The gig economy puts workers' cyber-security at risk

March 02, 2018

A rider for the food delivery service Deliveroo makes a food delivery in London, England. (Jack Taylor/Getty Images)
Read Comments

Click to show more
There is a growing digital security divide between people who work in the gig economy — for companies like Uber, Lyft, and many more — and those who have more traditional jobs.  8:29

The rise of companies like Uber, Handy, Foodora, and many others, has meant that many more people are finding work in the gig economy — part-time and contract work outside of the traditional workforce. While the gig economy offers workers flexibility, it also leaves them open to cyber-security threats, opening a divide in digital security between people in the traditional and non-traditional workforce.


Kendra Albert is a clinical instructional fellow at the Harvard Law School Cyberlaw Clinic. (Britta Gustafson)

Kendra Albert is a clinical instructional fellow at the Harvard Law School Cyberlaw Clinic. Kendra and their co-author Elizabeth Anne Watkins have been researching how the gig economy effects workers' security online.

Traditional employers often provide employees with resources like HR or IT departments to help them manage their security online. "Of the people who get security training," Kendra said, "most — around 60% — get it in their workplace."

Because many of these companies communicate with their workers online and through their apps, they tend to collect much more data than a traditional company would about its employees. For example, the cleaning service Handy tracks their contractors' locations for 4 hours before a shift and 2 hours after. Uber will sometimes require a driver to pull over and take a selfie to verify their identity. That, along with their banking information and other personal data, then becomes vulnerable if the company has a security breach, as has happened to Uber in the past.

This vulnerability for gig workers extends beyond just their professional life. "If [gig workers] aren't getting training," Kendra said, "also they're not passing that information on, they're not using it in their day to day lives, and they're not securing their personal accounts the same way the folk who get best practices information at work are."

With the growth of the gig economy, many of these companies are under closer scrutiny and are making moves (sometimes required by law) to better respond to the concerns of their workers. But these relatively minor changes may not be enough to prevent this digital-security divide from growing. "Our worry is not that companies won't adapt," Kendra said, "but just that the sector of the economy is growing so fast that we just don't have the infrastructure to handle the change yet."