can Uber employees or execs lookup a user's location if they wanted to?
I'm not asking if all employees have access. but are there some who have this power? if so, who? I know at some point an executive bragged to a reporter that he could use God mode to look where she is. is this real? does it still exist?
Idk about others but I know I cannot.
Nope, they shut down the "God view" after the article
by ' shut down ' do you mean revoke most users access? or that the code for it got deleted?
The team who built our privacy enforcement tools came from Facebook, where they had built something similar to stop employees from creeping on people. If you look at PII without a business purpose, you will be fired. Various tools have been locked down to only allow access to teams that need it.
Anyone can log into tool shed, type in any name, and see EVERYTHING about that person. Where they've been, who drove them, how they paid, etc... it's creepy as fuck. I wouldn't trust Uber with any personal data.
Not true, access is locked down to high priority business cases, you have to click through a legal agreement every time, access is logged, and there is a zero tolerance policy for abuse, instant fireable offense
100% true, actually. Don't be a fool. You think clicking "I accept" on a legal agreement pop up is enough to stop someone who really wants to get info on someone? You're wrong. Instantly fireable offense my ass. You can do a lookup from home- Uber security won't come to your house and take you away. Lol.
There was an article where one of the execs tried to show off by tracking the journalist while they were riding uber to the office. Then, they greeted them at the door and bragged that they knew cause of the tech. After the backlash, I'm sure access was restricted to select people. But yeah, they can still track you all they want.
You can't do that anymore. We've been locking down all tools that access PII. You now have to file a ticket to get 24 hour only access, your manager gets a full report, everything is logged, and you must justify why you need it. Annoyingly, it applies to test accounts for now too
Things are being locked down gradually. These efforts take time. I remember back in 2012 and before, at FB I can retrieve and change any information about anyone. The community ops tool was just wide open access. Then gradually they locked down the tool and revoked employee access.
Of course they can. How else would they direct paramedics or other services in case of emergency. I hope they anonymise the trips and have proper access controls.
Yes - the tool is heaven , but honestly it would be foolish for employees to do this - already when on trip . Uber also brilliantly forces you to share your location all the time even when not using the app :) it's your mistake if you are still using Uber ;)
Can google employees do it? You people have far more data about a user's location than uber
it's interesting to hear this perception that Googlers may have the ability to abuse user information. I think I had that perception too until I joined the company. User privacy at Google is paramount. no other priority comes before it. Employees have no access to PII (personally identifiable information, which includes location). and if you try to check in code that connects to PII systems, you will be told that you need to write additional code that logs every access to the central PII log that leaves a visible audit trail of what and why your code accessed that data.
Good to hear that.