AB 886’s Privacy Protections For Uber Passengers Held Up
Update 6/1/2015: The deadline for bills to advance from committees to the Floor passed last week, forestalling any realistic chance of reviving AB 886 this session. The bill was defeated in the Assembly Utilities and Commerce Committee April 20. Committee Chair Anthony Rendon and Assembly Members Roger Hernandez, Miguel Santiago and Das Williams – all Democrats – supported the CFC-sponsored bill.
But Democrat Autumn Burke joined Republicans Katcho Achadjian, Brian Dahle, David Hadley, Brian Jones and Jim Patterson to vote against AB 886. Democrats Susan Bonilla, Susan Eggman, Cristina Garcia, Bill Quirk and Philip Ting were absent, abstained or simply failed to vote – the same as voting No. AB 886 may be reconsidered in January 2016.
APRIL 8, 2015 – Consumer Federation of California (CFC) is sponsoring Assembly Bill 886 (Chau, D-Arcadia) to make sure that passenger privacy is not kicked to the curb at the tap of a smartphone app to summon an Uber ride.
A $40 billion corporation, Uber disingenuously claimed that it scoops up confidential data without permission from clients’ smartphone cameras and Wi-Fi networks “so that users can experience full functionality of the Uber app.” But its track record of privacy abuse tells a different story.
Recent revelations include the company’s New York manager confronting a reporter with a log of her Uber rides that it recorded and accessed without her consent, and entertaining party guests with its “Creepy Stalker View” that identified by name and tracked the real-time movements of 30 celebrities as they traveled in Uber vehicles.
AB 886 will guard against this reckless disregard for privacy on the part of Uber, and will also apply to other so-called transportation network companies (TNCs) such as Lyft and Sidecar. Specifically, AB 886:
- Prohibits requesting, requiring or disclosing personally identifiable passenger data including names, email addresses, phone numbers, location and trip data, and credit card information except to complete a consumer-initiated transaction or to combat fraud or other crime.
- Allows a customer to cancel or terminate an account with a TNC, which requires the TNC to destroy any personally identifiable information associated with that account.
Uber, founded in 2009, has become infamous for its reckless disregard for personal privacy and its locker room mentality.
It used its “God View” array of digitized maps, car locator tools and software that tracks users in real time (and stores the information) to identify users who take a ride between 10 p.m. and 4 a.m. on a Friday or Saturday night, then summon another Uber ride from the drop-off location within four to six hours, to rank city neighborhoods where customers were most often having brief sexual liaisons, which Uber dubbed “Rides of Glory.”
Uber granted job applicants full access to customers’ travel data. One applicant looked up the travel records of a politician’s family, leading to speculation in The Washington Post that hostile powers could hack Uber’s records to spy on government officials and others. Fortune magazine recently reported that hackers had obtained account records of thousands of Uber users and offered them for sale on “dark” websites visited by criminals.
Uber’s tone-deafness to the norms of corporate behavior emanates from its executive offices. Uber Senior Vice President Emil Michael suggested to a reporter that the company could spend a million dollars to dig up dirt on another journalist who had written uncomplimentary articles about Uber, prompting CFC to call for Michael’s dismissal.
Uber has publicized recent changes it made to its privacy policies in the wake of these exposés. But lawmakers and privacy experts remain skeptical. Regardless, CFC believes that passenger privacy is a right that should be protected by law, not by voluntary corporate policies that can change at any time. AB 886 will protect consumers from unwarranted surveillance by big transportation businesses.