Home » cyber security » Who’s Protecting Your Data From the Government?

Who’s Protecting Your Data From the Government?

Do you ride Uber around town, rent from Airbnb or hire assistance for various tasks from TaskRabbit? If so, you’ve experienced a new and rapidly growing way of doing business, known as the “gig economy.”

By connecting potential buyers to those who can provide services, companies within the gig economy have been disruptive to the old guard. They’ve attracted millions of consumers by offering both convenience and affordability; and they have created new service delivery options that have helped providers expand their businesses.

But consumers and service providers are not the only ones interested in the gig economy. Because they hold massive stores of data on millions of individuals, these young companies also are drawing significant interest from law enforcement agencies, which can use these information-rich resources in their investigations.

The Electronic Frontier Foundation (EFF) has focused on gig economy businesses for its 2016 “Who Has Your Back?” report, which rates tech companies on their protection of consumers against government inquiries. And according to the report’s authors, major tech companies have closed a number of major gaps in their consumer protections. The foundation sees the greatest need for improvements and significant differences in protection among the smaller companies making up the gig economy.

The EFF report ranks businesses based on their compliance with six criteria:

  1. Requiring a warrant for content of communications
  2. Requiring a warrant for prospective location data
  3. Publishing transparency reports
  4. Publishing law enforcement guidelines
  5. Notifying users about government data requests
  6. Fighting for user privacy in Congress as a member of the Digital Due Process Coalition

Different gig economy companies varied drastically in their compliance with these measures. Ride-sharing apps Uber and Lyft, for instance, met all six EFF standards, while TaskRabbit, Postmates, VRBO, Turo and Getaround met none. In between these extremes were vacation rental services Airbnb (complies with three standards), Flipkey (four standards) and grocery delivery service Instacart (three standards).

Although the scope of this report on gig economy firms is narrow, its implications for businesses that manage sensitive customer data are wider-ranging. Not only do firms need active protections against cyber criminal activity, but they also need defined policies, procedures and governance around privacy, data disclosure and transparency to customers. As the issues of surveillance and data privacy become increasingly important in the eyes of consumers, these capabilities will only become more critical.

Lunarline assists businesses and other organizations in defining their data policies and protections. Our services range from data breach response (including transparency and disclosure) and governance planning to on-site privacy training and education.

Learn more about these services and others by visiting Lunarline.com or sending us a message online.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.