But there's a lot in the article that doesn't make sense:
>Other techniques included looking at the user’s credit card information and whether that card was tied directly to an institution like a police credit union.
I couldn't find a good source, but it doesn't seem like that's something a CC merchant would have access to. Do they really get to see that?
Also, how were they able to do it so accurately without disrupting their service? Most city employees and police aren't going to be involved in sting operations against car services, so their customer support will have to deal with a torrent of very confused government employees  who keep getting mysterious rejections when they try to use they app, and which support can't give a truthful answer on.
Plus, this seemed to require significant on-the-ground intel and human intervention:
>If those clues were not enough to confirm a user’s identity, Uber employees would search social media profiles and other available information online. Once a user was identified as law enforcement, Uber Greyballed him or her, tagging the user with a small piece of code that read Greyball followed by a string of numbers.
So, I'm surprised it worked at all.
 identified by the fact of that person having more-than-usual activity inside something recognized as a government building
 EDIT: Okay, I get it -- you can look up banks from the CC number. Can we not have further comments just to point this out?
>I couldn't find a good source, but it doesn't seem like that's something a CC merchant would have access to. Do they really get to see that?
The first 6 digits of a credit card can identify the issuing bank (BIN number - https://en.wikipedia.org/wiki/Payment_card_number). If you ask your merchant they can readily provide you and up to date list.
This plus public payroll records (such as http://transparentcalifornia.com/) probably took them quite far.
There's a big difference between keeping secrets for market advantage and to evade the law. In the first case, I want to tell people because i'm building cool stuff, but i can't, at least not until the product is ready. In the latter case, i'd be at least embarrassed, if not ashamed of the tools.
But I agree, it's slick. It's easy to be an armchair quarterback when it's not my career at stake. With millions or billions of dollars on the line, my ethics might erode much faster than i want to admit. In that case, I'd hope evil jfoutz (or ethically devoid jfoutz) would build such a sophisticated tool.
It reminds me of the VW emissions cheating case:
"Hey, have it detect whether the test cycle is running and emit a signal if true."
'Um... why would the system need to know that?'
"Uh, because we don't want the car to freak out when the wheels are turning but it's not moving."
'Oh ... seems legit.'
"And you -- have it minimize NO2 when it gets this signal. But don't talk to him."
In the Uber case, employees might have been told, "oh we want to offer a special discount to law enforcement" ... though even that seems seedy.
But (per my original comment) I don't see how they can keep the circle small. What do they tell support employees to say when someone reports not being able to get a ride despite all the fake cars around?
Good luck defending the NY Times on that basis.
This is even beyond my position on the paper. You're just typing complete falsehoods and expecting to get away with it now, which is sad.
I mean if you really believe the various transportations administrations are corrupt and that the way to solve it is to temporarily disregard the law, then Uber is probably the place to be
Anyone who uses e.g. the Waze app to evade speedtraps is similarly guilty of "systematically avoiding the law."
Lastly, let me just disclaim that I think Uber is run by assholes and so is the police.
I don't know that any of these apply here, but yes, actively avoiding accountability is often a crime on its own. And correctly so, I'd say. Creating fake accounting records as a hobby would be odd but not immoral. But keeping two sets of books in a real business has no purpose beyond enabling illegal activity.
Regardless, if you have decided that the government doesn't represent the people, it makes your task harder. Unless you're just saying that you can do what you want (which doesn't strike me as much of a moral position) then you have to work to divine what the collective will of your fellow citizens is and honor that.
Uber is a social reform movement organized as a profit-seeking business. Of course the forces of corruption and reaction are going to try to stop it under cover of law.
But if they're a social reform movement, they'd very well disguised. They threaten journalists, exploit workers, engage in a variety of skulduggery, and create such a toxic working environment that they need a former Attorney General to investigate.
I think the more likely case is that they are what they appear to be: greedy, amoral people disguising an attempt to gain a monopoly using the guise of social reform.
For a start, in the U.K. it's illegal to use radar detectors [Edit: this first is apparently false; they publically stated that they were going to, but never changed the law. Other countries apparently do ban them, according to wikipedia.], and people have been given criminal convictions for "Flashing their lights" in order to warn incoming motorists of a speed trap.
I'd be interested in a link to the "flashing lights" case too.
RE: Headlight flashing, I can only find sources from a few years ago - http://www.bbc.co.uk/news/uk-england-humber-12823922 was the one I remember hearing about, but several other instances seem to have taken place; i.e. http://www.telegraph.co.uk/news/uknews/law-and-order/9324722...
Corporate citizens have an obligation to obey the laws of the jurisdictions in which they operate. If they find the laws unacceptable, they should lobby to have them changed.
See: racism and discrimination broadly, segregation, refugees, illegal immigration, unions / union strikes, marijuana, political corruption, cartels, government protected monopolies and so on. There are a vast number of topics that cause people at businesses to be willing to disregard the laws of a given jurisdiction at various points in time (regardless of whether one views the position as being on the moral side or not). It'd be hard to claim that it never makes sense to disobey the law for a business, given just the last century of history in just the developed world, with the plentiful display of wildly irrational or immoral laws that have existed.
We are all better off because uber willfully disregarded these laws and regulations. These laws once had a good reason, but are now still on the books only because incumbents have regulators in their pockets.
As for lobbying to have the laws changed, if you expect startups to be able to lobby in every jurisdiction to get the law changed against incumbents when the regulators often come from the industry the startup is disrupting, then I got a bridge to sell you.
The thing is, we're not. What we've got is a cab company that can offer better and cheaper service than everyone else because it's breaking the law, and it's good at throwing VC money at lawyers to avoid the consequences. What we've got is further damage to the respect for the rule of law and thus to the fabric of civilization, as people see how Uber gets away with illegal activities. Hell, there are many people who are inspired by their antisocial behaviour, and see Uber as an example to follow.
I'd argue that this business is great - it's helping consumers and fixing the world.
One might argue that we are not better off because of this:
The thing is, we're not. What we've got is a business that can offer better and cheaper service than everyone else because it's breaking the law, and it's good at throwing money at lawyers to avoid the consequences. What we've got is further damage to the respect for the rule of law and thus to the fabric of civilization, as people see how this company gets away with illegal activities. Hell, there are many people who are inspired by their antisocial behaviour, and see Uber as an example to follow.
Your argument seems to apply equally well to this case - after all, your argument is not dependent on the law being just or unjust. It completely ignores that point.
Are you willing to follow your argument where it leads? Or do you recognize the flaw in it?
I'd even cut Uber some slack if they weren't so smug about what they're doing. This is just as much about breaking arbitrary laws as it is about how they keep showing that they don't give a shit about society.
> your argument is not dependent on the law being just or unjust. It completely ignores that point.
It does, because in real world, regulations are not uniformly distributed throughout the possibility space. In any working society you can - and should - assume that most laws are there for a reason, and that this reason is just. When that assumption doesn't hold, your country pretty much disintegrates. Hence, going against the law is a special case.
The way I see it, none of Uber's "innovations" actually required illegal actions. They simply don't care, because this way is faster and brings in more money.
As a proof of that I want to point out that many places in Europe managed to implement all those Uber "innovations" some time ago, and it didn't require breaking laws in the way Uber does. Sure, old cab companies were pissed, but things got settled in courts and regulations were updated - just like it should happen in any civilized society.
Ultimately, if Americans want to run their society this way, it's none of my business. I would be happy though, if they stopped exporting their "innovative" methods to countries with working regulatory frameworks.
Note that India also had apps/SMS driven taxi hails - autowale.in started in Pune (my city). But Uber fixed transport and the political situation, whereas autowale.in is just a footnote in history.
In any working society you can - and should - assume that most laws are there for a reason, and that this reason is just. When that assumption doesn't hold, your country pretty much disintegrates. Hence, going against the law is a special case.
Then by your standard, the US and India are not working societies.
Then again, by your standard, it's pretty clear that not all of Europe is working. For example, witness how often French unions and others engage in violent and illegal actions (both assaulting Uber drivers/passengers and others) on a regular basis.
In any case, you seem to be backing away from your original claim and accepting that some laws are unjust and breaking them is ok. Do you argue that American or Indian taxi protectionism laws are just?
"ArmzDealR is providing a great service by eliminating government bureaucracy and providing access to arms that citizens should have. It's good that they help people avoid those onerous registration requirements."
"TraffiKR makes it easy to find cheap labor. There's no paperwork and the workers never complain!"
Are you willing to follow your argument where it leads? Should businesses be allowed to push against any rule at all? Are all laws 'unjust' or are there some laws that are in place to protect public good?
I'm not saying all laws should be broken. I'm saying one must decide whether or not the law is just, and support those who break unjust laws. I see no one even attempting to make the argument that taxi protectionism laws are just. Do you have an argument that they are?
On the surface congestion control seems far easier to implement (especially in a pre-mobile phone context) via restriction of medallions. I don't have arguments one way or the other as to the necessity of congestion control because I've only rarely experienced large cities (NYC, Chicago, London). I believe they are popular for various reasons, but I am not familiar with the arguments for or against.
Determination of liability seems like another obvious reason for a medallion monopoly. Presumably taxis are a higher risk pool for insurance claims, due to the presence of multiple parties. It's unclear to me where the liability falls if an Uber driver is in an accident that mortally wounds a passenger; will their standard insurance (that presumes a certain risk profile) cover the claim? I'm simply not familiar enough to definitely comment, unfortunately.
The latter argument holds more weight with me, but I'm sympathetic to arguments against it.
That being said, it is clear that abusive and overwraught law and regulation invites this impovrishment.
Certainly, there can be laws that are worth breaking. You should be extremely careful before assuming that's the case in any given scenario, and I don't think taxi rules are it, no matter how dysfunctional the USA might be.
Regardless, all laws should be followed. Thats the whole point of society. We agree to follow the laws collectively.
Uber broke a status quo in the state of the transportation industry and we should all be grateful for that. They also became a champion for a certain type of activism that I think a lot of us would like to see more of.
Think carefully before you deny Uber the activist label. Using ethically shady methods to push through social agendas is precisely what activism is. Not everyone falls on the same side of the line, but you can't not call it activism. Labor strikes were considered extremely problematic to many.
As for their activism, this is the flavour we know from dystopian movies about evil corporations disregarding the laws to eke out some profits. In a way, I can't wait for an Uber in biotech sector - maybe a small engineered pandemic is what people need to understand that regulations should not be ignored on a whim by companies seeking profits.
The laws on the books still exist for a good reason. Even if you feel that Uber is somehow exempt/makes good choices with the people it chooses to employ via the platform, does that apply to any other "uber-esque" groups with more lax enforcement?
That's... optimistic. Many laws were put in place to benefit other (incumbent) businesses, or in reaction to conditions that no longer hold, or due to ideas proven false or at least no longer fashionable.
That's not necessarily good reason to break the law (though sometimes it is), but anyone shold feel free to lobby for removal or change of a law.
in other words, thats a terrible argument in support of uber.
To some extent. If the fine is $50 for each infraction, and you have $10bn in the bank, you really don't have to obey the law.
You can lobby to have the law changed and not obey the law (if you are willing to pay any and all fines, while you are lobbying). Uber's use case didn't exist 10+ years ago, and as such, most laws weren't made for that not set up to account for that.
I personally find that to be a valid example of where it's acceptable not to follow the law.
no, you have always have an obligation to. Being obliged doesn't mean you're going to, but you do have an obligation.
> I personally find that to be a valid example of where it's applicable not to follow the law
oh great, now we all get to decide what laws we will or won't follow. is that really the precedent you are arguing for?
The law is generally something that evolves, because the world evolves.
Personally I consider civil disobedience of unjust laws to be acceptable, for either a single person or for an organized group of people (such as Uber).
This works only if it happens on a massive scale. If Uber didn't use this program, it's likely that their civil disobedience would end before it's large enough to get their message out.
The idea that Uber is some civil liberties campaign for improved transportation options rather than a corporation with an unusually aggressive disregard for anyone that gets in their way is rather exploded by the most cursory examination of their actions.
coordinating personal attacks on journalists who criticised them
This was an ethical hypothetical, not a thing that actually happened.
Uber made real bookings and then gave the driver a sales pitch during the ride. All they did was pay their competitors for the right to offer drivers a better deal.
Kind of the opposite of Google/Apple/etc colluding NOT to offer each other's employees a better deal.
You don't have to think taxi medallion laws are particularly rational to find Uber's behaviour in many, many areas indefensible.
I did not make the comparison you seem to be arguing against, namely that Rosa Parks and Uber are equivalent in all possible ways.
only on HN
I disagree that they should lobby to change it. I understand that realistically that is what they will do, but I don't think it's the ethically correct thing.
Laws are in place to benefit all of society, they shouldn't be changed on behalf of specific corporations, regardless of how much money the "donate".
Edit: There is not a fiduciary duty to turn a profit, but there is a fiduciary duty to put the corporation's interests above your personal interests.
And please don't conflate "doesn't support lobbying for XXX" with "doesn't support XXX". They're really orthogonal concepts.
It's like drug dealers using police scanners to determine if the police are nearby.
Obviously that's a dramatic example, but so is the drug dealer example.
If Uber believes that the taxi industry is wrongfully colluding with the government to try to stop Uber from operating, then it's not necessarily wrong for Uber to do whatever it can to continue operating.
That is obviously not true for the extreme example you cited of genocide under fascism, so, I don't think it makes sense to compare the two.
Uber didn't have to have Greyball in the first place. Every driver that got intimidated/assaulted should go to the police. Every time a competitor pulled some shenanigans against Uber, they should sue. And so on and so forth.
This is just smokescreen. It's obvious what the intent was.
Uber can go through the proper legal channels to address the concerns it has.
Let me give you an example here. I think Uber is a bad thing, but there's nothing I can do to oppose them, legally, that is. Should I carry out my own justice, illegally ? You can see that this pattern of thought quickly falls down, because making compromises is actually an important part of living in society.
Once you say "we're not going to follow the law", do you have the moral right to demand it be enforced on other people?
Tax avoidance and laundering of criminal money is a genuine value-add to many an individual's portfolio I don't know why governments around the world want to prevent banks from doing it.
Arthur Andersen did nothing wrong.
Life imitates art.
Is it inherently illegal for a drug dealer to scan for police in the area and close shop if they believe officers are nearby?
It may be...it may also be to avoid the area, for illegitimate (I'm a criminal police are looking for) or legitimate (the local PD is notoriously racist against people of my race, and I want to avoid being hassled) reasons.
The main difference in my view is that Waze is individual people doing this, which we approve of, conversely Uber is a corporation many dislike. In situations like this it's important to acknowledge bias and try to abstract to the general case and reason about that.
That's a valid distinction to make, however given how much development effort companies like Uber and VW invested in their tools, I think those are clear cases of active deferring.
Actively telling all your hooker friends to stay home because the cops are out is not illegal. Nor is it illegal to say "oh hi there officer" before your hooker friend propositions a cop. That's basically what Uber did.
Not only will you find examples of things like courts finding liability if "a newspaper publishes the name of a witness to a crime, thus making it
easier for the criminal to intimidate or kill the witness" (with no intent on the part of the newspaper)  or "a Web site or a newspaper article names a Web site that contains
copyright-infringing material, or describes it in enough detail that readers could quickly find it using a search engine" , there are also examples more directly relevant to this situation. I think references [19, 37, 38, 39, 40] are most relevant.
: "publish[ing] . . .the residence address or telephone number" of various law enforcement employees "with the intent to obstruct justice" is illegal in many states, including California.
 My reading of United States v. Lane, 514 F.2d 22 (9th Cir. 1975) is that advising people not to sell drugs to a person because you heard something interesting on a police scanner is aiding and abetting a conspiracy. The court said the defendant "could not seriously contend that he was discouraging, rather than aiding and abetting, the commission of the crime" in response to his assertion that "he actually advised against it".
: My reading of United States v. Bucher, 375 F.3d 929 (9th Cir. 2004) is that it is walking down a trail to warn a person whom park rangers intend to arrest is interfering with both the rangers and their official duties (and thus illegal).
Seems more akin to developing a system to screen guests at your hotel - which you insist isn't an illegal brothel and is making good faith attempts to uphold the law - to ensure you're only earning "enhanced room service" commissions from people that aren't investigating whether they might be illegal.
Even if that isn't an offence in itself, it still looks like hard evidence against any claims they might make of intent to comply with the law in various other cases being brought against them.
Which could be obstruction.
If the app told them they were banned, it would be closer to your analogy. But, it shows fake cars circling about that never pick you up. It's actively deceiving law enforcement
first, and most important to this discussion, is that it is definitely deceptive especially when you are going to such extremes as documenting burner mobile phones and preventing their use on the pretense of hiding from regulators.
second, and less important for this discussion, but a business has he right to refuse service to any ONE person for whatever legal reason they choose (whether they specify hat reason or not is a different topic). this should not be confused with deniying service to a GROUP of people for whatever reason they want which is discrimination, and is illegal, whether outline in a TOS or not.
Uber built an infrastructure to be able to systematically detect and obstruct officers in all locations they are operating.
Comparing this with saying "hi officer" is a slight understatement.
While in that case, intent would be be very difficult to prove, it's rather obvious if you spend planning time and resources building a software tool with the express purpose to warn you of officers.
1. They have no obligation to law enforcement to make it easy to catch them. They're making it so that it's harder for LE to use their own service against them. Good investigators wouldn't investigate under their real name, or with their police-union-linked credit card, so it only seems fair.
2. Taxi and municipal transport are easy pandering-demographics for local government, creating monopolies. This isn't Uber vs. competitors, or vs. average citizens, this is Uber vs. the cartels. Everyone, in the long-run, benefits.
I would volunteer to work on that project because its whole point is to evade law enforcement. A lot of us (hackers/technologists) take a pretty dim view of arbitrary State regulations and "laws" and are quite happy to work to evade them. Most people who fit the techno-libertarian or cypherpunk mentality would probably feel the same way.
The mindset you're describing is pretty self-centered and ignorant of how societies work. The law is there to reconcile conflicting interest so that people don't start using violence to pursue their goals. Techno-libertarian teenagers should imagine what would happen if some people they disagree with contracted that libertarian spirit.
Announcing two new startups - Uber Biotech and Uber Medicare. Because what could possibly go wrong from arbitrarily avoiding regulations for the sake of profits.
How could she be so self-centered and... adolescent?
Anti-racism != anarchism.
Their opposition wasn't arbitrary; they knew they could provide a better service outside the monopolistic constraints that were already in place. So they fought those battles and because of those battles, everyone gets to experience a much better ride service than the antiquated taxi system.
While your point could stand in theory, could work with a different company, it's Uber we're talking about! Those guys who keep showing, since day one, that they don't give a flying fuck about people beyond the money they get for them! The company painted itself a pretty consistent image over the years, and it's the image of a smart asshole with too much money to spend.
With Uber/Lyft, I can see when they'll arrive. I can plan to do something with that time if the wait is long enough. I can quickly redirect them to where I am if there's a misunderstanding.
Yes, it's more efficient.
I'm an adult; if I want to enter into an agreement to pay someone else to give me a ride and I'm not harming anyone else, then I will. Fuck their stupid arbitrary laws.
As much as you wouldn't like to admit, they've broken through a market that was once monopolized and the cities had zero interest in doing anything about it.
You now have superior car ride services in part for the work they've done in the market. They have raised the bar.
Remember, people are using Uber. Citizens. Voters. They are voting with their dollar for the superior product. The government's role has become obsolete in the transaction.
It's strange how I need to copy and paste my arguments on this thread, like you know Uber was itself astro-turfing HN right now.
> Civil disobedience is the active, professed refusal to obey certain laws
PROFESSED. To twist that on this on its head, and use another sociopath to excuse it is hilarious. But since you ask: no, that's even MORE reason to not accept this bullshit.
Or perhaps she should just move very slowly when it comes to same sex couples, just never can get the work done. She isn't refusing it just never gets done.
Uber uses deception to shield itself from the consequences of its criminal actions and consolidate wealth for itself. I'm assuming you're not trolling, so think long and hard about your own understanding of society the next time you want to compare MLK to an anarcho-capitalist megacorp.
Uber were also being disobedient in order to get better laws for they and everybody else to abide by.
Better yet - their technique pretty much won. There aren't many cities remaining that still attempt to ban ride sharing.
Consider further; how did the narrative of Uber needing to break the law to disrupt (read: try to overthrow) the existing taxi industry morph into excusing their practices as affecting positive social change? Remember, the context of the boycotts during the American civil rights movement was never to "disrupt" southern businesses.
Uber are more interested in operating in a regulated environment, hence all their lobbying and hence why their first hires in new cities are usually government liaison people.
Uber is equally successful in cities where it was initially thought illegal, in cities where it was always legal and in cities where it became legal.
Many other companies have ridden the coattails of the regulatory work that Uber has done.
If they were an "anarcho-capitalistic" business then they simply wouldn't care for the laws anywhere. They'd be operating in Nevada, Austin and in all of these other cities that have since banned them. They would be signing up drivers with no license or background checks. They wouldn't need any government liaison people. They'd do no lobbying, etc. and as bad as they are - they aren't that company (although many want them to be)
First learn about, and then read some commentaries on the functions and history of the three branches of US government. Then learn about how lobbying works, then read about the various rights movements that've occurred in the US.
They're not a monopoly on ridesharing and because of their efforts converting the hearts and minds of consumers and politicians others can do it too like Juno, Tesla, Lyft, etc.
Your statement applies to literally every company that has lobbyists. You need way more than that to present evidence for your claim.
Again, civil disobedience's core mechanism for gaining the support needed to enact the change it publicly and explicitly advocates for is to accept the consequences of breaking the unjust laws.
I think you are describing anarcho-capitalism, not libertarianism.
FWIW, I consider those terms, along with "voluntaryist" and/or "market anarchist" to be approximately synonymous for all practical purposes.
You act as if they don't already. Society works pretty well anyways.
It is fundamentally unfair to have one segment of society (tech workers) have a different set of rules than the rest. Do you disagree?
You know the danger and you're doing it with your eyes open. They probably didn't know, and i'd bet Uber sacrifices a few engineers just like VW did.
They're way less arbitrary than Uber's action, so that's just projection. You want out of the social contract, be my guest.
A broader point is that its 2017; we have a decent grasp of chaos theory. We know that self regulation in chaotic systems takes the form of hard to predict cycles of extreme variation. We know that stabilizing these systems requires external adjustments to parameters; some dampening here, a little increase there, etc. Personally, I've grown to quite enjoy being a part of an economy that has some measure of stability introduced to it.
That's how it becomes OK for a company to facilitate engineering managers to exert pressure where women either agree to have sex with them or suffer career consequences, using corporate institutions to do so.
Hopefully most people around you don't feel that way -- your immaturity will ultimate catch up to you.
Get a grip. Under any reasonable government Uber would be destroyed tomorrow under the same argument as pirate bay or a torrent tracker - it's conductive to illegality.
Also it's disingenuous to call laws "arbitray". Like them or not, many, if not most laws, are the opposite of arbitrary.
If you worked at Uber, would you work on a feature meant to prevent lyft employee from using the app to poach data about car locations and hailing rides to recruit new lyft drivers? That was supposedly the original reason for this.
Plenty of people do work to keep corporate secrets safe.
IE, Anything is on the table here, it seems (an attitude that can foster creativity certainly). For example, in the end game would Uber's enemies fair badly if they caught a ride in Uber's automatic cars? Indeed, the cars might even be seeking out people for "accidents".
There's reason even the most innovative Mafiosos often don't make it to old age.
"Perverting the course of justice is an offence committed when a person prevents justice from being served on him/herself or on another party. In England and Wales it is a common law offence, carrying a maximum sentence of life imprisonment."
"Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsified, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under Title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both"
And we're talk systematically evading regulators world-wide. ianola but my legal-fantasy mind could compose for people facing a millennium in prison. I assume the reality would be a slap on wrist if they company's influence falls.
If I am a prostitute working the streets, and a police officer approaches me to offer me money for sex. But I notice he has police officer boots on, and suspect he is a cop. I then tell him I am not looking to offer any services for money. Is that obstruction of justice?
Perhaps the credit card lookups (or other methods) violated privacy laws, but I don't see how refusing service should count as obstruction of justice.
Actually I find this harder to believe than the engineers knowing full well what the system does and doing it anyway. Personally I would never want to work on a system without knowing the value it provides and how it fits into the larger picture.
Does it say something bad about me that I'd be the one jumping up and down to work on this?
It seems really interesting from an analytical perspective and the malicious side of it would leave me very satisfied if it worked. Morality be damned it'd be satisfying.
But using it at scale with drivers and investors at risk? That's crazy.
In Atlas Shrugged, Ragnar typifies law enforcement as it ought to be (in Rand's view)--engaging those who claim authority but resort to violence instead of productivity as a means of controlling wealth.
Greyball is just the tool they used to keep from getting caught.
The shady part is that they operate in cities were they aren't welcome (by city officials at least, customers and drivers seemed to welcome them with open arms). If Uber operating in Portland is a night burglar, Greyball is his dark clothes and mask.
Using a tool to avoid getting caught is, itself, evidence that one is aware of the impropriety of the action thereby protected.
Many view this kind of awareness as increasing the shadiness of the underlying action.
(And it mostly only applies to acts that, while perceived as shady, wouldn't be perceived as outright evil on their own -- no one thinks that something that is unquestionably murder on its own is more evil because you tried to conceal it , but if you are taking your co-workers' food out of the fridge, the idea that it wasn't intentional wrongdoing is harder to maintain when you're also caught stashing the wrappers in someone else's trash.)
 "No one" is a dramatic exaggeration, of course, and this assumes that the acts done in concealment aren't evil on their own, etc., etc.
Second, privacy has nothing to do with it, this is not an information we talking about, but a service. A bit like dealing weed/prostitution/etc and actively looking if there isn't any cop around.
* even if it is simply by adapting pre existing infrastructure created for a benign purpose
Government have to work that way. If lying to and evading regulation wasn't illegal, no regulation at all would be possible.
Do California public records really make available where specific public employees bank?
I saw an Illinois State Police Federal Credit Union branch recently and really thought to myself... that might be giving away a little more information than I'd be comfortable with if I were a cop. I mean, anyone going to that credit union is pretty likely to be, you know, a police officer. So if a criminal was trying to track down a police officer they had beef with, where would they look? Seems pretty obvious. Seems pretty dangerous.
But presenting deliberately fake information to hinder law enforcement sounds like it's going to be illegal somehow.
Wonder if this one will show up after I log in from home...
At least I think in my case, and it's part of the reason why I don't use Uber today: I had an Uber account for a couple months prior to this incident but never used it. One night, it was about 3a.m. and I had a bit to drink.
A friend gave me a promo code to use, so I could get a discount on my ride home. I put in the code a couple times, but it kept getting rejected. I think I tried this about 3 times, and finally got a message saying my account was blocked or disabled. I gave up and called a cab. I tried to get my account re-instated the next morning, by sending an email from the address I used to create the account in the first place, but got a response from an Uber rep. asking for a copy of my ID! I didn't feel comfortable sending over my ID, especially since it was not required to create the account in the first place and informed the rep as such. The response was: "I completely understand why you are concerned about providing this information. To reactivate your account I do need to verify your identity. If you can cover all but your name, the last four digits and expiration date on your new card, as well as any sensitive information on your ID, that should minimize any security issues".
I'm not sure why it was such a big deal to have that information, but I'm guessing that they wanted to ascertain if I was a hostile or not, but I had a car and wasn't dependent on Uber for survival so... no thanks.
The first six digits identify the issuing institution. Here's a free service for looking up a bank based on that information: https://binbase.com
So (based on the site) they could presumably use that number as part of fraud prevention but not to "identify possible narcs" -- I imagine the CC companies will be livid at this usage.
Companies can store the whole number. That's how on-file payments and automatic subscription renewal payments work.
What you are probably recalling is a PCI rule that requires keeping the credit card number protected, such as storing it encrypted and only letting things that are sending transactions to the credit card network have access to the plaintext. That rule has an exception for the last 4 digits and the first 6 digits.
For example, when your customer support people look up the history of a customer they are helping, if your account info viewing tool shows a list of prior transaction details, it could not show the credit card number used for each transaction, but it could show the first 6 and the last 4 digits.
If you handle CC information, you are subject to security standards auditing (called PCI compliance - like encryption at rest, etc.), but the BIN number and last 4 digits are not considered privileged information.
I'm also not aware of any restrictions on how you want to use the BIN information - for example, merchants often use the BIN number to block prepaid card usage.
Each country implemented a thing called VAT MOSS, and you can register with a country's tax authority to use their VAT MOSS system. You only have to do this in one country. Once a quarter you submit a VAT MOSS form that lists your sales in each EU country and how much VAT you collected. You pay that to the tax authority of the country whose VAT MOSS system you use, and they distribute the appropriate amount to each country.
They don't want it to be trivial for online buyers in high VAT counties to claim they are in some low VAT country, so merchants are not allowed to simply collect the VAT for whatever country the customer picks on the "country" drop down during check out. The merchant is required to have two pieces of non-contradictory evidence to justify their choice of which country's VAT to collect. One can be the country selected by the customer.
What we normally use where I work is the customer's selected country and the country that MaxMind's ip to country database says they are ordering from. If those two agree that's two pieces of non-contradictory evidence and we're done.
That's good enough most of the time but sometimes it fails. In that case I'll lookup the bank that issued their credit card from the BIN. Almost every time that bank turns out to be a bank from the country that the customer claimed to be from, giving two pieces of non-contradictory evidence for that country. Maybe once or twice the bank from the BIN did not match the claimed country but did match the IP country, so I went with that instead.
There have only been a handful of times when that was not good enough, and I had to dive into their past orders, support tickets, and logs of their software contacting our update servers to play detective and try to get enough evidence to justify picking a country.
I'd expect it to depend on the nature of the post-Brexit relationship between the UK and the EU. They will have some sort of treaty or agreement on trade, and that will probably include something about handling taxes.
In the best case they cooperate fully and keep the VAT MOSS system working like it does now. That will result in no change from a VAT reporting and collection point of view.
In the worst case they do not cooperate. The consequences of that depend on where the seller is located.
If the seller is not in the UK and not in the EU, then the result is to approximately double the quarterly paperwork. Instead of reporting to the VAT MOSS system of one country and having it distribute the tax to all the others, they will have to report to one EU country VAT MOSS to deal with all of the EU, and to the UK tax authorities to deal with VAT for UK customers. My guess is that those currently using UK VAT MOSS will most likely switch to Ireland VAT MOSS for their EU VAT, to stick with an English speaking country.
If the seller is in the UK, and not in the EU, then the "do not cooperate" case is not as big an impact. That's because the UK VAT MOSS system cannot be used by UK merchants to report UK VAT. They can only use it to report non-UK VAT. They have to file separate paperwork with the UK tax authorities for UK VAT. So worst case for these sellers is that UK VAT MOSS goes away and they have to register with some EU country's VAT MOSS to deal with EU VAT. After that, they are essentially in the same position they are now: they are still reporting to both the UK tax authority and to a VAT MOSS. All that changes is that they might have to use a different VAT MOSS.
> UK VAT MOSS system cannot be used by UK merchants to report UK VAT. They can only use it to report non-UK VAT
Why is that? Was it a deliberate choice by the UK tax authorities?
My guess would be that it is because each country has its own rules about how VAT works for for things sold to buyers in their country. Each country would like to fully apply its rules to all purchases by its residents, but they recognize that it would be unwieldy and expensive for sellers to have to deal with minutia of the VAT rules of a couple dozen different countries.
VAT MOSS is a compromise that simplifies the rules, so that a seller selling into several foreign EU countries only has to deal with one unified set of rules through the VAT system. Instead of having to know details of the tax law of several countries, the seller only need to know the VAT rate for each. That's much easier to deal with.
I'd guess that they don't apply VAT MOSS to sales by domestic sellers to domestic buyers because they consider their own tax rules superior to the rules under VAT MOSS.
That's not actually true. Vendors usually have to store the entire number (but not the CVV/CVN).
Most of them show you the last 4 numbers to prevent shoulder surfing and accidentally disclosing the number to someone who's taken over your accounts.
This has got to be illegal.
>At least 50 to 60 people inside Uber knew about Greyball, and some had qualms about whether it was ethical or legal. Greyball was approved by Uber’s legal team, headed by Salle Yoo, the general counsel.
I (though not a lawyer) assume their reasoning was: "It's legal to use public sources to identify possible law enforcement agents, it's legal to deny services to them. Seems legit."
(Uber's real argument seems to be "it violates our terms of service for a government official to try to figure out if we're following the law")
a) exempting themselves from specific laws by EULA generally doesn't work,
b) you can block specific people from a service and even police have to leave when told (barring further e.g. probable cause), but police are under no obligation to honor a general "no police" policy.
It's legal, though, to kick someone off a service because you think they're a cop. (e.g. biker bars that kick people out on that basis)
It doesn't seem that different from Cloudflare et al throwing up CAPTCHAs and blocks when I browse through Tor. Uber was trying to prevent abuse. Until someone identifies themselves as a city official or Uber is put on notice that it is under investigation, I think they are well within their rights to do this.
A government official (or anyone, actually) trying to check for compliance with the law isn't doing anything illegal.
Uber may be within their rights because companies usually have wide latitude to refuse doing business with someone, although that will ultimately depend on what kind of violations they were trying to hide, how invasive their stalking of customers was etc.
Morally, though, this is just more of the shady shit that's been coming out day after day. How any investor would be willing to trust them with their money is beyond me. Considering how intransparent their financials are, I wouldn't be surprised if this ends in an Enron-style meltdown.
I don't think we can say "most" Tor traffic "is illegal" . At the very least, we agree that some of it is legal. That means Cloudflare, a private company, is treating users differently based on its interests and its interpretation of the law.
> A government official (or anyone, actually) trying to check for compliance with the law isn't doing anything illegal
They probably aren't. Neither is Uber. They're just treating their users differently based on their interests and interpretation of the law.
Law enforcement has tough-as-nails methods at its disposal. It could subpoena, audit, intercept, sue, et cetera. The downside is those methods come with oversight and transparency requirements.
As Volkswagen discovered, in the United States this is called "criminal conspiracy" and "obstruction of justice."
Night and day. Volkswagen was falsifying data provided to the government at an identified testing facility. Uber is fuzzing data and refusing to provide services to certain customers who have not identified themselves as police, though may be*.
A city official cannot demand entry to private property without a warrant. Furthermore, one can eject someone from your place of business--again, provided they don't have a warrant. To get a warrant, investigators need probable cause. There are good reasons we limit the power of those seeking probable cause.
They also presumably did this not just in the US. Other countries have different interpretations of the extend of sovereignty over property, and maybe if an Uber is considered "private". I know, for example, that the police in Germany can demand entry to night clubs during public events without cause or warrant.
Usually. But I don't believe that is the case here. Uber was public about the fact that they were breaking Portland's taxi rules--they blogged to that extent. Prosecutors had enough evidence to get a subpoena and demand what they wanted. But the cops didn't do that. They chose to collect $5,000 fines from the drivers. That's their prerogative, but that upside comes with a cost.
> Other countries have different interpretations
That might be the case. I am only commenting with reference to American laws and customs.
Is there a legal requirement to make it easy for cops to use your service? Are they a protected class?
If I didn't want to sell donuts to the cops, I sure wouldn't tell them it's because they are cops. I would just be mysteriously out of donuts every time they come in.
As they are entitled to do. Uber saw damaging activity coming from burner phones. They blocked and/or modified the related services.
If the investigators had identified themselves to Uber and then Uber did this, that might be different (though law enforcement is not, for good reasons, a protected class). The investigators chose a quieter path and Uber reacted accordingly.
But when a company profiles people and refuses service based on inconvenient occupations or employers, how can you be sure?
Greyball seems to be a clever tool which attempts to predict the good-ness of potential passengers.
The unethical piece comes in to play with the heuristics injected in to greyball. (kinda makes you wonder if "grey" moniker refers to the ambiguity which comes with the territory of rating people)
First 6 digits of any CC# is the Issuer/Bank Identification Number (BIN/IIN), and anyone can get access to that information.
Here is an online search tool: https://www.bincodes.com