Uber Employees Use Customer Logs to Track Individuals without Consent
by Amna El Tawil
While Uber is one of the cheapest and most convenient ways to hail a cab, it’s not the safest place if you’d like to preserve your privacy. A former employee claims that Uber drivers have been misusing the tracking technology available to them to spy on celebrities, politicians, and even their exes.
Ward Spangenberg, Uber’s former forensic investigator, has made some shocking revelations about the company which fired him in February 2016 after 11 months of work on his 45th birthday. Now, Spangenberg is suing his former employer for wrongful termination, defamation, and age discrimination. He claimed that those who worked at the company could easily track high-profile figures and people in their own lives by looking up their travel history in the company’s database. The number of company members with access to customer travel history was in the thousands.
In his court declaration, Spangenberg wrote: “Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses.”
He also said, “During my employment, I also reported that Uber lacked security regarding its storage of driver information, including social security numbers, which were available, again, to all Uber employees, without regard to any particular level of employment or security clearance.”
After news that executives were using the company’s “God View” feature to track customers in real time without their permission emerged two years ago, the company insisted it had strict policies that prohibited employees from accessing users’ trip information with limited exceptions.
However, five former security professionals who worked for the company told Reveal from The Center for Investigative Reporting that the company continued to allow broad access even after those assurances.
Spangenberg also claims that Uber deleted files that were obligated by law to keep and during government raids of foreign offices the company remotely encrypted all computers to prevent authorities from gathering information.
Although company claims they improved security to protect user information, the question is: did they really?