Uber wins license to operate in London after ‘plugging IT gaps’

The ride-hailing firm was previously in trouble for failings in the way it manages and releases software updates

Changes that Uber has made to its systems and internal processes, including the addition of software tools and more automation, mean the company is now “fit and proper” to hold a license to operate in London.

Following an almost year-long regulatory process, the Westminster magistrates court has ruled in favour of Uber after Transport for London (TfL) previously refused the ride-hailing platform a license extension in November 2019. 

Part of the reason for the refusal was due to breaches that put passengers at risk, including a change to Uber systems that allowed unauthorised individuals to upload photographs to legitimate drivers’ accounts.

The decision comes three years after TfL first put pressure on the company to improve its systems and its practices, declaring it was “not fit and proper to hold a private hire operator license” in September 2017.

The Westminster magistrates court, however, has concluded after an examination of the evidence that changes to the way Uber operates means the company is not fit to operate in the capital. Notably, Uber has “plugged” the holes in its IT systems that have led to issues over the years, as identified by a report compiled by Cognizant.

Flaws in the release management systems that oversee how Uber’s software is updated have been addressed, according to the report commissioned in April this year, and regulatory breaches are therefore less likely to happen. In particular, Uber has increased the level of automation in these processes, improved software testing, as well as increased overall governance over releases.

“Cognizant instructed by TfL had initially found that ULL’s ITSM processes were not to appropriate standard,” said deputy chief magistrate Tan Ikram. “TfL accept that there have been subsequent changes.

“Despite their historical failings, I find them, now, to be a fit and proper person to hold a London PHV operator’s licence.”

One software issue highlighted by the ruling involved the way in which seven drivers were able to continue driving after their MOTs had expired. Uber became aware of a software issue in January 2020 that was causing this error - and implemented a fix in February. The manner in which the issue was identified and patched serves as an example of an improvement in the way Uber manages its internal processes.

The regulatory battle between Uber and TfL has taken several twists and turns since 2017, with the company handed a 15-month license to operate in London in June 2018. This is after TfL ruled the ride-hailing firm shouldn’t operate due to concerns about public safety and security regarding Uber’s failure to report crimes to the police.

This license was then just extended for two months last September and was attached with conditions to ensure passenger safety. The short duration was so that TfL could closer scrutinise any additional information it was requesting ahead of future licensing decisions. 

Uber’s license to operate was then once again denied in November 2019, despite the company making a host of changes to the way it operates. These changes, however, weren’t enough to convince regulators the company wouldn’t put passengers at risk.

The length of the license will be 18 months, according to various reports including that published by ITV News.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021