Uber expands the draft regulation that he reached with the Federal Trade Commission last August concerning mismanagement of data, privacy and security-related complaints dating back to 2014 and 2015. In August, Uber accepted audits of privacy.
This settlement came before Uber's disclosure of the huge data breach of 2016 that affected some 57 million drivers and drivers. Now, Uber will be subject to "additional requirements," according to the FTC.
"After deceiving consumers about his security and privacy practices, Uber aggravated his misconduct by failing to inform the Commission that she had suffered another data breach in 2016 while the Commission was investigating the matter." surprisingly similar 2014 violation of the company. " Maureen K Ohlhausen said in a statement. "The strengthened provisions of the expanded regulation are intended to ensure that Uber does not engage in similar misconduct in the future."
Under the revised regulations, Uber may be subject to civil penalties if it fails to inform the FTC of future privacy breaches. Uber must also submit all third-party audits of the company's privacy program, as well as keep records of unauthorized access-related bug bonus programs to consumer data.
"My first week at Uber was the week when we unveiled the 2016 violation. When Dara Khosrowshahi joined the company, he pledged on behalf of all Uber employees to learn from our mistakes, to change the way we work and to place integrity at the heart of every decision, "said Tony West, legal director of Uber, a statement to TechCrunch. acted quickly to do just that by assuming responsibility for what happened. I am glad that just a few months after the announcement of this incident, we quickly resolved with the FTC that Uber is responsible for the mistakes of the past by imposing new requirements that correspond reasonably to the facts. "