clock menu more-arrow no yes mobile

Filed under:

Uber's vast trove of customer data is ripe for abuse

Justin Sullivan/Getty Images

The problem with Uber CEO Travis Kalanick isn't just that he's a jerk. It's that he runs a company with a ton of information about its users. Information is power, and there's zero reason to believe Kalanick will use that power responsibly.

Kalanick is in the news because one of his deputies, Emil Michael, recently made comments about hiring opposition researchers to dig into the personal lives of journalists who cover the company negatively. Kalanick was in the room as Michael made these comments, and he didn't object. But today he posted a half-hearted apology to Twitter. He claimed that Michael's comments showed "a lack of leadership, a lack of humanity, and a departure from our values and ideals."

You might expect that an executive who lacked leadership and humanity would get fired, but there's been no indication that Michael will lose his job. The broader problem is that Michael's comments actually seem perfectly consistent with Uber's values — as demonstrated by the company's actions.

This is a company with a famously cavalier attitude toward its customers' privacy. Back in September, allegations surfaced that Uber sometimes wows party guests with a "God View" feature:

One of the go-to Uber party tricks for the events is to treat the attendees to Uber’s "God View," which lets them see all of the Ubers in a city and the silhouettes of waiting Uber users who have flagged cars. When it’s anonymous, it’s a cool trick. But Julia Allison, an attendee at a launch party in Chicago in September 2011, says Uber treated guests to Creepy Stalker View, showing them the whereabouts and movements of 30 Uber users in New York in real time. She recognized half of the people listed and texted one of them, entrepreneur Peter Sims, revealing that she knew his current whereabouts.

And this isn't the only time Uber has been accused of misusing private information about its customers. Buzzfeed says that "the general manager of Uber NYC accessed the profile of a BuzzFeed News reporter, Johana Bhuiyan, to make points in the course of a discussion of Uber policies. At no point in the email exchanges did she give him permission to do so."

This kind of casual disregard for user privacy becomes particularly ominous when we remember that Uber is popular with some of the most powerful members of our society. For example, as Alex Howard points out, Uber is popular with members of Congress. And we know — because Uber has told us — that Uber can use customer data to draw conclusions about customers' sex lives. Imagine if Uber began supplying this kind of data to its lobbyists.

There's no evidence that Uber has ever misused its data in this way, and Uber says it has strict policies designed to safeguard customer privacy. But policies are only as trustworthy as the people enforcing them. When an Uber executive openly muses about intimidating reporters with sensitive personal information, that's a sign that he might not be sufficiently committed to ethical behavior to be a senior executive at a powerful company like Uber. And the fact that Kalanick sat silently through Michael's comments, and then chose not to fire him when the comments became public, suggests he might not take ethical considerations seriously enough, either.

It's also worth talking about whether Uber's customers should have legally enforceable rights protecting the privacy of their travel data. Most other organizations that hold sensitive customer data — health care providers, universities, telecommunications companies, even video rental stores — are subject to regulations on their use of private customer data. The data Uber collects is at least as sensitive as peoples' academic transcripts or video rental history. Perhaps travel data should have the same kinds of legal protections.

Update: In a new blog post, Uber says its privacy policy strictly limits employee access to customer data.