A bill in the NYC Council, designed to assist local restaurants by forcing delivery apps like GrubHub to share customer data, has some privacy advocates balking.

The bill, Intro. 2311, is intended to help local restaurants wrangle customer data back from delivery apps which already take a cut of profit. But privacy advocates are worried about what happens to a massive database of customer data in a city where thousands of deliveries happen every day.

From Gothamist:

Sharing a customer’s name, phone number, e-mail address, delivery address, and the contents of their order is easy for a single meal, but it gets a lot harder for a city that orders thousands of deliveries every hour. But what happens to that data next is the concerning part.

Under the new law, restaurants would be able to use that information however they want. If they want to advertise you lunch specials, that doesn’t sound too bad. But if they want to sell that data to credit firms, insurers, and your boss, then this all starts to sound very, very creepy.

Simply put, this is heading in the wrong direction. We should be limiting the way that the delivery apps can monetize our data, rather than inviting every restaurant we order from to do the same. And while the terms of service with delivery apps are usually problematic, this law would wipe away what few rights consumers have under these contracts.

It may seem harmless enough to put this information in the hands of your local takeout place, but just wait for the feeding frenzy of data brokers who step in to buy up the information. Times are still tough for many restaurants, and even pre-pandemic a lot of them struggled to keep the lights on. Can we really expect them to say “no” when the data firms start offering them a lifeline? We should give restaurants every financial support we can, but not if it comes at the cost of increased spam, identity theft, and stalking.