Hacker News new | past | comments | ask | show | jobs | submit login
L.A. temporarily suspends Uber’s permit to rent out electric scooters and bikes (latimes.com)
261 points by ilamont on Nov 4, 2019 | hide | past | favorite | 201 comments

I guess I don't see any way a dockless bike/scooter rental scheme can be compatible with privacy. Their need to know where available bikes are, and to be able to detect thefts makes it hard to imagine they could work without GPS tracking.

And as soon as you know who rented what bike when, and where each bike went, you're going to start knowing customers' homes, workplaces and places of worship.

Although the government and uber knowing this data is less private than uber alone knowing, we all know uber doesn't give a shit about customer privacy. Personally I'd be much more worried about uber having the data in the first place than about the government also having the data.

Would you feel the same way if Uber complied privately and the article read:

"Uber shares real-time rider information with government agency"?

It seems like Uber can't win. If they share information, they're violating the trust and privacy of their riders. If they don't they still don't care about privacy but they're now also flouting regulators.

> It seems like Uber can't win.

Which is fine. They chose to collect the information, and they are facing a bad look following that decision.

Of course, their business model might not work without the collection, but not every business model is guaranteed to look good.

But Uber is offering a service that by its very nature requires that you expose the service provider to information you may wish to keep private. How is this the service provider's fault? It's not like they're going out of their way to add tracking into something that doesn't require it.

Like this is a little nuts, if you buy one of those GPS trackers for your kids you don't get to act shocked when you find out the company has their location records. You get to be angry if they use those records for anything other than providing you service but of course they have them.

If a service "by its very nature" does shady things, maybe that service should not be offered in the first place?

Critcizing users afterwards that they "can't act shocked" for having these things done to them is only playing a blame game.

This is a very daft take.

It's not even remotely shady for a service to inherently involve knowing where you are. That's something that is true of every brick and mortar store, and indeed every cab driver. Yet the government doesn't demand that those businesses provide real-time feeds of information about the movements of their customers, and if the government were to do so and they were to object on privacy grounds, we wouldn't take it to mean that their entire business model is inherently immoral and all shops should cease to exist.

But it's not shady at all. Like these bike companies track the location of the bikes with GPS. Any when you go for a ride on one you are by proxy being tracked with GPS. Like this isn't magic or unexpected. Are you mad that an airlines have your location information while you're on the plane? Are you gonna demand the FAA stop tracking flights for rider privacy?

But nobody actually getting the blame since it would be weird if anyone was actually mad at this. Does anyone seriously believe that using Find My iPhone doesn't allow Apple access to your phone's location for the purposes of showing you where it is?

Renting scooters and necessarily keeping track of them is “shady”? What else is shady?

It's not shady though!

That's the point. If you buy a GPS tracker, for example, by definition it will track your GPS location.

Would you expect a GPS tracker to not track your GPS location? Because that is what you are saying.

> But Uber is offering a service that by its very nature requires that you expose the service provider to information you may wish to keep private.

Uber's ride hailing service, sure. But the same is not true for the scooter and bike services, which have no need for such information.

Huh? They have to know where the scooters and bikes are so they can be collected to be recharged.

Do they need to know where they are at every given moment, and collect data on each customer in association with where they're coming from and where they're going?

No, they just need to know where they are when:

1. They run a collection routine 2. The bike/scooter is low on battery.

There is no info they need in association with the rider's trip. Or at least not, as the GP states, info required "by nature". That perspective is true of ride sharing (the driver needs to know where to pick up and drop off) but false in relation to bikes/scooters (no need to know start/end points, just need to know where the bike is during collection or low battery, and not in association with a rider).

The rider uses an app to find a bike/scooter near them. That requires real-time location data

And also to be rented, if the user doesn't happen to have one in sight.

They need to know where the scooters are but they don't really need to know where the customers are though.

Consider a similar system that would work with coin operated scooters. They can have GPS in the vehicle without constant association with users.

In any cases these two tracking databases, where is each scooter and who is on which scooter, should be separate so they can provide the former to law enforcement without disclosing citizens whereabouts.

How are they going to display the bikes and scooters on a map inside of the app without GPS coordinates?

It seems like privacy issues are inherent to Uber's business model, and there is nothing they can really do to remedy that.

That’s rather defeatist. They could use the data for setting up the ride and then throw it away after the ride is complete. Their app could keep a local record for you that’s not shared with the company. There are a ton of ways they could protect your privacy but they actively choose not to.

Anyone can watch you ride a shared scooter up to your house. That's public information. Privacy only comes into play if the scooter is taken inside your house. You have no legal expectation of privacy on a public street or sidewalk.

No, GPS trackers on cars have in some cases been ruled a search.

I don't need a GPS to watch someone ride a scooter.

You don't, but what the court found was that putting a GPS tracker on someone's vehicle was materially different than having a real person shadow them all day.

Not the OP, but I would feel the same way, yes. My concern about my local government knowing my whereabouts is equal to my concern about the likes of Uber knowing my whereabouts, so if Uber shared this data, it wouldn't really change my behavior in any way.

But I avoid using Uber-anything, in part due to Uber's data collection, so my opinion on this data sharing is probably not that important.

Seems like if Uber is going to use this data for their benefit society should be able to use it to ours as well for planning an infrastructure purposes for example.

The way that society does stuff like this is through government bodies. The real problem here seems like a lack of trust or oversight of government bodies, which creates the impossible situation you identify.

> Seems like if Uber is going to use this data for their benefit society should be able to use it to ours as well for planning an infrastructure purposes for example.

I don't necessarily disagree, but "data used for their benefit" covers all data used by all businesses, from your emails stored by your provider (assuming you don't self-host) to trade secrets, etc.

So either we say the government should be able to access all data from everywhere (except the few that individuals store on their own) for planning purposes and such, or we must define why this data is different from other.

Fair point, I think there's a fundamental difference between the data collection done by a company like Uber or the FANG or whatever and the data that other companies collect in the normal course of business but it's hard for me to think of a good definition for the difference.

There's also the idea that maybe we should have total access to a currently unthinkable amount of data [0]

[0] https://www.wired.com/1996/12/fftransparent/

No one said Uber had to be able to win.

Without GPS or internet: put the bike at a cross road and tell the app (or call center) at which cross road you put it. Every now and then they get serviced, if the bike is not where you put it as the last owner, you pay a fine. That’s how it worked for years in Munich, Germany.

That way the bike doesn’t even need internet. To unlock the bike it generates a code with a key which is on the bike.

I don’t see how GPS prevents theft for small items like a bike. There is a lot of bigger farming machinery stolen despite their GPS.

> if the bike is not where you put it as the last owner, you pay a fine

How do they tell the difference between the last user not returning it, and the bike being stolen with bolt cutters after the last user returned it properly?

The bikes are built in a way that you don’t want to steal them. They drive down that probability in at least two ways:

Quite heavy and their specific number highly visible.

The lock is nearly unbreakable, a bolt which is locked inside the bike frame. I wouldn’t know of a way to crack this physically without demolishing the bike.

It’s much easier to steal any other bike instead.

I guess the main upside is vastly reduced technical infrastructure costs so you can get over a certain small percentage of stolen bikes after reducing this probability enough.

I watched someone dismantle a jump bike lock last week outside my apartment while walking my dog. Considering that and how often I see homeless riding them in sf, I suspect they are more easily stolen than you suggest.

Oh sorry I didn’t mean the jump bikes but the aforementioned DB bikes in Munich: https://duckduckgo.com/?q=call+a+bike+munich

I would be very surprised if someone can dismantle them on the street. But nevertheless if you have another bike right next to it which is worth more, lighter, faster and easier to crack why even bother?

Perhaps the thief would prefer a bike that isn't likely to get stolen.

Maybe you snap a pic of the bike where you parked it and upload it as part of the park/lock/check-in process?

Not sure how they do it exactly, but one possibility is CCTV cameras watching drop-off locations. You can then compare footage at the timestamp it was reported on-location if there's a dispute.

Combine this with a few anti-theft procedures that don't involve GPS / internet (as commonly used by bikeshare programs in various municipalities) and you've got something that might work.

CCTV video files are just a less efficient form of GPS and time stamp logging. JSON from a GPS receiver is more straightforward.

GPS logging, however, contains a bunch of data unrelated to the security of bicycles themselves.

I also don’t understand how mentioning JSON is even relevant in this thread.

It’s to point out that their suggestion of CCTV is really just a type of unstructured logging, and isn’t much better than the structured logging that seems to be going on today.

The point here isn't about structured vs. unstructured logging: it's about addressing the possibility that legitimate users get blamed for theft.

This sort of dispute is probably going to end up in a legal forum at some point. In that case, video footage from a device that's not physically on the bike (and therefore much harder to tamper with) is going to carry much, much, much more weight than GPS traces. Also, you usually know exactly who is supposed to have access to CCTV camera systems / footage, and can therefore have those people make legally binding representations as to their accuracy / fidelity.

(Of course, with regards to this problem, your objective as a service provider is to end up in court as infrequently as possible. You'd be more likely to invest in anti-theft measures so you can get the probability of theft low enough to reasonably write off as part of opex.)

I expect Uber to care a lot about privacy. They’ve burned themselves badly before disrespecting privacy and I assume they’ve improved in that area immensely. Uber’s and their employees’ own interests are aligned with strong data privacy.

The same cannot be said for the government.

I would assume they don't give a damn. I would also assume they will do everything to give the opposite impression.

> I assume they’ve improved in that area immensely.

Why would you assume that without significant reason? This is a company that has, as you said, had problems with privacy.

2015, tracking concerns hit the news. [0]

2017, there's a class action. [1] And FTC auditing. [2]

2018, there's massive fines. [3]

We're in 2019, years on from actual problems being raised, and then being forced to confronted. How are Uber doing on that front?

> By focusing on global hiring, you will have people on the ground in other regions who can better understand the local laws, better understand the culture that drove the laws and how a new law is likely to be enforced, and build better relationships with regulators and other influencers.

Sounds more like they're interested in controlling the laws, not actually improving themselves overall.

(And none of this is to suggest the government is any way a better caretaker - they're worse in almost every way.)

[0] https://www.wired.com/insights/2015/01/uber-privacy-woes-cau...

[1] https://www.theguardian.com/technology/2017/apr/24/uber-hell...

[2] https://www.nytimes.com/2017/08/15/technology/uber-agrees-to...

[3] https://techwireasia.com/2019/08/uber-chief-privacy-officer-...

>I expect Uber to care a lot about privacy.

Uber cares about the confidentiality of their business records. They will continue to not give a single fuck about privacy. There is a difference.

Your ISP have ALL your internet data. Would you be okay if they shared it with the government? Sure they hold it temporarily, but they NEED to hold it to carry their business, even for a short amount of time. The same is true for theses scooters. In the case of the ISP, you trust them to destroy that data once it's moved to the next node, in the case of the scooters, the same can be true.

Thus, either you are fine with the government getting this data, simply because you don't trust Uber, or you are agreeing that the ISP should also share its data with the government in real time.

> as soon as you know who rented what bike

Except, as far as I can see, according to the article, the only required info is start and finish point and journey length.

That's basically all it took to de-anonymise trips for celebrities using the NYC taxi data[1]. There was some poorly anonymized driver information in there but that wasn't used for tracking the celebrities themselves.

[1]: https://gawker.com/the-public-nyc-taxicab-database-that-acci...

Reading your article, that doesn't appear to be a very correct description; The de-anonymization seems to have occurred through two primary aspects:

1. The taxi medallions were extracted due to poor crypto choice (and simple structure of medallion IDs), so you can map from reality -> dataset

2. The celebrities were photographed entering/exiting the taxi, with the medallion captured.

If you broke the link -- the taxi medallion -- you wouldn't have de-anonymized trips. And NYC anonymization process clearly (and correctly) intended for that link to not exist.

That is, start, end and length was not the key motivators in de-anonymization in this case. However, you can still imagine this data is sufficient to de-anonymize when usage is rare (and you've captured either start or end destination), but otherwise, the taxi data is not indicative of anonymization futility but rather implementation failure.

This is not quite incorrect. Some of the NYC taxi re-id demonstrations relied on reversing the hash for medallions, but most have not. In particular, the celebrity tracking did not require the medallion, since each record contains an origin and a destination. The identity of the driver across trips is irrelevant, since it is the passenger who is being tracked. The way this attack worked was to match an origin in the trip dataset to the timestamp on the celebrity photo. This revealed the destination of the trip.

In other cases, no photo is necessary (trips originating or ending at a residential address, linked to another sensitive location such as an abortion clinic).

There is a lot of research available on this topic. "Unique in the Crowd"[1], published in 2013, found that it takes only 4 GPS locations/timestamps to de-anonymize 95% of the population, with no other metadata. With 2 GPS pings, 50% of trips can be de-anonymized.

[1] https://www.nature.com/articles/srep01376

One could certainly design a least authority system for bike rental. Trusted hardware to compute trip length, psuedonymous account system, untraceable payments. Identity or payment escrow in case of theft.

But really, the straightforward way is culturally. Like if there were a general expectation that a company would only use data for an immediate purpose and then delete it, employees confirmed the company culture and processes, their legal terms supported this, and there was a strong privacy law to backstop any bad actors.

But our culture is not there. We've just generally accepted that Uber will act as an attacker, exploiting their surveillance data on us as much as currently possible, storing it indefinitely to do "better" in the future, and turning it over to other third party attackers for "business purposes".

This article draws our attention because we're pretty sure if the city gets access to this data, they'll do the exact same things for their own ends - probably turning it over to the police to integrate with the ANPR data who will pass it to the feds for their own nefarious games.

It's an environment of zero trust with its corresponding high costs, which are becoming more and more apparent as wider society is hit with the implications. This is the true damage that the Surveillance Valley ethos has done, and it's going to take a hell of a long time to recover.

Do you worry about Google having that same data? If you use google maps on a regular basis they know where you live, work, eat, travel, hang out with friends, and which routes you take when.

Google lets you disable location history or limit collection to the last three months. Existing old data can be manually deleted.

I avoid using Google Maps for precisely this reason. I'm less concerned about Uber or a local government having that data, far far less concerned. Uber rates as slightly more concerning than a government, because Uber will likely try to monetize it when/if their current business model fails to deliver profits to Wall Street.

Whereas the government will just share it with private companies and leak it: https://losangeles.cbslocal.com/2019/07/10/data-breach-la-co...

Anyone with a cell phone in their pocket is giving their real time location data to private companies. And I’m very happy that the government can’t just access it without a warrant.

Real talk: you do not and are never going to have privacy if you have a mobile phone. You are carrying a tracking device and feeding data to at least a dozen different companies and government agencies. No mobile app is compatible with privacy because the phone itself disintegrates privacy.

Depends on the granularity of the data. What's wrong with (say) 100m square blocks as spatial granularity, with ride time to the nearest minute or even 5 minutes.

The city should be able to ensure regulatory compliance, while anonymity is preserved.

This would not provide very much privacy protection at all. Almost all trips will be unique with this level of granularity, so it will be easy to de-anonymize. I do privacy research with this type of data and have found numerous sources that used aggregation schemes with similar levels of granularity. In those public datasets, I was able to identify trips moving between a high school and a local planned parenthood, for example. 100m is far smaller than the size of school campus and most buildings.

To address privacy issues, data needs to be aggregated, with trip clusters with less than 5-10 trips dropped. Differential privacy strategies also exist, but dropping groups with low number of user contributions is the easiest solution to implement.

In dense urban areas, there are probably a lot of scooters within a 100m x 100m block.

I think that's the point of the suggestion.

The "point" was to ensure privacy while satisfying the other desiderata of the the system, which includes ability to find a distinct scooter. I was disputing that it met the latter criteria by grouping too many scooters together (Scylla) in its attempt to avoid privacy violation (Charybdis). After all, why not just lump scooters into the east vs west coast?

Though I grant the general point that making the drop-off location more granular could satisfy both criteria, but you would need some kind of varying size to account for scooter density.

If you can count how many scooters are in the system at any time (and how many belong to different providers) then you should be able to enforce your licencing regime.

And if you know roughly where rides are going to / from and when, then that helps you integrate your different types of public transport - for example making sure that when the train arrives there are enough scooters there, or understanding how popular scooter ride paths interact with bike lanes, bus lanes, etc.

Mobile phone cell size is generally a pretty good proxy for population density - modern micro-cell sectors can be pretty small, and 5G will make them even small in urban areas.

(I work on this sort of stuff for a major engineering data science and asset management group in the UK).

> which includes ability to find a distinct scooter

I understand why a company needs to find a distinct schooter, but why does the city need the ability to find a distinct scooter?

> I guess I don't see any way a dockless bike/scooter rental scheme can be compatible with privacy. Their need to know where available bikes are, and to be able to detect thefts makes it hard to imagine they could work without GPS tracking.

I fail to understand why it's an issue if the government has this data but people are okay with Uber having it. Surely trusting the government is a more reasonable policy?

Uber doesn’t have a gigantic State apparatus with both a vested interest in and the ability to use violence to enforce it’s will on me.

By your logic, it would be more reasonable to require that Google be barred from all data sent over email, but require that copies get sent to the NSA. Similarly, AT&T should be required to not collect any phone records, but also be mandated to provide a copy of every single call to the FBI.

> Uber doesn’t have a gigantic State apparatus with both a vested interest in and the ability to use violence to enforce it’s will on me.

Uber falls under the jurisdiction of a gigantic State apparatus with both a vested interest in and the ability to use violence to enforce it’s will on you. Being a good corporate citizen, Uber would dutifully hand over your data to said government when asked. This is a distinction without a difference.

Also, the above article itself shows some empirical data that Uber will not, in fact, just hand over my data when asked.

Note that I don’t think they do this out of the goodness of the hearts or altruism, but rather that they’ve done the calculus and determined that giving this data to the government would cost them enough ill will and loss of revenue to make it not worthwhile. Uber, unlike a government, has to answer to the market, and thus its every consumer’s duty to punish those who would sell our liberties.

> Also, the above article itself shows some empirical data that Uber will not, in fact, just hand over my data when asked.

And even when they are threatened with (and now ultimately face) a shutdown that will cost them downtime in presumably a very profitable market.

That's because the US government is still fundamentally democratic and follows the rule of law. Such a government might also treat your data with some due process. A government that's willing to use force to arbitrarily enforce its will is also one that would do the same to Uber and its executives. In that environment Uber would not resist.

But right now, Uber is resisting, right?

And at the same time, the government is doing bad things with your data.

This should be the top comment. Well said.

Explain how it is legal for Uber to send a team of armed men to kick down my door at 3am and forcibly confine me to a cell.

This weird paranoia about the government acting with no consequence seems to never extend to 2nd or 3rd layer thinking. If the government could send a team of armed me to kick down your door at 3am and forcibly confine you to a cell with no due process, they could do the same to the CEO of Uber to get your information in the first place. Having a layer of indirection in the form of a private company is little-to-no protection against a despotic regime. It only works if the government is still following the rule of law themselves.

the point is: - the government would be knocking down the door of a CEO who may not necessarily have the type of data they're looking for. - the government would have to go through a ton of effort to get anything they needed, rather than having it all up front to begin with. - no data should be given up freely without direct, fair consent (no matter who demands it)

It makes perfect sense in a cynical way - the government would face way more backlash if they went after the CEO of Uber as opposed to a probable nobody like you in the sense that "you are unlikely to cause major consequences which threaten their aparatus of power".

If they made a habit of doing that without a serious trail of justification under the law capital flight would be historic - damaging their income and GDP/the source of economic power, and damaging stability. It isn't even anything overtly sinister - just sensing that given the peril it is time to get the hell out of there.

And that is without lobbying and soft power aren't available.

Before you worry about the legality of Uber's Maximum Customer Satisfaction Response Team, you'll have to provide evidence that something being against the law has ever stopped Uber from attempting it.

> Surely trusting the government is a more reasonable policy?

Looks like you have not really read about what governments do to their people when it's convenient for them to do so. Current examples: check China. Of course the US is not China, but that should be an ample warning enough that trusting government with data + power is a bad combination.

"China" (as in the CCP) does not, in fact, have the data. They're leveraging a network of mostly-private companies to do the dirty work for them. So there's really no difference. If the US government became a dictatorship tomorrow, all the data collected by US private companies would end up in the government's hands. Neither private companies nor government entities can be trusted, and the only right answer is to demand that the data is not collected in the first place.

> "China" (as in the CCP) does not, in fact, have the data. They're leveraging a network of mostly-private companies to do the dirty work for them

The difference is that the CCP has every right to shut down businesses and they make the Law directly. No provisions can be made by external parties, there is no separation of power. So in practice all companies work in accordance with the CCP and will bend to their requests. In the US there are still companies which can and do refuse the federal government's requests to provide data without sufficient reason.

Your point seems to hinge on: IF the US became as bad as the CCP, it would force companies to hand over all their data anyways.

But a government like the US isn't a singular entity. There are all sorts of good, bad, and neutral actors within it. If you hand the government your data now those bad actors can abuse it now, rather than some hypothetical future where the US becomes an extreme authoritarian dictatorship.

>Surely trusting the government is a more reasonable policy?

Somebody clearly didn't learn anything about history..

History tells us that large corporations are not actually any better (and in many ways are worse) than governments when it comes to this sort of stuff.

The core issue is that ridership data is a key piece the cities need to craft a tax on ride-sharing, and to tailor the tax to help their financially challenged public transit entities. Uber knows that if they give up scooter use data the city will immediately request it for ride sharing as well. The privacy question conveniently aligns with Uber’s position, but I doubt that this is Uber’s core concern vs avoiding every major city banging on the rideshare piñata to fund the gigantic debt service payments and generous benefit programs for their underutilized public transit systems.

You are talking about the city that has half its space dedicated to free street parking and a bunch of highways cutting through it as if it's some sort of modern mobility policy paragon just trying to correctly price out externalities.

No, whatever Ubers goal in not doing this, I'm sure the motivations of local L.A. politicians are forever more twisted. These people wouldn't know public transport if a bus ran them over. Which is unlikely to happen, given their average speed of 9 mph.

1.2 million ride LA metro a day.

And many many many more don't. It's the second largest city in the US.

You have the dynamic correct but the values backwards. Cities are defined by their physical and social density and their long-term investments in physical capital. Uber lacks a sustainable business model. Transportation within a city features many "natural" monopolies (i.e. train tracks), and the promise of an emergent overarching monopoly: providing one-App entry into multi-modal transportation. If Uber can capture those monopoly rents it has a chance to survive as a permanent parasite. If it doesn't, it's doomed.

> Transportation within a city features many "natural" monopolies (i.e. train tracks), and the promise of an emergent overarching monopoly: providing one-App entry into multi-modal transportation.

I don't understand what you are saying here, can you elaborate? What are you saying about Uber / monopolistic rideshare companies?

Related, I don't understand why cities/governments allow Uber to exist considering the reality that, as you point out, "Uber lacks a sustainable business model". Is it not transparent to all relevant parties that Uber could not and cannot maintain the price it has set to gain market share, and that down the line it had a clear goal of building monopolistic market share in order to effectively price fix against the interest of the consumers? I don't know enough to reflect on public transport and taxi companies of old, but how did we get to present day without consumer protection regulations sorting things out?

I see parallels with Amazon, and I have the same questions. Why are they entertained in this destruction of local economies by the entities which should protect those economies (in the US, local and state gov)?

I wonder if Barnes and Nobel's effect destruction of local book stores had a period of growth with lower prices then settled down and raised prices? If so, is this not against the interest of the consumer? If not, well I'm not sure. Maybe Barnes and Nobel is not comparable to these internet based companies.

As I understand it they are predicting that a single app will come to be used for all public transit in a major city or on a larger level. If Uber is able to play a role in this project they can have a income stream that doesn't require heavy subsidization. Without that they will at some point fail as they require more input value then output value is produced.

> The core issue is that ridership data is a key piece the cities need to craft a tax on ride-sharing,

Can you explain how the real time data can be used for that and why not some aggregated anonymized data, or data gathered by the government observation themselves?

I can't really tell your opinion, so I guess this is for other readers: the government can be entitled to regulate an activity but at the same time not be entitled to any means of actually enforcing that regulation. A prime example is anti-sodomy laws.†

In the earlier US laws would be enforcement tested and disposed of if they were intractable to actually implement; unfortunately now it seems like laws are made, and a regression of rights is accepted so that the laws may be enforced. The intent of the constitution was the exact opposite.

† You can argue private sexual relations (in general) are not an appropriate target of regulation and you would be right. However accepting this argument in every case means many things can not be regulated. Perhaps this was the original intent.

Can someone downvoting this person's post explain why?

At some point it looked like people were following my account and downvoting it. Everything I'd post would get to -2 or so. I think it stopped?

Apparently some twitter uses do not like HN, it is/was not just myself, someone else told me about it.

I believe that Uber and Lyft already share data for car rides with the city of LA.

Edit: I've been trying to find a source and can't, so that may not be true. They only share detailed data with a few places, like NYC. LA only gets data on regular taxi rides, and it isn't realtime.

The collection in LA does include some car services, although not necessarily ride share yet. The collection protocol is designed for multimodal surveillance beyond scooters.

Headline misleads, L.A. intends to suspend Jump, an Uber subsidary. They have time to appeal until Friday.

Yeah, I was picturing the chaos if the UBER app suddenly stopped working all of a sudden.

But apparently it’s Uber who wants to sue the city.

In case folks are curious about the underlying technical details, LADOT along with the Open Mobility Foundation (OMF) built the Mobility Data Specification (MDS) which are "RESTful APIs used to specify the digital relationship between mobility as a service Providers and the Agencies that regulate them."

API Spec: https://github.com/CityOfLosAngeles/mobility-data-specificat...

Uber, as they do, is refusing to comply with laws/provide data that would enable local governments to actually regulate them. As I understand it, the pilot phase was for Bikes/Scooters, but the intention is to require use of similar APIs by car based rideshare companies in the future. Which explains some of Uber's resistance despite this only currently covering JUMP Bike Share.

There's a number of other cities (NYC, Miami, Philly, SF, SJ, SEA, etc) involved with OMF/MDS. LADOT is one of the first implementations but they aren't doing it all in house. Much of the design/development of the mobility API spec and open source implementation[2] has been contracted out to Lacuna.ai (via Ellis & Associates, a wholly owned subsidiary)[3].

[2]: https://github.com/CityOfLosAngeles/mds-core

[3]: http://clkrep.lacity.org/onlinecontracts/2019/C-130956_c_7-2...

Of all the public-goods usurped for private profit companies recently, I find the scooters to be the most intrusive.

Scooters on sidewalks are dangerous and should be banned.

We have explicit laws against skateboarding and riding bicycles on sidewalks in most communities. For bicyclists in San Francisco: "It’s illegal to ride on the sidewalk if you are over the age of 13. (SF Transportation Code Sec. 7.2.12)" https://sfbike.org/resources/bicycle-law/rules-of-the-road/

Yet, everyday you can find scooters on sidewalks wherever scooters are available. Toddlers use sidewalks - they walk in a random walk. Hearing impaired, sight-impaired, mobility-impaired people use sidewalks. Seniors use sidewalks. These people do not expect 180lb adults riding at 5 to 10mph right in their face. The kinetic energy and momentum at 10mph of an adult is considerable.

Falls for anybody can lead to bone fractures. Even more so for seniors. Hip fractures in particular can be fatal for seniors. https://medicalxpress.com/news/2018-06-hip-fractures-elderly...

Scooters should not be allowed on sidewalks.

Requiring scooters to ride in bike lanes seems an easy, obvious fix.

And, objectively, someone riding in a car is far more of a threat to pedestrian lives than someone riding on a scooter, even on the sidewalk. People traveling by scooters instead of cars is better in every way. Seems like a mistake to demonize scooters.

It's telling that we are so desensitized to how cars destroy our experience as a pedestrian that we barely notice it in comparison to someone leaving their scooter on the sidewalk.

Now do cars.

Cars are already banned on sidewalks.

But seriously, I think modern car culture is deeply flawed on multiple dimensions. I would personally love to live in a car-free city with dedicated lanes for bikes, scooters and pedestrians along with their commensurate safety rules and regulations.

Currently, we're rapidly adding motorized vehicles where pedestrians have a historical expectation of safety. There are no lanes on a sidewalk. There are no passing zones. There are no turn signals. You can back up and reverse and will. You can cluster. You can linger. You can photograph buildings. You can walk briskly. You can stop suddenly realizing you left your phone at home, do a 180 and walk-run home. It would be impossible to enumerate all the ways sidewalks are used.

It is fundamentally impossible to resolve the safety expectations of pedestrians with scooters. Pedestrians were there first and will always be there.

Cars aren’t allowed to drive down sidewalks in any jurisdictions I’m aware of.

Right, because they have multiple dedicated lanes that are designed to drive in. Bikes and scooters don’t have the same luxury, so they have to choose between risking getting killed by riding among cars, or riding on the sidewalk. The solution is obviously to build safe infrastructure for scooters.

Also, cars (illegally) driving and parking on the sidewalk is a huge problem in NYC: https://mobile.twitter.com/davecoion/status/1118969565449469...

A similar argument could be made for banning running on sidewalks. In fact a runner could exceed the maximum electric speed of these scooters.

It is ultimately up to the rider to assure safe operating regardless of mode of transport (feed, skateboard, scooter, etc).

The fact that skateboards were widely banned due to a moral panic (largely around culture, not safety), isn't in itself a very strong argument since I'd point out that that ban lacks good justification within itself.

I might agree more if there were safe cycle paths that skateboarders, scooter users, and similar could use but there aren't. Their choices are the sidewalk, where there's a risk of minor injury or the street where there's a risk of death.

For now, the sidewalk is the "least bad" alternative until a better one is built.

Runners and scooter riders are not the same thing at all.

Runners, and specifically regular runners, are by definition self-trained to hit both higher speeds and frequency of runs. The average adult just can't get up and run at 10mph for 10 minutes without training. The average adult probably couldn't do 6mph for 2 minutes. Yet this same average adult, without training, can get on a scooter and move at 5-10mph down a sidewalk.

Second, runners do not run everyday, multiple times for every trip and errand. You can grab a scooter for lunch, for an errand, etc multiple times a day.

Scooter trips are more frequent, done by everyday people and should be banned on sidewalks.

Lastly, it is not the job of pedestrians to accommodate scooters because there is no better alternative yet. That is not how laws and regulations work.

> Scooter trips are more frequent, done by everyday people and should be banned on sidewalks.

Someone should do a cost benefit analysis of danger to pedestrians from the level of cars on the road due to air pollution compared to the reduced harm from cars but increase in risk from scooters.

Having cars drive by is non-0, exposure to break dust and car exhaust are known to case long term irreversible health effects, is there a crossover where a certain % of people getting hit by a scooter at 10mph is a net benefit if there is a large enough reduction in vehicle traffic?

Of course tire particles still exist from some scooters, but the tire types are different and I also wonder what the rate of tire dust from the tires scooters use, and what the exposure impact is there.

We tend to fear the immediate dangers we can see, but not bother doing the math on long term consequences.

> Runners and scooter riders are not the same thing at all.

Wasn't something that was claimed. It was an analogy to show the absurdity of your argument.

> Second, runners do not run everyday, multiple times for every trip and errand. You can grab a scooter for lunch, for an errand, etc multiple times a day.

Above you argued speed was the core problem, now it is frequency? You said a post ago that anything on the footpath going "5 to 10mph" is dangerous due to "the kinetic energy and momentum at 10mph of an adult is considerable." Why is that suddenly safer when it is less frequent? You said it could "lead to bone fractures." Bone fractures are fine when runners do it but not scooter users..? Seems like you've forgotten the argument you were making above.

> Lastly, it is not the job of pedestrians to accommodate scooters

Wasn't something that was claimed.

A similar argument could be made for banning running on sidewalks

When there's a rash of people being hurt by inattentive runners smacking into them, that will be addressed, too.

So why the double standard for scooters and skateboards? Aside from scooter users injuring themselves, there hasn't been a significant problem and yet we're discussing a ban.

Has there been a rash of scooter riders running into people?

I can't speak for Los Angeles, but in some cities, yes.

The thing is, these scooter APIs are getting reverse engineered pretty often. (I contribute to a github repo[0])

So Uber can’t really hide the data if they’re in noncompliance.

St Louis has this clause written in their scooter legislation that a certain number of scooters must be in certain regions for the purpose of equity. I’ll tell you it’s a damn lie as far as the data is concerned. No one seems to care though. It was written in so politicians could advertise it as a good thing, but they refuse to enforce it because of the little revenue or attention the scooters bring. I don’t really care where they put the scooters, but it still pisses me off both that scooter companies are seemingly above the law and that some politicians are lazy cheats.

[0] https://github.com/ubahnverleih/WoBike

No one seems to care though

Strange that Saint Louis chooses not to enforce these equity rules. Chicago fined seven companies for not spreading their scooters around properly.


WoBike is great, and I've contributed to that repo too, but that data is quite different from data in question in this article. Unless I'm mistaken, most of the reverse engineered APIs (and public ones in municipalities that mandate them) are for _available_ scooters. This article is about scooter location while it's being ridden around by a renter.

In the linked article, which I'm assuming this refers to:

> The city will require companies to share information on the start point, end point and travel time of each bike or scooter trip within 24 hours after it ends, and whether the vehicle entered zones where riding or parking are restricted.

I know for at least all of the scooters I've tracked, you can identify each scooter by a unique ID. Assuming you pull your data on a minute-by-minute basis, you can retrace the start and end of a scooter ride.

For example, Scooter 123 is available at x,y at 12:05, It's not available from 12:06 to 12:15. It becomes available at 12:16 at x,y. The ride was approximately 11 minutes and started and ended at those two points.

I don't think the city wants real-time data, and frankly I don't think these companies would be willing or even capable of producing it.

Wanted to say thanks for WoBike. I use it in a crown job to monitor the local bike pool's (pityful) offering.

> data are necessary to figure out which companies are flouting the permit program’s rules

Sending all ride data seems excessive. A few photographs taken by city officials showing scooters in wrong places should do the trick.

There's a cap on number of scooters and bikes each company can deploy. That's what LA is trying to enforce by asking for data.


"Los Angeles officials have said the data are necessary to figure out which companies are flouting the permit program’s rules, including caps on the number of vehicles and bans on riding in certain areas. They have also argued that the companies cannot be trusted to regulate themselves."

Require hard to counterfeit licensing stickers for each vehicle that need to be re-applied to each scooter yearly. Sell a limited number of numbered stickers. If you find a vehicle without a sticker, you know they aren't following the requirements.

To prevent sticker tampering, stickers can be placed behind a transparent piece of tempered glass or forego stickers entirely and use bolted on metal plaques.

If you present a problem to a government official that can be solved in a simple fashion or by a complex scheme that also grants them more power, they will go for the power every single time.

From their perspective, it’s just a bonus that they can cloud it in the sophistry of “its for public safety”.

This is preposterous. Imagine government requiring any business to delivery real time data on customer behavior, from doctors to restaurants, Walmart to dispensaries.

The Fourth Amendment of the US Constitution is about privacy FROM GOVERNMENT INTRUSION, which is precisely what this is, an intrusive act on the part of government.

Why don't they devote their time and effort to actually fixing the crumbling infrastructure here? It's a joke. There are third world countries that have better streets and highways than we have in certain parts of Los Angeles.

From the article: > Companies are required to transmit real-time data on all trips made within the city, including the start point, end point and travel time.

From your comment: > real time data on customer behavior

If the article is to be trusted (I have no other sources) then this analogy is inaccurate. The city, by this reporting is not asking for customer behavior, its asking for scooter location, and for that matter, not even the route of the ride.

It's worth noting that each of your examples are of industries or professions that have large bureaucracies and are heavily regulated. I'm sure pharmacies share data about what's being bought and sold with regulatory agencies, and I don't think any of us would want that to not be the case. Otherwise how and why would you trust any drug to be what the label says it is.

How could the CDC identify causes of outbreaks if doctors didn't share health information with them? Of course privacy is a huge issue which is pervasive in all of this, but to consider a regulation of shady rideshare companies preposterous is missing a lot of the reality of government.

I'm not for any side in this story, but I am especially uncomfortable with the fierce defense of the rideshare companies in this thread.

I am not sure it is a fierce defense of rideshare companies as much as it is about opposition to government overreach and the proverbial slippery slope. They don't need real time scooter data any more than they need real time car data.

I mean, one could make an argument for the utility of a transponder on every vehicle on the highway to use this data to gain an understanding of flow patterns with the aim of improving traffic flow, laws, efficiency, etc.

Frankly, having had the pleasure of driving the 405 for several years as part of a 50 mile commute (each way) I could see the potential benefit of having this data so long as it is used in a determined effort to improve traffic flow. Our traffic rules and laws are a mess.

The problem is that this kind of thing expands the surveillance state. I am, by no means, a conspiracy theorist, but I have also had "interesting" experiences in other countries where the state and law enforcement are far less constrained than they are here. These rights are precious and must be defended.

Yes, sometimes opposition can seem --or even is-- petty. Before we know it we have eroded our freedom by a thousand little petty things that collectively take out big chunks before we are able to realize what we've done.

Fourth amendment deals with "unreasonable" search and seizure. It could be argued that municipalities requesting data on usage of infrastructure they must maintain, fund and plan for is not unreasonable.

By that metric, requiring that all cars report their location live to the municipal government would be OK - after all, that car is using the roads they maintain. For that matter, why limit it to cars? Require that every citizen report their GPS location 24/7 - if you're out of the house you're using their roads or sidewalks, and if you're in the house you're using city water/power/sewer.

Indeed, I don't entirely disagree.

If you consider yourself to be a free person, almost everything government wants to know about you falls under the category of unreasonable.

If people are free, government is entitled to knowing very little about them. Their function isn't to keep tabs on us, to keep a database of every single action we take. That is NOT what they are elected to do.

Freedom is a very fragile construct. If we don't hold our government to the bounds they are supposed to occupy what is at risk is, without a doubt, freedom, by a thousand cuts.

Corporations and corporate properties are not people and do not have a right to privacy--that's for real people.

Corporations don't ride scooters, at least not in Los Angeles.

Don't taxi, bus, and trucking companies do this? I always thought any public transit actor had to do this to provide data to be used by DoT for traffic engineering. Like I know that traffic engineers tweak limits of public transport asset density as part of planning traffic flows.

I may be wrong, but I'm pretty sure this is just Uber getting rolled into the infrastructure they should have been participating in anyway.

I'm not terribly thrilled about the implications; but it's also not surprising at all that a transit service provider would have to guarantee to a locality that they can locate their assets.

> it's also not surprising at all that a transit service provider would have to guarantee to a locality that they can locate their assets.

That requirement can easily be met by occasional random spot checks a few times a month. There's no need for realtime reporting.

Public transit exposes everyone's full routes, anyway.

Metrocards can lead back to the payment card used for the purchase, and buses (which also record passenger ingress/egress) can remember all swiped Metrocards.

Why GPS? Why not low tech transponders? They're precise enough to help you locate a scooter but too imprecise for navigation or tracking the exact path someone took. Especially if they don't ping frequently.

Partly because some cities have no-ride zones where scooters and bikes are banned outright or supposed to be speed limited.

The boardwalks in some CA cities fall into this category. You can ride in the street parallel at whatever speed you want. But on the boardwalk, you're capped at X mph (usually <10mph, if I'm remembering correctly).

Yes, the city could just use traffic enforcement to issue tickets. But, I'm inclined to have software enforcement and not hire more traffic cops.

> But, I'm inclined to have software enforcement and not hire more traffic cops.

I can contest what a police officer is claiming in a court. With automated systems? Good luck.

If society wants to enforce traffic laws, it should hire more cops, not hackable AI blackboxes.

The software doesn't issue you a ticket, so there's nothing to contest. It simple slows the scooter down in the restricted zone. And if the software is wrong, you stop using the system, and move to a vendor that makes it work.

Anyway, not claiming this is ideal. Just sounds (without much thought) like a better solution than traffic cops.

Maybe if we're going to go down this route, we should have these systems in our cars, too.

No one wants to go there because freedom but I (reluctantly) agree. There might be safety considerations, too, but I'm guessing they are mostly edge case type issues

There are massive safety implications.

We expect pressing the gas pedal to have a predictable outcome.

Subverting this expectation is potentially quite dangerous.

Consider that someone might temporarily exceed the speed limit while passing, legally, in the oncoming traffic lane. Then this system kicks in, they can't pass, and get hit by oncoming traffic because they're pinned by the car they tried to pass.

Can you legally exceed the speed limit to pass? I don't believe you can (at least not in most locales).

Ok, but why does a scooter have to send any position data out to accomplish this?

Why couldn't a scooter just figure out its own position and limit its own speed if it's on a boardwalk?

The scooter could figure it out without an internet connection and sending location data back to the mothership. The OP asked why they had GPS at all - I was responding to that.

And I mostly agree. In an ideal world, Jump/Bird/etc wouldn't need a constant stream of data to locate their scooters. But, I don't see them getting away from at least having real-time data when a scooter is parked, for service/charging and theft prevention/recovery.

Uber doesn't really have a leg to stand on. Cities use traffic data to determine things like traffic light synchronisation, where to build or expand roads, speed limits, etc...

In this case, they're allowing electric personal vehicles on city sidewalks, information would be useful to determine if they should create bike lanes, change traffic signal patterns, etc... Not to mention, at the end of the day, cities do have control over what drives where, how fast, etc...

The general conversation of the comments here is confusing.

> Companies are required to transmit real-time data on all trips made within the city, including the start point, end point and travel time.

This is not "real-time rider information" as mentioned by many comments, this is 'real-time scooter information'.

> Uber has resisted the rule for months, arguing, with the backing of several data privacy organizations, that the city’s policy constitutes government surveillance. With minimal analysis, they say, the information could easily reveal where people live, work, socialize or worship.

I don't understand. The city should know where you live, you pay taxes and utilities and I'm sure there is a whole mess of bureaucracy that knows where individual names live for different reasons. Are we worried about specific elements within the bureaucracy knowing certain information? Is this information only accessible by monitoring scooters and not available to said entity by getting it through other means (school district zoning and so on)?

> Los Angeles officials have said the data are necessary to figure out which companies are flouting the permit program’s rules, including caps on the number of vehicles and bans on riding in certain areas. They have also argued that the companies cannot be trusted to regulate themselves.

This makes sense, no one would expect a regulation with no ability for the enforcing agent to monitor to be followed.

> Companies such as Uber “generate and collect massive amounts of personal and financial data,” while the city “does not collect information specific to individual riders beyond trip information,” said Marcel Porras, the Transportation Department’s chief sustainability officer, in a letter to Uber last week.

Yeah, that's pretty much what I expect from this situation, the whole dog and pony show that these rideshare companies put on seems like a farce.

I'm not happy with municipalities for a whole load of reasons, LA especially has an awful history in many domains. But there is no world in which I trust these rideshare companies MORE than I trust municipalities.

EDIT: I should add I'm sad that Uber(Jump) get to redefine the data privacy debate via their spokesperson and this journalist. I don't blame the writer, but it is absurd to validate claims like my second except above. I think this is gaslighting? If not, then related. Some PR moves to seed public expectation in this matter. They are implicitly defining this issue as something that is fundamentally different when the data is stored and collected by a corporation (them) to be sold and used however they desire vs utilization by entities in the public sector. I am happy to point people to a fantastic conversation on the "two" definitions of data privacy here:


> Uber has resisted the rule for months, arguing, with the backing of several data privacy organizations, that the city’s policy constitutes government surveillance. With minimal analysis, they say, the information could easily reveal where people live, work, socialize or worship.

I actually laughed out loud when I read this. Incredible that these companies have the audacity to take that stance.

"It is only we, the technocratic elite, that should be allowed to know where people live, work, socialize or worship, and to use that information to extract even more data and even more profit from these people. The city government should sweep the streets and mind its own business."

I’m confused that HN is suddenly enthralled with giving real time location data to the government. There was actually a recent Supreme Court case that extended Fourth Amendment protections to such data.

If that were the case:

> enthralled with giving real time location data to the government

Then I would completely agree with you, but as I point out in the first except of my original comment, this IS NOT the case. Maybe the reporting is wrong, and therefore I'm wrong, but I'm frustrated by the general consensus in this thread being what you just wrote. That is not the situation. And similarly, I'm frustrated by the implicit defense of ride share companies here. As I end my original comment, I distrust both municipalities and these ride share companies. I'm not enthralled by anything here.

If you read my comment as being "enthralled with giving real time location data to the government", I would encourage you to read it again.

I was merely pointing out the irony and hypocrisy of a company like Uber, for god's sake, trying to dodge regulation by crying privacy.

haha! This is exactly what my EDIT addresses, I found your comment after updating. I completely agree.

Uber doesn't really have a say though, right? If the law says they need to provide the data, they need to provide the data.

Feels like the buried lede is that all the other companies already sold out all the private information of their riders.

This article is positioned like Uber / Jump can argue the matter and/or have leverage. Additional comments here act like Uber should be able to operate as they want. They do not and cannot. In order to operate legally as a business in a locality, you have to obey the law. If that law is sharing your data, you've gotta figure out a way to do that, or not operate.

Figure out a privacy notice for your LA Riders and add it to your EULA - lord knows they've done this for less worthwhile purposes before. In this case, this is about sharing competitive information with the city that others might see. This is not a choice. Any language of upset from the company seems like hyperbole and not to be taken seriously.

If you think this is crazy, I'd ask you to take a look at liquor boards throughout the US. This data sharing agreement seems paltry to comply with by comparison.

I’ve never heard of a liquor board that required stores to deliver to the government a real time feed of who’s buying what liquor. If such a policy were created, and BevMo announced they refuse to comply, I’d be fully in support of that despite my normal concerns about companies ignoring regulations.

It’s not about the general principle here. If Uber’s claim about deanonymization is accurate, this specific policy is PRISM level bad.

Agreed, and I don’t necessarily agree with the real-time requirement as the best way to regulate. That said, while the data providing burden is certainly more than the liquor store must provide, it doesn’t seem like they’ve delayed permitting for months, requiring public notice, checking to ensure named individuals are at work, etc (not to mention some of the graft that has been associated with liquor licenses in other cities).

They have a data requirement. It is not new, the company is not responding. Don’t they already do this with ride data from Uber?

EDIT: Looks like they don't do this for rides yet, and may be using this as a trial balloon for greater data access? (based on this article from May, if accurate?) https://www.cnn.com/2019/05/23/tech/uber-lyft-cities-data/in...

EDIT2: DC has been doing this with car / ride-sharing agencies for awhile but I don't believe it's published. Not sure of the status of SharedStreets: https://www.wired.com/story/uber-nacto-data-sharing/

Uber appears to be claiming some kind of procedural issues happened here. They mentioned an "eleventh-hour administrative review process" in the article, although I don't have time right now to dig in and find more details on what they're talking about.

Yeah - checking on the overall policies for LADOT as well and their data API but only so deep you can go when it’s not your day job haha. Appreciate the discussion!

Is Uber a Retail Store? Does the Store leave their merchandise all over the neighborhood with GPS micro controllers on them?

This analogy is absurd.

As municipalities get more technically advanced, why shouldn't they have access to the same type of data or where these scooters are? How hard is it to open up an API?

This seems to be, how dare citizens impose a cost of doing business in their neighborhoods!

> why shouldn't they have access to the same type of data or where these scooters are? How hard is it to open up an API?

They don't have the right to know where I go.

You as an individual I agree; there should be no disclosure of customers themselves. However, I do think the city deserves to know in real time where all the 30 pound lithium ion battery and motor, pieces of litter are.

I think it's more complicated than that though.


> The data would not include a rider’s name, but even in sprawling metropolitan areas, paths between home, work and school are typically unique, experts say. Someone with basic coding skills and access to the data could easily connect a trip to an individual person.

> “This data is incredibly, incredibly sensitive,” said Jeremy Gillula, the technology projects director for the Electronic Frontier Foundation, a San Francisco-based digital rights group.

I suspect that part of Uber/Lime/et.al’s pitch to municipalities is to provide them greater visibility how people move through the city to help inform long-term planning.

Which would necessitate this data exchange is price they pay to operate in the city.

I also trust that cities are getting more sophisticated and if LA said that data exchange is their price for doing business, then good on LA for knowing how the dataset could benefit them.

Because a private company having access to GPS data and the government having access to GPS data are two different threat models with different concerns.

The "elected representatives by the citizens of Los Angeles" (Government) are accessing GPS Data about a companies property in its jurisdiction because the companies are not regulating their own behavior and property.

This is where citizens need to advocate in their own neighborhoods and get involved and vote if that is what they want.

Thus you are agreeing that the government should get access to every phone calls, because some people may use it for illegal purpose and phone company doesn't regulate their behavior?

If you have an issue with how theses companies operate, stop theses ways of operating, that's all. The solution isn't to deanonymize the userbase.

Uber is a corporation and the property is the corporations. The data is the corporations too, and not the property of the individual.

Users relinquished that control in your TOS.

What the user wants has no bearing in this whatsoever. Uber is simply using you as a tool to get around the laws in the regions it operates in.

How would you feel that instead of demanding the data , they simply purchased it?

> Uber is a corporation and the property is the corporations. The data is the corporations too, and not the property of the individual.

I'm not arguing who is owning that data, I'm arguing about what happens to that data and whether that's right or wrong. The fact that it's legal or not doesn't change anything.

Would you be fine with a genocide if the ones comitting them made sure it was ratified as a law first?

> Uber is simply using you as a tool to get around the laws in the regions it operates in.

If they didn't use that reason and simply shared it, I would still be arguing the same point...

> How would you feel that instead of demanding the data , they simply purchased it?

It would be just as bad.

If you honestly can't see the difference between a liquor store and a company that changed the face of every major cities in the world and how their inhabitants move around in less than 10 years* I don't think anyone can argue against your point.

edit: *while using every loopholes, sketchy and sometimes straight up illegal ways to do it and killing someone as a result.

I'm very comfortable saying alcohol affects the world as much as Uber does. Liquor stores regularly use sketchy loopholes to dodge regulation, and the entire reason they're so tightly regulated is that we believe unrestricted liquor sales will kill people.

I'm very comfortable saying alcohol would never be approved/legal if it started being marketed 10 years ago.

Like cannabis?

You mean illegal in most places, barely tolerated for medical purposes in a few other and legal in a very few states/countries VS legal and abused almost universally in the world ? Yeah exactly.

Liquor is tightly regulated for tax enforcement.

Yes, I see the difference. My purpose with this comment was to illustrate that Uber's primary complaints appear to be about the Process, and not the request. "Last minute X" etc.

While a good process is important, I was holding up that often times in local regulation there are all kinds of really terrible flaws and gotchas - you have to know people to get a license or permit, etc.

In this case, it seems like a pretty straightforward compliance request, using an API whose code is publicly available, in a process that has been in-progress for at least six months, which, for local regulation, is pretty good!

I was not comparing the industries, or the materials requested.

Your analogy makes no sense.

Liquor stores don't physically move around and violate regulations on where they should operate.

That is why LA is asking for this information. To regulate them since Uber can't be trusted.

On where they should operate, maybe not. But liquor stores definitely do violate regulations on how they should operate, and a real-time feed of sales would surely help catch things like Amazon's clearly fake retail outlets (https://www.wine-searcher.com/m/2019/11/amazon-still-mocking...).

All of the powers that a municipality wields are limited in scope and specifically granted through the state charters and laws that actually created those cities. A city can’t usurp the power of the state that created it nor can it create new ones itself. Cities, especially compared to states and the federal government, are very limited and ephemeral legal entities that can be carved up, amalgamated, renamed, or dissolved at the pleasure of their state governments.

My question would be, does the city have the right to demand this information from Uber? I don’t think that they do. I’d like to see this decided in court.

This is true, but keep in mind the experience of many people is at odds with this. Municipalities de facto wield huge authority through their control of the police and tend to never be challenged. As an extreme but rather common example, there are still locales in the south US that couple religious functions with their public schools and other government offices. Sporadically someone with the knowledge and means will be able to challenge the local government up to the state level, but until that happens the local government can run roughshod over community members (if they don't just force them out).

I agree Uber should try to find a way to satisfy the intent of the law, but you're basically saying that everyone should blindly obey every law or not operate. That's way too strong a principle to lean on. I could do a word swap on your very comment and turn it into a defense of e.g. Jim Crow laws.

HN, where Uber not being able to run their scooters is equal to Jim Crow because “word swap”

I wasn't comparing

a) LA demanding scooter data


b) LA demanding businesses segregate customers.

I was comparing:

c) Uber should share scooter data with LA (or shut down) because The Law


d) Uber should segregate customers (or shut down) because The Law.

Do you agree that c) and d) are poorly justified, and that if you believe one you should believe the other?

I agree that there are reasons why the data-sharing requirement is a much more defensible law than Jim Crow [1]. But sailfast wasn't making those arguments, s/he was just saying Uber should share that data simply because it's the law. That's not a good reason, and as well justified as saying they should comply with Jim Crow because it's the law.

[1] Hence why I said Uber should look for a middle ground that satisfies the nobler intents of the law.

It is more like a reductio ad absurdum. It is showing that you would not support the position you are arguing for by taking it to the extreme.

Municipalities need to comply with state law. In this case, CalECPA gives California residents a number of protections with respect to location data collection by government agencies. Generally speaking, collection is allowed when either a warrant is used or a user explicitly consents. Trip data reveals information about your relationships, life style, and medical status, so getting this right is an important issue for user privacy and safety.

To read more about this, the nonpartisan CA Office of Legislative Counsel has published an analysis of how the law applies, which found that this type of collection does in fact violate CalECPA in its current form [1]. The debate will likely come down to what steps need to be taken to make the collection scheme compliant.

[1] https://cdn.theatlantic.com/assets/media/files/calecpa_dockl...

> The letter also questioned the validity of the “eleventh-hour administrative review process” that the city created last month.

It is apt to review the due process before complying.

If you're lucky you can get a judge to get the entire agency charter declared unconstitutional and your cost of business goes to zero.

There's good argument to be made a lot of restrictions on business are unconstitutional in various ways. It is not that any regulation on business or activity is absurd; it is more that in practice what the regulation says and what it does are not reconcilable.

E.g. many locations have pet registration fees but these fees may not entirely go towards the maintenance of a pet tracking system* or to retaining animal control. In some places none of the fees go towards those things. So it's just a tax that was never voted on.

* And do these things even lead to a safer public? In some cases outcome testing isn't required for a valid law, but if the law states desired outcome it can be.

I think the case here is more complex, since Uber uses existing city infrastructure, and therefore may be compelled to contribute to the "public good".

It is ironic that you bring up the law, because the law … which supersedes any law produced by a wannabe feudal fiefdom like LA, is the Fourth Amendment to the Constitution, specifically "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated". Please note the "shall not be violated", which is a critical point that is missed about the Bill of Rights in particular, that this right that is referenced in the 4th Amendment is a natural, God given right, which the 4th Amendment prohibits the government from, in this case, violating, or, in other amendments infringing on.

It is seemingly often if not always overlooked that the Bill of Rights it not actually a bill of rights at all, it is a bill of prohibitions on the government, or a bill of rights by negation of offenses against them. From what I can tell, that notion of negative rights, i.e., open ended rights bound by the prohibition of government from violating them, is singularly unique in the whole world.

I would appreciate if someone could point out an example of them same, especially as part of the most fundamental law that governs a state, which even supersede the Constitution itself, a kind of meta-Constitution; natural, God given law that supersedes all Constitutional rights and all powers of government.

In practice, courts have said that if you give your papers to a third-party (in this case, Uber), you have no expectation of privacy and a warrant isn't needed: https://en.wikipedia.org/wiki/Third-party_doctrine

You do realize the massive amount of abuse that opens up, right? So because you have ever given your "papers" to anyone in your whole life, therefore you have not expectation of privacy?

Seriously, I would love to know why you find that to be a perfectly fine thing, especially today when current abuses are built on presumptions based on a totally different world where "giving your papers" literally meant giving your unique paper to someone and it then would not simply be reproduced billions of times and spread all throughout the world for anyone and everyone's use against you.

I really hope that since you are here, it is not a challenge for you to realize the massive issues here at stake.

Think about what that means in practice … it's literally a mass surveillance state that violates every single tenet and even essentially every clause of the Constitution when, e.g., courts of uninformed and uneducated judges rule that "no, the real time constant surveillance and tracking of you through your devices is actually NOT a violation of the letter and, more importantly, the spirit of the 4th Amendment." How are you secure when you are literally under constant surveillance by a surveillance state, my friend.

I don't know why you types tend to have this kind of submissive and supplicant attitude towards the massive surveillance state, if it's not some sick self-hatred and self-punishment complex, but it is not a healthy mentality to have to make excuses for the mass surveillance and control by a minority of tyrants that lord over you as unaccountable demigods. How does that make any sense. I would love if you could try to explain that to me.

I'm telling you what the courts consider. I have no idea why you think I find it fine.

The fact is that the 4th amendment is only a protection insofar as you can get it enforced by those with power to do so, and that's the courts.

LA should focus on its massive homeless problem. 50,000 people sleep on the streets every night in LA.

Remarkably, a government of the size and complexity of Los Angeles is able to do more than one thing at a time.

ah right. They can simultaneously fail business and the homeless. #concurrency

You say that like "homelessness" is some super easy problem to solve if we just wave our hands and throw money at it.

This isn't China. Governments in the US are not allowed to simply round up people and put them somewhere without permission and/or due process.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact