The senator expresses concern that Lyft’s revised restrictions on access to customer data still does not clearly define which Lyft employees have access.
Jose A. Iglesias/Miami Herald / MCT
“Consumers must be able to make informed decisions about whether and with whom they share personal information, and must be assured that when such information is shared it will receive the utmost protection,” the letter reads.
The letter comes after BuzzFeed News reported that a NY Uber executive accessed this reporter's data and information without permission. Though Lyft employees, as BuzzFeed News reported (a story that Sen. Franken later cited), have the same access to user data that Uber employees do the company chose not to comment on the privacy issues or their general privacy rules as “a matter of policy.”
Sen. Franken, the chairman of the subcommittee on Privacy, Technology, and the Law, included a list of 10 questions for Lyft to answer. Specifically, in light of revised restrictions on which employees have access to user information that a Lyft spokeswoman said the company imposed, Sen. Franken asked that Lyft disclose which employees still have access to data and what qualifies as a proper use of data. Furthermore, the Minnesota senator asks that Lyft explain whether accessing Re/Code reporter Liz Gannes' account without permission was a violation of past or current policies.
The senator also asks Lyft to divulge what kind of privacy training employees underwent and what methods of monitoring “improper use of customer data” Lyft has employed.
“It is critically important that sound privacy policies are not only established but are also adequately communicated to employees and affiliates, as well as customers, and are appropriately enforced,” Sen. Franken writes. “I am particularly concerned about this in light of reports of past conduct suggesting inadequate regard among Lyft executives for customers' privacy.”
Sen. Franken asks that Lyft respond by December 31.