Uber’s U-Turn On User Watching

Uber will stop its controversial practice of tracking users for up to five minutes after a trip has ended, as it attempts to turn around its mired public image.

A change to the Uber app due to roll out will allow users to share location data only when actively using the app, stopping further tracking once a trip is complete, according to Uber’s chief security officer Joe Sullivan.

The change comes as Uber recruits former Expedia chief executive Dara Khosrowshahi to head the company, filling the void left by ousted Uber founder Travis Kalanick and other top executives in June.

Sullivan leads a team of about 500 that has been working to beef up customer privacy at Uber since he joined in 2015. The chief security officer, who is a member of the executive leadership team that has been co-running Uber since Kalanick left, said: “We’ve been building through the turmoil and challenges because we already had our mandate.”

An update to the app made last November eliminated the option for users to limit data gathering to only when the app is in use, instead forcing them to choose between letting Uber always collect location data or never collect it.

Uber said it needed permission to always gather data in order to track riders for five minutes after a trip was completed, which the company said could help in ensuring customers’ physical safety. The option to never track required riders to manually enter pickup and drop-off addresses.

But the changes were met with swift criticism by some users and privacy advocates who called them a breach of user trust by a company already under fire for how it collects and uses customers’ data. Uber said it never actually began post-trip tracking for iPhone users and suspended it for Android users.

Sullivan said Uber made a mistake by asking for more information from users without making clear what value Uber would offer in return. If Uber decides that tracking a rider’s location for five minutes is valuable in the future, it will seek to explain what the value is and allow customers to opt in to the setting, he said.

Sullivan said Uber was committed to privacy but had previously suffered “a lack of expertise” in the area.

The change comes two weeks after Uber settled a US Federal Trade Commission complaint that the company failed to protect the personal information of drivers and passengers, and was deceptive about its efforts to prevent snooping by its employees.

Uber agreed to conduct an audit every two years for the next two decades to ensure compliance with FTC requirements. The location-tracking changes will initially only be available to iPhone users, but Uber intends to bring parity to Android devices, Sullivan said.

The changes are part of a series of updates expected in the coming year to improve privacy, security and transparency at Uber, Sullivan said.

Uber’s stance is expected to change on a number of things under the leadership of the Iranian American Khosrowshahi, who has been vocal in his criticism of Donald Trump. Khosrowshahi will have to reform workplace culture, recruit new executives including chief financial officer and chief operating officer, and deal with various legal wrangles.

Guardian:

You Might Also Read:

Uber Faces A Criminal Probe In The US:

Google Lawsuit Could Be Fatal For Uber:

 

« Businesses Need Cyber Insurance – Now!
Police Spy On Their Own: Twitter Accounts Scrutinised »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

Cybernance

Cybernance

Cybernance provide an enterprise-wide, web-based software solution for managing and mitigating cyber risk based on key compliance frameworks.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

Cycura

Cycura

Cycura provide advanced, customized, and confidential cyber security services, cyber investigation services, and digital forensic services to governments, companies, and organizations.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

Boeing

Boeing

Boeing is the world's largest aerospace company and leading manufacturer of commercial jetliners, defense, space and security systems.

Xscale Accelerator

Xscale Accelerator

Xscale's vision is to create world-class startups out of India by transforming sales and providing access to global markets.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

Performance Technologies

Performance Technologies

As a leading IT Solutions Provider in Greece, Performance Technologies delivers reliable, long life solutions, ensuring continuous availability of business-critical services and information.

ZX Security

ZX Security

ZX Security is a New Zealand owned and operated cyber security consultancy.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

Conceal

Conceal

Conceal’s mission is to stop ransomware and credential theft for companies of all sizes by developing innovative solutions that provide social engineering protection in any browser.

Sardine

Sardine

Sardine is a leader in financial crime prevention. Using unparalleled device intelligence and behavior biometrics, Sardine applies machine learning to detect and stop fraud before it happens.