:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/63700649/lyft-1.0.1486138468.0.jpeg)
Following a Re/code report that described the surprisingly common practice of technology company employees accessing the user data of reporters and customers, ride-sharing service Lyft said today it changed its internal privacy policies to limit such access.
Lyft said it has instituted “tiered access controls” that limit access to user data to a subset of employees, and further limit ride location data to even fewer people. This would prevent the tracking by employees including the Lyft spokesperson who had previously told me she could access my data with my permission.
The company described this as part of its growth process. User privacy has come under scrutiny this week after a Buzzfeed report revealed that Lyft rival Uber has snooped on reporters in the past.
Uber clarified its privacy policy earlier this week, explaining that it forbids such activity and said it was investigating one case in which a BuzzFeed reporter’s travel history was accessed.
Here’s the full new Lyft statement:
Lyft’s longstanding policy prohibits employees or contractors from accessing any user personal information except to the extent such use is necessary to do their job.
In addition to this policy, all access and updates to user and ride data has been and will continue to be attributed to an authorized user, recorded, and available for audit internally as part of maintaining our stringent privacy standards.
As Lyft grows, we continue to review and refine our privacy practices. Today, we have proactively made additional updates to further safeguard our community members’ privacy, including the development of tiered access controls that further limit access to user data to a smaller subset of employees and contractors. Ride location data is restricted to an even smaller subset of people.
This article originally appeared on Recode.net.
