Uber Promises It’s Not Looking at Your Data, Except When It Wants To

epa04430044 Travis Kalanick, Founder and CEO of Uber, delivers a speech at the Institute of Directors Convention at the Royal Albert Hall, Central London, Britain, 03 October 2014. The annual convention brings together business leaders and politicians to discuss the business strategy and the world economy. EPA/WILL OLIVER
Travis Kalanick, Uber’s CEO. Photo: Will Oliver/EPA/Corbis

On the defensive about its misuse of customer data, Uber has published a privacy policy in which it promises not to view individual users’ accounts, except in a broad set of circumstances. 

It all starts out promisingly. “Uber has a strict policy prohibiting all employees at every level from accessing a rider or driver’s data,” the $18 billion start-up says. “The only exception to this policy is for a limited set of legitimate business purposes.” Ah. What might those “legitimate business purposes” be? “Supporting riders and drivers in order to solve problems,” “facilitating payment transactions,” “monitoring driver and rider accounts for fraudulent activity,” and “reviewing specific rider or driver accounts in order to troubleshoot bugs.” In other words, any number of purposes, loosely defined by the company. 

In the past, Uber has shown a somewhat cavalier attitude toward customer privacy — publishing a blog post on customers’ possible one-night stands, for instance, and tracking individual users in real time using a not-at-all-creepy internal tool called “God View.” Here’s one example of God View at work on a BuzzFeed reporter:  

[Two former employees] said God View, which shows the location of Uber vehicles and customers who have requested a car, was widely available to corporate employees. Drivers, who operate as contractors, do not have access to God View.

Early this November, one of the reporters of this story, Johana Bhuiyan, arrived to Uber’s New York headquarters in Long Island City for an interview with Josh Mohrer, the general manager of Uber New York. Stepping out of her vehicle — an Uber car — she found Mohrer waiting for her. “There you are,” he said, holding his iPhone and gesturing at it. “I was tracking you.”

And here’s another example, from entrepreneur Peter Sims:

One night, a couple of years ago, I was in an Uber SUV in NYC, headed to Penn Station to catch the train to Washington DC when I got a text message from a tech socialite of sorts (I’ll spare her name because Gawker has already parodied her enough), but she’s someone I hardly know, asking me if I was in an Uber car at 33th and 5th (or, something like that). I replied that I was indeed, thinking that she must be in an adjacent car. Looking around, she continued to text with updates of my car’s whereabouts, so much so that I asked the driver if others could see my Uber location profile? “No,” he replied, “that’s not possible.”

At that point, it all just started to feel weird, until finally she revealed that she was in Chicago at the launch of Uber Chicago, and that the party featured a screen that showed where in NYC certain “known people” (whatever that means) were currently riding in Uber cabs. After learning this, I expressed my outrage to her that the company would use my information and identity to promote its services without my permission. She told me to calm down, and that it was all a “cool” event and as if I should be honored to have been one of the chosen.

So don’t worry, riders. Uber executives swear only to use God View when the business purpose is legitimate.

Uber: We’re Not Looking at Your Data, Except …