Skip to Content

Top app has been spying on users and lying about it for years

Uber, the ride-hailing service, is having a bad year. Last month, a secret Uber program called Greyball was exposed and it revealed how the company uses data collected from its app to evade authorities in areas where the service is resisted by law enforcement or banned.

Greyball was allegedly used in cities like Las Vegas, Boston and Paris, plus in countries like China, Australia and South Korea, to deny service to Uber accounts considered as a threat to the company.

Now, another controversy has surfaced and it involves a tussle with a company that Uber can’t afford to irk.

The New York Times reported that in early 2015, Uber CEO Travis Kalanick met with Apple’s Tim Cook to discuss specific questionable techniques the Uber app was allegedly employing.

Apple engineers discovered that the app was tracking its users even after it was deleted from iPhones. This practice, called “fingerprinting,” violates Apple’s privacy guidelines. “Fingerprinting” assigns each iPhone a specific identity via a small piece of code that persists even after the device’s data has been wiped.

At that time, Kalanick allegedly directed his employees to use this technique to combat massive fraud in China where stolen iPhones are being used to create multiple Uber accounts.

To hide this practice from Apple, Uber’s engineers reportedly “geofenced” Apple’s headquarters location in Cupertino. Uber then obfuscated the app’s code for people who are reviewing it within this “geofenced” area to conceal the “fingerprinting” practices from Apple employees.

The deception did not last, however. Apple engineers working outside of Cupertino discovered the tactic which prompted Apple’s Tim Cook to summon Kalanick to his office.

In the meeting, Cook reportedly reprimanded Kalanick for breaking some of Apple’s rules. The Uber CEO was then given two options – follow Apple’s app guidelines or the app will be removed from the Apple App Store completely.

Since the removal of the Uber app from the Apple App Store meant the loss of millions of iPhone users, which could very well be a disaster for the company, Kalanick promptly complied and modified the app to remove the shady fingerprinting tactics and adhere to Apple’s privacy guidelines.

However, Uber told TechCrunch that a form of fingerprinting still exists in the current version of the Uber app to help detect fraudulent behavior. For example, if a device has been tagged with fraud in the past, a new sign-up from said device will be flagged. According to Uber, this form of fingerprinting complies with Apple’s app rules.

In response to The New York Times report, an Uber spokesperson told TechCrunch:

“We absolutely do not track individual users or their location if they’ve deleted the app. As the New York Times story notes towards the very end, this is a typical way to prevent fraudsters from loading Uber onto a stolen phone, putting in a stolen credit card, taking an expensive ride and then wiping the phone — over and over again.

“Similar techniques are also used for detecting and blocking suspicious logins to protect our users’ accounts. Being able to recognize known bad actors when they try to get back onto our network is an important security measure for both Uber and our users.”

Do you think this ongoing PR problem for Uber will stop you from using its service? Drop us a comment!

More must-read stories:

Your online banking password is not as secure as you think!

53K vehicles recalled for faulty electronic parking brakes!

These 20 popular router models are major security risks!

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me