Data Privacy and Ridesharing Apps

In busy towns and congested cities, ridesharing apps are quickly becoming all the rage. They’re a new and interesting marriage of technology and commuting that helps us keep up with this “always on” lifestyle. However, they’re also kicking up quite the controversy over how companies handle our real-time location data and overall privacy.

 

What is ridesharing?

Uncommonly referred to as “real-time ridesharing,” these new mobile apps are taking the local markets by storm. They allow a user to request an almost instant ride to wherever they need to go with just the push of a button.  In addition to providing instant gratification, these services tend to be less expensive than a taxi service because the company employs individual contracted drivers, and those drivers use their personal cars, while the company insures them. The execution of the service relies on a smartphone enabled with GPS and a credit card, stored in the user’s account in order to facilitate cashless payments.

While great in concept, the services have their issues, as they’re unregulated- not quite a bona fide taxi service, and not quite hitchhiking, either. It’s still a service that will need to comply with local driving regulations, which local cities and companies are working on now. However, as of now, there are no mandates on what types of background checks are needed for applicants or what kind of insurance is needed to cover this type of operation. Luckily, there’s a human “safety check” system that a lot of these companies use. Each rider can rate their driver, and the driver can rate the passengers in the same manner. If a driver falls below a certain rating, they are unable to drive for the company.

 

What kind of data can be collected?

Since this type of service heavily relies on GPS, these apps track and collect the data on where the user is, where they go and sometimes, even how long they stay there. In addition to location data, a lot of these services require the user to link to a social networking account, usually Facebook, as a way of verifying identity. By doing so, the user then grants that company access to the personal information that is in their Facebook account. These services are also cashless, so in order to be able to use them, the user must store a valid credit card in their account.

 

The big question- what can be done with data?

A while back, one of the more popular ridesharing services had a launch party in a new city. At this party, they had a projector screen that showed all of their users in the city, in real-time, and displayed their full names and destinations. Luckily, nothing but some extreme heat from the press came from that, and as a result, it shined a bright spotlight on how these companies store, handle and even safeguard our privacy.

When it comes down to the matter of the users’ privacy, it all boils down to one thing- the company’s privacy policy. Always examine these when researching apps. A good privacy policy should clearly spell out what data they intend to access, save and transmit to third parties. It’s not really commonplace knowledge that these companies can, and do share this data with third parties. Sometimes it can be general usage statistics that is sold to advertisers, and sometimes data is sent to third parties in order to support the functionality of the app. This is also something to be aware of, as data breaches can happen during the transmission of this data or even through the third parties once they have received the data. Recently an extremely popular ridesharing service announced that they had experienced a data breach through a third party that may have exposed up to 50,000 names and driver license numbers.

 

Before installing one of these apps, do a little homework.

 

  1. Research each company for any online reviews or news stories about the company.
  2. Once you’ve narrowed down your choices, examine the privacy policy of each app. Yes, these can be horribly cumbersome tasks as there is a lot of information to go through, but the information you find should be clear about the company’s’ intent with your data. If there is anything you do not feel comfortable with, do some more research or look into other applications.

 

In todays fiercely technologically driven world, data collection, privacy and protection should be at the forefront of everyone’s minds- consumer and developer. We now live in a world where the paradigm has shifted from bank robberies to data breaches, simply because of the fact that all of our information is easily accessible from one place, if left unprotected. Until, if ever, the developers of these programs can become aligned with the proper way to collect data and most importantly, protect it, the responsibility lies in the user’s hands to be diligent, educated and aware of how his or her data is handled when using these applications.