Today, CDT sent a letter to the New York City Taxi and Limousine Commission (TLC), urging the TLC to protect individual privacy when considering proposed revisions to its rules governing cabs and dispatchers. The proposal requires dispatchers to send information on the date, time, and location of pickups to the TLC en masse; while this data is limited in scope, we question whether there is any reason to centralize all this information in yet another big government database. There are also measures that the TLC can take to safeguard the data it collects. If the TLC proposes at a later date to collect additional information (such as drop-off location) as well, that would raise further privacy concerns, given the sensitivity of location information.
The proposed regulations are in response to the increased use of smartphones to order cabs and are intended to protect drivers and promote public safety, according to the TLC. This is a laudable goal, of course; however, by mandating bulk transmission of data, individual privacy interests are implicated. The data that the TLC is requiring to be sent contains personal information that could identify individual drivers and passengers and, over time, could be used to track individuals and their movements with a high level of accuracy. This is of course not the TLC’s primary motivation, but any bulk collection and storage of personal data increases the likelihood that data may be misused or accessed without authorization. CDT has consistently advocated that entities that collect information do so in restricted ways, for specifically delineated purposes, rather than collect massive amounts of data for potential, unspecified future uses.
We would suggest that the TLC require companies to maintain their own databases (using strong security measures such as encryption) for access upon request or necessity. By doing so, the TLC would limit the scope of its data collection, ensuring that it would be less likely to suffer a catastrophic data breach and reducing the governmental costs of maintaining its own security program. Requiring the dispatchers to maintain these records would still allow the TLC to protect consumers and drivers, in the event of an accident or when needed for an investigation, and access records expeditiously, without requiring the massive transmission of individual data.
Recent news stories have indicated how taxi information can reveal a great deal about individuals, and we hope that the TLC takes these considerations into account when revising its regulations. Location information is personally revealing to such an extent that any regulations governing its collection and transmission should be enacted deliberately and with consultation with civil liberties groups, companies, and government agencies. Whatever form the final regulations take, the TLC should ensure that individual privacy receives strong protections.