NYC faces lawsuit from food delivery company over customer data

DoorDash

After New York City issued a new law that requires food delivery companies to share customer data with restaurants, popular U.S. food delivery company DoorDash is taking a stand by filing a new lawsuit against the city, describing the new law as “a shocking and invasive intrusion of consumers’ privacy.”

The law, which was approved back in July, forces food delivery companies in New York City to share every detail about a customer that works with DoorDash, including customers’ names, phone numbers, emails, and delivery addresses.

In the lawsuit against NYC, DoorDash is vocalizing its concerns, arguing that customers trust the delivery service with sensitive data, ones that “they would not entrust to small businesses that do not have similar robust data safety and security protocol.”

The delivery service also made it clear that restaurants almost never require customers to share personal information to restaurants. “Moreover, the Ordinance’s presumption that every customer consent to sharing their personal data, unless they specifically opt out on a per-order basis, flies in the face of prevailing privacy best practices,” the lawsuit states.

Earlier this year, Democratic council member for the 4th district of the New York City Keith Powers introduced the legislation, noting that “after such a devastating year for our city’s restaurant industry, this precedent-setting law gives much needed relief to eateries to have better access to customer data and provides strong privacy protections,” Powers wrote in an email to The Verge.

“Restaurants are the lifeblood of New York’s economy and culture, and I’m proud that the City Council has stood by our local establishments and New York diners. I encourage DoorDash to drop this lawsuit immediately,” Powers added.

In July, the Electronic Frontier Foundation (EFF) sent out a letter to New York City Council mentioning that it “sympathized with the goal to set a more level playing field for all businesses particularly after the year we have all faced.” However, the digital rights non-profit opposed the new law being implemented, as “privacy should be the default of any transaction, and consumers should be asked to opt-in to sharing of their information every time it could be transferred to a new entity.”

The EFF added that the measures “sets up a ripe target for hackers and data thieves who want to exploit the customers’ information.”