In part three of our Ridesharing Regulations series, Zachary Pyers and Kenton Steele discuss the regulatory issues most frequently faced by ridesharing companies and TNCs, including insurance and user data privacy standards. They also cover record keeping requirements which can vary state by state.
Visit our website for information about our legal services related to emerging technologies.
In part three of our Ridesharing Regulations series, Zachary Pyers and Kenton Steele discuss the regulatory issues most frequently faced by ridesharing companies and TNCs, including insurance and user data privacy standards. They also cover record keeping requirements which can vary state by state.
Visit our website for information about our legal services related to emerging technologies.
Kenton H. Steele, Esq.
On today’s podcast, we will be continuing our discussion on ridesharing regulations and cover some of the areas where we most frequently see specific regulations put in place to dictate requirements that ridesharing companies must follow in order to be allowed to operate in a jurisdiction. Zach, can you tell us some of the most common regulatory issue that we see across this space?
Zachary B. Pyers, Esq.
Sure. One of the most common regulatory issues that we see surrounds insurance. There’s a handful of other ones that we are going to be talking about, from privacy to recordkeeping to driver identification, but by and large, one of the most prominent ones that we see across the regulatory schemes or structures or landscape relates to insurance, and so when we talk about the regulations, a lot of them are focused on or at least include insurance. I think when we heard Karen speak on this topic on some of our earlier episodes, she was even indicating to us that some of the regulatory schemes that the states have sometimes just are an insurance-based statute, and so by and large, the most common one is probably insurance.
Kenton
What are some of the differences we see in insurance regulations from jurisdiction to jurisdiction?
Zach
What we see is that there is some common kind of standards as it relates to the insurance aspects, and so kind of a baseline that a lot of states use is $1,000,000 in coverage. Now I’ve gotta clarify that because the $1,000,000 in coverage just doesn’t apply all the time to every transportation network company, driver/ridesharing driver, and so what we see is the general standard when the driver is kind of in the course and scope, not to use the employment term and confuse them necessarily as an employee, but when they are driving to pick up a ride or they are transporting a passenger, during that phase, they are, have $1,000,000 in coverage usually for the third-party liability. Now one of the other things that we kind of see is that some states, this amount varies. You have got some states where the amount is a lot less. It could be $300,000 or $500,000, and then you have some states where it is $1,500,000 or $2,000,000 in coverage, and so you really have to kind of be specific and kind of watch that as it relates to a regulatory kind of structure. The other thing that we see is that there is uninsured or under-insured motorist coverage required in some states but not all, and so some states require this coverage and have very specific regulations as to during what phases of the ridesharing it applies, and so that is another issue that you kind of must be careful of or review as it relates to the regulations. Now, the other thing that I will say is that there is usually a standard minimum that each ridesharing company will have regardless of what the regulations say. So for example, I was just checking as it relates to Uber’s website and the amounts that they disclose on their website, and so they set forth that during the phase where a driver is waiting to pick up a passenger, so they’re available, the app is on but they don’t have a rider in the car nor are they on their way to pick up a rider, that there is $50,000 in bodily injury per person, $100,000 in bodily injury per accident and $25,000 in property damage per accident. Without a passenger in the car, without being on the way to pick up one, regardless of the regulations, these minimums would still apply. We see the higher amount, the $1,000,000 in minimum coverage, apply when the driver is in route or has a passenger in the car, and so that’s not the uninsured or under-insured, that’s really just the third-party liability coverage, and so that’s kind of the overarching landscape as it relates to the insurance.
Kenton
Zach, can you tell us a little bit about why this issue of insurance regulations in the ridesharing space is relevant or important to the context of litigation related to ridesharing accidents?
Zach
Absolutely. I mean it should come as no surprise to most of our listeners or at least a lot of them, that a lot of litigation is funded by, whether it’s on the plaintiff or the defense side, in litigation, insurance in some way. Insurance plays a very key role as it relates to litigation because it, it acts as that stopgap safety measure to protect companies and entities from unknown or kind of unpredictable outcomes, and so when we see these kind of amounts disclosed up front via the regulation and some of the public disclosures by these ridesharing and TNC companies, it helps to kind of set the minimum expectation or standards as to what these potentially injured parties may be able to recover. Without issues of having to pierce the corporate veil or prove respondeat superior or that somebody was an employee/employer, those insurance that’s being provided is kind of one of the areas that helps to create predictability and kind of acts as almost a protection to the consumers, these companies are able to operate in this space knowing that there is a mechanism for recovery in case somebody is injured.
Kenton
Turning to the next topic here, something we have discussed is ridesharing companies really try to posture themselves as being technology companies. As technology companies, one of the things that they are very good at is collecting and using data, including customer data. Is that something where we see regulations being put in place or different mechanisms to protect that information being utilized by these companies?
Zach
I think this comes as no surprise to a lot of people, and I think this probably was discussed in some of our earlier episodes when we kind of discussed one of the arguments raised by ridesharing companies as to why they are not an employer, and that argument was that they are not actually providing these rides to people. As a company, these ridesharing companies/TNCs are really, they are really technology companies. They’re like a sophisticated phone book, connecting drivers and riders, so it should come as no surprise that one of the issues that comes up with a technology company is an issue of data and privacy, and so a lot of states have some level of protection, but it’s not nearly as an expansive landscape as you see as it relates to the insurance, and so there’s a lot of states that don’t necessarily have specific laws governing these ridesharing or TNC companies’ protection of passenger data. Now, I will say that we saw was, we saw kind of a public outrage a couple of years ago when it came out in 2016 that Uber was actually tracking passengers’ locations even after their ride ended, even after they were dropped off, and so it came to light that these smartphones everybody is carrying around in their pockets can actually be utilized to track people and their locations. It came to light that we could figure out not only what restaurant we dropped you off at, but did you go to a bar across the street later. Did you go back to your house or maybe you went to your girlfriend’s house or maybe you went somewhere you shouldn’t be going, and so the location data was then leaked, and it became a big deal not only for the people whose data was leaked, but it became a big deal for Uber as a public relations issue because people started to realize how much data these companies were actually collecting on them. So we’re talking about four and a half, almost five years after this kind of came to light, but it should come as no surprise that these companies use a lot of data for a lot of different reasons. They use it to help with the surge pricing that Karen had talked about in some of our prior episodes. They use it to help to properly staff as best as possible to encourage drivers when they know there’s gonna be high levels of ridership, and so it helps to, it helps them in a lot of those ways and to ensure kind of a comprehensive and consistent model because they use the data to track passengers, and if I’m a bad passenger and I’m getting a lot of low reviews, they’re gonna track that data to potentially ban me from the app. Same thing with the drivers. If a driver is getting unsafe or bad reviews, they get too many low ones, then they may be removed or suspended, and so, but when it comes to tracking, we kind of see a less comprehensive scheme across the various regulations.
Kenton
What are some of the common issues that come up as it relates to protecting the data that’s collected by these companies?
Zach
Two of the big components are the personal identifiable information - Social Security Number, addresses, telephone numbers, emails, but one of the other big ones is the financial information. What we see is that a lot of people, the credit card information or debit card information is stored right inside the app, and so there is legislation and regulations that’s targeted at trying to protect both the individual consumer but also the financial information.
Kenton
I’ve heard about some of this information being disclosed. Can you tell me some more about that issue?
Zach
Sure. By far, probably the biggest one that has come out was the one I referenced a few minutes ago back in 2016 when they came out that they were actually tracking the location of people even when they weren’t utilizing the app, and I think a lot of people expect it that they were gonna track you while you were using the app ‘cause that’s how they knew where to pick you up. That’s how they knew where you were actually traveling, and that’s how they knew where you were dropped off. That was by and far one of the larger ones, but we have seen other ones where other TNCs and other ridesharing companies have issues with regards to their customer data being exposed through data breaches and the like, which we will talk at much greater length about data breaches, not just in the ridesharing context but kind of just in the larger consumer context in some of our later episodes.
Kenton
Now, thinking about the way in which regulators can act to respond to concerns, obviously part of that would involve needing to have some understanding of what a company is doing, how that company is operating, and that can give rise to sort of recordkeeping and reporting requirements. What are some of the common areas of recordkeeping that ridesharing companies are required to provide and hand over to regulators?
Zach
We talked about the piecemeal application of the customer data and the privacy surrounding that as it relates to the regulations. With the recordkeeping, what we see is that a lot of states require some form of recordkeeping, but there is not a uniform standard as to what is being required to be kept. For example, several states require TNCs or ridesharing companies to retain records of trips and the drivers for one year. And so, in some states, the only things that they’re required to maintain is just to know what the trips were and who was driving them. Now, Colorado, for example, gives s little bit more, and they mandate the retention of vehicle inspection records for 14 months, criminal backgrounds for the drivers for five years and the driver history checks for three years, and so you kind of see in Colorado this other kind of scheme or application as it relates to some of the things that Colorado mandates. Now, most states do obligate that a TNC be able to produce certain records to a regulator in response to a complaint or an investigation, and so this presupposes that the companies are actually keeping and maintaining those records so that they can be produced. That is one of the issues that I think a lot of people or a lot of these entities are prepared for, but again, they are trying to comply with several different states’ forms of regulations, and so you see that in some states are much more restrictions. A few states, for example, North Dakota, contains a semi-annual reporting requirement where the documents have to be reported or turned over on a semi-annual basis. Other states have a reporting requirement that is triggered only when accidents occur, and you see that also happen in certain states, it helps to report and have that information potentially could be a resource if you are in litigation or involved in some other tangential matter where you have got these records that might be recoverable. Now, we see one of the other ones that I like to talk about kind of at the end is Virginia’s law, which also contains a specific recordkeeping requirement, and they have got a lot of stuff. And I won’t go into all of it, but just to show you a minimum, they require criminal history checks, the result of driver history, driver’s license records, results of sex offender screening, proof of compliance with vehicle ownership, registration and inspection requirements, driver insurance, proof of compliance with notice and disclosure requirements relating to the operational requirements, insurance and driver screening, proof that the TNC obtained certification of the driver securing consent of each owner, lessor or lessee of the vehicle, data regarding the driver activity which is logged into the platform, records regarding any action taken against the driver, contracts or agreement between the TNC and the driver, information identifying each driver, including name, date of birth, driver’s license and state issuing license, and then a couple of other pieces of information relating to the specific vehicles. Now, I go through that list just to show you that some states, the recordkeeping requirements can kind of be a little bit more extensive than others.
Kenton
How is that information then reported to these regulatory bodies?
Zach
I think what we see in some of these ways is that sometimes it’s recorded in the specific instances, meaning some states are requiring it semi-annually; other states are requiring it when there’s a triggering event such as an accident; other states have it specifically on an annual basis; and the other more common, or I shouldn’t say more common, but consistent is that it’s available on demand when the regulators or investigators demand it. For example, if a customer makes a complaint to the regulatory body, the regulatory body may then subpoena or request the records from the company. That is a common way that these records are obtained or secured.
Kenton
Thank you for joining us on this episode of the Reminger Report Podcast on Emerging Technologies. Please be sure to join us for our next episode where we will be continuing our discussion on ridesharing regulations, and we’ll be diving into some of the regulatory issues that are specific to ensuring passenger and rider safety.