Skip to main content
close search
site logo
Dive Brief

Uber settles second FTC dispute with new privacy program

Published Aug. 16, 2017
By
Associate Editor
Flickr / senatormarkwarner

Dive Brief:

  • Uber has agreed to a mandate from the Federal Trade Commission that the ride-sharing service conduct independent audits every other year for the next 20 years, according to an agency announcement Tuesday. In addition, the company will implement a comprehensive new privacy program and remain transparent about how Uber accesses and protects consumer data.

  • These changes come amid allegations that Uber failed to secure personally identifiable consumer and driver data, specifically from its own employees and generally within a third-party cloud service.

  • Uber noted that it has launched efforts to strengthen its privacy and data security practices over the last several years, such as hiring its first CSO in 2015 and bringing in hundreds of specialists, according to an Uber spokesperson. "This settlement provides an opportunity to work with the FTC to further verify that our programs protect user privacy and personal information."

Dive Insight:

With the rise of modern technology, the FTC has morphed into the federal government's "chief cybersecurity enforcer" and has sued scores of companies, including Snapchat, Oracle and LifeLock, for failing to adequately protect consumers. With the risk of costly reparations and reputation-damaging allegations from the commission, companies have to carefully navigate the uncertain terrain of data security.

This is not the first of Uber’s FTC woes. In January, Uber agreed to pay $20 million to settle an FTC case regarding misleading claims of prospective driver earning potential and financing options for their vehicle.

The most recent set of problems are grounded in the company’s cybersecurity. In 2014 an intruder accessed the personal information of 100,000 Uber drivers, and recent reports allege Uber employees accessed rider and driver data for non-business purposes.

The FTC’s regulation of Uber does not stand alone at home or abroad in efforts to protect consumer data from internal and external misuse. The EU’s General Data Protection Regulation goes into effect May 2018, and the U.K. has announced legislative plans to strengthen and improve its own data security laws in accordance with the GDPR.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Newgen Recognized in Gartner® Magic Quadrant™ for Enterprise Low-code Application Platforms Fi…
From Newgen Software
October 30, 2024
Cloudbeds unveils industry’s first ‘smart hospitality engine’, powered by causal and multimoda…
From Cloudbeds
October 23, 2024
Celonis Business Collaboration Networks Drive Process Improvement Across Company Boundaries
From Celonis
October 23, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell