An Investigative Study on the Privacy Implications of Mobile E-scooter Rental Apps

Abstract

E-scooter rental services have significantly expanded the micromobility paradigm of short-distance urban and suburban transportation since their inception in 2017. Service providers around the world have followed a common rental model wherein customers (i.e., riders or users) download and install a mobile application for locating (finding) and renting e-scooters. Unlike many other app categories, e-scooter rental apps require a set of privacy-sensitive user data as a functional requirement. Unfortunately, privacy-related questions such as how much user data is being collected by these apps, is user data being safely handled once acquired, and with whom the collected user data is being shared are not readily known to customers. Answering such questions can be critical for users in determining which e-scooter rental services are sufficiently trustworthy per their personal privacy preferences. In this paper, we conduct a comprehensive analysis of e-scooter rental apps to answer these and other research questions related to user data collection, third-party involvement, usefulness of privacy policies, and evolution of user data management by different e-scooter apps/services over time. Our findings will create awareness among consumers vis-à-vis the data they share with service providers in return for the received e-scooter rental service, and it can also evoke more accountability and transparency from service providers towards their efforts and processes on protecting consumer privacy.