back to article UK's Just Eat faces probe after woman tweets chat-up texts from 'delivery guy'

A customer of takeaway delivery firm Just Eat has alleged a driver from an eatery used her phone number to ask her for a date. Michelle Midwinter claimed that, after using Just Eat to order a takeaway, she had received an uninvited WhatsApp message from someone she didn’t know. According to screenshots shared on Twitter, the …

  1. Vinyl-Junkie

    I'm failing to see how this is Just Eat's fault

    Just Eat pass all of your details, including address and phone number, to the restaurant you order from (and they tell you that they do this) so that in the event of query on either order or delivery the restaurant can ring you for clarification.

    Whilst I agree that JE response to the complaint falls way short of what it should have been, they are right in that the complaint really needs to be made to the restaurant rather than themselves.

    1. Anonymous Coward
      Anonymous Coward

      Re: I'm failing to see how this is Just Eat's fault

      Could be that JE are currently disliked due to the service charge to replace the credit card fee?

      I'm pretty sure this isn't the first time this has happened or has been reported but as we know fact x importance = news.

    2. Loyal Commenter Silver badge

      Re: I'm failing to see how this is Just Eat's fault

      Surely, JE are the 'data controller' in this instance. It is therefore their legal duty to ensure the data they have received from you (your phone number in this case) is used only for the purpose you have consented to, and deleted afterwards. That this may be a difficult task once it has been passed onto the restaurant is their problem, not the consumer's.

      Things will only get worse for them once GDPR comes into force. They will have to report, on request, exactly who has that data, for what purpose, and for how long it will be retained, and also delete all of it on request.

      What this does highlight is that JE clearly have no procedures in place to control that information once it has been passed onto the restaurant. They should at the very least, be able to ensure that the restaurant deletes it once they have finished with it (i.e. once the delivery has been made), this includes use, and retention, by employees of the restaurant, such as the delivery driver.

      1. codejunky Silver badge

        Re: I'm failing to see how this is Just Eat's fault

        @ Loyal Commenter

        "What this does highlight is that JE clearly have no procedures in place to control that information once it has been passed onto the restaurant. They should at the very least, be able to ensure that the restaurant deletes it once they have finished with it (i.e. once the delivery has been made), this includes use, and retention, by employees of the restaurant, such as the delivery driver."

        This is surely an impossibility unless JE literally handles all the SMS stuff themselves and bans the restaurant from direct contact with the customer except the delivery itself. This ridiculous interference is a bad idea. When did people stop thinking for themselves? Contact the restaurant and if you dont like their response then dont use them again. If you have an issue with JE dont use it. If enough people dont like the service then JE will vanish, otherwise it can go on serving many happy people and those who dont like it can contact restaurants themselves.

        The delivery guy is at fault. The course of action is up to the restaurant. JE has no authority over the restaurant so at most can remove them from its offerings.

        1. pleb

          Re: I'm failing to see how this is Just Eat's fault

          "This is surely an impossibility unless JE literally handles all the SMS stuff themselves and bans the restaurant from direct contact with the customer except the delivery itself. "

          Far from impossible, but clearly JE want the money but not the work involved.

          They just need to look at how Amazon let traders communicate with you by email, but without giving up your email address. A proxy system. No reason why JE could not do the same with your phone number, so that it was never revealed to the restaurant, and JE could audit texts etc.

          1. codejunky Silver badge

            Re: I'm failing to see how this is Just Eat's fault

            @ pleb

            "They just need to look at how Amazon let traders communicate with you by email, but without giving up your email address."

            Only your actual address which gets passed even further onto a delivery company. But we accept this because we want items to arrive at our premises and if we have an issue with that we get off our backside and go to a shop. The takeaway system is similar but shorter range (within delivery range) which means the restaurant by its very nature of its work has to directly deal with the customer via personal information even if JE somehow handle routing of calls/sms to the client. Adjusting orders and delivery instructions by email is not only impractical, it puts the restaurant at further risk as your food is sitting there until someone checks their junk folder.

            We use hungry house and JE and when (not if) there is an issue, either with the order or with delivery we want communication right away and we want it from the restaurant. If I have a problem with the order or any issues I contact the restaurant. The only time we have contacted JE/HH was when a delivery was 2 hrs late and we wanted to let them know the level of service we received, but we didnt blame JE/HH,

            They are a facilitator. They make it easier for takeaways to get business and be visible.

        2. Voland's right hand Silver badge

          Re: I'm failing to see how this is Just Eat's fault

          unless JE literally handles all the SMS stuff themselves and bans the restaurant from direct contact with the customer except the delivery itself.

          That's what it should do. Ebay, Amazon, Booking.com all do that and THIS is what they charge for.

          If Just Eat is not doing it, I do not quite see how they are going to sustain their business. It is a can of worms which once opened cannot be closed - DPA, GDPR, spammers, stalkers, restaurants bypassing you, etc.

          1. Anonymous Coward
            Anonymous Coward

            Re: I'm failing to see how this is Just Eat's fault

            The funny thing is, this woman is running her own business. The Companies Act 1995 states that it is an offence to withhold or hide contact information of a business. She has a public facing website linked from her Twitter account that has no contact information available other than a "contact us" form. Legally she must advertise her name and address so that "documents can be served" as per the Act. If she uses her mobile for business, then that too is considered public information. By not having this information available on her website she can be investigated by trading standards who can force her to comply. All it needs is someone to make a formal complaint.

            At the same time, the Inland Revenue are very interested in people who are clearly running a business, but try to hide their identity. A business that hides it's location and owner is usually a business that is avoiding it's tax liabilities. Again all it takes is a formal complaint to the Inland Revenue and they will investigate very thoroughly.

            The companies act 1995 also states that it is a criminal offence if you do not provide such details when requested. So, all it needs is someone to formally ask for her business details on her twitter account, and if she refuses, then it's time to report her criminal activity. In fact even if she responded in private, there is nothing to stop that information being made public by the recipient.

            Also, a business that has been trading for over 3 months has to register itself with HMRC for the purposes of taxation. If that registration does not occur, then whoops, another offence has been comitted.

            TLDR a woman who is complaining loudly about lack of privacy appears to be withholding information that should be public, which is probably the same info.

            1. Anonymous Coward
              Anonymous Coward

              She's been in the papers before.

              Rather ironically, if you want privacy, it's probably best not to take a picture of your house, and send it to the papers, along with it's location which is really easy to google.

              http://www.dailymail.co.uk/news/article-2806125/Proud-homeowner-takes-photo-new-house-notice-GHOST-staring-window.html

        3. CrazyOldCatMan Silver badge

          Re: I'm failing to see how this is Just Eat's fault

          JE has no authority over the restaurant

          Except that they do. There must have been a terms of service agreement between the two (and I suspect that, if the guys at my curry takeaway are right, that JustEat are fairly aggressive about putting it in place) and I would be very surprised if those ToS don't include data security provisions.

      2. Vinyl-Junkie

        Re: I'm failing to see how this is Just Eat's fault

        @ Loyal Commenter

        Each business that stores any personal data should have has its own data controller, even ones as small as takeaways. JE clearly state that they will pass your details, including name and contact number, to the third-party for the purpose described: "the Restaurant may use your information to provide you with status updates or other information regarding your Order by e-mail, telephone, mobile or mobile messaging (e.g. SMS, MMS etc.). "

        Once the data is passed from JE to the restaurant the care of that data becomes the restaurant's problem, not JEs. This does not change with GPDR.

        1. Anonymous Coward
          Anonymous Coward

          Re: I'm failing to see how this is Just Eat's fault

          @Vinyl-Junkie

          You seem to have some mixed up facts about 'GPDR'. You don't have your own data controller. You are either a data controller or a data processor - as in the organisation. You may appoint or even be required to appoint a Data Protection Officer under GDPR (depending on the amount of data you control/process).

          If someone utilises the services of Just Eat then Just Eat is the data controller and responsible for adequately safeguarding their data. The restaurant is the data processor carrying out activities which require the potential processing of that data. Just Eat would be required to ensure the safety and adequate processing of data by its data processors, including ensuring staff are trained and that the data is held in a secure way, retained for the minimum amount of time and is minimal in scope. If data has been breached at a data processor then the data controller is still responsible and would need to utilise the indemnity clauses in their contract to make a claim against their data processor for damages.

          The ICO may also fine the Data Controller if it is felt that there were not adequate safeguards in place. This is similar to paying someone £20 to disposed of some old furniture for you. They dump it in a layby, you get done for not ensuring they were a licensed disposer of waste.

          So Just Eat could ensure training and safeguards are in place to stop the data being misused and if that is not possible they could set a up a relay system where you call or contact a customer using a Just Eat telephone number followed by an order number which connects them through (the same way that ebay uses for e-mails between buyer & seller), for instance.

          TL,DR; You can't pass all your responsibilities and liabilities as a data controller to your data processor under GDPR.

          1. Loyal Commenter Silver badge

            Re: I'm failing to see how this is Just Eat's fault

            @AC, very well put, and saved me the bother of writing all that detail!

            As it happens, like many in the software industry, I am currently involved in producing software to deal with GDPR when it comes into force. A lot of organisations will be woefully unprepared for it, especially those (like Google, allegedly) who think that they can slurp your data with impunity. The regulations in the EU (and UK after the brexaster if we ever want to deal with EU data in any way) are already a far cry from the vary laissez-faire attitude in the US, and GDPR tightens them up considerably.

        2. Anonymous Coward
          Anonymous Coward

          Re: I'm failing to see how this is Just Eat's fault

          @Vinyl-Junkie

          Surely JE are the data controller and the restaurant are the data processor or at a push joint controller.

          As you are giving JE the consent to hold/process your data, they cannot simply wash their hands of any issues. Don't they have a responsibility (even more so when GDPR is enforced) to make sure data is being handled and processed as per the original consent?

          1. m0rt

            Re: I'm failing to see how this is Just Eat's fault

            "As you are giving JE the consent to hold/process your data, they cannot simply wash their hands of any issues. Don't they have a responsibility (even more so when GDPR is enforced) to make sure data is being handled and processed as per the original consent?"

            There is such a thing as legitimate interest and intent. You can't order food from a drive delivery and not have an expectation of your contact details not being used to deliver the food. This includes the ability to phone in case of problems. And to forestall the 'but....', yes you could have a technological fix to isolate the two but it isn't sensible. You order food, your details in relation to that particular service has to be used.

            Fine.

            But you can't stop rogue staff taking details. The same would be true if someone was taking your payment details over the phone, and they happen to write down your details and use that to fraudulantly make purchases. The rogue staff is the problem here.

            Just Eat, though, just look like the dicks they are because they foolishly didn't train their staff regarding these mysterious 'policies' they have in place.

      3. BillG
        Devil

        Re: I'm failing to see how this is Just Eat's fault

        @Loyal Commenter wrote:

        Surely, JE are the 'data controller' in this instance. It is therefore their legal duty to ensure the data they have received from you (your phone number in this case) is used only for the purpose you have consented to, and deleted afterwards.

        You are forgetting:

        "Once you have their data, never give it back".

        - Google's First Law of Acquisition

    3. Anonymous Coward
      Anonymous Coward

      Re: I'm failing to see how this is Just Eat's fault

      Just Eat's service could definitely be improved to reduce the chances of this occurring.. but at the end of the of the day, all they offer is a market place and presence for independent takeaways.

      Fault of this this lays with a slimy moped rider, who thought because some innocent woman ordered a take away, it meant she way "game".. he should have behaviour corrective therapy... delivered by a cattle prod!

      Whilst I think she'll regret the fallout and continued press from this, she should be applauded for shining a light on this.

      1. CanadianMacFan

        Re: I'm failing to see how this is Just Eat's fault

        The only way that they could reduce this happening is to create an app that would SMS/call the client without divulging the number to the driver and instead of passing the phone number with the order to the restaurant give a PIN to enter into the application. If the person responds back then they give away their phone number. Of course there'd be no way to hide the name and address though they could just pass along the first name and only show the full name in the app if the driver can't find the place. Once it's delivered, by having the customer sign or tap a button on the app then the details can't be shown to the delivery person.

        But you are creating a system in which every delivery person would have to sign up for the app or be registered by the restaurant. It's an extra step and wouldn't always stop this problem, just reduce it.

      2. CrazyOldCatMan Silver badge

        Re: I'm failing to see how this is Just Eat's fault

        all they offer is a market place and presence for independent takeaways

        Controlled by either a contract or ToS between the two entities. Which, if properly written, is enforcable.

    4. Tigra 07
      Thumb Down

      Re: I'm failing to see how this is Just Eat's fault

      Hungry House do this too but you still don't expect to be harassed by the restaurant staff and have Just Eat ignore it (especially since they gave your details to the restaurant anyway)..

      Appropirate reasons to contact the customer: 1: The driver can't find the address. 2: The chef dropped the pizza so the order will be late.

      Inappropriate reasons to contact the customer: 1: "I really like you. When are you ordering again?" 2: "Do you have a boyfriend/girlfriend?"

    5. Bob Magoo

      Re: I'm failing to see how this is Just Eat's fault

      Just Eat would be the Data Controller, they are responsible for what the Data Processor does with the Data Subject's information.

      1. m0rt

        Re: I'm failing to see how this is Just Eat's fault

        Just Eats biggest issue is this:

        “This lacked empathy and does not reflect our policies or the way Just Eat would expect something like this to be dealt with,”

        The way that 'Trixie' handled the subsequent well merited complaint was appalling and actually proves that Just Eat had not policies or at least didn't tell their staff about said policies

        Whereas you could say how this data could be seperated, if Midwinter had contacted the eatery in question direct, she still would have had to provide her details to get the delivery, and chances are if she had then this would still have happened. What is unacceptable is the delivery guy thinking this is ok.

        There are two issues here. Just Eat and their approach to this, and the Resturant and the failure of them to ensure their staff follow proper guidelines. They are not the same thing.

        £10 voucher indeed. They deserve all the bad publicity they should rightly get. And the restuarant should be named, too.

    6. Anonymous Coward
      Anonymous Coward

      Re: I'm failing to see how this is Just Eat's fault

      Id have to agree with you, on both points the complaint should have been taken up with the restaurant and the evidence past on to the police for sexual harassment.

      You cant blame Just Eat for what the driver did, because this could have happened via any food ordering app, or even if the lady had placed the order with the restaurant directly. However what I think made the whole situation worse and is the most disgusting bit, was the response from Just Eat, which was a very much we don't care, here have some money, now go away.

      Now as for the data protection bit, if Just Eat didn't pass on your contact details to the restaurant, how do expect the person delivering your order to get a hold of you? If the order is running late, they cant find you or something has happened? You cant have it both ways! They either can pass your contact details on so they can contact you if needed, or they don't you could be left wondering why the order hasn't arrived yet.

      1. Muscleguy

        Re: I'm failing to see how this is Just Eat's fault

        One text conversation does not a harassment charge make. If from this he continues to attempt to contact this woman IRL or otherwise then that pattern of behaviour MAY constitute harassment.

        Even here in Scotland which has tighter harassment laws than England it would not IMO constitute harassment.

        1. collinsl Bronze badge

          Re: I'm failing to see how this is Just Eat's fault

          But it is worth retraining the employee in the proper use of protected data, at the very least.

    7. veti Silver badge

      Re: I'm failing to see how this is Just Eat's fault

      It's JE's job to make sure that people who receive personal information, like phone numbers, are properly trained and aware of what they can and can't do with it. Simple as that, really.

      if the driver breached those rules, then they need to accept responsibility for that breach. That includes both disciplining and/or retraining the driver, and making appropriate reparation to the customer. And, of course, recording it as a procedural failure and identifying ways to stop it from happening again.

      What surprises me somewhat is that this is news - outside of JE's management, anyway. I'd be very surprised if it's the first, or last, time this has happened.

    8. Vinyl-Junkie

      Re: I'm failing to see how this is Just Eat's fault

      Having run this past a barrister friend of mine she is of the opinion that JE is not the data controller in this instance, either under the existing or forthcoming data protection acts. The key here is (according to her) that in order to be a data processor an organisation has to be processing the data on behalf of the data controller, not for their own ends. Once JE has handed the data over to the restaurant the restaurant is processing the data for its own ends (the supply and delivery of food) rather than for JE's benefit. Indeed she said that a good lawyer could probably prove the case that JE is the data processor for multiple organisations who are the data controllers, because of one key sentence: "legal contract for the supply and purchase of Products is between you and the Restaurant that you place your Order with".

      At best there are two data controllers (the restaurant and JE) in this relationship, not a controller and a processor.

      1. Muscleguy

        Re: I'm failing to see how this is Just Eat's fault

        Except Just Eat do have ends when the restaurant starts processing the data.

        1. They extract a fee for the service and the establishments on their books pay to be presented there.

        2. JE have an expectation of further business.

        together these give JE a data dog in the fight which has to be taken into account. I think your barrister friend has failed to take these facts into account. An opinion which does not take all the facts into account is on dodgy legal ground.

      2. Anonymous Coward
        Anonymous Coward

        Re: I'm failing to see how this is Just Eat's fault

        "Having run this past a barrister friend of mine she is of the opinion that ..."

        Well sorry to say it but either your barrister friend is:

        a) not a barrister (are you sure they aren't a barista?)

        b) not qualified in data protection law

        c) not very good at their job

        Anyone who has been heavily involved in data protection and the upcoming GDPR would realise that Just Eat is the data controller and responsible for the customer data.

        1. Anonymous Coward
          Anonymous Coward

          Re: I'm failing to see how this is Just Eat's fault

          Further to add. Just ask the questions:

          Who decides what data about the subject is collected? [Just Eat]

          Who decides what that data will be used for? [Just Eat]

          Who decides what subjects will have their data collected [Just Eat]

          Who decides what data to pass on the processor? [Just Eat]

          Who decides whether to pass the data on to a third party or not? [Just Eat]

          Another simple question: Who would be able to make a request that data is deleted or changed?

          e.g. Just Eat can ask a restaurant to delete a Just Eat's customer data or change it. A restaurant cannot request Just Eat to delete or change customer data on their systems.

          1. Vinyl-Junkie

            Re: Who decides

            Who decides if and how they will contact you regarding the order? [The restaurant]

            Who decides if they will retain your data for future orders? [The restaurant]

            So the relationship is, as my friend thinks, that of data controller to data controller. JE have made it clear that your data will be passed to a third-party, who will be responsible for that COPY of your data (which in fact probably isn't retained for longer than necessary to process the order but in theory it could be). Just Eat continue to be responsible for their copy of your data (which includes many additional details not supplied to the restaurant such as stored payment details) because they need it to process further orders from you, quite possibly from other restaurants. The key item is that you have made a legal contract with the restaurant and not with JE, and that JE tell you that the restaurant can choose how to use the personal data they are supplied with.

            Just Eat can ask a restaurant to delete a Just Eat's customer data or change it.. Only an individual can request changes to, or deletion, of their data (all or in part) and then only if it is inaccurate. This will change under GPDR, and under GPDR JE will have to make it clearer about who is responsible for the data. However as the law stands I can ask JE to delete my inaccurate data. However if they are not directly responsible for the maintenance of data by the third-party, and everything on their website suggests they think they are not (and that was presumably written by lawyers with a very good understanding of data protection) then I think they would be telling me that I need to contact the restaurant directly rather than JE asking them to change the data.

            My friend thinks that the balance here is a fine one, and thinks that it would take a test case to establish a precedent (which probably won't happen as GPDR closes up a lot of the ambiguities that have plagued the DPA); however her opinion is that there is sufficient wiggle room in the relationship for JE to be able to successfully argue that they are not the data controller for the restricted copy of the data supplied to the restaurant under the act as it stands.

            On the subject as a whole, she thinks that JE will not be brought to book in any case, as even if it were proven that they were the data controller, the Terms and Conditions imposed on restaurants that sign up with JE contain sufficient strictures on compliance with the handling of personal data that they would be judged to have shown due diligence. Again this may well change under GPDR; I merely asked her how she thought the position stands at the moment.

    9. The Commenter formally known as Matt
      Holmes

      Re: I'm failing to see how this is Just Eat's fault

      Just Eat get your data, and are responsible for protecting it. Sure the problem may have occurred by an employee of one of their suppliers/partners (who *also* have a responsibility for protecting your data) but this doesn't mean Just Eat don't have a responsibility.

      Every company needs to think about how to protect themselves from rouge employees, and this fits into that space. The obvious answer is don't give phone numbers to restaurants. Contact can be made via Just Eat (or and app or whatever). This could have the added 'brand value' that calls come from Just Eat, not the resultant or someone mobile.

      The same can go for addresses, the restaurant doesn't need your name/address in their records, on paperwork all over the shop, only the delivery driver needs your address, so give them an app where it can be provided to them as they need it.

      Sure this isn't how deliveries currently work, and would involve work setting up the infrastructure, but setting up infrastructure and writing apps is Just Eats core business.

    10. Kris Sweeney
      Holmes

      Re: I'm failing to see how this is Just Eat's fault

      When i use just eat or any of the many alternatives, I expect the details i have provided such as my address and telephone number to be provided to the takeaway, especially if i chose to have my food delivered.

      If my details had not been passed on I fail to see how I could expect to receive my order, I suppose the just eat terminal could relay message from the takeaway to the customer if there was a problem with the order removing the need to pass on your phone number but honestly, i'd prefer a direct call...

      I'd be more concerned that the takeaway was hiring drivers like this but then, a takeaway doesn't have the cash that Just Eat does...

  2. zaax

    The delivery driver should not have had access to the buyers phone number. If the delivery was going to be late he should have contacted the restaurant and then they should have contacted the customer. This should have been part of the agreement between just eat and the restaurant / seller.

    Saying that the delvery driver of my washing machine did, as he got lost in my road

    1. The Mole

      Why? The delivery driver works for the restaurant he should be no less trusted than any other member of the take-away. Considering how busy most take-aways are I'd much rather the driver had my number to directly call me then than to spend 20 mins trying to get through to the restaurant to ask which house is mind, for them to call me, then call the driver back and give a garbled message. If you don't trust the driver then you probably shouldn't trust any of the restaurant staff and not give them your number at all.

    2. Really Anonymous Coward

      The delivery driver is employed by the restaurant directly. Any data breach has been done by the restaurant (well actually the driver)

      Seems like people are confusing JustEat with Deliveroo/UberEats.

      Obviously JustEat should consider dropping restaurants who don't live up to their standards, but they're hardly the first port of call. Any more than it's Yellow Pages' fault if you use it to look up a dodgy plumber.

      1. Loyal Commenter Silver badge

        IMHO, the whole chain of people are responsible for the breach:

        The driver, for using the number for an unauthorised purpose, and retaining it for longer than required to make the delivery.

        The restaurant, for failing to have an effective policy in place to prevent this.

        Just Eat, for failing to have a policy in place to ensure data protection compliance by the restaurant.

      2. philipbaker

        I've not used Just Eat myself so not sure on the service but if JE are the frontend to all these restaurants and you pay JE, then how can they not be your first port of call.

        Does the customer not deal directly with JE and pay them directly?

        If so then that is completely different to using the yellow pages.

    3. Jason Bloomberg Silver badge

      The delivery driver should not have had access to the buyers phone number

      Indeed. There's no absolute requirement that Just Eat had to pass the phone details to the restaurant, and no absolute requirement for the restaurant to pass it on to the delivery guy. The service is fulfilling food delivery to an address and that doesn't require having a phone number.

      If there is a problem with the delivery the delivery guy can phone the restaurant and they can phone Just Eat who have kept the phone details safe within their system.

      And, yes, I know that's a potential PITA, but that's what it takes to keep data from being abused.

      Just Eat passed the number on knowing it could be abused, the restaurant passed it on knowing it could be abused, the delivery guy did abuse it. So I'm also with the 'everyone is to blame' crowd.

      1. jaduncan

        Just Eat can just have an automated number that the restaurant can call before typing a auth code. That number can then connect the call. There really is no need to pass along the number at all.

        1. JimmyPage Silver badge
          Stop

          @jaduncan

          would that cost more than £0.00 ?

          Now you know why it wasn't done.

          1. ratfox
            Facepalm

            Technology can solve more and more complicated problems, but...

            Now that we have technology, we can demand that Just Eat provide temporary means of communications between restaurants, their delivery people and customers! The delivery person can carry a smartphone with a secure app sending properly authenticated messages to a web interface provided by Just Eat, who will then relay the messages securely to the customer. The delivery person never gets the contact information of the customer, and All Is Well.

            Except that well, you know, the delivery person necessarily needs to receive the name and address of the customer. In order to deliver. Let's invent a complex system which ensures safe deliveries, protecting the anonymity of the customer through a complex system of go-betweens which shall have appropriate levels of authorizations separated by double-blind communication channels!

            Or maybe we shouldn't be so anal about private data. Delivery people have had the name, address and phone number of customers for many years, and the privacy issues can mostly be solved by a simple rule that if you call the customers for anything unrelated to work you get fired. I am not convinced that this system is broken or needs fixing.

          2. Loyal Commenter Silver badge

            Re: @jaduncan

            would that cost more than £0.00? Now you know why it wasn't done.

            And here is the entire point of data protection legislation. It changes the equation from, "will it cost any money to secure the customer's data," to "will it cost more than the potential fine and lost reputation from failing to secure the customer's data."

            Companies like Just Eat make money by acting as a broker, I would imagine it is typically a small percentage of the order total, but scales to be very profitable with volume. It certainly is more than enough to pay for flashy TV advertising. They can certainly afford some technical solutions to help protect customer data, even if it the rather low-tech response of putting things right after they have gone wrong (which they failed to do in this instance). If their business model cannot sustain the cost of protecting their customers, then they do not have a viable business model. The fact that they appear to have a cash tap from their current business model suggests that this is not the case.

            1. DocD

              Re: @jaduncan

              "...I would imagine it is typically a small percentage of the order total..."

              Looks like it's £699+VAT just to sign up with JE and 14% commission thereafter (https://restaurants.just-eat.co.uk/Benefits). A takeaway owner recently told me of one of the big 'brokers' charging a 25% commission. Makes PayPal fees look generous!

              1. rmason

                Re: @jaduncan

                Our (absolutely brilliant) local Caribbean takeaway is always getting asked to go on just eat.

                He tells them all the same thing "they want 800 quid and a lot of my markup, I can't." he also mentioned a monthly fee, but that could have been incorrect.

                He gets almost no custom from those of a-level to uni age. They will only order things off an app. They won't pick up a phone and order form a menu. He says he sees them once, they inquire about just eat/hungry house etc when collecting their order, or when it's dropped off,and he doesn't see them again.

                1. Jason 24

                  Re: @jaduncan, @rmason

                  We've started using Just Eat as a reverse amazon, use just eat for the menu, then call up direct and order on the phone. The price on just eat is generally inflated a bit so you play less going direct.

      2. John Brown (no body) Silver badge

        "If there is a problem with the delivery the delivery guy can phone the restaurant and they can phone Just Eat who have kept the phone details safe within their system."

        Maybe JustEat could create an app for the takeaways and drivers which asks for permission to make calls, then the app could make the call if the shop/driver presses a button and so never needs to see the number?

        (Is that possible? I've never allowed an app to make calls so have no idea if the number would show in call history/logs.)

        1. BinkyTheMagicPaperclip Silver badge

          An app to provide feedback on the move is a daft idea, as it depends on mobile Internet coverage, and this is not necessarily a given. SMS isn't a reliable method either for the same reason.

          A call forwarding service might work, but the only way to reliably provide customer contact is a phone call.

          (For the smartarses that think JustEat only operates in urban areas with decent coverage, half a mile from me there's fibre broadband available, and full mobile coverage, but data frequently drops down to GPRS)

    4. John Robson Silver badge

      "The delivery driver should not have had access to the buyers phone number."

      Agree...

      But your solution falls short.

      As the delivery driver for a JustEat using provider he should therefore log into the JustEat app (either on a personal device or one provided by the provider) as a driver and log that there is a delay, that will then be sent via SMS or email to the buyer without the driver ever needing to see it.

    5. Anonymous Coward
      Anonymous Coward

      Not having the customer's phone number won't help

      He knows where she lives! Instead he'll show up at her door, or leave a note on her car (if it is a house with a driveway or a space marked by apartment number it would be easy to tell) which would leave her feeling even more violated.

      Creepers are gonna creep, the only solution is to fire them immediately when this sort of thing happens.

  3. msknight

    The real problem...

    ...is the attitude of the driver thinking that his behaviour was acceptable in the first place.

    Rules and technology can't protect against stupid. That takes education.

    1. Anonymous Coward Silver badge
      Alert

      Re: The real problem...

      Preferably percussive education.

    2. Anonymous Coward
      Anonymous Coward

      Re: The real problem...

      In some cultures that sort of behaviour is acceptable and before people down vote I am happy to say that that is changing albeit slowly.

      1. gnasher729 Silver badge

        Re: The real problem...

        It may be acceptable in some countries, but it is not acceptable for a delivery driver in the UK. No matter what culture he comes from.

    3. Anonymous Coward
      Anonymous Coward

      Re: The real problem...

      Bloke acts like bit of a creepy prick. People he works for hopefully kicks his arse, or fires him. And yep, it's absolutely positive that this woman has called this out : I'm sure it happens all the time, and it shouldn't. However.....Story about data protection? Security? Not for me I'm afraid....He could have been given the number by pigeon with the same result.

    4. Paul 135

      No, the problem is your heterophobia/sexualphobia

      Why? What if she liked him and they got married and then had many children? It would be called "romantic".

      1. nichomach

        Re: No, the problem is your heterophobia/sexualphobia

        No, it really wouldn't, at least not by anyone whose idea of "romance" wouldn't get them a part in a slasher movie.

  4. Zog_but_not_the_first
    Meh

    Hmmm...

    I'm not sure how I feel about this. A clumsy, slightly creepy attempt at a chat-up, rebutted by a young woman who seems to be very able to take care of herself. Not really news? Maybe I'm wrong.

    Of greater import, given this quotation from the article...

    “If a customer’s phone number is used for reasons for which it was not originally taken, it could be a breach of the Data Protection Act,” a spokesperson said."

    ...is a hope that all the organisations and app writers who continuously slurp data from our phones will be attracting the attention of the "spokesperson".

  5. Frank Bitterlich
    Meh

    A single case of a creepy...

    ... pizza delivery boy abusing the phone number of a client to stalk her. That is bad, but it happens all the time. Just because a intermediate (Just Eat) is involved doesn't make this case special.

    Of course the phone number gets passed on to the local pizza shop, which in turn gives it to the driver for address clarification and such. And I bet that Just Eat has clauses in their contract with the pizza shops that prohibit the (ab)use of contact info for anything other than just the delivery.

    Fire the delivery dude and report him. Case closed.

    1. codejunky Silver badge
      Trollface

      Re: A single case of a creepy...

      "Fire the delivery dude and report him. Case closed."

      That sounds simple and common sense. Surely that cant be an acceptable answer.

    2. Loyal Commenter Silver badge

      Re: A single case of a creepy...

      I think the issue here is JE's response to the complaint.

      They should have a data collection policy that includes what to do in the event of such a breach; for example, they should immediately inform the restaurant, and the restaurant should ensure the driver removes the number from his phone, then fires him. They should then not offer deliveries from that restaurant until the restaurant can assure them that it will not happen again.

      Instead, their policy was, "oh dear, have a £5 discount."

      I don't think anyone is suggesting that we can ever entirely prevent this sort of thing from happening, but taking it seriously when it does is a clear responsibility.

    3. katrinab Silver badge

      Re: A single case of a creepy...

      String him from a lamp post and re-route the power supply via his nuts.

      Then maybe it will stop happening all the time.

    4. Sykowasp

      Re: A single case of a creepy...

      Many restaurants are family businesses, and the delivery drivers are often related to the restaurant owners.

      I think the only real solution here is that the visibility of the phone number is restricted, and communications should go via Just Eat (or HH, etc) - texts if late, etc, or a SIP call routed via Just Eat when the driver needs to find the address.

      However, the driver still knows the customer's address. But that's a lot more effort than trying to get a date by messaging all the women you deliver to that you fancy. But there is always someone, somewhere...

  6. tiggity Silver badge

    Unrelated to data breach stuff

    I never understood why someone would use Just Eat (or Hungry House etc.) when you could just order from a takeaway directly?

    OK, very few local independent restaurants will have online order web site or an app.

    .. but it's not that difficult (bar for a few people on the spectrum where it is stressful) to phone up and speak to a person and place an order.

    If I ring a Chinese (as an example) takeaway, I don't need their menu at hand to place an order, I can ask if they do X,Y, Z dishes (and if not, any near equivalents) , ask about any unusual house specials etc.

    Phone calls are also good when you have friends you are ordering for that have unusual requirements (food intolerance / allergies) - e.g. if someone is at risk of death if they accidentally eat something nutty then I like to double check their food is "safe" by speaking to someone.

    An extra bonus of phone is being able to give a few direction hints so delivery person (hopefully!) avoids getting lost

    Disclosure: I only use a handful of local takeaways (having tried plenty initially, now just use those that consistently gave good food and good service, though do make an effort to try out any new places to see how they compare) - and so I get good food (and delivered hot!) as the restaurants and their delivery folk know me (but don't try anything weird!)

    1. Anonymous Coward
      Anonymous Coward

      Re: Unrelated to data breach stuff

      Well I use them for a Thai restaurant. It is the only one that delivers but if you call them direct the owner is always grumpy that I have called on a Saturday night at dinner time when it is really busy and I live a couple of miles away. Makes out he is doing a big favour by delivering to you.Then inevitably when it is delivered the price is different because I have 'an old menu'.

      I use Just Eat to order from them, see the menu add stuff in, pay sit back and wait and if there is any issue Just Eat will give me a voucher.

      However when the guy delivers he will always moan that I used Just Eat and he will knock money off if I ring direct (he never does).

      The food is really good, Just Eat means I can order it without the hassle.

    2. Alister

      Re: Unrelated to data breach stuff

      @tiggity

      I never understood why someone would use Just Eat (or Hungry House etc.) when you could just order from a takeaway directly?

      Some of our local restaurants don't do deliveries at all, but do the best food - this is true of both our local Chinese and Indian, so using these services saves having to drive.

      Additionally, of course, the great thing about the services is they can get food from more than one restaurant, so you can get fish and chips, Thai, Kebab and Pizza all delivered together.

      1. Anonymous Coward
        Anonymous Coward

        Re: Unrelated to data breach stuff

        "so you can get fish and chips, Thai, Kebab and Pizza all delivered together."

        OK, so that's the starter sorted. What are we having for the main course?

      2. Vinyl-Junkie

        Re: Some of our local restaurants don't do deliveries at all

        Using Just Eat wouldn't help there; JE do not deliver or arrange delivery from restaurants that don't have a delivery service of their own.

    3. Chloe Cresswell Silver badge

      Re: Unrelated to data breach stuff

      Reasons:

      a) full menu, you don't need to know what you feel like ordering, you can therefore avoid the "we don't do that" "er.. I'll have.. er.." on the phone.

      b) ability to take cards. I rarely have cash with me, so the rules out ordering direct form most of the takeaways around me.

      c) being away from home. You can find what is in the area, what people think of the food/service, instead of taking complete pot luck (and this also then follows with a above..)

    4. Anonymous Coward
      Anonymous Coward

      Re: Unrelated to data breach stuff

      I use Just Eat because it allows me to pay by card and because there's no problem with the foreign person in a loud takeaway being able to understand what I'm saying.

  7. TonyJ

    So...

    The driver was clumsy in his approach and should have had more common sense and this was not the right approach to try and talk to a woman. It was a creepy invasion of privacy and I'm not justifying it.

    Given most of the readership here work in IT related fields I am sure we all know someone (or even many someones) who aren't that confident around the opposite sex face-to-face but find it much easier to communicate via other media.

    I'm equally sure we've all come across similar creepiness over the years.

    Given the driver has to have the customers' address by virtue of them delivering the food that's one thing you can't get away from but surely it's not beyond the realms of the likes of Just Eat to add some kind of text or voice based messaging to their app that is single session for the duration of the order then destroyed? That can also be tracked and stored for just this kind of incident.

    JE's response to the complaint (and I agree it wasn't really their fault, directly) was still not good enough - it was very lacking in all the important areas.

    But...let's not end up in a world where one sex trying to "chat up" for want of a better term a member of the opposite sex automatically becomes an offence. :(

    1. Brewster's Angle Grinder Silver badge
      Joke

      Re: So...

      "I am sure we all know someone (or even many someones) who aren't that confident around the opposite sex face-to-face but find it much easier to communicate via other media."

      For me the "other media" is smoke signals. At a push I'll stretch to carrier pigeons. This explains why, the other day, a five year old had me handcuffed to a radiator and was refusing to let me go* until I explained why I didn't have children of my own.

      * They were Fisher-Price handcuffs, and I could have broken out at any time, but they were her birthday present and I didn't want to spoil her new toy. I have know idea why someone would give a five year old handcuffs; normally you give them to the parents so they can keep their kids locked up in a cesspit until they're about 30.

    2. msknight

      Re: So...

      But...let's not end up in a world where one sex trying to "chat up" for want of a better term a member of the opposite sex automatically becomes an offence. :(

      You know... I did have a long, hard think about this one. There's a book in my TBR pile about a woman who took the role of a man for a year to find out what it was like, and what the pressures were. I believe the book is reviewed as being boring as all hell, but "hitting on women" is one of the things that she did try. https://youtu.be/OQ2fREo3Tjc?t=9m11s

      The only thing I can say, is that in order to avoid these things, we should go to pre-determined places (register on dating web sites, go to a local singles club) to signal that we're open to those kind of approaches.

      I do see a problem in society these days, whereby we start long term relationships on the basis of looks alone, and then I see the rate of divorces and it doesn't surprise me.

      1. msknight

        Re: So...

        Thinking about this... technology can help here. Imagine your mobile phone putting out a bluetooth pulse that alerts people nearby that you're open to being hit on ... together with a picture if people request it so that they can ensure they're hitting on the right guy/gal. Only receivable by people who are also, likewise, looking. Portable, local, "hit me up," or something.

        You can even turn it off during periods when you're not feeling like dealing with a chat up line.

      2. Anonymous Coward
        Anonymous Coward

        Re: So...

        This is getting off the subject a little, but I've read Norah Vincent's book. It's a little stereotyped in the areas they target, but still a decent read.

        Their experiences with dating were not too positive, discovering quite quickly they were instantly dismissed for being short or various other attributes in a non trivial number of cases.

        It's not just that society starts relationships on the basis of looks alone, it's that the market enforces this. A few large companies control the online dating market, and a sizeable number of the sites/apps now only allow messaging for mutual matches. This could be seen as a positive for women inundated with unsuitable messages from men, but the whole design is arranged around physical attraction with other factors being a definite effort to even look at.

        Or in short, if you're not extremely attractive or are looking for more than just physical attraction, online dating will increasingly be an unsatisfactory experience for many people, and this will have a knock on effects in society.

        As to 'local singles clubs' - there aren't any realistic ones, and I don't think there ever were. My experience of listening to people that have been in clubs like Spice is a wasteland for the eternally single. You can try general clubs, pubs, or groups but that involves going repeatedly, finding who is single, available, and compatible.

        The closest thing to a singles club is probably speed dating. Some friends have enjoyed this, personally I'm not too fond of the concept of date interviews.

  8. Admiral Grace Hopper

    It's a common problem

    The mis-use of data is a definite problem and in this instance can be laid at the feet of the appropriate data controller, whoever that may be. The root cause of creeps is more difficult to solve. My personal low point was the Yodel delivery driver who asked for a kiss and a look at my tits. Fortunately he didn't have my phone number, but he did, obviously have my home address. The IT angle? Social media was very quick to pick up the story once tweeted and spread the news.

  9. Hans Neeson-Bumpsadese Silver badge

    Also unrelated to data breach stuff

    My inner pedant finds the use of the term "takeaway" in this context a little jarring, as the customer isn't taking anything away as such....it's more of a "bring to"

    1. Anonymous Coward
      Anonymous Coward

      Re: Also unrelated to data breach stuff

      Just wait until the American word "takeout" drifts into our language. I will cut off my ears.

  10. Anonymous Coward
    Anonymous Coward

    All these food delivery companies are as bad as each other...

    Regardless of how colourful their posters are, or how large the marketing budget is, or how cute the slogans, all these companies, Just Eat, Hungry House, Deliveroo, Jinn etc... deliver you luke-warm food (probably not even cooked at the restaurant you thought you were ordering from - https://www.theguardian.com/business/2017/oct/08/deliveroo-battles-councils-over-pop-up-takeaway-food-kitchens ) thrown about by a below living-wage driver who:

    - Isn't actually employed by the company (although he wears their branded clothing), so the company can absolve themselves of all responsibilities to both you and for the drivers.

    - Can barely read or speak English.

    - Possibly came from a country and culture where women aren't accorded the same rights they have here.

    We used to get a load parking near us waiting for orders. They'd p*ss on the nearest wall they could see, leave behind tons of litter and fast food remains, smoke the sort of thing that doesn't do the the brain much good and generally cause a nuisance. The delivery company in question just weren't interested, until we passed on their representative's name to the Police. Then they were.

    1. ibmalone

      Re: All these food delivery companies are as bad as each other...

      Just Eat send your order on to the takeaway who then handle everything, including the delivery, pretty much as if you'd phoned them to place the order. This is different to those like deliveroo where the delivery riders are contracted by app company.

  11. Anonymous Coward
    Anonymous Coward

    Good !

    A few years ago, I used JE for a takeway, and tried a new place, that wasn't brilliant. I scored it 3/5.

    Next thing I know, I start getting calls on my mobile (which is what JE had) from the business owner demanding to know why I wasn't giving him 5 stars.

    A complaint to JE ensured, with the eventual answer to go fuck myself. They completely ignored my assertion that my data had ONLY been given to them for the task of ordering and delivering a meal. Anything else (such as customer feedback) was absent from their own T&Cs.

    I have the email trail saved safely. I might make it available, if JE try and play the "we've never had a complaint before card".

    They had already pissed me off by buying out the far superior Meal2Go, and losing all my previous order details.

    1. Kirk Northrop

      Re: Good !

      Not Just Eat related, but a while ago I bought from a company online. The service was meh, and they forgot to send an item. After contacting them, they posted that out by second class post.

      They asked for a TrustPilot Review, and so I gave one, 3*, along the lines of "nothing special, forgot an item and sent it out second class which suggested they weren't too bothered about forgetting an item."

      Ten minutes later, my phone rings, and it's the CEO of the company wanting to know why I only gave a 3* review, and if he "could work something out" so I would change it.

      So I did. To 2*. And mentioned that they had tried to bribe me to improve the review.

  12. Mephistro

    A way to protect customer's data would be to use a chat/voice app and create a temporary "chat usr ID" for the customer for each and every order, so if the delivery person has trouble finding the address or there's any other issue, customers can be contacted through said app and user ID without jeopardizing their privacy, as the temporary chat user would be erased after a fixed amount of time or when the order is fulfilled.

    This would fix the issue with phone numbers and FB accounts but, sadly, it would do zilch regarding the customer's street address. :-(

  13. Tigra 07
    Thumb Up

    "This lacked empathy and does not reflect our policies or the way Just Eat would expect something like this to be dealt with"

    Just a tip Just Eat: Step 1: Actually get a policy on this so your customers aren't being harassed. Step 2: Actually deal with the issue, rather than just offer a token £5 off the next order and slowly upping it when the customer isn't impressed.

    I have no business with Just Eat, but Hungry House support staff are either so lazy, or thick as fuck that they can't even refund the correct amount when there's a cancelled order. Spoke to 3 different staff and they still refunded the wrong amount...

  14. Anonymous Coward
    Anonymous Coward

    When Chatbots Go Wrong...

    This wouldn't be national news if the complaint had been handled properly and the reason it wasn't handled properly was very likely because 'Trixie' was a chatbot (https://www.just-eat.co.uk/help/article/115005121685/how-does-the-chatbot-work).

    Even a half conscious, living call centre monkey would have spotted that this was far from your typical 'my food hasn't arrived', 'my order was wrong' complaint and handled it better. Unfortunate though this, at best creepy, and worst, dangerous, incident is, it's good that no serious harm been done and it has come out into the open, as it's clearly something a lot of women are used to having to deal with and it makes others aware. If some good can come of this, it's that this kind of thing might occur less often or better still, not at all.

    And for those saying it was just shyness/clumsiness/a cultural difference, imagine if that was one of your female relatives on the receiving end and then see if you're as forgiving.

  15. spold Silver badge

    Just Eat You - an extra free service with a smile

  16. Anonymous Coward
    Anonymous Coward

    Satisfied

    I wonder if they offered to kill him, is she would be satisfied.

    The driver is the problem, she should contact either "his" employer, or the police - after telling him to F off. Sounds like she has some anti-social issues, if she can't do that.

    1. Anonymous Coward
      Anonymous Coward

      Re: Satisfied

      You're never more than 6 feet away from a victim blamer they say.

      1. Anonymous Coward
        Anonymous Coward

        Re: Satisfied

        did you miss the "The driver is the problem," part? it was a good portion of the post.

  17. alain williams Silver badge

    Let's take the gender out of this

    The woman said:

    “This is no longer about my personal experience, this is about every single female who has been victimised in this way by someone from a company we put our trust in.”

    'every single female' ??? It is about a lack of trust in a company; nothing special about the unfortunate person happening to be a woman in this instance. Men & women suffer from abuses of information.

    In no way do I excuse the driver who should not have used the 'phone number as he did.

    1. Anonymous Coward
      Anonymous Coward

      Re: Let's take the gender out of this

      She, and a lot of women like her, have to deal with creepiness like this on a regular basis BECAUSE of their gender. The data abuse was just the means to an end. This is about BOTH issues. To separate one from the other would be like prosecuting someone for illegally obtaining a gun and ignoring the murder they committed with it.

      1. Aqua Marina

        Re: Let's take the gender out of this

        Who got murdered? You seem to be over exaggerating a tad equating being asked out to someone being killed. Are you a feminist of the men hating variety?

        1. Anonymous Coward
          Anonymous Coward

          Re: Let's take the gender out of this

          Nobody got murdered. It's an comparison, not an equation.

          I am a man. Sorry not sorry to blow your sexist assumptions out of the water.

      2. Anonymous Coward
        Anonymous Coward

        Re: Let's take the gender out of this

        She, and a lot of women like her, have to deal with creepiness like this on a regular basis BECAUSE of their gender.

        For a single woman (I am not one), the simple pleasures of a late night takeaway also often come with non stop sexual harassment. People shouldn't have to answer personal questions in order to get a cheezy chips, and so that is wrong; I'm sure it puts some people off going in to venues like that.

        However, some women are good at ignoring and/or dealing with it. When I'm drinking with a friend of mine, a well proportioned young lady who gives as good as she gets, we have a routine. She will go in to the pizza place first, get a great deal on the pie we want and once they bring it the free garlic bread for while we wait, she messages me to come on in :)

        1. alain williams Silver badge

          Re: Let's take the gender out of this

          However, some women are good at ignoring and/or dealing with it. When I'm drinking with a friend of mine, a well proportioned young lady who gives as good as she gets, we have a routine. She will go in to the pizza place first, get a great deal on the pie we want and once they bring it the free garlic bread for while we wait, she messages me to come on in :)

          So: it is OK for her to use her sex/large-breasts/... to get an advantage over the pizza boys, but regards any comeback as harassment (even if she can deal with it) ? Is that not trying to have your cake & eat it ? Maybe I have got this wrong, please explain.

          1. Anonymous Coward
            Anonymous Coward

            Re: Let's take the gender out of this

            Its not an advantage, she gets letched over and harassed because she is hungry; she should take any advantage she can there. She basically has 3 options:

            1) Don't get food, go hungry

            2) Get food with me, pay full price for everything, get letched at in <insert foreign language here>

            3) Get food by herself, pay reduced price for everything, get letched at in English

            She's not thinking "Wayhey, cheap food", its about optimising a bunch of shitty outcomes.

            Do you not think it appropriate that people can go about their daily affairs without being sexually propositioned at random by people that they are engaging in a professional context? Or do you believe that if you give someone free food, its then fine to ask if they want anal sex out back?

            1. alain williams Silver badge

              Re: Let's take the gender out of this

              Another option:

              4) Don't flash her tits, don't induce the pizza boys to letch.

              She could always try dressing modestly and pay full price for pizza like the rest of us.

              1. Anonymous Coward
                Anonymous Coward

                Re: Let's take the gender out of this

                Another option:

                4) Don't flash her tits, don't induce the pizza boys to letch.

                a) Who said she flashes her tits? This is in your imagination. She has tits, she cannot leave them at home.

                b) "induce the pizza boys to letch", what century are you from? If she didn't want to be harassed, she shouldn't be wearing that/out that late? W T F

                1. FlamingDeath Silver badge

                  Re: Let's take the gender out of this

                  Unfortunately, you cant whitelist who you want to perve over your flesh and who you dont want to perve over your flesh. This is not Facebook where you can set permissions.

                  Dress like a whore, expect to be propositioned as one

                  I'm not saying I agree with it, just that's the way it is

                  As much as I am sure you would like to believe humans are some special case created by a sky fairy, but in reality we are animals, with animal instincts, driven by emotions

                  1. Jeremy Puddleduck

                    Re: Let's take the gender out of this

                    FFS. A women has boobs and now she is a whore because she isn't wrapping them up and hiding them from eager eyes. Go back to the century you crawled from.

                  2. Anonymous Coward
                    Anonymous Coward

                    Re: Let's take the gender out of this

                    "in reality we are animals, with animal instincts, driven by emotions"

                    ...and with the higher-level cognitive abilities to let us override them if necessary, even if we might not always want to. (That's essentially what separates us from chimpanzees.)

                    Think that sometimes animal instinct overrides that higher level consideration? I bet it does- but consider *any* form of sexual behaviour where the person involved might argue they "couldn't help themselves".

                    Now imagine they knew that the consequences were- with no chance of getting away with it- immediate and guaranteed castration. (#) What percentage, do you suspect, still "wouldn't be able to help themselves"?

                    Exactly.

                    (#) Insert female equivalent if implied lack of gender balance upsets you.

              2. Jeremy Puddleduck

                Re: Let's take the gender out of this

                Oh do wind your neck in Alain, you troll.

            2. alain williams Silver badge

              Re: Let's take the gender out of this

              She's not thinking "Wayhey, cheap food", its about optimising a bunch of shitty outcomes.

              But you started out saying:

              She will go in to the pizza place first, get a great deal on the pie we want and once they bring it the free garlic bread for while we wait, she messages me to come on in :)

              Why do you wait outside until she has got free garlic bread if both of you were not thinking "Wayhey, cheap food" ?

              1. FlamingDeath Silver badge

                Re: Let's take the gender out of this

                He's clearly happy to pimp his GF out, the start of a slippery slope

            3. FlamingDeath Silver badge

              Re: Let's take the gender out of this

              "Its not an advantage, she gets letched over and harassed because she is hungry"

              I think there is a misunderstanding of what a date actually means.

              In your world, it's a quick shafting in the rectum round the back in the alley (Is that how you met your partner?

              In my world, that would be dinner for two and a get to know eachother on an intellectual level (is she smart or a bit dense, for me this is REALLY important, because who bloody well wants some dense idiot raising their offspring)

              I must be doing something wrong, should I just club her over the head and drag her into my mancave by the hair, is that your technique?

              Lord give me strength

  18. Anonymous Coward
    Anonymous Coward

    Just Eat Don't Do Security

    Looks like Just Eat don't really take security seriously even for their own site: https://schd.io/eja

    1. Anonymous Coward
      Anonymous Coward

      Re: Just Eat Don't Do Security

      Et tu, El Reg? https://schd.io/CbH

  19. Anonymous Coward
    Anonymous Coward

    Surprisingly, for a company with an already chequered past on this topic, Uber has mechanisms in place to prevent similar abuse. The driver collecting you doesn't get your number, nor you their's. Instead all SMS and voice calls go through a set of virtual numbers which only exist for the life of the job, before being recycled.

    Of course this will be a fairly expensive approach, but could easily be implemented by Just Eat.

  20. NiceCuppaTea

    Why even give out the number?

    Simple solution to this one, DONT PASS ON THE PHONE NUMBER!

    Have a generic number owned and operated (and potentially make some extra money from) by just eat which gets called by the delivery driver who inputs the delivery number / order number and the just eat systems dial the customer and connects the two calls!!! Once the delivery has been completed the order number / private number relationship is killed.

  21. Anonymous Coward
    Anonymous Coward

    RLY!?!

    Hasn’t this been blown out of all proportion?

    Some dude delivered food to a girl. He liked what he saw, he had contact information available, thereby opportunity, and tried to chat her up (badly). He even enquired as to if she had a boyfriend and therefore as to whether his approach was undesired. If she did not want/like the approach of the delivery driver she should have told him to ‘foxtrot oscar’. If there was subsequent harassment then that would be an issue.

    1. diodesign (Written by Reg staff) Silver badge

      Re: RLY!?!

      Mate, none of what you said above is cool. If you're delivering stuff to someone, serving them food, any kind of day-to-day thing, taking their phone number and texting them weird flirty stuff is awful. The number was provided for business purposes, not to set up a date.

      It's one thing to ask a person for their number in a social setting. It's another to delve into a customer record and pull out a contact detail and pester them.

      Now imagine this happening every week - it could be on twitter, uber, just eat, work email. It gets old really quick and it's just creepy and sad. If you want to ask someone out, do it properly.

      C.

      1. Anonymous Coward
        Anonymous Coward

        Re: RLY!?!

        Would you go out with me, Diode Sign?

      2. MonkeyCee

        Re: RLY!?!

        "he had contact information available, thereby opportunity,"

        What the actual....

        No, just no.

        If someone has *given* you their phone number, then contacting them out of the blue is OK. If you've "obtained" it by any other means, then it's really not cool to contact them. It's certainly not cool to ask them out on a date or enquire as to their relationship status

        How is this even something you have to explain?

        If you're interacting with someone where you or they are acting in a professional* capacity, then flirting may be acceptable (YMMV) but making a pass isn't. If you're not sure if something could be construed as hitting on someone (like asking if they have a boyfriend), then don't do it.

        If you must hit on random women, do it in an environment where it's consider vaguely acceptable (bar, party, swingers club), where if the other party isn't interested they can back out of the situation gracefully. Texting, calling or showing up on your doorstep without invitation is an invasion of privacy.

        * or at least getting paid for it

        1. Anonymous Coward
          Anonymous Coward

          Texting, calling or showing up on your doorstep without invitation is an invasion of privacy.

          Being contacted by a stranger through a public-facing communication interface can't be an invasion of privacy. There have long been cold callers, text / message spammers and door-to-door enquirers. However if you signal that you're not interested the other party should break off contact and then respect your privacy. After a warning, continued unwanted contact is harassment. However in this case, it looks like this did not happen.

        2. Anonymous Coward
          Anonymous Coward

          Re: RLY!?!

          Stalking was romance 50 years ago.

          1. Tigra 07
            Thumb Up

            Re: RLY!?!

            "Stalking was romance 50 years ago"

            Stalking women was called "being a pervert" 50 years ago...You know...Like it still is today.

            1. Anonymous Coward
              Anonymous Coward

              Re: RLY!?!

              Obsession too, was romance 50 years ago.

      3. Anonymous Coward
        Anonymous Coward

        Re: RLY!?!

        This is really about the poor driver's lowly social status, a subject women are obsessed with. The low hopeless status level his life occupied is where he should have remained, any approach towards Queen Sunglasses should be met with absolute resistance and horror and testicle removal, preceded by a call to a higher authority (Justeat) to emphasise and elevate her social status.

        Queen Sunglasses is probably deeply insecure and scared, like many women living on their own in the big smoke. Text on a screen tends to scare the fairer sex. The best way to chat anyone up is within 10 seconds of meeting, and face to face. And never leave a paper trail in case you get sued.

        1. Jeremy Puddleduck

          Re: RLY!?!

          It's along shot I know but I'm going to bet you have a micropenis, amirite? You've seen who the President of the USA is, ok? Seen how creepy and revolting he is in his attitudes towards women? Creepy men are creepy men, status is irrelevant.

          You need to go home and have a long hard think about why you seem to have a problem with women who dare to stand up for themselves. Oh, and you should be concerned that your paper trail might result in you being sued, you creep.

          1. Anonymous Coward
            Anonymous Coward

            Re: RLY!?!

            Wow. Troll much?

  22. Anonymous Coward
    Anonymous Coward

    Bot

    That response smacks of a bot.

    1. Swarthy
      Terminator

      Re: Bot

      My thoughts exactly. The "For your Inconvenience... " bit would have been "Talk to the restaurant, he's not our employee" by any blame-dodging human who read that complaint. Proceeding to offer 10 quid when the complainant was not mollified by five, with no reflection/commentary/commereration on the complaint itself, points to a chatbot, and a cheap one at that. ELIZA would have handled that complaint better.

      1. Aqua Marina

        Re: Bot

        Please tell me how you feel about For your inconvenience?

  23. Anonymous Coward
    Anonymous Coward

    Reputational damage ????

    It's not a sarky comment, but if women - especially single/lone women - feel they can't trust Just Eat, then we might see them go under.

  24. IGnatius T Foobar
    Thumb Up

    Obligatory

    All of the obvious comments about a hot sausage pizza are included herein by reference.

  25. Anonymous Coward
    Anonymous Coward

    When does John Worboys

    start work with Uber ?

  26. Charlie Clark Silver badge

    And if the guy sent her a message via Twitter?

    There's no doubt that there is a breach of data protection laws here and the commissioner should follow this up.

    That said, I'm also slightly confused by the plaintiff taking to Twitter to air her grievances about this. Would it make a difference if she'd supplied her publically available Twitter-handle for the process? Hypothetical, I know. Can't you block numbers on WhatsApp? Should be the the first thing to do after reporting the incident.

    Personally, I'd be more worried about the guy knowing where I live.

  27. 2Nick3

    Scripted response failure

    It sounds like JE had a scripted response to issues being raised and the Trixie wasn't really reading the messages coming in. The script probably goes something like this:

    1. Apologize in a non-specific way

    2. Repeat the apology

    3. Offer £5

    4. Offer £10, saying you shouldn't really do it.

    Maybe there's a #5, but I almost doubt it, as most people being offered the £10 would just take it and move on.

  28. Anonymous Coward
    Facepalm

    Man propositions snowflake: snowflake complains to the Internet.

    Being contacted on WhatsApp isn't a violation of privacy, it's designed for communication. Did this snowflake ever consider msging him and making it clear not to contact her again. What is it about the female of the species that they have to blast their everyday trivial personal problems all over the Internet.

    1. kain preacher

      Re: Man propositions snowflake: snowflake complains to the Internet.

      Why should she have to do that

      ? If some bloke called you and say can he stick his dick in you why would you have to say dont call me ?

      1. FlamingDeath Silver badge

        Re: Man propositions snowflake: snowflake complains to the Internet.

        "stick his dick in you"

        Wow what a leap, guy asks girl on a date, girl interprets that as a request for c̶o̶m̶p̶a̶n̶i̶o̶n̶s̶h̶i̶p̶ rude sex

        This Weinstein mania is getting a bit beyond the joke

        What next, men reduced to sperm donators for closet cryptolesbians

        Oh wait

        1. kain preacher

          Re: Man propositions snowflake: snowflake complains to the Internet.

          THis is not at a night club. You would not expect some random strange to ask/text you on a date . It's kind of creepy to have some random guy just text you for a date.

          1. FlamingDeath Silver badge

            Re: Man propositions snowflake: snowflake complains to the Internet.

            "This is not a nightclub"

            Honestly if a nightclub is the only place a man can proposition a woman for a date, no wonder this country has so many broken familes. I understand *some* women feel threatened by men, with good reason. Because some men are rapists.

            But to automatically assume that is the case for all men is pure prejudice on your part

            I think the label Snowflake is quite fitting in this example

            When was the last time a woman asked a man out on a date?

            We all have to grow spines at some point

  29. Anonymous Coward
    Anonymous Coward

    Oh stop it.

    Complete utter non-story.

    If the driver had been some handsome hunk and she'd agreed, this wouldn't have even made it to the local paper.

    Furthermore "I'm literally never ordering from there again" speaks volumes about what we are dealing with here.

    The 2nd biggest private contractor failed yesterday with debts of 1.5 billion and THIS shit is making the headlines.

    Get your fucking priorities sorted.

    1. Jeremy Puddleduck

      Re: Oh stop it.

      And yet you felt the need to comment on this "non-story"...

  30. chivo243 Silver badge
    Facepalm

    I feel sorry for the Customer Advisor

    Trixie, if that's her real name, is only following a script written by some midlevel monkey. She probably got a demerit for upping the refund as well.

    And to be fair, as this is an out of the ordinary issue, the customer advisors probably didn't have training or a script to cover this eventually.

  31. FlamingDeath Silver badge

    *Dude asks woman out on a date*

    What a rapist!

    Unbelievable!

  32. Anonymous Coward
    Anonymous Coward

    Speaking as an inordinately ugly man...

    It's even more terrifying approaching women with the possibility of this sort of overreaction. Jeez... a pretty face gets forgiven every time. I bet if the driver was tall, dark and handsome there would have not been any complaint. I'm not bitter.

    1. FlamingDeath Silver badge

      Re: Speaking as an inordinately ugly man...

      None of us are, we're just observant, and what we're observing is a cunt

  33. Anonymous Coward
    Anonymous Coward

    Why didn't she just go to the Police?

    "My phone was raped!"

  34. Anonymous Coward
    Anonymous Coward

    I ordered a pizza last October which was delivered by a really hot chick who started sending my suggestive text messages afterwards. I've now ballooned to over 30 stone and my wife has left me as I now order 3 pizzas a night. I blame Just Eat.

  35. Joe Montana

    Canned response...

    It's clear that "trixie" was just following a script... The response "can't fix a bad meal" says it all - the script is aimed at people complaining about the food being bad, but clearly this complaint had nothing to do with the food.

  36. Anonymous Coward
    Anonymous Coward

    "Victimised"?

    That's a bit strong for what is in essence is a clumsy attempt at a chatup.

    Sure it would be a different matter if he continued it over the course of several days, but it seems it was only a few messages that evening.

    I've met plenty of people through my work, and some of them have been female, and I have on occasion been known to socialise with them. Some obviously haven't been interested in socialising, but that's just the way of the world.

    Would it have been less creepy if he had avoided breaching the SMS rules and instead just stood at the end of her road waiting to "accidentally" bump into her? No, thought not.

    Try saying "Sorry, not interested" or "I'm married" or "I see you more as a friend". The English language is full of phrases to end unwanted advances.

  37. Tom 38

    I'm not that attractive

    and so I've never had a delivery driver hitting on me. What I have had, is a restaurant I've ordered from via JustEat taking the phone number of everyone who has ordered from them and adding them all into a whatsapp group, making them all visible to everyone else, and then asking us all to vote for them in some take away awards.

    The award was not for data protection.

  38. Anonymous Coward
    Anonymous Coward

    I reported JustEat to the ICO many months ago. I've had issues where my details have been used for marketing purposes. Despite numerous complaints to JE, as they were the only way my details could have been captured, nothing ever happened. No sanctions against the take-aways for breach of contract. Nothing. Now the SMSs etc are just consigned to the spam bin.

  39. andy gibson

    Just Eat Don't Care

    I've left a bad review of a takeaway in the past and got hassled by the takeaway through text messaging directly to remove it.

    Just Eat didn't care one bit.

    Same when a local takeaway got 0/5 for hygiene, and they still promoted it.

  40. Dieter Haussmann

    Terrible

    I would have expected Just Eat to mask your phone number from the grubby takeaways by acting as a go-between for messages, a bit like how Amazon and ebay mask the buyer and seller's email addresses in email corresponsance - not just from a privacy standpoint but to stop takeaways from direct selling after first introduction.

    Very bad.

  41. Anonymous Coward
    Anonymous Coward

    Telephone Proxying

    You need a service where the caller goes through an intermediary, and therefore never needs to know the real number of the called party.

    It's not massively hard to do all this using the Free and Open Source Asterisk software, but you do need a telecoms company who will allow you to lay any caller ID you like on the calls you place (so you can pass through the ID of the real caller, which is no secret from the customer) and trust you not to abuse this. (We use this to ensure that customers paying for sales leads do actually pay for them ..... otherwise, they get diverted to the Revenue Protection Department .....)

    For text messages, it's even simpler; you just need the ability to send an SMS (either through an online service, or using a 3G dongle and some Open Source software which you will have to modify); the leg from delivery driver to base can be implemented as a mobile app talking https to a server.

  42. Phukov Andigh Bronze badge

    welcome to the "gig economy" "its an app" life

    like Uber, you run an "app" that "disrupts" by having everyone else provide the services and take the risks while skimming off the top, you get to "own" the problems caused by those "providers".

    Seems the terms "disruptive" and "exploitative" mean the same thing in "App" and "Startup" land

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like