It’s no secret that Uber has a sometimes tense relationship with policymakers around the world; much of its explosive rise has been attributed to Uber’s willingness to defy regulation. But now it seems that in some places, the ride-hailing company may have resorted to extraordinary measures to identify and defeat law enforcement officers in a yearslong game of cat and mouse.

In what some employees have questioned as an ethically and legally murky maneuver, Uber has mined some customers’ geolocation data, credit card information, app usage habits and even social media profiles to determine whether they may be working for city governments, rival ride-hailing services or intend to harm Uber drivers, according to a report by The New York Times.

The program, code-named Greyball, surfaced in 2014 when Portland, Oregon, officials posing as regular customers tried to request rides on Uber to gather evidence that the company was operating illegally in the city, according to the Times.

But rather than procuring a driver for the “customer,” the service went so far as to show officials a fake version of the app with drivers who didn’t really exist. Any drivers who did respond would quickly cancel the rides, sometimes through direct intervention from Uber itself via phone calls to a driver who had mistakenly picked up a fake fare.

“This program denies ride requests to fraudulent users who are violating our terms of service,” said Uber in a statement, “whether that’s people aiming to physically harm drivers, competitors looking to disrupt our operations, or opponents who collude with officials on secret ‘stings’ meant to entrap drivers.”

The report on Uber’s covert activities is the latest blow for a company that has suffered a growing backlash in recent weeks. It adds to accusations of sexual harassment by a former engineer, widespread defections by customers upset over chief executive Travis Kalanick’s handling of the company, and an apology by Kalanick himself after he got into an argument with an Uber driver about driver wages.

Advertisement

Greyball reportedly began as a tool to flag abusive riders in countries where violence against Uber drivers is common. But the company eventually discovered its utility as a way to identify problematic government officials, the Times says. To determine if a user warrants special treatment, Greyball reportedly looks at roughly a dozen factors, such as whether a customer who spends a lot of time around government buildings frequently opens and closes the app.

Once it believes it’s found an offending user, Uber tags the individual with a bit of code, according to the Times. In addition to regulators, Greyball has also been used to prevent taxi drivers from getting a fix on Uber drivers’ locations. The practice was approved by Uber’s lawyers, according to the Times.

This is not the first time Uber has covertly taken aim at rivals; the company was also said in 2014 to have engaged in corporate warfare with its U.S. competitor, Lyft, by secretly poaching its drivers. It has also run grass-roots organizing campaigns designed to influence state legislatures. In other cases, Uber executives have suggested digging up opposition research on journalists to get its way, and another information-gathering tool named God View allowed Uber to track the location of its users without their knowledge.

In Portland, officials sought to gather evidence for Uber’s illegal operations by having the authorities request rides on the app. But, having been flagged by Greyball, law enforcement officials were left hanging as the fake version of the app failed to get them any rides. Soon after, the city began to allow Uber to operate legally in the city.

Security analysts say that with the amount of personal information freely available on the Web, it is almost inevitable that a company such as Uber would move to exploit it.

“Greyballing is an acceptable business risk in the poorly-governed realm of cyberspace,” said Kenneth Geers, a former analyst at the National Security Agency and a senior research scientist at Comodo, a global cybersecurity firm.

But unlike its other efforts at shaping policy, Uber’s Greyball appears to be a far more technologically sophisticated and systematic approach to outmaneuvering the opposition.

And it may be one of Uber’s most closely held trump cards.

Now that policymakers are aware of Greyball, other analysts say, they could take steps to make the tool illegal – forcing Uber to adapt again in its push to expand into new markets.


Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.