An anonymous reader quotes a report from TechCrunch: Similar to Uber’s “God View” scandal, Lyft staffers have been abusing customer insight software to view the personal contact info and ride history of the startup’s passengers. One source that formerly worked with Lyft tells TechCrunch that widespread access to the company’s backend let staffers “see pretty much everything including feedback, and yes, pick up and drop off coordinates.” When asked if staffers, ranging from core team members to customer service reps, abused this privilege, the source said “Hell yes. I definitely looked at my friends’ rider history and looked at what drivers said about them. I never got in trouble.” Another supposed employee anonymously reported on workplace app Blind that staffers had access to this private information and that the access was abused. Our source says that the data insights tool logs all usage, so staffers were warned by their peers to be careful when accessing it surreptitiously. For example, some thought that repeatedly searching for the same person might get noticed. But despite Lyft logging the access, enforcement was weak, so team members still abused it. A Lyft spokesperson issued the following statement to TechCrunch: “Maintaining the trust of passengers and drivers is fundamental to Lyft. The specific allegations in this post would be a violation of Lyft’s policies and a cause for termination, and have not been raised with our Legal or Executive teams. We are conducting an investigation into the matter. Access to data is restricted to certain teams that need it to do their jobs. For those teams, each query is logged and attributed to a specific individual. We require employees to be trained in our data privacy practices and responsible use policy, which categorically prohibit accessing and using customer data for reasons other than those required by their specific role at the company. Employees are required to sign confidentiality and responsible use agreements that bar them from accessing, using, or disclosing customer data outside the confines of their job responsibilities.”
Read more of this story at Slashdot.