Oct 26, 2018

Uber reaches settlement with FTC over data security breaches

Photo: Smith Collection/Gado/Getty Images.

The Federal Trade Commission approved a settlement Friday with Uber Technologies over allegations that Uber deceived consumers about its privacy and data security practices.

Why it matters: The settlement is the latest consequence for Uber's free-wheeling behavior under then-CEO Travis Kalanick. Under the two data breaches, Uber did not disclose the second to consumers or the FTC for more than a year.

The details: The FTC alleged Uber failed to monitor employee access to consumers’ personal information on an ongoing basis and to reasonably secure sensitive consumer data it stored in the cloud.

  • If Uber fails to notify the FTC in the future, the ride-sharing company could face civil penalties involving unauthorized access to driver and rider information.
  • Uber cannot mislead how it monitors internal access to consumers’ personal information.
  • Uber must also start a "privacy program" and have independent assessors monitor Uber's compliance to the FTC for 20 years.

What they're saying:

"The threat of civil penalties would provide a greater incentive to firms to follow through on the promises they make to consumers and to make appropriate investments to implement reasonable data security safeguards."
— FTC Commissioner Rebecca Kelly Slaughter
"Given the serious misconduct uncovered in this investigation, I support this action. But, I believe the Commission should have given greater weight to several of the suggestions made in the comments."
— FTC Commissioner Rohit Chopra

Background: Instead of immediately disclosing the incident to customers and relevant government agencies, Uber paid the hackers responsible $100,000 to delete the data and keep the incident quiet. Ex-Uber CEO Travis Kalanick learned of the incident one month after it happened. Uber's new CEO Dara Khosrowshahi parted ways with the companies chief security officer Joe Sullivan once he took the helm of the company.

Flashback: Last month, Uber agreed to pay $148 million in a California-led settlement related to the breach.

Go deeper:

Go deeper

Trump's opportunity to use Bernie as an economic scapegoat

Illustration: Aïda Amer/Axios. Photos: Zach Gibson/Stringer, The Washington Post/Getty Contributor

Bernie Sanders is poised to become an economic scapegoat for both the White House and Corporate America, assuming that Sanders comes through Super Tuesday unscathed.

The big picture: If the U.S. economy remains strong, President Trump and CEOs will claim credit (as they've been doing for three years). If it turns sour, they'll blame Bernie (even though it's a largely baseless charge).

Why big banks are breaking up with some fossil fuels

Illustration: Sarah Grillo/Axios

JPMorgan Chase is the latest financial giant to unveil new climate commitments, and like its peers, it is hard to disentangle how much is motivated by pressure, conscience or making a virtue of necessity.

Why it matters: The move comes as grassroots and shareholder activists are targeting the financial sector's fossil energy finance, especially amid federal inaction on climate.

Trump acknowledges lists of disloyal government officials to oust

Photo: Mandel Ngan/AFP via Getty Images

President Trump on Monday acknowledged the existence of assembled lists of government officials that his administration plans to oust and replace with trusted pro-Trump people, which were first reported by Axios' Jonathan Swan.

What he's saying: “I don’t think it's a big problem. I don’t think it's very many people,” Trump said during a press conference in India, adding he wants “people who are good for the country, loyal to the country.”