Mega billion dollar Uber continues to wallow in bad news
by Mike Beggs
Several more catastrophes arrived on the desk of Dara Khosrowshahi last month.
No sooner did the new Uber CEO roll out the company’s new “cultural norm”, than he was forced into yet another round of public apologies on behalf of the world’s dominant ride-hailing company.
Three of these developments drew further attention to Uber’s maligned driver background checks.
Then came the shocking revelation that Uber concealed a massive global breach of the personal information of 57 million customers and drivers in October of 2016, paying hackers $100,000 to cover it up. With regulators around the world taking Uber to task over this breach, analysts suggest it could have an impact on SoftBank’s proposed $10 million investment in Uber, and on the company’s proposed 2018 public offering.
First came the disturbing news that the man responsible for the New York terrorist attack on October 31 was an Uber driver. Headlines blared that 29-year-old Sayfullo Saipox had driven 1,400-plus trips for Uber in New Jersey, over the previous six months -- before the day he rammed his pickup truck into a crowd in Lower Manhattan, killing eight people and injuring 11 others. He faces charges of Terrorism, and Destruction Of A Motor Vehicle.
Uber issued the public statement, “Our company is horrified by this senseless act of violence. Our hearts are with the victims, and their families. We have reached out to law enforcement to provide our full assistance.”
This marks the second fatal atrocity involving an Uber driver. Last year, Michigan-based Uber driver Jason Dalton went on a shooting spree on his shift -- killing six people, and picking up passengers in between the shootings.
Then came news of a U.S. class action suit filed by two women claiming they had been raped by their Uber drivers, and an $8.9 million fine from Colorado authorities, both challenging the validity of Uber’s background checks.
According to Uber, its background checks check for criminal records and traffic violations but they stop short of the FBI fingerprinting taxi drivers undergo. Uber says its app offers added safety, giving passengers the ability to rate drivers on a 50-point scale (which is supposed to help Uber management identify potentially problematic behavior), and offering GPS tracking, the ability to share a trip with family and friends, and 24/7 support.
The two women are seeking compensation for their alleged rapes, and are requesting the courts force Uber to change its driver screening practice on behalf of all U.S. riders, who were, “subject to rape, sexual assault, or gender-motivated violence or harassment by their Uber driver in the last four years.”
They allege Uber has, “engaged in unlawful and fraudulent conduct, that misled them into believing their drivers would safely transport them, and that the company generally misrepresented the safety of taking an Uber.”
The complaint alleges that, “Uber made such false representations after failing to screen the drivers in any meaningful way, thereby presenting grave threats to the plaintiffs’ safety and well-being.”
“Uber has done everything possible to continue using low-cost, woefully inadequate background checks on drivers, and has failed to monitor drivers for any violent, or inappropriate conduct after they are hired. Nothing meaningful has been done to make rides safer for passengers -- especially women. This is no longer an issue of ‘rogue’ drivers who act unlawfully,” the suit reads.
Uber acknowledged it had received the complaints, and is, “in the process of reviewing it.”
“These allegations are important to us, and we take them very seriously,” a spokesperson said.
The company recently donated $5 million in funding for several organizations that focus on preventing sexual assault, and domestic violence.
“To me, it speaks volumes when (they) didn’t change anything regarding the background checks. Instead, (they) threw a few million at the problem, and maybe it will just go away,” Beck Taxi owner Gail Souter alleges.
Uber has successfully opposed mandated fingerprint background checks in most markets Ð but not in big cities like New York and London.
“To skirt state and local regulatory scrutiny, Uber labels itself a technology platform company rather than a transportation company,” the complaint reads. “This self-serving guise has added to Uber’s ability to avoid spending more money on driver screening, both before and after hiring, and to avoid regulatory measures directed at safety during rides.”
The plaintiffs are also calling for more transparency, and want Uber to divulge how many reports of sexual assault it receives, and what it does with those reports.
Internal Uber customer support documents dating back to 2016 indicate that when searching the term “sexual assault” more than 6,000 complaints came up. But Uber insists only 170 of those had claims of sexual assault.
Several states including California and Texas have previously launched investigations into Uber’s driver screening process. And at least three law suits have been filed against Uber pertaining to this, and were settled out of court.
The $8.9 million fine from Colorado’s Public Utilities Commission (PUC) came after regulators discovered dozens of Uber drivers were operating there, despite shady criminal histories.
At a press conference, Colorado officials said 57 Uber drivers over the past 1.5 years were behind the wheel despite having felony convictions, major moving violations, or driving with a suspended, revoked, or cancelled driver’s license. Lyft was also investigated, but there were no violations found.
“We have determined that Uber had background check information that should have disqualified these drivers under the law, but they were allowed to drive anyway,” PUC director Doug Dean alleged in a statement. “These actions put the safety of passengers in extreme jeopardy.”
According to Uber spokesperson Stephanie Sedlak, “We recently discovered a process error that was inconsistent with Colorado’s ridesharing regulations, and proactively notified the Colorado Public Utilities Commission. This error affected a small number of drivers, and we immediately took corrective action.”
According to the Denver Post, the PUC investigation began after Vail police referred a March 2017 case to the agency, in which an Uber driver dragged a passenger out of the car and kicked him in the face.
In August, the PUC asked Uber for records of all drivers who were accused, arrested, or convicted of crimes that would disqualify them from driving for a TNC. Uber handed over 107 records, and told the PUC it had removed those people from its system. When the PUC cross-checked the Uber drivers with state crime and court data, it found that many had aliases, and other violations.
“What Uber calls proactively reaching out to us was after we had to threaten them with daily civil penalties to get them to provide us with the (records),” Dean says. “This is not a data processing error. This is a public safety issue.”
He stresses that by fingerprinting drivers, the ride service would be able to identify drivers with aliases, and other identities with felony convictions.
“They said their private background checks were superior to anything out there,” he said. “We can tell you their private background checks were not superior. In some cases, we could not say they even provided a background check.”
Uber was been given 10 days to pay 50 percent of the $8.9 million penalty, or request a hearing to contest the violation before a judge.
In a November 21 statement, Khosrowshahi confirmed the data breach dating back to late 2016, but stressed, “the incident didn’t breach our corporate systems, or information.”
He also confirmed Uber paid hackers $100,000 to delete the data and keep the breach quiet, and failed to notify the individuals and negotiators involved.
The hackers stole personal data including names, e-mail addresses, and phone numbers, as well as the names and driver’s license numbers of about 600,000 drivers across the U.S. But more critical information, like credit card numbers, bank account numbers, social security numbers, birth dates, and location data had not been compromised.
Uber’s Chief Security Officer Joe Sullivan, and an associate were dismissed for their part in this scandal.
Attorney Generals in at least six U.S. states, and the Federal Trade Commissioner are looking into the breach, with some likely to go after Uber for breaking the law on data breach notification. And at least two class action suits have been filed against the company in the U.S., for potential harm to consumers.
Worries about corporate cybersecurity have grown after major hacks of multinationals like Equifax and Yahoo.
JapanToday reports that governments in England, Australia, and the Philippines are opening investigations into the Uber data breach.
And in London where Uber is attempting to have its operating license renewed Ð the Information Commissioner’s Office said the data breach and admitted cover-up, “raises huge concerns about its data protection policies and ethics.”
To The Independent, Deputy Commissioner James Dipple Johnston explained, “It’s always the company’s responsibility to identify when citizens have been affected by a data breach, and take steps to reduce any harm to consumers.”
“Deliberately concealing breaches from regulators, and consumers could attract higher fines for companies.”
In further bad news from London, Uber lost a pivotal appeal over drivers’ rights.
The company failed to have a key ruling on driver employment rights overturned, a decision which could have far-reaching implications on the ridesharing giant, and the gig economy in general.
Uber was appealing last year’s Employment Tribunal decision, which ruled its drivers qualify as workers, making them eligible for minimum wage, and holiday pay.
Uber’s acting UK general manager Tom Elvidge said the company will appeal the decision, arguing that virtually all taxi and private hire drivers have been self-employed for decades, long before the Uber app existed.
This decision comes on the heels of the Transport for London’s devastating decision not to renew Uber’s operating license in September, a decision which Uber is in the process of appealing -- while still allowed to operate in London, in the interim.
In the UK, Uber has absorbed criticism from all sides over working conditions and regulatory issues.
And where does all this trouble leave Uber going forward?
“From everything I’ve read, it’s not sustainable. But if they keep getting investors, and can continue to throw money at their problems, who knows,” Souter says?