Your Data Practices May Need a Lift: Lessons from Uber/NYAG Settlement

Jan 18, 2016
  • FisherBroyles News
  • Intellectual Property
  • Technology

Companies which obtain through smartphone apps, vehicle transmitters or otherwise, location information of their customers and employees should heed the very recent settlement agreement between the New York Attorney General and Uber. Among other things, the agreement requires that such data be encrypted and password protected with accessibility on a need to know basis. It also requires regular assessments and updates, as needed, of data security and privacy practices.

Many companies today use such data for marketing purposes – e.g. sending someone’s phone a coupon for a retail establishment when they are in the vicinity of the establishment – or employee monitoring purposes – e.g. tracking truck driver speed and proximity to authorized locations.

While many laws already govern such activity such as the federal Telephone Consumer Protection Act which requires an opt-in to text message marketing and various state laws which restrict the use and/or require consent to the gathering of such data in employee disciplinary proceedings, the dictates of the new settlement augment these requirements.

To be clear, the settlement is directly applicable only to Uber and is not to be considered law in the traditional sense. However, as is the case with so many seemingly “informal” pronouncements in this area, companies wishing to avoid entanglement in expensive formal proceedings, usually do well to heed them.

Those companies collecting GPS data, whether with respect to customer or employee movements, should seriously consider the steps noted in the first paragraph both for their direct operations and for any contracts with third party vendors. They should also adopt data purge policies reflecting actual business necessity. Involvement of counsel in both initial steps and ongoing assessments is usually prudent and may in itself be helpful if and when, formal proceedings do occur.

For additional information on the subject matter of this alert, please contact any of the following FisherBroyles partners:

Kimberly Dempsey Booher
[email protected]

Lisa A. Carroll
[email protected]

Martin B. Robins
[email protected]

About FisherBroyles, LLP

Founded in 2002, FisherBroyles, LLP is the first and world’s largest distributed law firm partnership. The Next Generation Law Firm® has grown to hundreds of partners practicing in 23 markets globally. The FisherBroyles’ efficient and cost-effective Law Firm 2.0® model leverages talent and technology instead of unnecessary overhead that does not add value to our clients, all without sacrificing BigLaw quality. Visit our website at to learn more about our firm’s unique approach and how we can best meet your legal needs.

These materials have been prepared for informational purposes only, are not legal advice, and under rules applicable to the professional conduct of attorneys in various jurisdictions may be considered advertising materials. This information is not intended to create an attorney-client or similar relationship. Whether you need legal services and which lawyer you select are important decisions that should not be based on these materials alone.

© 2021 FisherBroyles LLP