Federal Trade Commission Approves Settlement with Uber

The Federal Trade Commission finalized a settlement with Uber after the company failed to implement reasonable security measures and allowed employees to access customers' personal information. Because of Uber's lax security practice, the company was breached twice, exposing vast amounts of sensitive information. The settlement follows on the heels of Uber's settlement with the attorneys general of all fifty states and the District of Columbia for failing to notify users of Uber's second breach in 2016. EPIC wrote to the FTC in May, urging the Commission to strengthen its existing settlement with Uber. The Commission responded directly to several of EPIC's suggestions, which included mandating cybersecurity and privacy requirements. Commissioner Chopra also agreed with EPIC that "the Commission should make required audits and assessments public." EPIC's 2015 complaint with the FTC regarding Uber's abuse of personal data led to a previous FTC settlement with Uber. EPIC has also proposed a privacy law for Uber and other similar transportation companies.

« EPIC Urges NSF to Establish Universal Guidelines as Basis for US AI Policy | Main | In Amicus Brief, EPIC Opposes Citizenship Question in 2020 Census »

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security