Doordash company website on screen showing data sharing by food delivery platforms

DoorDash Takes NYC to Court Over Data Sharing Law, Food Delivery Price Caps

A new data sharing law that recently went into effect in New York City is being challenged by food delivery giant DoorDash on the grounds that it requires revealing too much confidential and sensitive information to restaurants.

In addition, a number of app-based delivery companies are banding together to challenge emergency price caps that were imposed during the Covid-19 pandemic as both NYC and San Francisco move forward with plans to extend them.

Battle over customer data sharing, fixed food delivery fees in major cities

Approved at the end of July, NYC’s new food delivery bill requires third party platforms like DoorDash to provide restaurants with a monthly report on customer activity at their request. This would include the customer’s name, phone number, e-mail address, delivery address and the items that they ordered over the course of the month. The customer is given the right to opt out of this data sharing, and the restaurant is not allowed to sell or share the information with other parties without the customer’s consent.

An additional proposal passed at the same time extends fee caps of 15% on deliveries and 5% for any other charges for each order, a measure initially adopted to keep delivery prices down as social distancing rules were in effect during the pandemic. NYC’s proposal extends this to at least February 2022, but San Francisco has already gone ahead and made similar terms (a 15% cap on overall food delivery fees) permanent as of late June.

Though the NYC bill puts limits on how restaurants may sell or share this information, DoorDash has argued that there are “virtually no restrictions” on data sharing once the information is handed off. It also points out a lack of data security guidelines for restaurants. Compliance would create a substantial added cost for food delivery apps, as each restaurant would have to be provided with a machine-readable summary of customer activity each month upon request. Customers would have to opt out of each individual order they place.

Of course, the main concern for DoorDash and other food delivery services is competition. Restaurants had already begun ramping up their own delivery offerings after the explosion in popularity of third party apps in the past few years, and the pandemic greatly accelerated the demand for this service. Food delivery services fear they will essentially be forced to divulge trade secrets to competitors; DoorDash has said that the bill would force it to “modify its services” in ways that would be harmful to both restaurants and delivery couriers.

Privacy by default for any transaction

Weighing in on the data sharing issue, the Electronic Frontier Foundation (EFF) ultimately came down on the side of user privacy in a letter to the New York City Council. Stating that privacy should be the default in any transaction, the privacy watchdog expressed discomfort with restaurants being entitled to a “trove” of personal information from delivery customers that a customer walking through the door would never be expected to give up. The EFF noted that restaurants could expect to become frequent targets for hackers, who could potentially pair all of this personal information with credit card and other types of payment account numbers.

For their part, restaurants are interested in this data sharing arrangement amidst a boom in loyalty programs and restaurant-specific apps to directly engage repeat customers. Some marketing studies find that these programs drive major leaps in revenue and return business. Smaller restaurants may not have the wherewithal to create an app or a loyalty program, but would benefit greatly from receiving the information these programs generate from the food delivery apps at no cost.

While there is a legitimate public interest argument to be made in restricting data sharing, the average restaurant patron will likely be much less sympathetic to claims that food delivery fees are over-regulated. Delivery apps have been taken to task for unclear fee structures that obscure how much the order will actually cost; in some cases, the combination of fees and fluctuating demand-based prices can cause orders to cost nearly 100% what they would at the retail location. Even the most reasonably-priced apps can be expected to tack at least 35% on to any food bill unless regulated in the way that they are in San Francisco and NYC.

NYC's new food delivery bill requires #datasharing by platforms like DoorDash, providing restaurants with a customer's name, phone number, email address, delivery address and items that they ordered, once every month upon request. #privacy #respectdataClick to Tweet

DoorDash has filed for an injunction against the NYC data sharing bill, which would go into effect in December if it is allowed to go ahead. In addition to the food delivery apps, consumer groups such as the New York Hispanic Chamber of Commerce and the National Gay and Lesbian Chamber of Commerce have registered opposition to the bill on the basis of privacy concerns. DoorDash and GrubHub have also brought separate lawsuits in both San Francisco and NYC over the fee caps.

 

Senior Correspondent at CPO Magazine