Skip to main content
close search
site logo
Dive Brief

Uber settles second FTC dispute with new privacy program

Published Aug. 16, 2017
By
Associate Editor
Flickr / senatormarkwarner

Dive Brief:

  • Uber has agreed to a mandate from the Federal Trade Commission that the ride-sharing service conduct independent audits every other year for the next 20 years, according to an agency announcement Tuesday. In addition, the company will implement a comprehensive new privacy program and remain transparent about how Uber accesses and protects consumer data.

  • These changes come amid allegations that Uber failed to secure personally identifiable consumer and driver data, specifically from its own employees and generally within a third-party cloud service.

  • Uber noted that it has launched efforts to strengthen its privacy and data security practices over the last several years, such as hiring its first CSO in 2015 and bringing in hundreds of specialists, according to an Uber spokesperson. "This settlement provides an opportunity to work with the FTC to further verify that our programs protect user privacy and personal information."

Dive Insight:

With the rise of modern technology, the FTC has morphed into the federal government's "chief cybersecurity enforcer" and has sued scores of companies, including Snapchat, Oracle and LifeLock, for failing to adequately protect consumers. With the risk of costly reparations and reputation-damaging allegations from the commission, companies have to carefully navigate the uncertain terrain of data security.

This is not the first of Uber’s FTC woes. In January, Uber agreed to pay $20 million to settle an FTC case regarding misleading claims of prospective driver earning potential and financing options for their vehicle.

The most recent set of problems are grounded in the company’s cybersecurity. In 2014 an intruder accessed the personal information of 100,000 Uber drivers, and recent reports allege Uber employees accessed rider and driver data for non-business purposes.

The FTC’s regulation of Uber does not stand alone at home or abroad in efforts to protect consumer data from internal and external misuse. The EU’s General Data Protection Regulation goes into effect May 2018, and the U.K. has announced legislative plans to strengthen and improve its own data security laws in accordance with the GDPR.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell