Uber has released a transparency report overview of the info it provided to US state and local regulators and law enforcement agencies from July – December 20015. In its FAQs section, Uber states that it “hopes to” disclose information about requests outside of the US. It adds that a large number of law enforcement requests are about fraud investigations or the use of stolen credit cards. Uber has not, so far, received any requests under national security statutes.
In the report, it states that regulatory agencies like California Public Utilities Commission and the New Orleans Department of Safety and Permits require regulated transportation companies to report info about their operations, pertaining to riders and drivers during criminal investigations or other emergencies.
In the image below, Uber states that info like pick up and drop off locations may allow regulators ‘or anyone else who obtains this information’ to identify individual riders by comparing with publicly available records. Uber says that information such as trips, trip requests, pick up and dropoff areas, fares, vehicles and drivers in the jurisdiction for a particular time period can be requested.
As seen below, information on riders in California, New York City, Chicago, Seattle, Houston and Portland was the most requested, while for driver info, California, Virginia, New York City, Nevada and Houston topped the list.
Airport authorities ask for data too
Uber adds that various airport authorities get into agreements with transportation companies to get info like trip volumes on a monthly basis, time of vehicle entry and exit from the airport area, where the pick up and drop off happens in that area (sometimes with details of the service like UberX or UberBLACK) , each vehicle’s registration number, license plate and driver information.
Uber’s team anonymises some data before submitting it
The company adds that it has a team of experts managing these requests and that the report does not cover info from research partnerships with academics, info shared with the consent of a driver and a rider, or info provided voluntarily for city planning purposes. In such cases, the data is anonymised and shared in aggregated form if requested.
It also ‘pushes back’ on some (commercial or personally sensitive) information requested by regulators to narrow its response. It is not necessary that regulators will inform Uber why they’re asking for that information, but Uber says that it requests regulators to limit it to legitimate regulatory purposes. From the regulators, this information can be passed on to other agencies under ‘freedom of information’ requests etc.
MediaNama’s take: Uber’s transparency report is a reminder to users of internet services that its not just the company whose services one is using which accesses that information. While transparency reports are appreciable, readers should remember that Uber won’t be the first company whose data governments and law enforcing agencies request, neither will it be the last.
– Twitter sues US Govt for right to report user information requests data in greater detail
– Official removal requests doubled on Twitter between Jan-July ‘15
– Google removes 359,803 URLs from searches under right to be forgotten laws
– India continues to lead in Facebook censorship with 5,832 content pieces blocked in H2 2014