The New York Attorney General has finally reached an agreement with Uber, the popular ride-hailing giant, in a case related to allegations that Uber was allowing its executives to track the whereabouts of its passengers without their knowledge.
The company agreed to encrypt rider geo-location following the investigation led by New York Attorney General Eric Schneiderman; the case also looked into the “God View,” an aerial view that allowed Uber’s executives to see its riders’ locations.
Part of the settlement was also a $20,000 penalty that Uber had to pay in order to resolve concerns over the way the tech company handled its recent data breach. According to the AG, an unauthorized third party had gained access to thousands of Uber driver names and driver license numbers.
Uber’s only comment on the matter was an emailed statement, in which it expressed its content about finally reaching “an agreement with the New York Attorney General that resolves these questions and makes clear our commitment to best practices that put out community first.”
She met with Uber’s New York General Manager at Uber’s New York headquarters after she had travelled there in an Uber car. As soon as she stepped out of the vehicle, the general manager had reportedly said, “There you are. I was tracking you.”
During the investigation it was found that the Uber executive was in fact referring to an internal tracking system internally known as “God View.” But that was not the only time someone had complained about Uber’s nosy practices.
Entrepreneur Peter Sims had written in a blog post about his whereabouts being once on display at an Uber Chicago launch party, as it was pointed out to him by another attendee.
A separate incident puts a rather negative spotlight on Uber, as it was discovered the company had waited several months before notifying its drivers of a particular breach into their personal information.
It turns out the AG investigation discovered plenty to make Uber agree to encrypt rider geo-location information, as well as set up a multiple-authentication system for any employee that wants to gain access to a rider’s personal information.
According to Schneiderman, fining Uber with $20,000 penalty for failing to provide timely notice to both Schneiderman’s office and the involved drivers about the security breach should ensure this doesn’t happen again.