Uber’s Fined $20,000 For Its ‘God View’ Tracking Tool Used To Spy On Users

Uber To Pay $20,000 As Settlement Over Privacy Breach By Its ‘God View’ Tracking Tool

The Attorney General of State of New York, Eric Schneiderman has decided to fine Uber $20,000 for its โ€œGod Viewโ€ programme and the companyโ€™s overall negligent security practices. This decision comes after the data breach act that took place in May 2014 when an Uber engineer unintentionally posted online login information for a private database containing driver information. This was discovered by the company a few months later in September, when a former employee from a competitor revealed the problem.

The security breach had exposed the data of approximately 50,000 drivers across multiple U.S. states. Data included names of the independent contractors that collaborate with Uber, routes that were taken, clients that requested them, and even the name, phone numbers and e-mail addresses of said clients were stored on a cloud where any third party could have had access to them.

The matter came to light when Uberโ€™s New York manager, Josh Mohrer revealed to a journalist that he was both tracking her Uber ride and accessed her ride history logs without permission, including through the companyโ€™s โ€œGod Viewโ€ tool. The tool shows an aerial view of all passengers and drivers in a particular area.

It would appear that the taxi service company was indeed using an entire tracking system that recorded and kept logs of every single trip ever took via their cars which corporate employees were able to access at any time via the so called โ€˜God Viewโ€™ app. Further, it was revealed that said employees could also access customer personal information as well. The fine has been imposed on the company for its delay in providing timely notice of the data breach to the affected drivers and the office of the attorney general.

What followed were disclosures that the God View tool was available to employees largely within the company, who could use it with little discretion. Eventually, Uber backed down but not before settling with the State of New York for $20,000 and agreeing to an overhaul of its privacy policy to better protect and encrypt location data of its riders for โ€œlegitimate business purposes.โ€

According to BuzzFeed, the settlement says:

โ€œUber has represented that it has removed all personally identifiable information of riders from its system that provides an aerial view of cars active in a city, has limited employee access to personally identifiable information of riders, and has begun auditing employee access to personally identifiable information in general.โ€

Following the ordeal, Uber spokesman Matt Wing made a statement saying that the company is now fully committed to protecting the privacy and the personal data of both its customers and its drivers and has, therefore, revised its privacy practices. The amount of data that was previously subject to potential abuse by internal staff and a truly worrisome prospect should it had fallen into the wrong hands, is now only accessible by employees only under circumstances of dire need.

The settlement is due to be officially announced tomorrow, and Uber has also agreed to notify the Attorney Generalโ€™s office if the โ€˜God Viewโ€™ application resumes collecting GPS information from mobile devices when the app is not open.

Subscribe to our newsletter

To be updated with all the latest news

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!

Subscribe to our newsletter

To be updated with all the latest news

Read More

Suggested Post