Uber car in New York (MikeDotta / Shutterstock, Inc.)

NYC wants more data from Uber

Although Uber has opened up some of its ride sharing data, officials in New York City want information that the company says violates the privacy of its riders.

In New York City, City Hall and the Taxi and Limousine Commission require ride-share applications like Uber to provide pick-up location data for every ride. In order to comply with pending driver fatigue safety regulations, TLC also wants companies to provide drop-off location data. 

The revised Driver Fatigue Rules proposal, amending the original adopted in July 2016, will establish daily and weekly driving limits for operators of for-hire-vehicles to reduce the risk of fatigued driving. To do so, TLC wants to calculate driving hours based on trip duration, adding reporting requirements for the FHV sector.

The rule would require FHVs to regularly share drop-off time and location in addition to pickup data, and to indicate when people are using carpooling services. According to the rule, this data will be used to confirm the accuracy of FHV records by adding factors like distances traveled during and between trips, routes and traffic conditions.

Uber’s  new data portal aggregates traffic data that could help city planners.  But the company is challenging the TLC, stating that submitting destination data “is a dangerous overreach disguised as related to driver and rider safety,” Uber spokesperson Alix Anfang told GCN in an email. Rather than exact location data, which Ubers says puts riders’ privacy at risk, the company  argues that the TLC could use trip duration data to make sure that drivers are not spending too much time on the road.

However, the TLC has more uses for drop-off location data. According to the rules, the city wants to confirm the accuracy of FHV records, investigate complaints with specific vehicle time and location data and track peak FHV drop-off times at airports to reduce unauthorized pick-ups. According to the TLC, illegal solicitations by drivers are common after they complete trips at airports and see a large number of potential passengers.  

The data would also be used to help with the city’s Vision Zero, an initiative under Mayor Bill de Blasio to reduce road fatalities. In 2015, Uber provided a seven-point plan allowing the city to use its data for Vision Zero, but the city reportedly did not take Uber up on its proposal, according to an article in Fast Company.

According to Bloomberg, TLC said that it won’t be collecting personal details about passengers and it would not include identifying information about drivers and specific addresses in public records requests or the city’s open data platforms.

Uber is still not convinced, given the possibility of agencies like TLC being hacked or misusing data. In 2014, for example, New York City officials used a method to obscure taxi drivers’ hack license numbers in response to a public records request, but a flaw in the data anonymization process allowed software developers to re-identify all 173 million entries in less than two hours, revealing which driver drove every single trip in the dataset, according to Ars Technica.  

According to Anfang, data about the time, origin and destination of trips can be used to expose the identity and travel behavior of riders. Reverse-engineered and combined with other data sources, it could disclose even more sensitive information.

Lauren Smith, policy counsel for the Future of Privacy Forum, shared Uber’s concerns in a Jan. 5 public hearing on  the revised Driver Fatigue Rules. In her testimony, she said the rule and the new reporting requests “create significant privacy risks,” and advised the TLC narrow the scope of its requirements to focus on trip duration. She questioned how drop-off data will help reduce the risks of fatigued driving, how the data would be retained and how it would be shared among city departments.

The Future of Privacy Forum also suggested the TLC better tailor data collection to the purpose -- collecting less precise and more general geographic data -- and establish policies for the privacy and security of the sensitive data. Additional privacy organizations, such as the Center for Democracy & Technology and the Electronic Frontier Foundation, believe the TLC’s rule does not fully recognize the risks associated with collecting this sensitive location data, according to their letter to the TLC.

Uber said it tried working with TLC on a different solution to driver fatigue safety, including submitting trip duration data without specific location information. Bloomberg reported that the regulator rejected this proposal because it can use the data for other purposes as outlined in the rules. TLC specified that as the number of FHV vehicles and trips grow, as does the need for increased transparency.  

About the Author

Amanda Ziadeh is a former reporter/producer for GCN.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.