Uber has not had a great month for publicity, with all sorts of accusations being directed at the company for its business model and behaviour. Now, the company faces another PR challenge as a security researcher has found that the company’s Android app hoovers up all sorts of data on its users.
According to security researcher Joe Giron, Uber’s app sends back a litany of data from the user’s phone — most of it unrelated to the apps functionality. Below is a list of the data that Uber sends back from the user’s phone:
– Accounts log
– App Activity
– App Data Usage
– App Install
– Root Check
– Malware Info
For Uber, having this data is advantageous, but its collection — especially without clearly informing the user — is unethical. Uber’s business model requires the company to have strong analytics data to plot its next moves, but this appears to be coming at the expense of user’s privacy.
Uber, for its part, has shifted blame to Google when confronted by the press on the issue.
“Access to permissions including Wi-Fi networks and camera are included so that users can experience full functionality of the Uber app. This is not unique to Uber, and downloading the Uber app is of course optional,” the company said in a public statement.
Technology blog Re/Code notes that Uber competitor Lyft also has an extensive permissions set.
But unless Uber, or Lyft, comes out with a satisfactory explanation of why it needs all this data users will be rightfully skeptical of the company’s intentions.