I actually think that in this case, Uber does a good job of protecting privacy. I don't see the email address or the last name of the people that I referred, just their first name. I'm assuming that means that they don't see my name/email either when they sign up via my link.
My favourite piracy definition is by Steve Jobs who said: "Privacy is knowing what you signed up for".
We can argue back on forth on what the implications of the names showing up are and aren't[1], but neither the referrers nor the referrals knew that this would happen. That's bad privacy on Uber's and Dropbox's part.
[1]: Not everyone manages to get people to sign up as fast as you did. The implication of this is that if I know who signs up and when, I can surmise their name based on this information, which violates the user's privacy. Again, privacy is very contingent on the implications of what a malefactor might be capable of.
Whether a mountain or a molehill, this is something that just doesn't serve any good purpose but comes with some negative consequences.
You really shouldn't see any of that. I do lots of affiliate marketing and companies rarely give any more information than whether or not people met the requirements for me to get paid - and how much they are paying, if I'm on a revenue share deal.
It's really none of my business who they are and would be an invasion of their privacy for me to know - in my opinion.
I guess an argument could be made for refer-a-friend programs working differently, but the default should always be sharing this kind of data only on a need-to-know basis.
Well, according to Uber's referral program copy, in theory, you're referring your "friends" to the service. Aka people you know, and people who probably wouldn't mind you knowing they signed up. So I can at least see why Uber (and other referral services in general) might not think twice about sharing small pieces of personal information with the referrer. Not saying you don't have a good point, though, because I agree.
