back to article Uber-creepy: Dial-a-ride devs accused of stalking pop diva Beyonce

A former Uber staffer claims the amateur taxi app maker routinely pried into customer records to spy on people, including celebrity riders and ex-partners of employees. The allegations against the ride-sharing giant were made by Ward Spangenberg, a former forensic investigator at Uber who is now suing the Silicon Valley biz …

  1. Anonymous Coward
    Anonymous Coward


    This was on that show literally 2 weeks ago. Silicon valley startup gets raided, lock down, buy new.

    On the other hand.... you are using an app, paying with a credit card and giving your GPS to the driver to find you... when and on what planet did anyone think that information was going to treated well and respected?

    1. jtaylor

      Re: Shameless

      "you are using an app, paying with a credit card and giving your GPS to the driver to find you... when and on what planet did anyone think that information was going to treated well and respected?"

      When you put it like that, it's pretty dire. I do think though, that when I install an app, it shouldn't report my location unless and until it needs to locate me. When I use a credit card, I expect it to be processed through a normal credit card processor and that information like my CVV won't be stored with the merchant. Of course I want the driver to know where to pick me up, but that's a very limited audience (2 people) and I don't expect unknown others to be able to not only listen to that "conversation" but also to then track me across multiple transactions that involve different people.

      Uber and Lyft have really opened opportunities for some friends who cannot drive. I don't rail against the services. I do, however, wonder if they're really doing all they should do to protect their customers (and by "should" I mean acting as they claim to and as they are required by law).

    2. bazza Silver badge

      Re: Shameless

      ...when and on what planet did anyone think that information was going to treated well and respected?

      Well all across Europe there's quite strong data protection laws. Breaches like the ones reported in the US would result in some stringent fines. In the UK this can be up to £5000 fine per data item lost / breached / exposed. Consequently Megabreaches are potentially veeeery expensive (millions x £5000), and that rather focuses senior management attention on data protection within a business. Basically you don't collect data unless there's a genuine business need, and you don't make it available willy-nilly within a company, etc.

      But Uber is USAian, so like many other companies they're rather uncaring able their customers' data, what they collect, etc.

    3. paulf Silver badge

      Re: Shameless

      "I also reported that Uber's lack of security, and allowing all employees to access this information (as opposed to a small security team) was resulting in a violation of governmental regulations regarding data protection."

      I think the real news here is that the USAian government has any kind of legislation/regulations on data protection.

    4. Anonymous Coward
      Anonymous Coward

      "did anyone think that information was going to treated well and respected?"

      * The poor, dumb & stupid did. The same naive user-group who tend to upload their full-contacts to Facebook / Google / Linked-in / Snapchat!

      * So just about everyone's name and address is on Uber's database right now. Unless by some miracle your friends / family / co-workers don't fall into this low-hanging-fruit privacy-blind user group.

      * Yippee! Looking forward to more: 'You People Are So Interesting' creepy Uber studies (see One-Night-Stand analysis)!

      1. Crazy Operations Guy Silver badge

        Re: "did anyone think that information was going to treated well and respected?"


        I think you might no understand how Uber works... They only possess -your- data and the addresses you enter into it, or just manually place the pin for pickup location and they don;t get an address at all. You could even put the destination beyond where you are going and have them drop you off early, or just put a completely wrong destination in and tell the driver where you want to go.

        I have no idea how they would get names of people that aren't using the service since the app doesn't have access to your address book or email. Even if you refer someone to the service, you give them the code for them to enter it in when they create an account, so they only find out about them when they sign up. They don't even need to know your name, they'll accept pre-paid credit cards so long as it has a balance greater than 1.5x the estimated fare (Or some other multiplier, its been a while since I spoke to my cousin, who worked on their billing systems).

        You could actually use one of those Visa gift cards and a cheap smart-phone on a pay-as-you-go plan, pay for it in cash, and Uber wouldn't have anyway of identifying you. Especially if you have them pick you up and drop you off some distance from where you currently are / are going.

        They may do terrible things, but possessing a database of people that aren't users of the service isn't one of them.

        1. Anonymous Coward
          Anonymous Coward

          "I think you might no understand how Uber works..."

          Right back at you (see below): Remember low-hanging-fruit will share everything by default in total blissful ignorance:

  2. allthecoolshortnamesweretaken Silver badge

    "He also claims that, while a member of Uber's incident response team, he was involved in efforts to thwart government raids of Uber branch offices. Spangenberg said that when the company got word of a pending police raid, it was standard practice to delete data and destroy equipment."

    Mob tactics. Disruptive innovation, my ass.

    1. Ogi

      > when the company got word of a pending police raid,

      A "pending police raid"? What, do the police call up and book a raid in advance?

      Otherwise Uber is even more shady that I already thought. Got "their people" inside the police? Or just much bribery?

      Police raids are a big deal, so normally you don't know in advance when they will raid you, precisely to prevent tampering/destruction of evidence. The Mob usually uses bribery (or gets one of their men on the inside as a mole) to get forewarned of Police raids.

      1. Anonymous Coward
        Anonymous Coward

        "A "pending police raid"? What, do the police call up and book a raid in advance?"

        Maybe they booked their ride through Uber? Just saying...

  3. Anonymous Coward
    Anonymous Coward

    On the iPhone uber requires access to the gps "always" rather when using the app.

    Whilst I understand it makes it easier as a user might background the app etc its still a bit creepy. I only enable the gps access when I'm wanting to use the app but most people wouldn't think about it.

    The main issue with all these things is controlling privileged access - you're always going to have people with the access, just how do you control and vet that.

    1. Destroy All Monsters Silver badge

      This is why RBAC (or similar), logging and auditing as well as the Security Officer With Teeth have been invented.

    2. This post has been deleted by its author

    3. Crazy Operations Guy Silver badge

      I have a cheap pay-as-you-go Android phone that I use for the Uber App and other location-based apps and turn it off when I don't need it. I originally did this so that if the battery ran out on my primary phone, I could still get home (many of the Taxis in my area lack the ability to accept credit cards, and I rarely carry cash).

  4. Destroy All Monsters Silver badge
    Paris Hilton

    I don't understand this

    "In those instances, Uber would lock down the office and immediately cut all connectivity so that law enforcement could not access Uber's information. I would then be tasked with purchasing all new equipment for the office within the day."

    Purchase it in the morning and get it working by the evening???

    Before the raid? (And who tips off about THAT?)

    Whenever the coppers come there is totally nw, unconnected equipment and large boxes everyhwere and people are in the kitchen browsing Facebook and eating donuts?


  5. Anonymous Coward
    Anonymous Coward

    Interesting how the reply to ElReg is set in the present tense "have access", rather than a much more encompassing "ever had access".

    From what is written here, they are not denying anything of what happened in the past.

  6. Crazy Operations Guy Silver badge

    Sad state of transportation in my area

    Even if Uber drivers where cannibals that ate 1 out of every 100 passengers, I'd still ride with them rather than a Taxi cab. I've been stuck in the rain and snow for hours waiting for taxis. When I call them, it sounds as though they are taking calls in the middle of a crowded stadium, then they'll give me some massive time windows as to when they'll be there (Usually 15-45 minutes, get estimating skills there guys...), and then they won't show for 15-20 minutes after the time range, saying they got lost or picked up another driver. Then there are the times where they somehow know when you go back inside to use the bathroom and pick that exact time to drive by but can't do anything about it. And then when they show up, the driver has some insanely thick accent so it takes 5 minutes to figure out where you are going. And then when I get to my destination, it always ends up that their credit-card machine doesn't work, so I have to go find an ATM and get cash to pay them.

    I'll accept pretty much any risk so long as I can stay inside until they are near, they can find me easily, I don't have to tell them where I am going, and I don't have to mess around with paying them at the end of the trip since the app handles all that.

    1. Destroy All Monsters Silver badge
      Thumb Up

      Re: Sad state of transportation in my area

      One up for the "gig economy". (Who coined that word?)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019