
Uber rape victim sues Uber, says execs got her medical records - fabian2k
https://arstechnica.com/tech-policy/2017/06/uber-rape-victim-sues-uber-says-execs-got-her-medical-records/
======
WisNorCan
The penalties associated with white collar crime are not effective deterrents.
If you have billions of dollars and the worst that can happen is that you pay
a couple million in fines, then you are effectively above the law. This was
evident in the subprime mortgage crisis. Vast communities were destroyed with
limited consequences for the perpetrators.

I would personally like to see white collar crime lead to incarceration more
often as that seems like a stronger deterrent. Having said that, I am not
deeply knowledgeable about the facts of this particular case.

~~~
vec
I'd accept a minimum statuatory fine of 100% of the profits from your criminal
activities. White collar crime, when discovered, should always be a net loss
for the plaintiff's balance sheet.

It's not perfect, but if you make ten billion dollars from fraud, I feel like
first you should lose the whole ten billion dollars as a matter of course,
after which we can start discussing what if any punishment is appropriate.

~~~
redm
"It's not perfect, but if you make ten billion dollars from fraud,"

I don't see how this applies to this matter. From what I read in the article,
Uber was being sued and investigating a crime that occurred through the
application of their service. In other words, if they did something wrong, it
wasn't in the pursuit of profit, it was in defense of another lawsuit or the
ultimate private settlement thereof.

~~~
SolarNet
Yes, however they still profit from winning such lawsuits, if this was typical
behavior, then theoretically they should be on the hook for any money they
avoided paying by using such methods. For example if they were invading the
privacy of the people in the drivers lawsuit (where they ended up paying 100
million) and used it to win instead, then that would be the amount they should
be on the hook for. The point is that any illegal behavior in corporate
governance means the corporation and the people who stand to benefit from it
automatically loose entirely on the related matters. Which is guaranteed to be
effective at stopping illegal behavior.

Of course this is in the case of criminal fraud, which hasn't been brought up
in this news case you are correct.

------
tareqak
Previous submissions:

1\.
[https://news.ycombinator.com/item?id=14562331](https://news.ycombinator.com/item?id=14562331)
(was flagged)

2\.
[https://news.ycombinator.com/item?id=14563285](https://news.ycombinator.com/item?id=14563285)

3\.
[https://news.ycombinator.com/item?id=14562862](https://news.ycombinator.com/item?id=14562862)

Other sources:

1\. The New York Times: _Uber Is Sued by Woman Who Was Raped by One of Its
Drivers in India_ from [https://www.nytimes.com/2017/06/15/technology/uber-
india-rap...](https://www.nytimes.com/2017/06/15/technology/uber-india-rape-
lawsuit.html)

2\. Bloomberg: _Uber Accused of `Rape Denialism ' by Victim of India Assault_
from [https://www.bloomberg.com/news/articles/2017-06-15/uber-
sued...](https://www.bloomberg.com/news/articles/2017-06-15/uber-sued-by-
india-rape-victim-over-alleged-privacy-violation)

3\. CNBC: _Rape victim files new lawsuit against Uber_ from
[http://www.cnbc.com/2017/06/15/rape-victim-files-new-
lawsuit...](http://www.cnbc.com/2017/06/15/rape-victim-files-new-lawsuit-
against-uber.html)

Edited to correct formatting.

------
djsumdog
I guess India doesn't have HIPPA style regulations (or if they do, they're
just unenforced). I haven't been there in decades, but I remember having to
take x-rays and blood test results between doctors. There was no real
centralized health system at the time.

So the crime, sharing personal health records, occurred in India. But it was
an American victim, American company and American employees allegedly getting
and sharing her health information.

I'm interested in how this plays out legally.

~~~
atonse
The existence of HIPAA has little to do with whether you have to take your
records across doctors.

HIPAA requires that our medical data is secured when stored at a medical
facility, but I still have to drive over with CDs and printed X rays if I have
to go to different doctors and specialists. Doctor's referrals are still paper
printouts, and you have to show up early to any doctor as a new patient, and
fill out the same form about your medical history all over again. Things are
still faxed, sometimes emailed.

This problem is still completely unsolved in the US. The closest thing is
maybe if you're going across doctors in one hospital or hospital network, then
your records are electronically "transferred"

~~~
ars
> The existence of HIPAA has little to do with whether you have to take your
> records across doctors.

Well, actually HIPAA stands for "Health Insurance Portability and
Accountability Act" \- it's specifically _about_ making health records
portable.

The security provisions were it's more minor, yet, best know part.

~~~
dragonwriter
> Well, actually HIPAA stands for "Health Insurance Portability and
> Accountability Act" \- it's specifically about making health records
> portable.

No, it's about making health _insurance_ portable. [0] (The Security and
Privacy pieces—as well as the IT standards bits—are part of the one
“accountability” piece of the title, and largely irrelevant to the
“portability” piece.)

Health _records_ , in terms of interoperability, weren't a big focus in the
legislation (they became a bigger focus with meaningful use and related rules
in the ACA.)

EDIT: to be fair, though, access to your own records is also part of the
accountability part, which isn't exactly portability of records, but it's
related.

[0] See, e.g ,
[http://www.investopedia.com/terms/p/portability.asp](http://www.investopedia.com/terms/p/portability.asp)

------
michaelbuckbee
There's nothing in the article - but had Uber said anything as to why they
wanted the records? Or why on earth the CEO of the company needed to see them?
Deeply repugnant.

~~~
kevindqc
>The complaint goes on to allege that Alexander shared the records with
Kalanick and Emil Michael, an Uber executive who was fired earlier this week.
According to the complaint, the men "discussed the records among themselves
and with other staff at Uber, speculating that Plaintiff had made up the
brutal rape in collusion with a rival of Uber in India to undermine Uber's
business."

------
outside1234
I think the only shoe left to drop for Uber is the great convergence where
Donald Trump takes over as CEO.

~~~
jquery
Trump's Law - any sufficiently long discussion thread will involve a
shoehorned reference to our current President no matter how tenuous or even
non-existent.

------
cosinetau
This is getting old, folks.
[https://help.uber.com/h/24010fe7-7a67-4ee5-9938-c734000b144a](https://help.uber.com/h/24010fe7-7a67-4ee5-9938-c734000b144a)

~~~
kafkaesq
_This is getting old, folks._

Not to the victim it ain't.

~~~
cosinetau
I never meant to imply that was the case. As a person that hasn't been harmed
by this company, I see this problem as having gotten out of hand and in need
of intervention. As someone who has been harmed by other people, I find it
troubling that some folks still continue to utilize a product that is actively
causing harm to others, and violating their rights.

The fact is that given the heap of problems seemingly continuously coming out
of Uber, the company doesn't seem to be changing, and these problems aren't
slowing down.

Uber needs to change practice, and we need to communicate to the market that
this behavior isn't acceptable via our wallets; they don't really seem to
understand any other message. If it means that this company ultimately folds
under the weight of these problems, so be it. The message needs to be clear to
others: this is NOT acceptable.

------
tareqak
In case someone is interested in how this story did on the front page:
[http://hnrankings.info/14564112/](http://hnrankings.info/14564112/) .

------
MichaelBurge
It seems like the lawsuit should be thrown out for two reasons:

* They already settled the lawsuit. At the very least, Doe should forfeit the money she already received before beginning this lawsuit regarding substantially the same matter. Otherwise, what's the point of settling if you can't forget about it?

* The onus for keeping medical records private is usually on the medical provider, not on the people interested in obtaining them.

~~~
s73ver
"They already settled the lawsuit."

This is a separate lawsuit. This is about them illegally obtaining her medical
records.

"At the very least, Doe should forfeit the money she already received before
beginning this lawsuit regarding substantially the same matter. "

No. This is a separate action.

"Otherwise, what's the point of settling if you can't forget about the
matter?"

Settling does not give you carte blanche to keep being shitty.

"The onus for keeping medical records private is usually on the medical
provider, not on the people interested in obtaining them."

How does this excuse Uber's behavior in the slightest?

