A Question of Privacy: Uber accused of letting staff spy on customers

By Sam Edem
Uber
Uber

First, it was the FBI and the CIA accused of wiretapping as part of a robust national security measure now the lines have stretched beyond the boundaries of government or its institutions to private enterprise. Mails in sync with about every related detail about individuals anywhere on the internet: one could easily pass the word 'privacy' for fantasy. As if these were mere illusions, following a BuzzFeed news story in 2014 that alleged one of its reporter's rides had been tracked via "God View" without her permission, Uber has defended itself following accusations that a lack of internal security allowed employees to spy on rides in real-time.

The firm's former forensic investigator made the allegations in a court declaration. Uber claimed it had "hundreds of security and privacy experts working around the clock" to protect its data. A claim that at this point is highly disputable. The company recently settled a case in New York that alleged its "God View" tool was used to monitor rides. The former forensic investigator Ward Spangenberg in his court declaration wrote: "Uber's lack of security regarding its customer data was resulting in Uber employees being able to track high-profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses". 

Mr. Spangenberg who was dismissed from Uber earlier this year is now suing the company over age discrimination and whistleblowing retaliation. Five former security professionals told news site Reveal and the Center for Investigative Reporting that Uber allowed broad access to ride data.

In defense, Uber spokesman in a statement said, "Uber continues to increase our security investments and many of these efforts, like our multi-factor authentication checks and bug bounty program, have been widely reported," He added that "this includes enforcing strict policies and technical controls to limit access to user data to authorized employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated." The spokesman equally repudiated the claim that "all" or "nearly all" Uber's employees had access to customer data, with or without approval. In his own words, "some teams have never had access to this information". Staff access to data was logged and routinely audited, he further asserted. Uber also said that "God View" no longer existed, and it now had an internal tool called "Heaven View".

In January, Uber paid $20,000 (£13,700) and promised to strengthen privacy policies in order to settle an investigation by New York's attorney general. However, whether these allegations are proven to be true or not, we all can't shy away from the sheer reality that in a world that has been integrated by communication technology(particularly the internet), our individual privacy has been largely compromised.