” with no particular identity of passengers or individual taxicab drivers or medallions (unless requested for a legitimate regulatory purpose as part of a TLC or other government investigation). Off-duty locations of taxicabs are completely off-limits to TLC as a privacy safeguard. TLC collects general ridership data to achieve various objectives, like to verify that taxicabs are servicing all neighborhoods in the city, and to determine the actual earnings of taxicab drivers and medallion owners to make fact-based decisions in enacting fare increases, as opposed to the prior guesswork involved in manual trip sheet surveys and other primitive methods. TLC will only receive further breadcrumb data if it is specifically requested for a targeted and disclosed purpose (like lost property or a stolen cab), and only releases more detailed data to law enforcement if served with a subpoena.
In 2007, when the installation of GPS in NYC taxicabs was introduced, some medallion owners and drivers sued TLC, claiming privacy rights violations of the 4th Amendment of the U.S. Constitution. See Alexandre v. NYC TLC, No. 07 Civ. 8175 (RMB), 2007 WL 2826952 (SDNY September 28, 2007). The U.S. District Court for the Southern District of New York found that the contracts between TLC and T-PEP (GPS systems) vendors limited the release of data in such a narrowly tailored manner, it passed constitutional scrutiny. Thus, the court concluded that the government’s substantial interest in requiring GPS data, to promote taxi customer service, ridership, and passenger and driver safety, outweighed the plaintiffs’ right to privacy, due to the TLC’s narrowly tailored collection of such sensitive data.
In November 2014, TLC passed rules requiring that, among other things, for-hire vehicle bases submit trip records to TLC (similar data as that requested of medallion taxicabs). At the public hearing, representatives from both Uber and Lyft testified in opposition to the proposed rules. Uber’s NYC manager, Josh Mohrer, testified that the collection of data created privacy concerns. Although Uber claimed that these new rules jeopardized trade secrets and were “unconstitutional,” Uber’s own privacy policy allows for the sharing of user information, including location data, in response to legal demands. As a result of Uber’s refusal to produce the mandated information, TLC briefly suspended five of Uber’s six bases in NYC.
The New York Civil Liberties Union has raised concerns about Uber’s privacy policies (or lack thereof) and I have discussed these issues with the American Civil Liberties Union. I also delivered a presentation last month in Washington, D.C., to the Transportation Research Board of the National Academy of Sciences on TNC privacy issues. As jurisdictions enact or revisit new TNC legislation, it is incumbent on our lawmakers to ensure that appropriate privacy safeguards are inserted into the law in a manner that protects against the inappropriate use of data, or to prevent privacy or security breaches from taking place.
For example, new TNC laws, if not invalidated or repealed for other reasons, should insert new provisions that: impose restrictions on access to data internally at TNCs and to private third parties without express permission from passengers as to the specific entity or purpose for which such data will be used; security safeguards ensure that hackers cannot access such TNC data, which are imposed and monitored by regulators; and, a requirement—like San Francisco’s, New York City’s, and those in various Australian states—for the companies doing business with TNCs or TNCs themselves to submit electronic trip sheet data while on duty (pickup, drop-off, and fare box data at a minimum) so that regulators can ensure compliance with various laws, and analyze industry economics with a solid factual basis.
There is also a message here for passengers using transportation apps who have options to protest the lack of appropriate privacy safeguards: Either demand such protections, or until apps like Uber commit to do so, delete them from your phone. As we would say in computer terms, “Control-Alt-Delete”—or “Command-Option-Escape” for Mac users. [CD0215]
Matt Daus is a partner with The Law Firm Windels Marx, president of IATR, and a leading authority on ridesharng apps. he can be reached at mdaus@windelsmarx.com.