Los Angeles wants to know exactly when you hop on an Uber scooter or bike, when you hop off, and where you go, promising that such location data is “respectful of user privacy” because it’s not asking for personally identifiable information (PII) about users – well, at least not directly.
Uber’s response: Nope. Geolocation data is clearly PII, and LA’s requirements that companies like Uber and Lyft share scooter-sharing data could compromise user privacy, as well as the companies’ own trade secrets.
Uber, better known for its ride-hailing car service, on Monday filed a lawsuit after months of refusing to give the LA Department of Transportation (LADOT) what the city’s after, CNET reports.
The publication quoted an Uber spokesperson:
Independent privacy experts have clearly and repeatedly asserted that a customer’s geolocation is personally identifiable information, and – consistent with a recent legal opinion by the California legislative counsel – we believe that LADOT’s requirements to share sensitive on-trip data compromises our customers’ expectations of data privacy and security.
Therefore, we had no choice but to pursue a legal challenge, and we sincerely hope to arrive at a solution that allows us to provide reasonable data and work constructively with the City of Los Angeles while protecting the privacy of our riders.
Like other cities, LA is wrestling with a newly chaotic traffic situation, with Uber and Lyft drivers whizzing around, picking up, dropping off or waiting for fares, as city buses, bicyclists and scooter riders – some using rent-by-the-hour bikes and scooters – jostle for space.
Those ubiquitous dockless e-scooters and bikes often wind up randomly scattered or piled up in heaps on city sidewalks. Some cities have gone so far as to ban them.
Other cities, including LA, are looking to pull data from the chaos so as to rein it in. They’re hoping that scooter data can help to determine how citizens are getting around, where it makes the most sense to spend money on infrastructure and where to cut back, and whether the companies they’ve allowed to use their public streets and sidewalks are following the rules and not making pig-piled scooter messes.
LA’s plan, which it began work on last year, is a new data standard called the Mobility Data Specification (MDS). It’s based on a standard set of application programming interfaces (APIs) through which mobility companies are required to provide real-time information about how many of their vehicles are in use at any given time, where they are at all times, their physical condition, anonymized trip start and stop times, destinations, and routes, among other data.
Real-time location data? That’s taking it too far, Uber says, and privacy experts have backed it up. It doesn’t matter that the city isn’t collecting PII such as name, age, gender and address, given that, as has been demonstrated time and time again, Big Data can be dissected, compared and contrasted to look for patterns from which to draw inferences about individuals. In other words, it’s not hard to re-identify people – or cats, for that matter – from anonymized records.
The Center for Democracy & Technology (CDT) says that LADOT’s plan to collect location data could seriously jeopardize riders’ privacy:
People’s movements from place to place can reveal sexual partners, religious activities, and health information. The U.S. Supreme Court has recognized a strong privacy interest in location data, holding that historical cell site location information is protected by the Fourth Amendment warrant requirement… Even de-identified location data can be re-identified with relative ease.
The Electronic Frontier Foundation added to that list of sensitive PII that can be determined from tracking people:
Los Angeles riders deserve privacy in the bike and scooter trips they take – be they for work, medical appointments, social engagements, prayer, or other First Amendment-protected activities.
Uber claims that LA’s plan will violate California’s Electronic Communications Privacy Act, a law passed in 2015 designed to prevent law enforcement agencies from accessing people’s data without a warrant.
Uber is the last holdout. Companies including Lime, Spin and Lyft are complying with the city’s data requirements, in spite of California’s Legislative Counsel having determined that the location data requirement could be violating the law.
Uber’s suit against LA was filed along with a temporary restraining order so that it can keep its scooters in the city while the case plays out.
In a statement it put out in response to the lawsuit, the LADOT threatened to yank the permit that keeps Uber’s scooters zooming around:
LADOT has the responsibility to manage the public right-of-way, ensuring safety and access for everyone. To be effective, the department requires reasonable information about the tens of thousands of shared vehicles operated by transportation technology companies that use our streets for profit.
While all other permitted scooter and bike companies are complying with our rules, Uber has repeatedly refused. L.A.’s requirements have been clear since last November, and Uber agreed to abide by them. By 5pm tomorrow, we expect Uber to come into compliance or they will face suspension proceedings, which could eventually lead to revocation of their permit.
MrGutts
Why is it so hard for these city government to get something on the books for these scooters. Here is one for ya.
All scooters will be parked in a designated location provided by the city.
All scooters will be impounded outside that location.
All scooters will not be driven on any sidewalk,
All scooters will abide by ALL traffic laws.
All scooters will yield to pedestrians and vehicles, Pedestrians will have the option to clothesline freely any scooter rider if they get within arms reach.
All idiots that ride a scooter without helmet protection, then gets in a wreck and crack your head open like a raw egg will not blame the scooter company for your poor choices in life.
Anonymous
Your making to much sense lol.
theukeleleman
Whilst I hold no candle for Uberm there are good legal and moral reasons for Uber not to hand over this data. Once someone allows a breach of privacy in one area, it’s harder for people to argue for it in another, and so on. And I DO have something to hide – I don’t want everyone to know what I do, any more than you do (otherwise you wouldn’t have curtains at your windows, and would publish all your bank account details).
Bryan
Wait Lisa; I think you made a typo.
As this article currently states, it seems like Uber advocates for consumer rights and privacy.
PS: AFA management ideas go, MrGutts is leading a charge I’m willing to endorse.
PPS: I saw the scooter pile in the linked article–I’m officially old. If I were to purchase one of these things for locomotion I’d never feel comfortable scratching it all up by tossing it into a heap. That made my thrifty stomach turn.
Lisa Vaas
I know, I know, right? Uber, who’d have thunk it! My fingers were surprised that they were being asked to type the letters U B E R in a positive privacy context. I was mulling a recap of its so-not-illustrious history of privacy abuse, but I figured no, let the company get a taste of what it’s like to be a good guy. And to be less black and white, cops and robbers about the matter, we can still view Uber with a hairy eyeball. It’s had a voracious appetite for invading people’s privacy for its own ends. A cynic might say that this lawsuit simply illustrates that they don’t want anybody ELSE to get at that data.
Bryan
> anybody else
was thinking the same
Lisa Vaas
p.s. piling scooters up is the least of it. Boston’s bike-sharing company not infrequently finds its bikes tossed in the harbor.