NEW YORK (Legal Newsline) – Uber will have to adopt leading security protection practices to protect riders’ personal information after a settlement with New York Attorney General Eric T. Schneiderman.
The settlement resolves two main allegations. The first allegation has to do with reports that came out in 2014 that Uber executives had access to riders’ locations and that Uber displayed this information in an aerial view it called “God View.” The second allegation involves an issue where Uber experienced a data breach in 2014. During the breach, an unauthorized third party received access to Uber driver names and driver's license numbers.
“This settlement protects the personal information of Uber riders from potential abuse by company executives and staff, including the real-time locations of riders in an Uber vehicle,” Schneiderman said. “We are committed to protecting the privacy of consumers and customers of any product in New York State, as well as that of employees of any company operating here. I strongly encourage all technology companies to regularly review and amend their own policies and procedures to better protect their customers’ and employees' private information.”
Under the terms of the settlement, Uber must encrypt geolocation information and adopt multi-factor authentication required for any employee to access sensitive rider personal information.