Legislation pending in California would protect the privacy of ride-sharing passengers, a concern that arose last year after an Uber executive revealed an internal tool used to track passenger journeys in real time.
Assembly Bill 886 aims to safeguard passengers' privacy by prohibiting ride-sharing companies from requesting or requiring that passengers provide personal information such as names, email addresses, phone numbers, location and trip data, and credit card information. The bill would also require ride-sharing companies to destroy any personally identifiable information associated with accounts that are canceled.
Services such as Uber and Lyft, which pair passengers with drivers via a smartphone app, have grown rapidly in the past five years, stretching to cities around the world. Uber is currently in more than 260 cities in 54 countries, while rival Lyft operates in more than US 60 cities.
Growing with the services is the opportunity to gather a significant amount of personal information and data on each user. Data such as when and where passengers travel could provide new opportunities for passenger surveillance and unwanted marketing pitches, worries Assembly Member Ed Chau, the bill's sponsor.
"Limiting the data collected by ridesharing mobile applications does not reduce the functionality and availability to consumers that use and love them," Chau, a Democrat representing the Southern California city of Monterey Park, said in a statement. "On the contrary, this legislation is not about limiting the consumer, it is about giving the consumer ownership of their privacy, which can be the subject of abuse under certain circumstances."
Representatives for Uber and Lyft did not respond to request for comment.
The issue caught the attention of privacy advocates in November when a BuzzFeed reporter learned that an Uber executive hadwithout her knowledge. Josh Mohrer, Uber's New York general manager, was accused of tracking reporter Johana Bhuiyan by using a feature known as "God View" that is available to Uber employees and allows them to see logs of Uber customer activity.
Uber later said it had, but not before the episode raised the attention of Sen. Al Franken, chair of the Subcommittee On Privacy, Technology, and the Law, who asked Uber CEO Travis Kalanick to address allegations he said "suggest a troubling disregard for customers' privacy." Uber responded by , prohibiting "all employees at every level from accessing a rider or driver's data." The only exception described is for "a limited set of legitimate business purposes" such as monitoring accounts for fraudulent activity addressing issues raised by the Uber community.
The legislation is due to be heard Monday by the Assembly Utilities and Commerce Committee.
[H/T San Francisco Chronicle]