Stories

Tech's most egregious violations of user privacy

People look at smartphones at a store.
A smartphone store in Hong Kong. Photo: Miguel Candela/SOPA Images/LightRocket via Getty Images

Technologies that have become ubiquitous in the daily lives of most Americans — from ride-sharing and dating apps to social media — are using sketchy practices and violating user privacy information, while most of us are unaware.

Why it matters: With tech becoming more and more sophisticated, users don't pay as close attention as they probably should to what they're signing on for and if their information is being inappropriately used.

The latest: MoviePass

The embattled movie theatre subscription service that has had to change its terms to stay afloat is making it difficult for users to cancel their memberships, Vox's Alissa Wilkinson reports:

  • "A lot of MoviePass users are currently discovering ... that they've been re-subscribed" after canceling their subscriptions.
  • Because the company has changed its terms of service so much recently, users "won't carefully read every communication from the company ... let alone the plan updates."
  • If a user opted to cancel their membership at the end of the current billing cycle, but then said they "accept" the updates in MoviePass's plan (which it made every user do when they opened the app), then they canceled the cancellation and will be charged for another month.

Google

Android and iPhone devices running on Google services tracks users location data, even if you've opted against that in your privacy settings.

  • The Associated Press' Ryan Nakashima reported that this "affects some two billion users of devices that run Google's Android operation software and hundreds of millions of worldwide iPhone users who rely on Google for maps or search."

Google responded to the AP: "There are a number of different ways that Google may use location to improve people’s experience, including: Location History, Web and App Activity, and through device-level Location Services."

  • On Thursday, Google clarified that it still tracks users' locations, even after they've turned off location history, the AP reported.

Dating apps

Grindr was sharing users' HIV status with third-party vendors.

  • The company insisted that sensitive information was protected by encryption and not shared with advertisers, and contested criticism saying Grindr was "unfairly ... singled out."

Ride-sharing apps

Uber used "God View," which allowed them to "see all of the Ubers in a city and the silhouettes of waiting Uber users" at a party, Forbes reported.

  • In 2011 at a launch party, Uber "treated guests to Creepy Stalker View, showing them the whereabouts and movement of 30 Uber users ... in real time."

Lyft experienced a similar scandal after it was revealed that staffers had access to users' personal information, including contact information, the pick-up and drop-off coordinates, and more, TechCrunch reported.

  • Staffers were using Lyft's software to see "personally identifiable information" to check up on their significant others, exes, and to "stalk people they found attractive who shared a Lyft Line with them," per TechCrunch.

Digital assistants

An Amazon Echo device recorded a woman's conversation in Portland and "shared it with one of her husband's employees in Seattle," the New York Times reports.

  • Amazon said in a statement to the Times that the device mistakenly heard demands and answers to its questions in the woman's conversation. Per the statement, the device "woke up" after mistaking a word in the conversation for "Alexa," it mistakenly heard "send message," and asked "to whom?" It then heard what it thought was a response, and a confirmation of the message after asking "[contact name], right?"
  • But the woman said "the Echo that shared her conversation was right next to her at the time with the volume set to seven out of 10. It never requested her permission to send the audio."

The bottom line

Due to the lack of clarity on these shady practices, there's been a massive overhaul of privacy settings from major tech companies — mostly after the European Union voted on a new law meant to protect digital privacy rights.

  • Facebook said it was going to make its privacy settings easier to find, "to put people more in control of their privacy."
  • Twitter also moved to make its privacy settings easier for users to find.
  • Venmo updated its privacy policy to "clarify the way we handle data of former users," among other things.
  • Spotify even jumped in, updating its policy to "be as open and transparent as possible with our users about the personal data we collect."