According to someone who used to work for them, Uber staff continues to have access to rider data long after the fare is completed. The ex-worker, fired earlier this year, claims that employees of the ride-sharing service are able to track anyone and everyone from politicians to celebrities or even ex-lovers. In fact, in a lawsuit he has launched against the company, he alleges that it is possible to track a person’s daily movements.
This former employee is Ward Spangenberg, 45, who was once an investigator for the minicab company. He attests that “Uber’s lack of security regarding its customer data was resulting in Uber employees being “Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high-profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses.”
Uber, of course, claims to have a tight security policy that does restrict such excessive access. In an official statement, a spokesperson comments that “Uber continues to increase our security investments and many of these efforts, like our multi-factor authentication checks and bug bounty program, have been widely reported. We have hundreds of security and privacy experts working around the clock to protect our data. This includes enforcing strict policies and technical controls to limit access to user data to authorised employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated.”
He also goes on to argue that some teams never had access of any kind to this type of information. Furthermore, the company also reports that the app feature that, allegedly, allowed for such monitoring (“God View”) no longer exists. Instead, the company claims, they have replaced it with an internal tool they call “Heaven View.”
Uber reminds that employees have to get approval from both managers and the legal team before they are able to access any app or customer data of this sensitivity. In addition, the data an employee is allowed to access typically must relate to the needs of their job. The company maintains they do not allow for such access even though five former Uber security professionals claim that Spangenberg is, in fact, correct.