Wow. Uber gave a job interviewee full access to its user location data
Uber is either incredibly stupid or incredibly arrogant, possibly both. This is the only conclusion possible given a recent report by The Washington Post's Craig Timberg in which he reveals that the company gave a job candidate all-day access to its database of historical and real-time user location data as part of an interview.
Comically, Uber responded to the Post's report with a statement saying "As a matter of security, we don't discuss publicly the details of our security.”
It is not uncommon in industries like banking and consulting for interview candidates to be asked to solve a case study or complete mock project to demonstrate their abilities. The key word in this scenario, however, is "mock." In these industries, client confidentiality is of utmost importance and, accordingly, these case studies are typically anonymized if not entirely made up. Uber, it seems, couldn’t be bothered to do the same for its own interview, user privacy be damned.
Uber has spent the last several weeks fending off allegations of wanton disregard for data privacy, following reports that a so-called “God view” mode allowed employees to monitor the movements of the company’s users. The company’s cavalier attitude toward user privacy was called into sharp contrast when a senior executive threatened to conduct opposition research against Pando’s Sarah Lacy and other critical journalists. Shortly after, Senator Franken in his recent letter to the company described Uber as possessing a “troubling disregard for customers’ privacy, including the need to protect their sensitive geolocation data.”
The risks of Uber’s lax data policies were confirmed by revelations that Uber NYC GM Josh Mohrer once told BuzzFeed News reporter Johana Bhuiyan, “I was tracking you,” in reference to her arrival to his office in an Uber car. San Francisco Magazine’s Ellen Cushing too was warned by both current and former Uber employees that the company might access her rider data following a particularly critical string of reporting. And our first hint that Uber might be abusing its data access came via a blog post by former VC Peter Sims, revealing that his location was broadcast in real-time to a room of more than 1,000 people at an Uber party in 2011.
This latest report provides more evidence of how bad things have got at Uber but, given how much we already know about the company's willingness to violate user privacy, it sadly comes as no surprise.