Uber’s U-Turn On User Watching

Uploaded on 2017-09-05 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Uber will stop its controversial practice of tracking users for up to five minutes after a trip has ended, as it attempts to turn around its mired public image.

A change to the Uber app due to roll out will allow users to share location data only when actively using the app, stopping further tracking once a trip is complete, according to Uber’s chief security officer Joe Sullivan.

The change comes as Uber recruits former Expedia chief executive Dara Khosrowshahi to head the company, filling the void left by ousted Uber founder Travis Kalanick and other top executives in June.

Sullivan leads a team of about 500 that has been working to beef up customer privacy at Uber since he joined in 2015. The chief security officer, who is a member of the executive leadership team that has been co-running Uber since Kalanick left, said: “We’ve been building through the turmoil and challenges because we already had our mandate.”

An update to the app made last November eliminated the option for users to limit data gathering to only when the app is in use, instead forcing them to choose between letting Uber always collect location data or never collect it.

Uber said it needed permission to always gather data in order to track riders for five minutes after a trip was completed, which the company said could help in ensuring customers’ physical safety. The option to never track required riders to manually enter pickup and drop-off addresses.

But the changes were met with swift criticism by some users and privacy advocates who called them a breach of user trust by a company already under fire for how it collects and uses customers’ data. Uber said it never actually began post-trip tracking for iPhone users and suspended it for Android users.

Sullivan said Uber made a mistake by asking for more information from users without making clear what value Uber would offer in return. If Uber decides that tracking a rider’s location for five minutes is valuable in the future, it will seek to explain what the value is and allow customers to opt in to the setting, he said.

Sullivan said Uber was committed to privacy but had previously suffered “a lack of expertise” in the area.

The change comes two weeks after Uber settled a US Federal Trade Commission complaint that the company failed to protect the personal information of drivers and passengers, and was deceptive about its efforts to prevent snooping by its employees.

Uber agreed to conduct an audit every two years for the next two decades to ensure compliance with FTC requirements. The location-tracking changes will initially only be available to iPhone users, but Uber intends to bring parity to Android devices, Sullivan said.

The changes are part of a series of updates expected in the coming year to improve privacy, security and transparency at Uber, Sullivan said.

Uber’s stance is expected to change on a number of things under the leadership of the Iranian American Khosrowshahi, who has been vocal in his criticism of Donald Trump. Khosrowshahi will have to reform workplace culture, recruit new executives including chief financial officer and chief operating officer, and deal with various legal wrangles.

Guardian:

You Might Also Read:

Uber Faces A Criminal Probe In The US:

Google Lawsuit Could Be Fatal For Uber:

 

« Businesses Need Cyber Insurance – Now!
Police Spy On Their Own: Twitter Accounts Scrutinised »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

CROW - University of Waikato

CROW - University of Waikato

CROW is the first cyber security lab established in a New Zealand educational institution at the University of Waikato.

OnSystem Logic

OnSystem Logic

OnSystem Logic has developed a unique, patent-pending solution to solve the problem of the exploitation of flaws in application software as a technique for cyber attacks.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

National Cyber Security Center (NCSC) - Hungary

National Cyber Security Center (NCSC) - Hungary

The National Cyber Security Center was established in 2015 by uniting the GovCERT-Hungary, National Electronic Information Security Authority (NEISA) and the Cyber Defence Management Authority (CDMA).

Rentalworks

Rentalworks

Rentalworks is a leading provider of Internet-of-Things (IoT) Asset Lifecycle Management Services including secure data erasure and disposal.

ITRecycla

ITRecycla

ITRecycla are specialists in the protection of sensitive computer data by data destruction, re-marketing of reusable computer equipment, computer recycling and disposing of electronic e-waste.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.

Waterleaf International

Waterleaf International

Waterleaf provide advanced network and cybersecurity solutions - informed by data sciences. Transforming Connectivity, Security and Information for Municipalities, Government & Enterprise.

EVVO LABS

EVVO LABS

EVVO Labs empower your business with the latest IT capabilities to get you ahead of your competitors. We are experts at converging technologies to build your digital transformation.

Auria

Auria

Auria advances complex space, missile, and cyber operations with visionary solutions and software.