Trending
Home Minister Amit Shah to kick off campaign in Rajasthan, UP today
Karnataka HM apologises to Nehas parents even as mother of killer says 'my son should be punished'
Electoral heat in Kheda: Incumbent MP Chauhan takes on Congress veteran Dabhi
Amit Shah, Rajnath Singh to address rallies at Darjeeling on Sunday
TDP chief Naidu owns ambassador car, wife has no vehicle
Wall collapse near historic Ahmedabad site: 2 dead, 3 injured, vehicles buried under debris
Aurionpro Solutions to acquire PaaS startup Arya.ai
Maha: 5 Vidarbha constituencies record 44.12 pc polling till 3 pm
Football: Germany head coach Julian Nagelsmann signs contract extension until 2026
Sensex, Nifty witness worst week since March 15 amid Iran-Israel conflict
Epaper    తెలుగు

Uber settles federal agency charges for privacy breaches

Business |  IANS  | Published :

San Francisco, Aug 16 : Uber Technologies, Inc. will implement a privacy programme and obtain independent audits in the next 20 years to settle Federal Trade Commission (FTC) charges that it failed to protect consumer and driver data.

As an independent agency of the US federal government, the FTC announced the settlement on Tuesday in Washington, Xinhua news agency reported.

One of FTC charges was that due to the San Francisco-based company's failure to provide ride-hailing services, an intruder accessed personal information about Uber drivers in May 2014, including more than 100,000 names and drivers' license numbers that Uber stored in a datastore operated by Amazon Web Services.

Following media reports alleging Uber employees were improperly accessing consumer data, the company in November 2014 said it had a "strict policy prohibiting" employees from accessing rider and driver data, except for a limited set of legitimate business purposes, and that employee access would be closely monitored.

However, the FTC found that Uber developed an automated system for monitoring employee access to consumer personal information in December 2014, but the company stopped using the system less than a year after it was put in place.

The federal agency found that for more than nine months afterwards, the company rarely monitored internal access to personal information about users and drivers.

The FTC said Uber did not require engineers and programmers to use distinct access keys to access personal information stored in the cloud.

Instead, it allowed them to use a single key that gave them full administrative access to all the data, and did not require multi-factor authentication for accessing the data.

And, it stored sensitive consumer information, including geolocation information, in plain readable text in database back-ups stored in the cloud.

"Uber failed consumers in two key ways -- by misrepresenting the extent to which it monitored its employees' access to personal information about users and drivers, and by misrepresenting that it took reasonable steps to secure that data," FTC Acting Chairman Maureen Ohlhausen said.

"This case shows that, even if you're a fast growing company, you can't leave consumers behind: you must honor your privacy and security promises."

To settle with the FTC, Uber agreed not to misrepresent its monitoring of internal access to consumers' personal information and its protection of such data.

The company agreed to implement a programme that addresses privacy risks related to new and existing products and services and protects the privacy and confidentiality of personal information.

It will also obtain every two years for the next 20 years, independent, third-party audits certifying that it has a privacy programme in place that meets or exceeds the requirements of the FTC order.

SURYAA NEWS, synonym with professional journalism, started basically to serve the Telugu language readers. And apart from that we have our own e-portal domains viz,. https://www.suryaa.com/ and https://epaper.suryaa.com

Categories

National International Business Sports Health Education Science Technology Foods Entertainment Lifestyle

Quick Links

About Advertise Privacy & policy Contact