… the general sense is that viewing users’ private data is fairly easy at Uber, and that ‘the company stokes paranoia in its employees about talking to the press.’ ”
The Federal Trade Commission (FTC) and other regulators have become increasingly concerned with the privacy implications of mobile and geolocation data and mobile app data security. While no law currently exists on the collection of geolocation information without consumer consent, it is unlawful for companies’ privacy policies to be “unfair and deceptive” under FTC’s longstanding rules and regulations. In the FTC’s seminal 2012 report, Protecting Consumer Privacy in an Era of Rapid Change, the commission made plain its “particular concerns of location data in the mobile context” and called on “entities involved in the mobile ecosystem to work together to establish standards that address data collection, transfer, use, and disposal, particularly for location data.” Since then, FTC has issued further guidelines on best practices with respect to the development of privacy policies and practices.
Whether or not changes are on the way on a national legislative level, it is completely within the power of state and local legislators or government transportation regulators to require, as a condition to the licensure of TNCs, that privacy protections be put into place. When I was commissioner of the NYC Taxi and Limousine Commission (TLC), we enacted regulations—working closely with the New York Civil Liberties Union—that required the vendors that were authorized to install the taxicab technology systems (the credit card machines, screens, monitors, and GPS systems) in NYC yellow taxicabs to adhere to strict security and privacy protocols to protect the public from credit card fraud, identity theft, and other unlawful hacking of such data. Data categorized as private or confidential must not be transitioned to removable media without TLC approval. A copy of these NYC rules and regulations can be found at on.nyc.gov/1JocOUJ.
TLC is entitled to only a limited amount of data, which include those relative to taxicab pickups and drop-offs, as well as certain GPS location information. TLC does not typically obtain (and is generally shielded from reviewing) GPS pings of the taxicab and its location throughout the route. This is precisely the type of information—the tracking of a passenger trip—that Uber was alleged to have been monitoring as part of its “God View.” TLC typically obtains important data on the number of rides, taxi fare information, and other general information that include “blips or dots on a screen” with no particular identity of passengers or individual taxicab drivers or medallions (unless requested for a legitimate regulatory purpose as part of a TLC or other government investigation). Off-duty locations of taxicabs are completely off-limits to TLC as a privacy safeguard. TLC collects general ridership data to achieve various objectives, like to verify that taxicabs are servicing all neighborhoods in the city, and to determine the actual earnings of taxicab drivers and medallion owners to make fact-based decisions in enacting fare increases, as opposed to the prior guesswork involved in manual trip sheet surveys and other primitive methods. TLC will only receive further breadcrumb data if it is specifically requested for a targeted and disclosed purpose (like lost property or a stolen cab), and only releases more detailed data to law enforcement if served with a subpoena.
In 2007, when the installation of GPS in NYC taxicabs was introduced, some medallion owners and drivers sued TLC, claiming privacy rights violations of the 4th Amendment of the U.S. Constitution. See Alexandre v. NYC TLC, No. 07 Civ. 8175 (RMB), 2007 WL 2826952 (SDNY September 28, 2007). The U.S. District Court for the Southern District of New York found that the contracts between TLC and T-PEP (GPS systems) vendors limited the release of data in such a narrowly tailored manner, it passed constitutional scrutiny. Thus, the court concluded that the government’s substantial interest in requiring GPS data, to promote taxi customer service, ridership, and passenger and driver safety, outweighed the plaintiffs’ right to privacy, due to the TLC’s narrowly tailored collection of such sensitive data.
The New York Civil Liberties Union has raised concerns about Uber’s privacy policies (or lack thereof) and I have discussed these issues with the American Civil Liberties Union. I also delivered a presentation last month in Washington, D.C., to the Transportation Research Board of the National Academy of Sciences on TNC privacy issues. As jurisdictions enact or revisit new TNC legislation, it is incumbent on our lawmakers to ensure that appropriate privacy safeguards are inserted into the law in a manner that protects against the inappropriate use of data, or to prevent privacy or security breaches from taking place.
For example, new TNC laws, if not invalidated or repealed for other reasons, should insert new provisions that: impose restrictions on access to data internally at TNCs and to private third parties without express permission from passengers as to the specific entity or purpose for which such data will be used; security safeguards ensure that hackers cannot access such TNC data, which are imposed and monitored by regulators; and, a requirement—like San Francisco’s, New York City’s, and those in various Australian states—for the companies doing business with TNCs or TNCs themselves to submit electronic trip sheet data while on duty (pickup, drop-off, and fare box data at a minimum) so that regulators can ensure compliance with various laws, and analyze industry economics with a solid factual basis.
There is also a message here for passengers using transportation apps who have options to protest the lack of appropriate privacy safeguards: Either demand such protections, or until apps like Uber commit to do so, delete them from your phone. As we would say in computer terms, “Control-Alt-Delete”—or “Command-Option-Escape” for Mac users. [CD0215]
Matt Daus is a partner with The Law Firm Windels Marx, president of IATR, and a leading authority on ridesharng apps. he can be reached at firstname.lastname@example.org.