- A California judge ruled Monday that Uber and Lyft must classify their drivers as employees, not gig workers.
- That decision, which will go into effect next week if it is not halted by an appeal, means that employees for ride-sharing companies will be eligible to receive benefits, including health insurance, paid time off, sick leave, and overtime.
- Both Uber and Lyft have argued that the decision will cause ride costs to increase significantly and could result in mass layoffs.
- Uber CEO Dara Khosrowshahi has proposed a third model that would establish a benefits fund, but under it, drivers would still likely not be able to see full benefits guaranteed under an employee status.
Judge Rules in Favor of California
A California judge has ruled that drivers for Uber and Lyft in the state must be reclassified as employees rather than gig workers.
Notably, that ruling means drivers will be afforded the same protections and benefits as the companies’ other full-time employees. For example, as full-time employees, drivers could be eligible for benefits like health insurance, overtime, paid sick leave, vacation time, and more. It’s also possible that Uber and Lyft would have to pay them personal vehicle mileage.
Gig workers, also known as contract or independent workers, don’t see those benefits.
The decision, which came from San Francisco Superior Court Judge Ethan Schulman on Monday, isn’t scheduled to take effect until next week. Uber and Lyft have also promised to appeal the ruling and block it from even going into effect.
For their part, both companies have argued that their businesses are in technology (meaning the apps themselves), not ride-sharing. They also claim that the majority of their drivers prefer being independent and deciding when they work, an aspect that likely would be harder to retain if drivers were treated as employees.
In his ruling, Schulman said both companies used “circular reasoning” by treating only their tech workers as employees, saying that reasoning “flies in the face of economic reality and common sense,”
“It bears emphasis that these harms are not mere abstractions; they represent real harms to real working people,” Schulman said regarding the current lack of benefits for drivers. “To state the obvious, drivers are central, not tangential, to Uber and Lyft’s entire ride-hailing business.”
Still, Schulman noted that for these companies, such a change in reclassification might “have an adverse effect on some of their drivers, many of whom desire the flexibility to continue working as they have in the past.”
California Sues Uber and Lyft
Last year, California passed Assembly Bill 5, a bill that requires companies to treat their workers as employees if those companies control how workers perform tasks or if their work is a routine part of the company’s business.
Specifically, AB5 was designed to target companies like Uber and Lyft. In fact, the state has argued that because these companies deal in ride-sharing, their drivers are essential to business. Therefore, they should be treated as employees.
Still, after this law went into effect at the beginning of the year, Uber and Lyft refused to adhere to it.
In May, California Attorney General Xavier Becerra filed a lawsuit against the companies for their refusal. Chiefly, that lawsuit seeks “restitution for workers, a permanent halt to the unlawful misclassification of drivers, and civil penalties that could reach hundreds of millions of dollars.”
Both companies—along with DoorDash—have pumped $110 million into a campaign to exempt them from the law. Because of those efforts, in November, California voters will decide on a ballot measure that could keep ride-sharing companies from having to convert their drivers into employees.
Why Uber and Lyft Are Fighting This Ruling
Uber and Lyft had argued for Schulman’s ruling to be stayed until the November ballot, but Schulman denied that request.
“The vast majority of drivers want to work independently, and we’ve already made significant changes to our app to ensure that remains the case under California law,” Uber spokesperson Matt Kallman said following the decision. “When over 3 million Californians are without a job, our elected leaders should be focused on creating work, not trying to shut down an entire industry during an economic depression.”
Also Monday, Lyft released a similar statement saying that drivers don’t want to be employees, “full stop.”
The debate around how to address these companies’ drivers is not a black and white argument. Many people drive for Uber or Lyft on the weekends for a little extra money. Some retired individuals also drive on for these companies on the side.
But for many drivers, this may be their only job. For example, they may be currently unable to find another job. Such a situation is especially true as the United States continues to struggle with the COVID-19 pandemic, where a driver may have lost their main job and could now rely on Uber or Lyft as a main source of income.
“Today’s ruling affirms what California drivers have long known to be true: workers like me have rights and Uber and Lyft must respect those rights,” Lyft driver Mike Robinson said in a statement following Monday’s decision.
It’s also important to keep in mind that companies like Uber and Lyft were already struggling to turn a profit, and now, that’s even worse because of the coronavirus. Just between April and June, Uber’s bookings were reportedly nosedived 75%.
The prospect of having to change their business models could result in layoffs of drivers. It would likely also mean substantially higher costs for passengers.
A Potential Third Option
In the end, the decision from Schulman likely won’t stop with California. In fact, it could be the beginning of massive changes to ride-sharing companies across the U.S.
In a March letter to President Donald Trump, Uber CEO Dara Khosrowshahi advocated for a third model on how to classify drivers. Particularly, Khosrowshahi argued that workers should be offered another way to gain protections without sacrificing the flexibility of being a gig worker.
Just hours before Schulman’s decision on Monday, Khosrowshahi outlined more details of that plan in an op-ed published by The New York Times.
“Our current employment system is outdated and unfair,” he said. “It forces every worker to choose between being an employee with more benefits but less flexibility or an independent contractor with more flexibility but almost no safety net.”
“It’s time to move beyond this false choice. As a start, all gig economy companies need to pay for benefits, should be more honest about the reality of the work, and must strengthen the rights and voice of workers.”
Khosrowshahi then proposed a model that would require gig companies “to establish benefits funds which give workers cash that they can use for the benefits they want, like health insurance or paid time off.”
“Independent workers in any state that passes this law could take money out for every hour of work they put in,” he added. “All gig companies would be required to participate, so that workers can build up benefits even if they switch between apps.”
Khosrowshahi claimed that if this had been the law nationwide, Uber would have contributed $655 million in benefits last year. To further his point, he used an example of a Colorado driver working an average of 35 hours a week last year. Under Khosrowshahi’s system, that driver would have racked up $1,350 in benefits for 2019. As Khosrowshahi noted, that’s enough to cover two-weeks time off or a median annual premium for health insurance.
But the key here is “or.” Unlike a full-time employee, this driver would need to make a decision on how to spend that accrued benefit money as they would likely not be able to choose both options.
Hackers Hit Twitch Again, This Time Replacing Backgrounds With Image of Jeff Bezos
The hack appears to be a form of trolling, though it’s possible that the infiltrators were able to uncover a security flaw while reviewing Twitch’s newly-leaked source code.
Hackers targeted Twitch for a second time this week, but rather than leaking sensitive information, the infiltrators chose to deface the platform on Friday by swapping multiple background images with a photo of former Amazon CEO Jeff Bezos.
According to those who saw the replaced images firsthand, the hack appears to have mostly — and possibly only — affected game directory headers. Though the incident appears to be nothing more than a surface-level prank, as Amazon owns Twitch, it could potentially signal greater security flaws.
For example, it’s possible the hackers could have used leaked internal security data from earlier this week to discover a network vulnerability and sneak into the platform.
The latest jab at the platforms came after Twitch assured its users it has seen “no indication” that their login credentials were stolen during the first hack. Still, concerns have remained regarding the potential for others to now spot cracks in Twitch’s security systems.
It’s also possible the Bezos hack resulted from what’s known as “cache poisoning,” which, in this case, would refer to a more limited form of hacking that allowed the infiltrators to manipulate similar images all at once. If true, the hackers likely would not have been able to access Twitch’s back end.
The photo changes only lasted several hours before being returned to their previous conditions.
First Twitch Hack
Despite suspicions and concerns, it’s unclear whether the Bezos hack is related to the major leak of Twitch’s internal data that was posted to 4chan on Wednesday.
That leak exposed Twitch’s full source code — including its security tools — as well as data on how much Twitch has individually paid every single streamer on the platform since August 2019.
It also revealed Amazon’s at least partially developed plans for a cloud-based gaming library, codenamed Vapor, which would directly compete with the massively popular library known as Steam.
Even though Twitch has said its login credentials appear to be secure, it announced Thursday that it has reset all stream keys “out of an abundance of caution.” Users are still being urged to change their passwords and update or implement two-factor authentication if they haven’t already.
Twitch Blames Server Configuration Error for Hack, Says There’s No Indication That Login Info Leaked
The platform also said full credit card numbers were not reaped by hackers, as that data is stored externally.
Login and Credit Card Info Secure
Twitch released a security update late Wednesday claiming it had seen “no indication” that users’ login credentials were stolen by hackers who leaked the entire platform’s source code earlier in the day.
“Full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed,” the company added in its announcement.
The leaked data, uploaded to 4chan, includes code related to the platform’s security tools, as well as exact totals of how much it has individually paid every single streamer on the platform since August 2019.
Early Thursday, Twitch also announced that it has now reset all stream keys “out of an abundance of caution.” Streamers looking for their new keys can visit a dashboard set up by the platform, though users may need to manually update their software with the new key before being able to stream again depending on what kind of software they use.
As far as what led to the hackers being able to steal the data, Twitch blamed an error in a “server configuration change that was subsequently accessed by a malicious third party,” confirming that the leak was not the work of a current employee who used internal tools.
Will Users Go to Other Streaming Platforms?
While no major creators have said they are leaving Twitch for a different streaming platform because of the hack, many small users have either announced their intention to leave Twitch or have said they are considering such a move.
It’s unclear if the leak, coupled with other ongoing Twitch controversies, will ultimately lead to a significant user exodus, but there’s little doubt that other platforms are ready and willing to leverage this hack in the hopes of attracting new users.
At least one big-name streamer has already done as much, even if largely only presenting the idea as a playful jab rather than with serious intention.
“Pretty crazy day today,” YouTube’s Valkyrae said on a stream Wednesday while referencing a tweet she wrote earlier the day.
“YouTube is looking to sign more streamers,” that tweet reads.
“I mean, they are! … No shade to Twitch… Ah! Well…” Valkyrae said on stream before interrupting herself to note that she was not being paid by YouTube to make her comments.
The Entirety of Twitch Has Been Leaked Online, Including How Much Top Creators Earn
The data dump, which could be useful for some of Twitch’s biggest competitors, could signify one of the most encompassing platform leaks ever.
Massive Collection of Data Leaked
Twitch’s full source code was uploaded to 4chan Wednesday morning after it was obtained by hackers.
Among the 125 GB of stolen data is information revealing that Amazon, which owns Twitch, has at least partially developed plans for a cloud-based gaming library. That library, codenamed Vapor, would directly compete with the massively popular library known as Steam.
With Amazon being the all-encompassing giant that it is, it’s not too surprising that it would try to develop a Steam rival, but it’s eyecatching news nonetheless considering how much the release of Vapor could shake up the market.
The leaked data also showcased exactly how much Twitch has paid its creators, including the platform’s top accounts, such as the group CriticalRole, as well as steamers xQcOW, Tfue, Ludwig, Moistcr1tikal, Shroud, HasanAbi, Sykkuno, Pokimane, Ninja, and Amouranth.
These figures only represent payouts directly from Twitch. Each creator mentioned has made additional money through donations, sponsorships, and other off-platform ventures. Sill, the information could be massively useful for competitors like YouTube Gaming, which is shelling out big bucks to ink deals with creators.
Data related to Twitch’s internal security tools, as well as code related to software development kits and its use of Amazon Web Services, was also released with the hack. In fact, so much data was made public that it could constitute one of the most encompassing platform dumps ever.
Streamer CDawgVA, who has just under 500,000 subscribers on Twitch, tweeted about the severity of the data breach on Wednesday.
“I feel like calling what Twitch just experienced as “leak” is similar to me shitting myself in public and trying to call it a minor inconvenience,” he wrote. “It really doesn’t do the situation justice.”
Despite that, many of the platform’s top streamers have been quite casual about the situation.
“Hey, @twitch EXPLAIN?”xQc tweeted. Amouranth replied with a laughing emoji and the text, “This is our version of the Pandora papers.”
Meanwhile, Pokimane tweeted, “at least people can’t over-exaggerate me ‘making millions a month off my viewers’ anymore.”
Others, such as Moistcr1tikal and HasanAbi argued that their Twitch earning are already public information given that they can be easily determined with simple calculations.
Could More Data Come Out?
This may not be the end of the leak, which was labeled as “part one.” If true, there’s no reason to think that the leakers wouldn’t publish a part two.
For example, they don’t seem to be too fond of Twitch and said they hope this data dump “foster[s] more disruption and competition in the online video streaming space.”
They added that the platform is a “disgusting toxic cesspool” and included the hashtag #DoBetterTwitch, which has been used in recent weeks to drive boycotts against the platform as smaller creators protest the ease at which trolls can use bots to spam their chats with racist, sexist, and homophobic messages.
Still, this leak does appear to lack one notable set of data: password and address information of Twitch users.
That doesn’t necessarily mean the leakers don’t have it. It could just mean they are only currently interested in sharing Twitch’s big secrets.
Regardless, Twitch users and creators are being strongly urged to change their passwords as soon as possible and enable two-factor authentication.