Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Governance, Risk and Compliance, Compliance Management, Privacy, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Uber requests users to always allow access to location data

Uber has begun requesting permission to collect passenger location data after the ride is over creating concern among some privacy advocates.

A recent update to the app asks customers to grant permission for the app to always have access to customer location data although the company says that it will only use the information from the moment a trip is requested until five minutes after their journey has ended.

“We do this to improve pickups, drop-offs, customer service, and to enhance safety,” the update says while asking for the additional permission.

The data could help the firm improve its services by giving the firm a more precise sense of location in airports and large venues such as sports stadiums, improve the Uber pool experience, and know which side of the street a riders is dropped off on, an Uber spokesperson told SC Media via emailed comments.

"We're always thinking about ways we can improve the rider experience from sharpening our ETA estimates to identifying the best pick up location on any given street," the spokesperson said. "Location is at the heart of the Uber experience, and we're asking riders to provide us with more information to achieve these goals."     

The application requests to always have access to the data because most operating systems only give the user options of allowing an app to access their location data all the time, while using the app, or not at all, IDT911 Chief Privacy Officer Eduard Goodman told SCMagazine.com.

Goodman said that while Uber and other companies that request similar information may be sincere in their initial approach, it may be a slippery slope since there is always the potential that information could be used in other ways and that he's “pretty certain it won't be limited to just that.”

He added that the information gathered in the extra five minutes after a rider is dropped off can be more valuable that the ride itself.

“The specific problem with location data in itself is that it is some of the most difficult data to anonymize because it tells where you are,” Goodman said adding that the data can potentially be requested by law enforcement or court officials for other legal matters such as divorce.

Even if the information is anonymized, information such as medical and location data are easier to cross reference and identify than other forms of information because of the nature of what they reveal about individuals.

Goodman said that in the end, there is no easy way to determine where to draw the line in requesting information and that if Uber and doesn't experience a drop in revenue then it's possible that the company may push the boundaries in the information it requests and requires to operate. 

UPDATED: This story has been updated to include comments from an Uber spokesperson.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds