17 Aug Uber to Undergo 20 Years of Privacy Audits for Mishandling Data
Last Wednesday, ride-hailing giant Uber has agreed with the FTC to put a comprehensive privacy program in place that will involve regular, independent privacy audits which may extend for a period of up to 20 years.
The agreement was part of the settlement Uber entered to end the FTC’s investigation on the company’s data security and privacy practices. The FTC complaint alleging Uber’s misrepresentation of practices dates back to 2014 and 2015, where reports revealed Uber’s “God-view” interface which was said to have allowed employees to see user’s ride information. This directly contradicted the company’s policy that “prohibits all employees at every level from accessing a rider or driver’s data”
A description of the consent agreement package will be published in the Federal Register and made open for public comment for 30 days, after which a decision on the finality of the proposed consent order will be made.