Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': "FTC has authority to review whether Uber's discretionary law enforcement disclosure practices constitute unfair or deceptive privacy practices under Section 5 FTC Act.", 'complaint_url': 'https://reportfraud.ftc.gov/'}, {'agency': 'State_AG', 'reason': 'State Attorneys General in California (CalECPA enforcement) and other states with electronic surveillance laws can investigate unlawful voluntary disclosure of driver location and communications data.', 'complaint_url': 'https://www.naag.org/find-my-ag/'}

What is the severity of this clause?

ConductAtlas classifies this Law Enforcement and Regulatory Disclosure clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Law Enforcement and Regulatory Disclosure — Uber

Share 𝕏 Share in Share

What it is

Uber can and will share your personal data — including your location, identity, and trip records — with police, government agencies, and regulators when legally required or when Uber judges there to be a safety or fraud risk.

Consumer impact (what this means for users)

Your identity documents, GPS history, trip records, and behavioral data can be disclosed to law enforcement and government regulators either under legal compulsion or at Uber's unilateral discretion when it judges there to be a safety or fraud concern — drivers are not necessarily notified when this occurs.

How other platforms handle this

Midjourney Medium

8 Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. YES (only images you upload to our services) YES

Slack Medium

We may engage third-party companies or individuals as service providers or business partners to process Information and support our business. These third parties may, for example, provide virtual computing and storage services, assist Slack with verifying Owners and Customers, or we may share busine...

Binance.US Medium

To Comply With Our Legal Obligations. We may disclose your information with courts, law enforcement authorities, regulators, attorneys or other parties: (A) to comply with laws and legal obligations; (B) for the establishment, exercise, or defense of a legal or equitable claim; (C) to respond to law...

See all platforms with this clause type →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Uber retains broad discretion to disclose driver data to law enforcement beyond mandatory legal obligations, including based on Uber's own safety or fraud determination — this could expose drivers to law enforcement contact based on algorithmic flags rather than verified evidence.

View original clause language

Uber may share personal data in response to a legal obligation, including to comply with a subpoena or court order, to respond to claims asserted against Uber, to comply with requests from government or regulatory authorities, or where Uber determines that disclosure is necessary to prevent physical harm, fraud, or illegal activity. Uber may also share data with law enforcement where Uber determines there is an imminent risk to safety.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: Voluntary law enforcement disclosure is governed by the Electronic Communications Privacy Act (ECPA 18 U.S.C. §2702), which permits but does not require voluntary disclosure to government entities in emergency circumstances; the Stored Communications Act (SCA 18 U.S.C. §2703) governs compelled disclosure. GDPR Art. 6(1)(c) and (e) provide lawful basis for legal obligation disclosures but require necessity and proportionality; GDPR Art. 23 permits restrictions on data subject rights for public security purposes. The Notice's provision for discretionary disclosure based on Uber's 'determination' goes beyond mandatory legal obligation and raises GDPR proportionality concerns.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

FTC has authority to review whether Uber's discretionary law enforcement disclosure practices constitute unfair or deceptive privacy practices under Section 5 FTC Act.
File a complaint →
State AG

State Attorneys General in California (CalECPA enforcement) and other states with electronic surveillance laws can investigate unlawful voluntary disclosure of driver location and communications data.
File a complaint →

Applicable regulations

United States Federal

CAN-SPAM

United States Federal

DMA

European Union

FCRA

United States Federal

GDPR

European Union

GLBA

United States Federal

HIPAA

United States Federal

UK GDPR

United Kingdom

Provision details

Document information

Document

Uber Privacy Notice

Entity

Uber

Document last updated

March 14, 2026

Tracking information

First tracked

April 9, 2026

Last verified

April 9, 2026

Record ID

CA-P-002471

Document ID

CA-D-00110

Evidence Provenance

Source URL

https://www.uber.com/global/en/privacy-notice-drivers-delivery-people/

Wayback Machine

View archived versions →

SHA-256

da455350bcd5c09edc54361c40211ba929e95e035f6c5586acadc0ab4cefcd8f

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Uber | Document: Uber Privacy Notice | Record: CA-P-002471
Captured: 2026-04-09 09:01:00 UTC | SHA-256: da455350bcd5c09e…
URL: https://conductatlas.com/platform/uber/uber-privacy-notice/law-enforcement-and-regulatory-disclosure/
Accessed: April 29, 2026

Classification

Severity

High

Law Enforcement and Regulatory Disclosure

What it is

Consumer impact (what this means for users)

Why it matters (compliance & risk perspective)

Institutional analysis (Compliance & legal intelligence)

Applicable agencies

Applicable regulations

Provision details

Other provisions in this document

Related Analysis