Uber Creepy

This embed is invalid

I’ve long been a fan of Uber. For someone who doesn’t know how to drive, it’s been a godsend. The cab industry deserves all the competition it can get. It empowers individual entrepreneurs and uses technology in ways that improve everyone’s lives. But it sure does appear that the company’s management is more than a little douchey. My suspicions began when, after I first approved a surge-pricing fare increase, suddenly every subsequent car request came with such a surcharge – even on a quiet Sunday morning. Last night, a driver canceled a trip two minutes after informing us that he was “arriving now”. I’ve had to get out of two Ubers in the past year because the driver was an asshole. And, of course, the rumors and stories of its unethical and puerile hounding of its competitors are legion.

And now its senior vice president, Emil Michael, was dumb enough to get all frank and intimate with Ben Smith at the Waverly Inn last Friday suggesting that the company hire opposition researchers to dig up dirt on journalists who criticize its business practices, specifically citing legendary PandoDaily journalist, Sarah Lacy, who had accused the company of “sexism and misogyny”:

At the dinner, Michael expressed outrage at Lacy’s column and said that women are far more likely to get assaulted by taxi drivers than Uber drivers. He said that he thought Lacy should be held “personally responsible” for any woman who followed her lead in deleting Uber and was then sexually assaulted. Then he returned to the opposition research plan. Uber’s dirt-diggers, Michael said, could expose Lacy. They could, in particular, prove a particular and very specific claim about her personal life.

Uber wouldn’t be the first tech company to investigate journalists who report on it, but the incident didn’t do much for Uber’s public image as a hyper-aggressive firm with loose ethics. Uber CEO Travis Kalanick took to Twitter soon after the story broke to apologize to Lacy, denounce Michael’s “lack of humanity”, and stress that the company has no plans to doxx journos it doesn’t like. Michael himself also apologized. These mea culpas – in fourteen separate tweets – don’t quite cut it for Alison Griswold, though:

Kalanick thinks Michael’s comments were “terrible.” He says those comments display a “lack of leadership, a lack of humanity, and a departure from our values and ideals.” He says Uber should be focused on building a positive narrative to “inspire” riders and drivers, to show the “positive principles that are the core of Uber’s culture.” He promises to do “everything in my power” to earn trust from Uber’s community. So as many Twitter users have already pointed out: Doesn’t that start with firing Michael?

Lacy herself is furious:

Uber’s dangerous escalation of behavior has just had its whistleblower moment, and tellingly, the whistleblower wasn’t a staffer with a conscience, it was an executive boasting about the proposed plan. It’s gone so far, that there are those in the company who don’t even realize this is something you try to cover up. It’s like a five-year-old pretending to be Frank Underwood. Only one with billions of dollars of assets at his disposal.

And lest you think this was just a rogue actor and not part of the company’s game plan, let me remind you Kalanick telegraphed exactly this sort of thing when he sat on stage at the Code Conference last spring and said he was hiring political operatives whose job would be to “throw mud.” I naively thought he just meant Taxi companies. Let me also remind you: This is a company you trust with your personal safety every single time you use it. Let me also remind you: The executive in question has not been fired.

Josh Marshall is mystified at how Uber’s executives can be so tone-deaf:

Separate from the details of this incident, it’s been quite a while since I’ve seen what is by any measure an amazingly successful startup manage to generate this much negative publicity based fairly narrowly on the behavior of its top executives. … But what is so odd is that Uber, at the end of the day, is in a business where the basic project is about reliability and safety. And yet the guys running the company seem kind of reckless and even a bit nuts. Unlike the men and women you’d hope would be driving your Uber ride (and, in my experience, they often are those people), the guys running Uber seem like the result of some genetic experiment marrying up the 17th century Caribbean pirate with the 21st century North American Bro.

To Alexander Howard, the incident raises serious privacy concerns, given that Uber collects enough data about users to infer, say, where they slept last night, or with whom:

With great data comes great power, and therefore responsibility. That means culture and ethics matter. The reason Michael was angry at Sarah Lacy appears to be because of her excoriating post about Uber’s culture.

Now, imagine if powerful members of Congress decide that they don’t like Uber’s labor practices, or surge pricing, or its approach to flaunting regulatory strictures, or the way it lobbies city governments not to be subject to reporting on compliance with accessibility laws. What then? Will the same executives who have shown a limited “God View” at launch parties choose not to use more powerful internal analytics to track who is going where and when? What policies and code would stop them from looking at the profiles of Senators and Representatives and drawing conclusions about where and when they go? Or for that matter, my profile, or yours?

I can’t imagine Uber regaining minimal trust without firing Michael. Tim Lee is not far off the same page:

There’s no evidence that Uber has ever misused its data in this way, and Uber says it has strict policies designed to safeguard customer privacy. But policies are only as trustworthy as the people enforcing them. When an Uber executive openly muses about intimidating reporters with sensitive personal information, that’s a sign that he might not be sufficiently committed to ethical behavior to be a senior executive at a powerful company like Uber. And the fact that Kalanick sat silently through Michael’s comments, and then chose not to fire him when the comments became public, suggests he might not take ethical considerations seriously enough, either.

It’s also worth talking about whether Uber’s customers should have legally enforceable rights protecting the privacy of their travel data.

In response to these concerns, Uber published a post on its company blog Tuesday night clarifying that it has “a strict policy prohibiting all employees at every level from accessing a rider or driver’s data”, with exceptions for “a limited set of legitimate business purposes” such as facilitating payments or detecting fraud. Meanwhile, Katie Benner reminds the Uberites that they won’t be the only game in town forever:

Remember, Uber is special because it was the right company at the right time. It’s the most elegant expression of how real life, mobile devices and payments are coming together to make our phones a remote control for the way we live.

Yet Uber’s underlying software is replicable. Uber refuses to make its drivers actual employees, and those drivers can always go to a competitor that offers a better deal. Consumers aren’t locked in either. So if a mass group of consumers (not just those that obsess over industry blogs like TechCrunch and Valleywag) now see Uber as a company that doesn’t respect their safety, their data or their drivers, they can drop Uber from their trusted group of apps. Other options are available.

And Neil Irwin declares that it’s time for the company to grow up:

The idea of a showing up to a meeting with a JPMorgan executive and hearing, “I notice you were late on your mortgage payment last month,” is just unfathomable, so great are the protections in the financial industry between access to consumer data and the executives and public relations people who tend to deal with reporters. The same could be said for any number of other industries where big companies have access to private data. Hotel chains? Retailers? This is just not the way things work.

And the reality for Uber is that, much as it may still see itself as a start-up, its scale and ambitions mean that it is rapidly becoming an important company, operating in 48 countries with thousands of drivers. … It’s great to have employees exhibit “fierceness” and “super-pumpedness,” two qualities on which Uber reportedly evaluates its workers. But the bigger you get, the more you also need qualities like discipline and wisdom.

Apple Locks Itself Out Of Your iPhone

Apple has announced a new feature in iOS 8 that prevents the company from complying with search warrants:

In an open letter posted on Apple’s website last night, CEO Tim Cook said that the company’s redesigned its mobile operating system to make it impossible for Apple to unlock a user’s iPhone data. Starting with iOS8, only the user who locked their phone can unlock it. This is huge. What it means is that even if a foreign government or a US police officer with a warrant tries to legally compel Apple to snoop on someone, they won’t. Because they can’t. It’s a digital Ulysses pact.

Law enforcement has a variety of legal tools it can use to compel a tech company to turn over data on its users. In some cases the tech company is even legally prohibited from talking about those requests publicly. If Apple’s correct and it truly has built an encryption system that they themselves can’t break, then they’ve found a pretty ingenious workaround to the problem tech companies face constantly — of being stuck having to choose between their users and the law.

The Bloomberg View editors argue that this is a bad idea on multiple counts:

Apple has now removed itself from this legal drama. If authorities come asking for information stored locally on a customer’s phone, Apple can say it doesn’t have it and has no way to get it. If police want anything on the phone, the user is going to have to let them in — and it’s an open legal question whether the government could force users to give up their passwords, because doing so could violate the Fourth or Fifth Amendments. In other words, Apple’s new privacy policy will make it harder for police to do their jobs.

It could also create new hassles for Apple’s customers. For one thing, the company now can’t help them access what’s on their phones if they’ve forgotten the password. And for all that, this feature would almost certainly do nothing to help them stop the kind of surveillance the NSA conducts. Apple may hope to burnish its reputation with this policy. But it was already something of a corporate exemplar with regard to security and privacy. If it turns out that this new feature is making life more difficult for law enforcement and more confusing for customers — well, it may not be quite the P.R. triumph Apple was hoping for.

Oren Kerr also finds the new design “very troubling”:

If I understand how it works, the only time the new design matters is when the government has a search warrant, signed by a judge, based on a finding of probable cause. Under the old operating system, Apple could execute a lawful warrant and give law enforcement the data on the phone. Under the new operating system, that warrant is a nullity. It’s just a nice piece of paper with a judge’s signature. Because Apple demands a warrant to decrypt a phone when it is capable of doing so, the only time Apple’s inability to do that makes a difference is when the government has a valid warrant. The policy switch doesn’t stop hackers, trespassers, or rogue agents. It only stops lawful investigations with lawful warrants.

But Andy Greenberg points out the cops can still get your data:

[A]s the media and privacy activists congratulated Apple on that new resistance to government snooping, iOS forensics expert Jonathan Zdziarski offered a word of caution for the millions of users clamoring to pre-order the iPhone 6 and upgrade to iOS 8. In many cases, he points out, the cops can still grab and offload sensitive data from your locked iPhone without Apple’s help, even in iOS 8. All they need, he says, is your powered-on phone and access to a computer you’ve previously used to move data onto and off of it.

“I am quite impressed, Mr. Cook! That took courage,” Zdziarski wrote in a blog post. “But it does not mean that your data is beyond law enforcement’s reach.”