Wednesday, February 07, 2018 by Frances Bloomfield
Lyft employees have been abusing their access to customers’ private data. Thanks to their high access clearances, they’ve been able to stalk people they’d just met and look up trip data for Hollywood actresses and porn stars. At least one employee has bragged about having Facebook CEO Mark Zuckerburg’s phone number. These were just some of the claims that a user posted on the anonymous chat app Blind.
According to the unknown tipster, they’d witnessed employees tracking the locations of their significant others to see if they actually went to where they said they’d be. The tipster added that it was apparently common for employees to use the access as a means of looking up the rider ratings of executives at Lyft and of other companies.
“I’m sorry, this has bothered me way too long and it’s gone unchanged for too long for me to not say anything,” the user wrote in their post. “What we have [is] a policy that says you should[n’t] access data you have no need to but I’ve never seen it enforced. I can’t stand to watch this any longer and this post is made in the hope that this will shame people into taking corrective action.”
Although there’s no way to verify the authenticity of these allegations, another anonymous source has stepped forward to corroborate them. “Hell yes. I definitely looked at my friends’ rider history and looked at what drivers said about them. I never got in trouble,” said the source. These practices were so “addictive” that new employees were excited to give them a shot, regardless of the warnings.
Furthermore, only one person has stepped forward to challenge the information. According to TechCrunch.com, they stated that access to sensitive information was “limited, logged, and audited,” though the full scope of this has yet to be confirmed.
A spokesperson for Lyft has confirmed that the company intends on looking into the accusations. “Maintaining the trust of passengers and drivers is fundamental to Lyft. The specific allegations in this post would be a violation of Lyft’s policies and a cause for termination, and have not been raised with our Legal or Executive teams. We are conducting an investigation into the matter,” they remarked in a statement.
As to why Lyft employees have such high levels of access, the spokesperson explained that certain teams within the company require it for their jobs. However, every query into the customer database is logged and connected to a specific employee. Moreover, all employees receive training in data privacy and responsible use policy. And as with most companies, they also have to sign confidentiality and responsible use agreements.
The recent Lyft scandal echoes a similar occurrence with its main competitor Uber. In 2014, the company came under fire after it was revealed that a system known as “God View” allowed employees to view riders’ details and trips. It ended with the New York Attorney General’s office announcing a settlement with Uber wherein designated employees could only access rider data via multi-factor authentication. Included in the settlement was the provision that one or more employees take on the task of overseeing the system’s privacy and auditing its usage. Despite these steps, it has been alleged that Uber continued using God View well into 2016, only under the new name “Heaven View.” (Related: Uber is your Big Brother: It tracks you everywhere, even when you’re not using the Uber app.)
This marks the first time that the relatively controversy-free Lyft has been subjected to public scrutiny. Will it be the last? Only time will tell.
Stay updated on the situation by going to PrivacyWatch.news.