Thousands of Uber employees are said to be still able to use ‘God view’ to track customers of the ride service in real time almost two years after the company claimed to have restricted access to the data. Employees of the company are said to be tracking both public figures and exes.
The claim was made in a court declaration signed by the company’s former forensic investigator Ward Spangenberg, reports Reveal. Spangenberg said that he was fired after repeatedly warning the company that it was in breach of data protection and consumer privacy laws. He is suing the company for wrongful termination.
“Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses,” Spangenberg wrote in a court declaration, signed in October under penalty of perjury […]
Thousands of employees throughout the company, they said, could get details of where and when each customer travels. Those revelations could be especially relevant now that Uber has begun collecting location information even after a trip ends.
He claimed that Uber’s supposed ‘restricted access’ to live ride data amounted to no more than requiring employees to promise not to do so without good reason. While Uber denied the claim, five security professionals formerly employed by the company told Reveal that Spangenberg was correct.
Spangenberg also claims that Uber deliberately frustrated law enforcement investigations into its practices.
Spangenberg said Uber deleted files it was legally obligated to keep. And during government raids of foreign Uber offices, he said the company remotely encrypted its computers to prevent authorities from gathering information.
Uber acknowledged that employees had been fired for improper access to customer data, but claimed that these were isolated cases.
In a statement, Uber said it maintains strict policies to protect customer data and comply with legal proceedings. It acknowledged that it had fired employees for improper access, putting the number at “fewer than 10.”
Security sources say that Uber’s information security practices are currently under investigation by the Federal Trade Commission.
In its response to the lawsuit, Uber said that it ‘generally denies each and every allegation.’