Uber and Snapchat both beef up product security
Move comes after companies criticised over data protection
Uber has faced criticism for how it handles user and driver data
The ride-sharing service Uber, last valued at $40billion, has poached Facebook’s chief security officer Joe Sullivan, a widely respected cyber security expert who has been with the social network for more than five years.
Mr Sullivan, who also spent eight years leading the prosecution of cyber crime at the Department of Justice, will be charged with securing the fast-growing app which collects sensitive data on users’ movements.
The move comes as Snapchat, the disappearing messages app valued last month at $15 billion, released its first transparency report, showing how much data it gives up to governments, and launched its bug bounty programme to encourage cyber security researchers to report flaws in the product.
Travis Kalanick, chief executive of Uber, said he had hired Mr Sullivan to help with the company’s goal to be a “world-class, people-centric protector of privacy”. He said the company had broad ambitions for how to use the data it has on “millions of trips per day in 300 cities in 56 countries”.
“We see opportunities ahead not just in technology, through biometrics and driver monitoring, but in the potential for inspiring collaborations with city and state governments around the world,” he said in a blogpost.
Uber has faced criticism for how it handles user and driver data. In February, it said that the personal information of about 50,000 Uber drivers was accessed in a data breach by an unknown third party the previous May, showing it had trouble detecting the attack.
One of the company’s executives, Emil Michael, its senior vice-president of business, also sparked controversy when he was quoted as saying the company should consider hiring private investigators to launch smear campaigns against critical journalists. In an article in BuzzFeed last November, it was alleged that an Uber manager had accessed a journalist’s customer profile to find out her movements without her permission.
Snapchat has also upset some users when they discovered that when using the service through a third party app, some of their supposedly disappearing messages were revealed. Snapchat has always officially banned third party apps but embarked on a crackdown, putting up technical barriers to their use, in the past few months.
The start-up is trying to improve its security by following other, larger technology companies to launch a bug bounty programme, calling on researchers to help it improve its code, any authentication errors and the transmission of data between its mobile apps and servers.
Its first transparency report showed that the US is the country which requests the most data from the app. In the six months ended February, 375 requests were made by law enforcement, 92 per cent of which were complied with, compared with the UK, the second most frequent, which asked for data 10 times and was complied with in only one case.