Representatives for Uber and Lyft told California state regulators on Tuesday that sharing ride-hailing data with public agencies even if that information is anonymized or reported in aggregate threatens the privacy of both riders and drivers.
Joe Okpaku, vice president of governmental relations for Lyft, testified at a state Public Utilities Commission workshop in San Francisco that data-crunchers can reverse-engineer ZIP code-level data and combine it with other publicly available information to determine where somebody lives, worships, works or goes to school. He cited published reports showing how researchers said they uncovered detailed information about customers of New York City taxis and Netflix despite efforts to mask their data.
We as a company, our first commitment has to be to protect the privacy of our users, both on the driver side and the passenger side," Okpaku said.
Tuesday s workshop was part of a commission review of issues surrounding ride-hailing company data.
Uber and Lyft are already required by law to submit confidential annual reports to the PUC about the types of service they provide, what neighborhoods they serve and how many miles their drivers log. The commission has not proposed requiring ride-hailing companies to disclose additional information. But cities and local transportation planning agencies are eager to get access to that data to study traffic patterns and the fast-growing industry s effect on roads and the environment.
San Francisco City Attorney Dennis Herrera in June served Uber and Lyft with administrative subpoenas seeking company records on driver training and hours, trips available to disabled passengers and services provided to residents of every San Francisco neighborhood. Neither company has complied and a legal challenge continues in San Francisco Superior Court. The utility commission also denied Herrera s request for copies of the annual reports the companies submitted to the agency.
San Francisco transportation agency officials told the commission in June that they re not seeking personally identifiable information from the companies.
Therefore there is no privacy issue, they wrote. The commission could make this data available to local public entities and agencies that agree to maintain confidentiality. Various authorities in New York City, Chicago and Portland, Oregon all regularly receive TNC data, some of which has been produced through secure servers, others through various confidentiality agreements with Uber and Lyft.
Uber and Lyft officials told the PUC they re willing to help traffic planners but remain concerned about the inadvertent disclosure of trade secrets and the potential for hacking.