TaskRabbit collects government-issued ID documents, social security or tax identification numbers, and criminal background check results from certain users, primarily Taskers.
This analysis describes what TaskRabbit's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The collection of social security numbers, government photo ID, and criminal history represents some of the most sensitive categories of personal data, and their exposure in a breach or unauthorized disclosure carries significant identity theft and discrimination risk.
Taskers and certain other users are required to submit government ID documents, tax identification numbers, and background check results including criminal violations to use the platform; misuse or breach of these data categories could result in identity theft or financial harm.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Monitoring
TaskRabbit has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Identity Information, such as your date of birth, and depending on where you reside, your social security, tax ID number, VAT ID number, or social insurance number, and photo of your ID document such as your passport, local ID, or driver's license. Background Check Information, such as results of your background check which may include any criminal violations.— Excerpt from TaskRabbit's TaskRabbit Privacy Policy
1. REGULATORY LANDSCAPE: Social security numbers are regulated under various U.S. state laws including California's SSN Protection Act. Criminal history data implicates fair credit reporting and background check regulations under the Fair Credit Reporting Act (FCRA) in the U.S., and Rehabilitation of Offenders Act considerations in the UK. GDPR Article 10 addresses processing of personal data relating to criminal convictions and offences, requiring that such processing occur only under the control of official authority or authorized by member state law. The FTC has oversight of background check providers and practices under FCRA. 2. GOVERNANCE EXPOSURE: High. The collection of social security numbers, government-issued photo ID, and criminal history across multiple jurisdictions creates significant breach notification obligations under state and federal law, and GDPR Article 10 compliance obligations for EEA operations. The policy states this collection occurs 'depending on where you reside,' which implies jurisdictionally variable data collection practices that require careful data mapping. 3. JURISDICTION FLAGS: California's data breach notification law and SSN Protection Act create specific obligations around SSN collection and storage. Illinois and other states with biometric or sensitive data laws may apply depending on how identity documents are processed. In the EEA and UK, criminal conviction data under GDPR Article 10 requires a specific legal basis authorized by member state law, and compliance teams should confirm that applicable national law authorizes this processing for platform onboarding purposes. 4. CONTRACT AND VENDOR IMPLICATIONS: Background check vendors processing this data on TaskRabbit's behalf must meet FCRA obligations as consumer reporting agencies, and data processing agreements must reflect the heightened sensitivity of this data. Procurement teams should verify vendor certifications and breach notification commitments for identity and background check data specifically. 5. COMPLIANCE CONSIDERATIONS: A data impact assessment (DPIA) under GDPR Article 35 is likely required for processing criminal history data. Breach response plans should specifically address SSN and government ID data categories given the severity of identity theft risk and the short notification windows required in many U.S. states. Data minimization review should assess whether all collected identity data categories are strictly necessary for each user role.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The collection of social security numbers, government photo ID, and criminal history represents some of the most sensitive categories of personal data, and their exposure in a breach or unauthorized disclosure carries significant identity theft and discrimination risk.
Taskers and certain other users are required to submit government ID documents, tax identification numbers, and background check results including criminal violations to use the platform; misuse or breach of these data categories could result in identity theft or financial harm.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by TaskRabbit.