London Employment Tribunal determined that Uber drivers are employees

In response to a complaint from trade union GMB, the London Employment Tribunal determined that Uber drivers are employees.

Remarking “the lady doth protest too much, methinks” at Uber’s numerous contractual provisions insisting that drivers are not employees, the LET simultaneously looked at Uber’s various “unguarded moments” in which the company used terminology most consistent with employment status. Ultimately the LET said it is “unreal” to deny the “practical reality” that Uber provides transportation services, and in that context the LET found that the drivers must be employees.

The LET rejected as “ridiculous” the suggestion that Uber is “a mosaic of 30,000 small businesses linked by a common ‘platform.'” The LET rejected Uber’s claim of only providing driver with “leads.” For one, drivers have no opportunity to negotiate or bargain with passengers. The LET also examined the interaction between drivers and passengers, including when drivers learn the route and how payment occurs. The LET said all these factors indicate an employment relationship.

In a 13-item list, LET gathered factors indicating that drivers are employees, including those detailed above as well as Uber’s practice of interviewing and recruiting drivers, instructing drivers in various respects, setting routes, collects ratings and imposes penalties, handles complaints, and has the power to amend the contract provisions of the relationship.

Informed by the finding that drivers are employees, the LET went on to analyze their rights as employees and Uber’s violations of those rights.

London Employment Tribunal determined that Uber unlawfully denied basic workers’ rights

Having determined that Uber drivers are employees, the London Employment Tribunal further determined that Uber unlawfully denied drivers certain basic rights guaranteed to all employees.

Among other rights, GMB alleged that Uber drivers were entitled to holiday pay, a guaranteed minimum wage, and breaks.

GMB specifically challenged the amount that drivers are paid. After deducting costs and fees, GMB found that members could make as little as 5 GBP per hour, well below the national minimum wage of 7.20 GBP. They also challenged Uber’s practice of deducting sums from drivers’ pay including in response to customer complaints.

LET also found that, contrary to Uber’s insistence that Netherlands law governs the relationship between Uber and its London drivers, in fact British law governs because the relationship “relevant to the situation” was the UK.

Uber appealed the decision. A judgment of the appeal is expected in late 2017.

Fuel Card duplicate charges

Uber provided some drivers with “fuel cards” usable for gasoline, carwashes, and other services, at a discount, with charges deducted from future Uber earnings. Multiple drivers reported duplicate charges. Representative quotes:

“Double charged for gas with Uber card. Same transaction. Exact same time and date stamp. You took double from my earnings…The rep last night said they have had multiple calls for this same issue. That it would be cleared up by midnight. Today it’s still not fixed and the rep said he couldn’t do anything about it! Uber this is unacceptable” (September 6, Facebook, Florida driver)

“Gas card is very funny…Something is fishy about how this card works. Once I was triple charged and no one caught on until I bought it to Uber attention and the fixed it. I no longer want to use card” (September 2017, YouTube, Curtis J.).

“I was looking over my transaction history and there is two gas card purchases. Same amounts/ days. I was charged twice for 1” (June 28, Twitter).

“Hey my uber gas card was charge 3 times at the same time and day, but different days each” (June 28, Twitter, Oregon driver).

“It’s been 4 days since I wrote to customer care to review my fuel card charges, there were duplicate charges on it and I was overcharged, I have sent screenshots of duplicate charges but so far I got only one reply yesterday with copy pasted text that has nothing to do with what I asked for.” (April 4, Facebook, New York driver).

Drivers reported heightened difficulty resolving the problems because Uber told them to contact FleetCor, which operated the fuel card program. FleetCor in turn told them to contact Uber.

Drivers also reported that Uber and FleetCor suggested that the drivers conduct their own investigations into the disputed transactions such as interviewing merchants and requesting refunds from merchants. Most drivers found these approaches untenable, particularly because the fraudulent charges could occur at distant merchants far from where the drivers lived.

A further challenge for drivers is that many drivers did not know how to contact FleetCor. The Uber-provided FleetCor car does not include a customer service phone number on the back of the card. Drivers would need to find the number in the original card materials that provided in an envelope along with the card — easily overlooked or discarded.

An October 5, 2017 report from The Capitol Forum (paid subscription required) analyzed these concerns and tabulated these and numerous additional driver complaints.

Fuel Card charged drivers for unauthorized purchases; Uber refused to investigate

Uber provided some drivers with “fuel cards” usable for gasoline, carwashes, and other services, at a discount, with charges deducted from future Uber earnings. Multiple drivers reported unauthorized charges posting to their cards.

When drivers reported the problem to Uber, Uber told them that records indicated that the charges were requested with the driver’s PIN, so Uber declined to investigate or look up the charges. (One Uber response: “We’re sorry for any inconvenience this has caused you. I have checked our system and it shows that your PIN Code was entered for each transaction that you have mentioned. Since your PIN Code is unique to your Fuel Card, it is not eligible to file a dispute.”) But some drivers found that charges could be made without PINs. Moreover, skimmers and concealed surveillance devices allow attackers to obtain driver card details and PINs without authorization.

Drivers who requested a phone number for the fuel card issuer — necessary to file police reports in some jurisdictions — were rebuffed by Uber, whose staff said they contacted the issuer only by email.

Drivers report never receiving terms and conditions for the fuel card, noting that no such terms were included in the postal envelope that delivered the card. Requests for the terms through Uber support and in-person visits to Uber local offices were also unsuccessful. However, fine print on the back of each card said drivers were bound by the terms.

Representative complaints from Uber drivers on online discussion boards and social media:

• “I do not use the Uber Fool Card”
• “Veteran drivers call it the Uber Fool Card.”
• “I should have never gotten that damn Uber fuel card.”
• “HERE WE GO AGAIN WITH THE GAS CARD BULL$h!t AGAIN!!! F$%) ME!!”
• “Just cancelled my Uber fuel card because it took a huge chunk out of my earnings for this past week and left me with nothing but chump change, which I spent on gas. I’m better off using my debit card to pay for gas.” (=

Some drivers explained in greater detail:

UBER SHOULD BE ASHAMED BECAUSE INSTEAD OF INVESTIGATING THEY ARE SIMPLY TRYING TO COVER THIS UP!,, I have been trying to get UBER to correct the fuel card issue but they only blew it off saying the excuse about the driver pin code which is the pin that can be cloned and UBER has had the same issues across the USA! They haven’t investigated a video I sent that showed the tall male of Caucasian or Hispanic descent using the card on a NON-UBER vehicle that was a totally different color.

My fraudulent charges are now totaling over $400. This all started on March 22 and I still have not been refunded! They keep telling me that they are waiting on the credit card company to finish their investigation. I have filed a claim with my local police department and they said since the fraud happened in another state they couldn’t do anything so I should file a complaint with the DOJ. In order to do that you have to have a phone number of the company you are filing a complaint against so I asked Uber to give me the credit card company’s contact info. They said that they didn’t have it and that they only dealt with them through email. You know this is a lie because how would they not have the contact info for a company they do business with.

An August 29, 2017 report from The Capitol Forum (paid subscription required) analyzed these concerns and tabulated these and 30+ additional driver complaints.

Misrepresented its monitoring of employee access to data, steps taken to secure data

In a press release, the FTC summarized its privacy-related complaint against Uber.

For example, Uber told the public that the company “has a strict policy prohibiting all employees at every level from accessing a rider or driver’s data. The only exception to this policy is for a limited set of legitimate business purposes.” Uber claimed access was “closely monitored and audited by data security specialists on an ongoing basis.” Uber made strong claim in its privacy policy such as “We use the most up to date technology and services” to protect customer data, and “we’re extra vigilant in protecting” customer data” via “the highest security standards available.”

In contrast, the FTC found that Uber “has not always closely monitored and audited its employees’ access to Rider and Driver accounts” in that the security system “was not designed or staffed … effectively.” The FTC continued: “In approximately August 2015, Respondent ceased using the automated system it had developed in December 2014 and began to develop a new automated monitoring system. From approximately August 2015 until May 2016, Respondent did not timely follow up on automated alerts concerning the potential misuse of consumer personal information, and for approximately the first six months of this period, Respondent only monitored access to account information belonging to a set of internal high-profile users, such as Uber executives.”

The FTC also criticized Uber for letting engineers use shared access keys with full administrative privileges to all data in Uber’s Amazon Web Services database, rather than requiring that each program and each engineer use a separate key. Uber further failed to restrict access based on employees’ job functions, and failed to require multi-factor authentication to access data. Until March 2015, Uber stored sensitive personal information in AWS in clear text without encryption.

Driver names and license numbers improperly secured

In September 2014, Uber experienced a data breach resulting from an Uber engineer posting an access code which let an unauthorized third party accessed driver names and driver license numbers. Uber failed to notify affected drivers or the state of New York for seven months.

The New York Attorney General described the breach and Uber’s handling of the situation:

The Attorney General found that in early 2014 an Uber engineer posted an access ID for Uber’s third-party cloud storage on Github.com, a website designed to allow software engineers to collaborate. The post was accessible to the general public. On May 12, 2014, someone unaffiliated with Uber accessed the database that included Uber driver names and driver license numbers. Uber discovered the breach in September 2014 but did not provide notice to the affected drivers and Schneiderman’s office until February 26, 2015. General Business Law § 899-aa requires notice be provided to affected individuals and various government agencies including Schneiderman’s office “in the most expedient time possible and without unreasonable delay.”

As part of a settlement with the New York Attorney General’s office, Uber promised to implement multi-factor authentication for any employee could to access especially sensitive rider personal information, among other improved data security practices. Uber also paid a $20,000 penalty for failing to timely notify drivers and the State of New York.

A subsequent FTC investigation and settlement found that more than 100,000 drivers were affected. The FTC reported that in addition to 100,000+ names and driver’s license numbers, Uber also revealed 215 names and bank account numbers with routing numbers, and 84 names and security numbers. Furthermore, the FTC found that Uber’s efforts to notify affected drivers were piecemeal and incomplete: The company initially notified less than half of the drivers affected, whereas others were notified some 16+ months later.

Litigation: driver assaulted passenger with a metal rod, yielding bleeding in brain

TMZ reported a lawsuit by a Chicago Uber passenger who says driver Munstr Abuseimi punched him repeatedly — then came back to his house with a metal rod which he used for further attacks. The passenger said he received a fractured left orbital, bleeding in his brain, concussion, and a dislocated jaw with nerve injury. Uber did not comment but said the driver no longer has access to the company’s app.

London police: Uber failed to report driver attacks

The Guardian reported a letter from the London Metropolitan Police’s taxi and private hire team, complaining that Uber failed to timely report drivers attacking passengers. “Had Uber notified police after the first offence, it would be right to assume that the second would have been prevented,” the letter explained. The letter said that Uber failed to report sexual assaults as well as an incident in which a driver “produced what was thought to be pepper spray during a road rage argument.”

High driver turnover

Citing internal Uber data, news site The Information reported (paid subscription required) that only 25% of drivers who passed Uber’s screening and drove at least one ride remained with Uber a year later. Many drivers report earning approximately $10 per hour after car maintenance and gas costs.