Uber again fails to provide drivers full access to their personal data despite threat of legal actio
In a landmark test of data rights at work under the General Data Protection Regulation (GDPR), introduced in the European Union last year, four current and former Uber drivers represented by Worker Info Exchange are taking legal action against the ride-hailing app.
The drivers claim that Uber is failing to honour its obligations under the GDPR to provide the personal information it has about its drivers.
Access to personal data is a fundamental right under the GDPR. This is the first legal action of its kind testing the right of those who work in the gig economy to have access to the digital information held about them.
Despite the issue of a pre-action protocol letter threatening legal action in March, Uber is still not in material compliance with its obligation to disclose to drivers their personal data according to the EU GDPR. According to the drivers involved after lengthy delays prior to the pre-action letter, Uber did provide a significant data dump on April 19th in response to the legal threat.
However, despite that legal threat, the drivers claim Uber has failed to provide access to data of vital importance to drivers including:
Uber management profiling of the drivers
A satisfactory explanation of how personal data is used in automated decision making such as in the allocation of work eg. telematics data
The complete set of GPS trace data collected from drivers particularly for the period when: the driver is logged off but with the app open, logged on and waiting for work and en route to collect a passenger
Daily recalculation of the overall driver rating and individual trip ratings
A breakdown of what personal data is held by various Uber entities in the UK, Ireland and the Netherlands
Worker Info Exchange has separately sourced internal documents which clearly evidence that Uber management actively profile drivers using internal software tools such as Zendesk and Toolshed. They say the documents show that notes are maintained on established profiles of drivers and tagging tools are used for markers such as ‘inappropriate behaviour’, ‘attitude’ ‘police’ and ‘missed eta’. Those profiles and the personal data associated has not been provided. The drivers claim the firm is in breach of Article 15 of the GDPR which guarantees them the right to: ‘obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.’ The claim is made against various Uber operating entities in the UK, Netherlands and Ireland. The four drivers have asked Uber to disclose to them their data by making requests as far back as July 2018, but they have been met with delayed, inconsistent, incomplete, piece meal and mostly unintelligible disclosures before receiving a sizable data dump on April 19. The drivers are being represented by Ravi Naik of ITN Solicitors in London. Mr. Naik is the Law Society’s Human Rights Lawyer of the Year and leads a ground-breaking practice at the forefront of data rights and technology. Mr Naik represents claimants in a number of high-profile data rights cases, including cases against Cambridge Analytica, Facebook and the AdTech industry. James Farrar, Founder and Director of Worker Information Exchange and co lead claimant in the ongoing worker rights case against Uber said: “On the week that Uber floats on the stock exchange as a public company it is outrageous that it continues to flout important EU and UK data protection laws. Uber has automated the management function and hidden it in algorithms behind the digital curtain while insisting drivers are their own bosses. Drivers are suspended and fired at will without due process, right of an appeal or even an adequate explanation. Drivers will never have access to worker rights protections while Uber withholds personal work data. We intend to fight this until Uber complies with the law.”
Ravi Naik of ITN Solicitors said: “Our clients have taken a principled stance of engaging with Uber in the hope that the company will provide their data. Rather than cooperating in the same manner, Uber have withheld information to which our clients are entitled by right. Indeed, Uber’s responses have been inconsistent and contradictory. As such, our clients have instructed us to engage Uber one last time, in the hope that regulatory action can be avoided.
“Failing full and satisfactory provision of information, our clients will address the matter to the Information Commissioner and other Supervisory Authorities. We expect those Supervisory Authorities to exercise the full extent of their powers to enforce our clients’ rights, including monetary fines if necessary.”