Uber spied on users, politicians and Beyoncé using ‘God View’, according to court records

It’s not news to learn about Uber’s all-seeing ‘God View’ that let the company locate any of its users in real-time whenever it wanted, but according to court documents revealed this week, staff at the company routinely misused the ability for their own ends.

According to Ward Spangenberg, a former forensic data analyst at the company and the person cited in an excellent report by The Center for Investigative Reporting, while Uber says that the God View is restricted to key staff, it’s actually not.

“Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses,” Spangenberg wrote. He contends that “thousands” of employees can access the information whenever they want.

Existence of the God View is likely to draw even more concern as Uber continues to impinge on user privacy even further by tracking your location when you’re not even using the app after a ride ends.

Spangenberg’s list of complaints also includes claims that Uber remotely encrypted computers during raids of Uber offices by governments around the world, and that the company deleted files that it was legally required to keep. 45-year-old Spangenberg’s issue with Uber is a claim of age discrimination, which he says along with being a whistleblower internally, led to him being removed from his job after just 11 months.

We’ve contacted Uber for comment and will update if the company responds.

Update, December 14: An Uber spokesperson got in touch with the following statement:

“Uber continues to increase our security investments and many of these efforts, like our multi-factor authentication checks and bug bounty program, have been widely reported. We have hundreds of security and privacy experts working around the clock to protect our data. This includes enforcing strict policies and technical controls to limit access to user data to authorised employees solely for purposes of their job responsibilities, and all potential violations are quickly and thoroughly investigated.”