Uber employees used to spy on celebrities, politicians, as well as acquaintances through the company's tracking data, claims a new lawsuit from the company's former staff Ward Spangenberg. This is not the first time that the ride service Uber has been accused of sharing location without the permission of the customer, and has said in the past that it will improve security. In 2014, Uber's General Manager in New York was accused of tracking a journalist's whereabouts through the company's "God View" feature.
In the lawsuit, Spangenberg wrote "Uber's lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses."
Reveal from The Centre for Investigative Reporting in a report claims that at least five former Uber security employees said the company "continued to allow broad access" even after assurances that it had strict policies in place to prevent customer trip data from being accessed, with "limited exceptions."
Spangenberg in his lawsuit has also alleged that Uber routinely deleted files which it was required to keep. "Uber routinely deleted files which were subject to litigation holds, which was another practice I objected to when reporting my concerns to the company."
Sharing his experience when working for Uber, Spangenberg added, "As part of Uber's Incident Response Team, I would be called when governmental agencies raided Uber's offices due to concerns regarding noncompliance with governmental regulations. In those instances, Uber would lock down the office and immediately cut all connectivity so that law enforcement could not access Uber's information. I would then be tasked with purchasing all new equipment for the office within the day, which I did when Uber's Montreal office was raided."
Uber in a statement however has assured that it maintains security check of user location data. The company also acknowledged that it fired "fewer than 10" employees for "improper access" of data.
"We have hundreds of security and privacy experts working around the clock to protect our data. This includes enforcing strict policies and technical controls to limit access to user data to authorized employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated," Uber said in a statement.