Food Delivery Apps and Data Privacy Concerns: Protecting Your Information

The popularity of food delivery apps has soared over the past few years. They have made ordering food from your favorite restaurants easier than ever before, with just a few taps on your phone. However, with this convenience comes the risk of data privacy concerns. As users input sensitive information such as their names, addresses, and credit card details, it’s crucial to ensure that their data is protected from unauthorized access. In this article, we’ll explore the potential data privacy concerns related to food delivery apps and give examples of data breaches that have occurred.

Data Privacy Concerns with Food Delivery Apps

1. Data Collection and Storage: One of the primary concerns with food delivery apps is the amount of data they collect from their users. While this data may be necessary to facilitate the delivery process, it’s essential to ensure that it’s collected and stored securely. This includes ensuring that the data is encrypted and that access to it is restricted to authorized personnel only.

2. Third-Party Access: Many food delivery apps rely on third-party services to facilitate their delivery process. This means that users’ data may be shared with these third-party services, which may have different data privacy policies and practices. It’s important for users to read the terms and conditions carefully to understand how their data will be used and who will have access to it.

3. Unauthorized Access: Another concern with food delivery apps is the risk of unauthorized access to user data. This can occur due to poor security practices such as weak passwords, unsecured networks, and outdated software. It’s crucial for app developers to implement robust security measures to prevent unauthorized access to user data.

Examples of Data Breaches in Food Delivery Apps

1. DoorDash: In 2019, DoorDash, a popular food delivery app, suffered a data breach that affected 4.9 million users. The breach occurred due to a vulnerability in the app’s third-party payment processor, which allowed unauthorized access to user data, including names, email addresses, delivery addresses, phone numbers, and hashed passwords.

2. Uber Eats: In 2020, Uber eats, a popular food delivery app, suffered a data breach that affected 100,000 users. The breach occurred due to unauthorized access to user data through a third-party service. The data that was exposed included names, email addresses, phone numbers, and order history.

3. Deliveroo: In 2021, Deliveroo, a popular food delivery app in Europe, suffered a data breach that affected 100,000 users. The breach occurred due to unauthorized access to user data through a third-party service. The data that was exposed included names, addresses, email addresses, and encrypted passwords.

Protecting Your Information

While data breaches are inevitable, there are steps you can take to protect your information when using food delivery apps. These include:

1. Use Strong Passwords: Ensure that you use strong and unique passwords for each app you use. This will help to prevent unauthorized access to your account.

2. Check Privacy Policies: Always read the privacy policies of the apps you use to understand how your data will be collected, stored, and used.

3. Enable Two-Factor Authentication: Enable two-factor authentication wherever possible. This will add an extra layer of security to your account, making it more difficult for unauthorized users to access your data.

4. Keep Your Software Up-to-Date: Ensure that your device’s software is up-to-date to prevent vulnerabilities that may be exploited by hackers.

In conclusion, food delivery apps are a convenient way to order food from your favorite restaurants. However, they come with data privacy concerns that users should be aware of. By taking steps to protect their information, users can ensure that their data is secure and prevent unauthorized exploitation of their data.

Major Privacy Updates of the Week

New Phishing Tool named “Greatness” Exploits Microsoft 365 Credentials

A new Phishing took named “Greatness” was deployed as part of several phishing campaigns since mid-2022. Findings from security researchers at Cisco Talos indicate that Greatness has been found to target solely via Microsoft 365 phishing pages and offers a link builder to create authentic-looking decoy and login pages. Features such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram Messenger bots have also been incorporated in Greatness.

Additionally, Cisco Talos Intelligence Group found that the victims were primarily companies located in the US, UK, Australia, South Africa and Canada with Manufacturing, health care and technology Sectors being the most targeted. 

Read More.

Florida lawmakers pass Privacy bill

The Florida Lawmakers passed a Privacy Bill (Senate Bill 262) that if signed by the Governor Ron DeSantis would allow consumers to access information collected by companies and have some deleted. However, the provisions of this act do not apply to all companies. Companies with over $1 Billion in revenue and derive at least half their global revenue from ad sales, operate smart speaker or operate an app store with at least 250,000 different apps.

The Bill would require companies to allow consumers to opt out of targeted ads based on non-pseudonymous data, but does not require opt-outs for targeted ads based on pseudonymous data. The Bill even includes special provisions for the Privacy of Children. 

Read More.

AI Act moves ahead in EU Parliament with key committee vote

The AI Act, a key regulation governing Artificial Intelligence and its potential harm, was jointly adopted by the Parliament’s Civil Liberties and Internal Market committees on Thursday with a large majority.

The next step is plenary adoption, which is scheduled tentatively for 14 June. The legislation prohibits manipulative techniques and social scoring, which are deemed too risky.

Additionally, the ban also includes AI models for biometric categorization, predictive policing, and the use of facial images to create databases. 

Read More.

OpenAI CEO to testify before Congress

The CEO of OpenAI, Sam Altman, will testify before a Senate panel on Tuesday regarding the regulation of AI. ChatGPT, OpenAI’s AI chatbot, has become increasingly popular as it generates responses to user queries by utilizing vast amounts of data. However, the rapid deployment of ChatGPT has sparked concerns among some AI ethicists and public officials, who worry about the spread of misinformation, job loss, and other potential harms to users.

Sen. Richard Blumenthal (D-Conn.) will lead the hearing, which marks the panel’s first step in overseeing and highlighting the advanced algorithms and powerful technology of AI. Read More.

Rupees 100 crore pan-India Cyber Fraud unearthed by Haryana Police

A coordinated Raid by the Haryana Police in Nuh District unearthed a Pan-India cyber fraud amounting to a tune of Rs. 100 Crores. These fraudsters had targeted various parts of the country including Delhi, Haryana, and Uttar Pradesh. The arrests of these fraudsters have resulted in a tracing of nearly 28,000 cases of Cyber Fraud.

Between April 27th to April 28th, 5000 Police men raided 14 villages and detained 125 suspects out of which 66 accused were identified. Fake Aadhaar cards, Pan Cards, ATM Cards, Mobile Phones, Sim Cards, and laptops were recovered. 

Read More.

Curated by: Prajwala D Dinesh, Ritwik Tiwari, Ayush Sahay


Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro