Uber's new data privacy policy suggests privacy is dead

Uber's new data privacy policy strains privacy even more. What does it say about today's privacy expectations? Also in Searchlight: Facebook's faceless facial recognition; Google's "undo send" feature.

In an economy where many businesses thrive or wither based on their ability to capture, store, retrieve, curate and mine personal information, it seems our personal data is becoming our greatest asset. The problem: It's not really our asset.

We churn out valuable data with every smart device we use, for some us, with every step we take, but once it's "out there," we have little control over where it goes or how it's used -- or used against us. Whether deeply personal or flippant fluff, the data we produce forms the basis of our digital identity.

As companies gain access to parts of our digital identity -- whether for the sake of innovation or profit -- is consumer data privacy becoming a contradiction in terms?

The topic of consumer data privacy in a digitized marketplace was the center of discussion at our most recent #CIOChat, a monthly forum that brings together IT professionals on Twitter to discuss a given topic. During the discussion, Jan Wiersma, vice president of global cloud services at SDL, based in the U.K., suggested that old notions of privacy no longer hold:

Tim Crawford, of consulting firm CIO Strategic Advisors, sparked a discussion on younger generations' view of privacy:

Uber and privacy

It's these Millennials, with their "inverted view of privacy," who have helped make Uber a $50 billion global transportation juggernaut. That in itself says something about current expectations of privacy. Despite Uber's troubled reputation over the years for misusing personal information, including the use of "God view," users continue to use the app.

Perhaps that's why Uber continues to push the boundaries of user privacy. The company's latest move: a questionable new data privacy policy, set to go into effect July 15.

The new data collection policy will allow the company to collect even more data by accessing a user's location even when the smartphone app is not in use. Under this policy, Uber also asserts the right to assemble a user's complete travel history, as reported by Fortune. This means Uber can hold on to data from every trip you've taken with them. Along with that, Uber may ask for access to a user's contact list in order to send marketing promotions to all their unsuspecting friends.

The new data privacy policy has already drawn protest from the Electronic Privacy Information Center, which filed a complaint this week at the Federal Trade Commission asserting that "this collection of users' information far exceeds what customers expect from the transportation service."

Unsurprisingly, Uber stands by the policy and its respect for transparency and user privacy, but the case raises interesting questions about how users and companies should deal with privacy.

Should users be able to opt out of data collection?

Uber asserts that users will have the option to choose whether to share their data with the company, something that SearchCIO expert Harvey Koeppel and SearchCompliance's Ben Cole state is a practice all companies should follow:

Easier said than done, however. "In many cases, you don't have the luxury of not providing" your data, wrote Koeppel during our #CIOChat. Uber is an example. As The New York Times reports, even if users choose not to allow Uber access to their precise geolocation information through their devices, the company will still be able to "derive approximate location from your IP address." This means Uber still holds the right to collect some location data from users who explicitly deny Uber permission to access their location information. Who has the right to the data and its economic value?

Why does the transportation company need all this extra information? In a blog post, Katherine Tassi, Uber's managing counsel of data privacy, wrote that allowing the company access to your data when the app is running in the background will "get people on their way more quickly." So, convenience wins over privacy again -- an issue that is also explored in a Gigya survey from late 2014.

But the real winner is, of course, Uber.

All this data has monetary value, not just user convenience value. Unfortunately, users rarely see that value themselves. Walter Paley, director of marketing at SafeLogic, gave his take on who owns the economic value of personal data during the recent #CIOChat:

Will Lassalle, CIO of IT consulting service JLS Technology USA, agreed that data belongs to the company that collects the data, not the user from whom the data originated:

One participant of the #CIOChat raised an interesting point about different categories of data having different rightful owners:

Mark Thiele, executive vice president at Switch, a data center provider, proposes one solution to the data value ownership problem is to make the customer-company data exchange as transparent as possible, eliminating uncertainty and allowing users to better determine the value of their personal data:


Another company walking a fine line between innovation and intrusion is Facebook. This time, the social media platform is in the news for an experimental technology that can identify people in photos even without having a clear view of their faces. The algorithm will analyze other characteristics like body type, clothing, hairstyle and body positioning.

This comes a week after talks over privacy protections regarding facial recognition collapsed when privacy advocates, the U.S. government and tech industry groups could not agree on a basic policy.

CIO news roundup for week of June 22

Here are more technology headlines from the week:

  • Docker, HP, Google, IBM, Microsoft, Amazon and more technology companies are coming together through the Open Container Project to work toward a new standard for software containers. It's like technology's version of the Avengers -- tech giants unite for the common good!
  • No more worries about accidentally sending that cat video to your boss. This week, Google introduced an "undo send" feature in Gmail that gives the sender a set period of time to change his or her mind. The feature has to be manually enabled in settings.
  • Is there anything a megastar with access to social media can't do? After posting a letter to Apple on Tumblr explaining her disappointment in the tech company's decision not to pay artist royalties during the three-month free trial of the Apple Music service, Apple went ahead and changed its policy -- and informed everyone via Twitter.
  • IoT meets farming: A new agriculture technology company called CropX is using sensors and software to help farmers determine precisely how much water to use in different parts of their fields, effectively saving water and other resources during droughts.
  • Samsung can now include "road safety" on their increasingly eclectic resume. The tech company is experimenting with making trucks transparent by placing a camera on the front of large trucks and connecting it to video displays on the back, allowing cars to safely determine the right time to pass.

Next Steps

For more on consumer data privacy, learn about balancing digital footprint data mining and the privacy risks it entails. Then read about Apple CEO Tim Cook's stance on privacy.

Dig Deeper on Enterprise data privacy management