New York City’s New Data-Sharing Law, according to DoorDash, puts customers’ personal data at risk.
DoorDash, a food delivery service, filed a lawsuit against New York City on Wednesday, claiming that a new data-sharing rule will put their customers’ personal information at risk. The new ordinance was passed by the city council on Aug. 29, despite the objections of DoorDash and local chambers of commerce, which are concerned about the law’s impact on their businesses.
DoorDash and other food delivery apps, such as GrubHub, are now obligated to share customer data with the restaurants they partner with under the new regulation. This data includes information such as a customer’s name, phone number, e-mail address, delivery address, and order items, which restaurants would be allowed to keep. The delivery service apps would be prohibited from imposing restrictions on how this data can be used by the restaurants with which they collaborate.
After failing to persuade the council to take business and privacy groups’ concerns seriously, DoorDash claimed it was “left with no choice” except to pursue the issue in court. Because the bill does not compel restaurants to adopt data-security measures once they obtain a customer’s information, the company warns that the customer data it receives may be compromised. This, it claims, will jeopardize its position of customer confidence.
“The City Council’s legislation, N.Y.C. Int. No. 2311-A, would not only destroy that trust by requiring delivery platforms to disclose sensitive, personal customer data to restaurants without any safeguards, but it would also allow sensitive information such as names, email addresses, home addresses, and phone numbers to be misused, spammed, and available without any safeguards.
DoorDash goes on to say that data-vulnerable communities, such as people of color and LGBT clients, would be adversely harmed. For this reason, the National Gay and Lesbian Chamber of Commerce, the Haitian American Caucus, and the New York Hispanic Chamber of Commerce, among others, have joined DoorDash in opposing the council’s law.
DoorDash and delivery service providers may not be allowed to impose restrictions on restaurants’ use of consumer data under local law, but it does ban them from selling, renting, or revealing the information without the client’s express consent. Customers would also be able to withdraw their consent to their data being used and request that their data be erased.
The lawsuit filed by DoorDash over the. Brief News from Washington Newsday.