Uber said it continues to increase our security investments and many of these efforts, like our multi-factor authentication checks and bug bounty program, have been widely reported. Photograph: Carl Court/Getty Images
In his testimony, given under penalty of perjury, Spangenberg also objected to Ubers protocols to deal with raids on its offices a relatively common occurrence at the company, which has been frequently criticised for riding roughshod over local regulations.
As part of Ubers incident response team, I would be called when governmental agencies raided Ubers offices due to concerns regarding noncompliance with governmental regulations, Spangenberg said. In those instances, Uber would lock down the office and immediately cut all connectivity so that law enforcement could not access Ubers information. I would then be tasked with purchasing all new equipment for the office within the day, which I did when Ubers Montreal office was raided.
Spangenbergs allegations were reported by the Centre for Investigative Reportings (CIR) Reveal project, but it isnt the first time Uber has been accused of mistreating customer data. In 2014, Buzzfeed revealed the existence of the God View tool, after Ubers New York general manager discussed using it to track a reporters journey. The tools existence appears to date back to 2011, when venture capitalist Peter Sims says he was tracked by a visitor to Ubers Chicago offices, where the God View data was shown on a large public screen.
In a statement given to a number of media outlets, Uber said it continues to increase our security investments and many of these efforts, like our multi-factor authentication checks and bug bounty program, have been widely reported. We have hundreds of security and privacy experts working around the clock to protect our data. This includes enforcing to authorised employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated.
Spangenberg told CIR that Uber had increased security provisions during his time there, as well as renaming the tool Heaven View. Uber confirmed that some employees fewer than 10 had been fired for abusing the tool, and said that it needs to provide relatively widespread access for a number of reasons, including refunding customers and investigating accidents. To prevent spying on celebrities, Uber implemented a flag for searches for customers considered MVP, but Spangenberg pointed out that that did nothing to protect non-MVPs.
The news comes just two weeks after Uber updated its app to increase the amount of location information collected about users. The company said the new collection practices, which continue to send the users location for five minutes after they are dropped off, would be used to improve drop-offs and pick-ups, but it faced a backlash from users worried about the increased permissions.