Uber has agreed to 20 years of audits after U.S. regulators deemed the ride-services company failed to protect the personal information of drivers and passengers and deceived the public about efforts to prevent snooping by its employees.

In 2014, a hacker pulled off a major data breach at Uber, gaining access to the names and drivers’ license numbers of more than 100,000 Uber drivers. Later that year, the company came under investigation by the FTC after reports surfaced about a program called “God View,” which let employees monitor the real-time locations of customers who requested a ride through the app. As follow-up, Uber claimed it had put a policy in place that prohibited its workforce from accessing rider and driver data. But according to the FTC, that policy was enforced for just eight months.

Read the full story here.