Uber Sued for Exposing Husband's Infidelity

[urasim]

To clarify my position in this regard, I think if you log into a personal account from someone else's device, you are solely responsible for protecting your own privacy, regardless of any "bugs", etc, that exist in any app. It is your responsibility to remove any sensitive data as you're the one creating it on their device.

Personal responsibility is a foreign concept to people like him.

My brother was browsing porn on my computer, he didn't realize that my browser keeps track of sites visited and displays them as easy to click thumbnails. Needless to say I confronted him about it because I like my computer free of that shit. Can he sue google or Mozilla for having that feature? No. These people arguing that he can don't understand anything about privacy laws.

[Yvaelle]

Sounds like he never fully logged out of the Uber app after using it on his wife's phone. What an idiot.

^ This.

Sounds to me like it's entirely his fault - he has his Uber account logged into her phone. The app should send notifications of your trip details, so they did nothing wrong - if that information implicates you, it's your fault for sending it the wrong person (in this case your wife), not the app.

[Ethris]

Right to privacy is a thing. If a bug in the application reveals your information to other people contrary to how it claims to work, that's a problem, especially when dealing with personal information. Now it's not worth 10s of millions, but it is something they should be fined for.

The cheating is salacious but only has minor bearing on the story.

Now this is how you construct an argument.

[Brubear]

That's not even remotely similar and completely misses the point.



He logged into the app from her phone. He is responsible.



I never said it wasn't a bug. The analogy was to point out the flaw in the argument of, "but mah privacy rights!". You are not entitled to any "right to privacy" when you log in from someone else's device. So to sum it up:

- The app had/has a bug that needs to be addressed.
- His "privacy rights" were not violated as he has no expectation of privacy when using someone else's device, bug or not.
- Uber is not responsible for his divorce, he is.

Honestly, I fail to see the point of the suit. She'll end up with all the money anyhow.



If you're logging into anything from an abusive partner's device, you've pretty much already fucked yourself.

Except that is exactly what it is because he then logged out. Once he logged out, her device should no longer be receiving any notifications regarding his account, hence why the bug was an invasion of his privacy rights.

Let's change the situation some. Lets say someone used their Uber on their significant others device, then logged out. They break up, yet since the other person is still receiving notifications they start stalking the person because, thanks to this bug that is revealing where they keep going, they know where they go.

Is it not an invasion of their privacy because they dated before and, even though they logged out and are no longer together, they logged in using their device once so they should have no reason to think that they still might receive information?

Once you log out of an account/device, you have an expectation of privacy that, unless you specifically told it to save your login credentials, that your account is no longer accessible from that device. The only way it would be is A) You saved the credentials, in which case then you no longer have an expectation of privacy as you specifically told it to save your info. B) They had a tracker/keylogger to steal this information which would then shift the burden from the company to the person using the software to illegally obtain that information. C) A bug which causes the device to save the information despite you telling it not to.

Under B and C you still have an expectation of privacy as, unless it clearly states somewhere that it will do so, there is no reason to assume that your account info will be tied to that device once you log out. Yes, apps save some information, but if you log out they aren't saving your actual authentication credentials unless you tell it to (like a web browser saving your information to a site) or the app is poorly made (which would then make the app makers liable if that information is stolen/used by someone who should not have access to it).

Seriously, this is basic computer security. One of your roles as an IT person is to make sure that the only people able to access information are those who are authorized to do so. So if your device continues to send updates to someone who doesn't have the authorization (meaning they aren't logged in with the account credentials) then that's on you, not the user. If my program continues to send admin info to a workstation that the admin logged into once, despite them no longer being logged in, the person who will get in trouble isn't the user who logged in or even the admin (again, unless they set it up to do so), it's me as the person who built the program because if that's a feature it's supposed to have I need to let my users know and, if it's a bug, I need to fix that shit.

- - - Updated - - -

Plenty of apps still provide notifications even after you've "logged out".



Do you even know how apps work? Not all apps completely disconnect an account when logging off, some merely prevent access to the majority of features until you've logged back in. Many still give notifications, etc. In fact, many email apps provide the option of receiving notifications while still having to log in to retrieve emails. And the bit about "removing your email account" isn't even relevant.

Yes, it is a bug. No, Uber is not responsible for his divorce. Nor did they "violate his privacy rights" as he has none when logging in from someone else's device.



To clarify my position in this regard, I think if you log into a personal account from someone else's device, you are solely responsible for protecting your own privacy, regardless of any "bugs", etc, that exist in any app. It is your responsibility to remove any sensitive data as you're the one creating it on their device.

You make the argument that not all apps completely disconnect when logging off, then agree that the device receiving notifications is a bug. If it's a bug then, guess what, the app isn't designed to keep sending notifications so there is an expectation that you only receive them if you are still logged in.

[Brubear]

From another article on the event:

"The bug is a known flaw which has affected other customers, with some confused users taking to Twitter to ask why they were still getting friends' notifications even though they had logged out of their accounts.

According to Le Figaro , the flaw does not affect Android phones but was witnessed on iPhones used prior to a December iOS update."

So it does sound like this was a real problem with the app.

Well, that pretty much seals the deal, then.

No, Uber isn't at fault for the man cheating. Hell, there's a good chance the mans wife would have found out at some point in time and divorced him over it. But, the flaw is how she found out, meaning they are directly responsible for it. Yes, the guy shouldn't have cheated and I'm glad his wife found out so she could divorce him, but that doesn't change the fact that he did have an expectation to privacy which was broken due to the bug.

[Mistame]

Except that is exactly what it is because he then logged out. Once he logged out, her device should no longer be receiving any notifications regarding his account, hence why the bug was an invasion of his privacy rights.

Again, there is no expectation of privacy whatsoever when using someone else's device to access your private account. Additionally, all we have to confirm that he did actually log out is his word. It's also possible that his wife knew his log-in info. That's setting aside the fact that pick-up times and destinations are hardly "sensitive" or even "private" information, especially that which falls under some supposed "right to privacy".

Let's change the situation some. Lets say someone used their Uber on their significant others device, then logged out. They break up, yet since the other person is still receiving notifications they start stalking the person because, thanks to this bug that is revealing where they keep going, they know where they go.

If you use your partner's device to access sensitive data, it is your responsibility to remove any sensitive data from it, regardless of a flaw or bug with an app.

Is it not an invasion of their privacy because they dated before and, even though they logged out and are no longer together, they logged in using their device once so they should have no reason to think that they still might receive information?

Without intent or malice, it does not warrant "invasion of privacy".

You make the argument that not all apps completely disconnect when logging off, then agree that the device receiving notifications is a bug. If it's a bug then, guess what, the app isn't designed to keep sending notifications so there is an expectation that you only receive them if you are still logged in.

Not all apps completely disconnect when logging off. It's possible that receiving notifications after logging off is a bug. These two statements are not incompatible. Again, he used his wife's device to access his account. Bug or not, his "right to privacy" was not violated by Uber, especially if its EULA and/or ToS covers this type of scenario.

Looking at it purely objectively, this is nothing more than a malicious law suit. A "bug" that sends notifications of pick-up times and destinations to another device that was previously logged into that account is at best, cause to fix the bug. It certainly does not warrant a law suit, especially for millions of dollars. People who file suits like this should be throat punched on principle.

Edit: Should he somehow win the suit, I hope his wife takes every penny.

[Azadina]

Let's change the situation some. Lets say someone used their Uber on their significant others device, then logged out. They break up, yet since the other person is still receiving notifications they start stalking the person because, thanks to this bug that is revealing where they keep going, they know where they go.

Not a problem that lasts very long, as the stalker gets hit by restraining order first, and jail right next if they keep at it. Abuse of other peoples sensitive information is far more severe, than seeing such information in the first place.

[Tennis]

This statement is absurd. A company can never be held liable for a software glitch?

I mean there are a million examples of glitches companies should be held liable for, here's a simple example:

Bank of America has a glitch where users are accidentally logged into the wrong account. Wholesale identity theft and theft of funds ensues. Based on your statement, B of A should not be held liable.

It can be liable in some circumstances.

However this person was guilty of cheating. He has himself to blame.

[Brubear]

Again, there is no expectation of privacy whatsoever when using someone else's device to access your private account. Additionally, all we have to confirm that he did actually log out is his word. It's also possible that his wife knew his log-in info. That's setting aside the fact that pick-times and destinations are hardly "sensitive" or even "private" information, especially that which falls under some supposed "right" in that regard.



If you use your partner's device to access sensitive data, it is your responsibility to remove any sensitive data from it, regardless of a flaw or bug with an app.



Without intent or malice, it does not warrant "invasion of privacy".



Not all apps completely disconnect when logging off. It's possible that receiving notifications after logging off is a bug. These two statements are not incompatible. Again, he used his wife's device to access his account. Bug or not, his "right to privacy" was not violated by Uber.

Look at it purely objectively, this is nothing more than a malicious law suit.

If I design an app, and specifically design it to only notify you of something (say, the weather in your area), but I design it so that you only receive those notifications if you are logged in, then a user can reasonably expect to only receive notifications if they are logged in ( no matter what sort of information devices store when an app is used). It may send notifications by default, but if you tell it to stop sending notifications then one reasonably expects it to stop sending notifications. It is reasonable to expect that my credentials are not stored on the device unless I specify for them to be saved in some manner, no matter whose device it is (unless it is a public device). Yes, some stuff will be saved in a cache or configuration files, but your actual account credentials should definitely not be saved unless you tell it to remember them.

I'm sorry but, looking at it objectively, those are pretty basic assumptions about an app or program.

So if a program is not designed to send you notifications without being logged in, then there is a pretty reasonable assumption that when you log out you will stop receiving updates to that device. Yes, not all apps are designed to completely disconnect when logging out so that you can still have limited functionality (an example is some bank apps let you have swipe notifications to view your account balance). But if that is not a designed feature, then someone being able to view that information when you are no longer logged in would definitely be a bug.

Since he is arguing this is a bug (and there is some evidence that there is a known bug involving iOS devices) then trying to argue that some apps have this functionality is only relevant if that is an actual feature of the Uber app. If it's not, then it's immaterial to the mans claim that this was a bug.

As far as the invasion of privacy, there is no need for an intent or malice. If a company disseminates private information by accident, they've violated your right to privacy. This could prove to be especially true in France, which has far more stringent privacy laws then we have here in the US.

[Mistame]

As far as the invasion of privacy, there is no need for an intent or malice. If a company disseminates private information by accident, they've violated your right to privacy. This could prove to be especially true in France, which has far more stringent privacy laws then we have here in the US.

From a legal perspective, "invasion of privacy" refers specifically to intentional violation of privacy.

And while it certainly may be different in France, no court actually worth anything would award this guy money because of some notifications sent to his wife's phone. To be clear, if the app is bugged, it should be fixed. But law suits like this over a supposed "violation of privacy" on information that's not even sensitive are stupid. Period.

[cubby]

The uber driver should mind his own business.

Love the commenting on stuff you don't read, lol.

It was an automated response that got the husband in trouble.

[Tennis]

He used his wife's phone once.

After that though even when he was using HIS phone...his notifications were being sent to HER phone.

- - - Updated - - -



I think there are more than a few americans who feel that the NSA spying them without any justification is kind of a big deal.

Why are you so vehemently defending a cheater?

[Calimon-ZJ]

Also reimbursement from employer. They do not accept "Look, I have an Uber charge for $64, gimme my money back"

Yes they do. I work for global affairs Canada, and when our ambassadors have travel expenses such as taxis, we reimburse them when they provide a receipt. I've reimbursed several uber charges.

[serenka]

Why are you so vehemently defending a cheater?

It's not defending a cheaper, it's defending someone's privacy rights, an app should not be sending your location to a device you have signed out of.
I couldn't care less about this lawsuit and if he wins or not, I do think however that uber should adjust their app to no longer send your location to a device you're not signed in on.

[Deleted]

Uber should fix this matter. When you're logged out it should not send notifications.

Yet, considering this, the husband is still at fault.
He logged into his wife's phone to call uber rides to his lover (lol). And he got caught being a cheating bastard. If he had not cheated, none of this would have happened.

[Brubear]

From a legal perspective, "invasion of privacy" refers specifically to intentional violation of privacy.

And while it certainly may be different in France, no court actually worth anything would award this guy money because of some notifications sent to his wife's phone. To be clear, if the app is bugged, it should be fixed. But law suits like this over a supposed "violation of privacy" on information that's not even sensitive are stupid. Period.

If the information is released to unauthorized persons through negligence on the companies part, then your privacy has been violated without intent. You can argue that that's gone from the intentional tort of "invasion of privacy" to the unintentional tort of "negligence", but that really seems like splitting hairs as they both have the same end result (something that wasn't meant for other people being released to them). Now, that means this guy would have to prove that Uber was negligent in regards to this bug, but would still not require intentional violation of their private information (though given that Uber had a major data breach due to poor data security practices, the bar might be lower than one would think).

If the laws in France are different (which the EU has far more strict data privacy laws) then saying no court worth it's salt would award him anything kind of ignores just how stringent EU privacy laws can be. This is especially true given that location data is a huge thing that companies track, which notifications of ones travel could fall under this as it can be used to track someone. Given just how broad and vague some of the laws are in the EU, this guy quite likely has some legal standing on for his suit.

[Mistame]

If the laws in France are different (which the EU has far more strict data privacy laws) then saying no court worth it's salt would award him anything kind of ignores just how stringent EU privacy laws can be. This is especially true given that location data is a huge thing that companies track, which notifications of ones travel could fall under this as it can be used to track someone. Given just how broad and vague some of the laws are in the EU, this guy quite likely has some legal standing on for his suit.

It doesn't ignore how stringent European laws can be, it just means if they award him millions of dollars because of a bug that allowed his wife's phone to receive notifications after he used her phone to access his account, those laws, and subsequently those courts, are fucking retarded. To me (and most rational people), this boils down to initial fault. He logged in from his wife's phone, he is ultimately responsible, bug or not. The law suit is nothing less than malicious.

But just because he's guilty doesn't mean Uber is innocent. That's the problem with your poll. Sure he's guilty, but Uber is also guilty of a breach of privacy, which is a pretty big deal.

Uber is guilty of failing to fix a bug. Outside of documentation stating that the information provided by those notifications is classified as "private" information and that said documentation is not invalidated by their terms of service, I'm not convinced that his "privacy" was "violated". As far as the Trump scenario: You have neither the expectation nor the right to privacy in a public setting.

[Tennis]

But just because he's guilty doesn't mean Uber is innocent. That's the problem with your poll. Sure he's guilty, but Uber is also guilty of a breach of privacy, which is a pretty big deal.

I'm a big believer in people's right to privacy. Yes, even when it's Donald Trump sitting wired in a van making jokes about women. Not a fan of Trump, but I think that it's dangerous to take jokes said in private, where part of the humor is a willingness to transgress boundaries, and make them public and pretend he was serious when he said those things.

If a serial killer was outed because of an Uber glitch would you be upset with uber?

[Evil Midnight Bomber]

Why are you so vehemently defending a cheater?

I wasn't going to comment on this thread anymore...and I still won't comment further on the "right to privacy" angle...but I will respond to this.

I have stated, numerous times now, that I do not condone nor defend the cheater. I have said the entire time that the cheating and the app leaking his personal information are two separate issues.

Below I will list the things I have said regarding this man's cheating.

This does not mean I condone his cheating on his wife. I hope her lawyer destroys him in court.

Again, the guy is a cheating piece of shit.

The guy's a cheating asshole. I hope his wife's lawyer shreds his asshole open in court.

He's a cheating asshole and I hope his divorce goes very badly for him.

The guy is a cheating asshole

That's what me "vehemently defending a cheater" looks like. So you can just take your strawman and kindly fuck right off with it.

[Baelic]

You know what they say about Karma!