What Are the Priorities for Data Protection and Privacy Officers in 2020?
Electric scooters on street showing the collection of mobility data by Los Angeles Department of Transportation

Collection of Mobility Data by Los Angeles Government Sparks Creation of Privacy Coalition With a Surprising Leader: Uber

A controversial plan by the Los Angeles Department of Transportation (LADOT) to collect mobility data has met with pushback from a broad variety of sources. Uber, one of the primary market forces that the plan was designed to counteract, has emerged as the leader of an unusual coalition that opposes it for everything from data privacy rights to financial gain.

LADOT’s mobility data collection

The city of Los Angeles has an ongoing problem with traffic. The infamous 405 is the busiest freeway in the country, sometimes resembling a parking lot more than a major highway. That traffic spills over onto nearly every street in the metro area, and even onto many of its sidewalks.

The mobility data collection plan hatched by LADOT in 2018 was, at least initially, pitched as a means of reducing congestion. The first stage of the plan was a requirement that all of the new dockless mobility scooters, the two-wheeled transportation devices often seen on urban sidewalks that resemble a beefed-up version of a child’s kickboard, report real-time location tracking data back to the city.

The purpose was to study the movements of these scooters, out of concern that they are interfering with other modes of transportation. LADOT particularly saw Uber’s entry into the scooter space (via its JUMP program) as a repeat of the early days of ridesharing, when the company ignored regulations and did its best to avoid cooperating with local authorities. The main use thus far is to identify areas where abandoned scooters tend to clutter the sidewalk and speed up removal.

Before you continue reading, how about a follow on LinkedIn?

However, the mobility data amounts to mandatory real-time tracking of anyone using a scooter in the city. This raises obvious privacy concerns, made more troubling by LADOT’s intention to eventually expand the program to rideshares and driverless vehicles. The collected data is supposed to be anonymized, but at least theoretically it seems quite possible to personally identify someone based on where they go and when. There is also no guarantee that this data might not be subpoenaed by law enforcement agencies, lost in a data breach or stolen by a hacker.

LADOT argues that companies like Uber are already collecting this data. Uber has refused to share their data with LADOT, and argues that the agency plans to monetize it and to control the movement of vehicles on LA streets.

Uber’s odd alliance

While Uber’s arguments for user privacy are likely driven by its established desire to not be regulated, the company has nevertheless found common cause with privacy advocates and watchdog organizations who are equally wary of handing over so much mobility data to a government agency.

The city has given them reason for concern. Though city officials claim that the data gathering playing field needs to be leveled and that there needs to be more direct government involvement, the agency contracted with the same sort of “disruptive” start-up that it is criticizing. Though there is no particular controversy surrounding contractor Lacuna, it is a brand-new and private company that finds itself with access to immense amounts of private data. The company also stands to profit from implementation of its system in more areas as interested municipalities sign on to its Open Mobility Foundation software platform.

Los Angeles also has a recent history with data breaches, most notably the mid-July LAPD breach that exposed the personal information of 20,000 officers and applicants dating all the way back to 2010. In 2018, there was a breach of the county’s 211 phone assistance system that exposed sensitive personal information including about 33,000 Social Security numbers.

LADOT has published a set of “privacy principles” in which it promises to never sell the scooter data it collects, resist subpoenas and implement security measures. But privacy advocates question Lacuna’s intertwined position with the system in addition to LADOT’s ability to protect data and willingness to not share it. Uber has rallied these groups together under the Communities Against Rider Surveillance (CARS) banner, focusing on opposition to the Mobility Data Specification in use not just in LA but in a number of other cities. Members include the Patient Privacy Coalition, Mi Familia Vota, the TransLatin Coalition, Oakland Privacy and Asian Americans Advancing Justice.

Uber vs LA

The past October was a contentious month, with Uber threatening a lawsuit against the city and the city suspending the JUMP scooters in response. Uber was able to continue providing JUMP scooters while appealing the decision, but LADOT won the appeal last month. Uber is able to appeal this second decision, and JUMP scooters remain available in LA while they do.

#Privacy concerns raised over LADOT’s mobility data collection as the data could be subpoenaed by law enforcement agencies anytime. #respectdata Click to Tweet

Uber has argued that the LADOT mobility data collection is in violation of the terms of the California Electronic Communications Privacy Act (CalEPCA). CalEPCA is in effect concurrently with the new California Consumer Privacy Act (CCPA). Government agencies are largely exempted from the terms of the CCPA.

 

Senior Correspondent at CPO Magazine

Leave a Reply

Please Login to comment
  Subscribe  
Notify of

Enjoyed the article?

Get notified of new articles and relevant events.

Thank you for being a part of the CPO Magazine community.

Something went wrong.

Before you go ...

How about giving us a follow?

Or let us notify you of new articles and relevant events.

Thank you for being a part of the CPO Magazine community.

Something went wrong.

 

Follow CPO Magazine