Uber
| Basic information | |
|---|---|
| Founded | 2009 |
| Type | Public |
| Industry | Transport |
| Official website | https://www.uber.com |
Uber Technologies, Inc is an American multinational company that provides a variety of transport-related services. In recent years they have been involved in a number of controversies associated with anti-consumer practices
Incidents[edit | edit source]
Uber EULA precludes trial[edit | edit source]
Main article: Uber EULA precludes jury trial
Following a 2023 car crash, Uber moved to dismiss a lawsuit, citing that the plaintiffs have waived their rights to a jury trial when they accepted Uber's Terms of Service that contain a binding arbitration clause.
Databreaches[edit | edit source]
The Federal Trade Commission (FTC) filed a complaint for two alleged databreaches, of which Uber became aware in 2014 and 2016.[1] As the complaint states in both databreaches, personal information was leaked:
[2014] The intruder accessed one file that contained sensitive personal information belonging to Uber Drivers, including over 100,000 unencrypted names and driver’s license numbers, 215 unencrypted names and bank account and domestic routing numbers, and 84 unencrypted names and Social Security numbers. The file also contained other Uber Driver information, including physical addresses, email addresses, mobile device phone numbers, device IDs, and location information from trips the Uber Drivers provided. [2016] The intruders downloaded 16 files from Respondent’s Amazon S3 Datastore between October 13, 2016 and November 15, 2016. These files contained unencrypted consumer personal information relating to U.S. Riders and Drivers, including, among other things, approximately 25.6 million names and email addresses, 22.1 million names and mobile phone numbers, and 607,000 names and driver’s license numbers. Nearly all of the exposed personal information was collected
Uber failed to disclose the second larger breach to consumers or the FTC for more than a year, despite being the subject of an ongoing FTC investigation of its data security practices during that time.[2] In 2018, the FTC approved a settlement with Uber regarding these incident.[3]
- Uber could be subject to civil penalties if it fails to notify the FTC of certain future incidents involving unauthorized access to consumer information, which includes both driver and rider information.[2][3]
- The company is also prohibited from misrepresenting how it monitors internal access to consumers’ personal information and the extent to which it protects the privacy, confidentiality, security, and integrity of personal information.[2][3]
- Uber must implement a comprehensive privacy program and for 20 years obtain biennial independent, third-party assessments, which it must submit to the Commission, certifying that it has a privacy program in place that meets or exceeds the requirements of the FTC order.[2][3]
Uber One Subscription plan[edit | edit source]
The FTC investigation is about the enrollment and cancellation procedures of the service, on whether it complies with the click-to-cancel rule of the FTC.[4] The UK has recently also introduced legislation to crack down subscription traps, set out as part of their Digital Markets, Competition and Consumers Act of 2024 (DMCC).[5][6]
References[edit | edit source]
- ↑ https://www.ftc.gov/system/files/documents/cases/152_3054_c-4662_uber_technologies_revised_complaint.pdf
- ↑ 2.0 2.1 2.2 2.3 https://www.ftc.gov/news-events/news/press-releases/2018/10/federal-trade-commission-gives-final-approval-settlement-uber
- ↑ 3.0 3.1 3.2 3.3 https://www.ftc.gov/system/files/documents/cases/152_3054_c-4662_uber_technologies_revised_decision_and_order.pdf
- ↑ https://www.bbc.com/news/articles/c8xp0enrkl8o
- ↑ https://www.gov.uk/government/publications/digital-markets-competition-regime-guidance
- ↑ https://www.gov.uk/government/news/new-measures-unveiled-to-crack-down-on-subscription-traps