Former employee: 'Uber is spying on you'

A former forensic investigator for Uber claims people's personal information is not safe. Photo / Dean Purcell

A former forensic investigator for taxi start-up Uber claims people's personal information is not safe despite assurances passengers are protected from spying.

Samuel Ward Spangenberg claims he was fired from the company after raising security concerns and other ethical breaches reportedly taking place at Uber.

Spangenberg is suing Uber alleging age discrimination and whistleblower retaliation.

In a court declaration made in October, Spangenberg claims Uber employees used customer data to help men stalk their ex-girlfriends and track celebrities, such as Beyonce.

He claims he told Uber executives, including the company's head of information security, John Flynn, and its HR chief Andrew Wegley, of his concerns surrounding lack of security but was fired less than a year later.

"Uber's lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses," his court declaration reads.

The 45-year-old, whose job involved helping develop security procedures and responding to problems and issues, claims Uber also deleted files it was legally obliged to keep.

Spangenberg also claimed the company remotely encrypted its PCs to stop authorities from obtaining information during raids.

"As part of Uber's incident response team, I would be called when governmental agencies raided Uber's offices due to concerns regarding noncompliance with governmental regulations," Spangenberg said.

"In those instances, Uber would lock down the office and immediately cut all connectivity so that law enforcement could not access Uber's information. I would then be tasked with purchasing all new equipment for the office within the day, which I did when Uber's Montreal office was raided."

In a statement given to news.com.au a spokesman for Uber Australia said it had hundreds of security and privacy experts working around the clock to protect data.

"This includes enforcing strict policies and technical controls to limit access to user data to authorised employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated," he said.

The spokesman said it was "absolutely untrue" that all or nearly all employees have access to customer data, with or without approval.

"We have built entire systems to implement technical and administrative controls to limit access to customer data to employees who require it to perform their jobs," he said.

"This could include multiple steps of approval - by managers and the legal team - to ensure there is a legitimate business case for providing access. "

Uber also said even if an employee has access to some customer data, they do not necessarily have access to all customer data.

Spangenberg's allegations were first reported by the Centre for Investigative Reporting's (CIR) Reveal project, however it isn't the first time concerns have been raised over customer data.

Uber was ordered to pay $20,000 after such a case in the US this year, The Sun reported.

US courts ordered the payout after probing into its "God View" tool, which allowed drivers to track their riders in real time before it was phased out.

Passengers also further raised concerns this month following an update to the Uber app.

The update meant passengers' locations could be tracked even after they've been dropped off and exited the program.

It meant Uber could collect data up to five minutes after the journey finished, whereas prior to the update, it could only be done when the app was open.

Uber said the change was designed to better help customers and passengers find each other.