Proposed regulations covering data collection requirements for mobile applications that dispatch third party ridesharing vehicles (such as those used by Uber and Lyft, among others) fail to take into account significant privacy concerns, say a group of privacy advocates who joined The Constitution Project in a May 18 letter to the New York City Taxi and Limousine Commission.
Under rules proposed by the commission, the dispatch applications must be capable of automatically collecting data on the date, time, and location of the request, even if the passenger cancelled the ride, and transmitting it to the commission in a format, layout, and frequencies to be prescribed. The commission says it needs the information in order to improve transportation services across New York City.
“There is a need to recognize the privacy and security concerns that are implicated when a regulatory agency collects vast quantities of sensitive data that details the day-to-day activities, lifestyles, and habits of millions of individuals,” the letter said, pointing out that the governmental collection program raised significant privacy issues under both the federal Fourth Amendment and the New York State Constitution. When government is the custodian of this information, clear rules must be in place to address potential access to the data by other agencies, law enforcement and the general public, the letter said.
The letter asked the commission not to take action on the proposed rules without first consulting with privacy experts, organizations and the public in order to determine how to obtain the necessary information without unnecessarily placing passengers’ privacy at risk.
Joining TCP in signing the letter were the Bill of Rights Defense Committee, the Center for Democracy and Technology, Defending Dissent, EFF and the Future of Privacy Forum.