Techsemut English

Uber allegedly used secret program to spy on Grab

Uber allegedly used secret program to spy on Grab

Uber allegedly used secret program to spy on Grab
October 12
22:35 2017

Grab cars in Singapore. Photo credit: BYD.

A secret Uber program supposedly spied on Southeast Asian rival Grab and collected data on its drivers, according to a Bloomberg report.

Called Surfcam, the program developed by an Uber staff scraped data that competitors “published online” to figure out how many drivers were on their systems in real-time and where they were, the report said quoting anonymous sources. It’s unclear where the software was scraping the data from and whether the data was public, or if the scraping helped make a dent in competitors’ performance. It started in 2015 while Travis Kalanick was CEO.

The tool, said to have been mainly used on Grab, raised concerns with a member of Uber’s legal team “who questioned whether it could be legally operated in Singapore because it may run afoul of Grab’s terms of service or the country’s strict computer-crime laws,” the report added.

We’ve asked Grab if it was possible for Uber to have accessed its driver data, but it did not address that specifically.

“We uphold ourselves to strict quality management standards and internal governance, and work closely with regulators and governments in all the countries that we operate in for nation-building efforts,” it said in its response. “We believe in being responsible corporate citizens and believe companies should be held accountable by the government and public for their corporate behavior.”

Uber declined to confirm the report or give a comment.

When does data scraping become illegal?

The question now becomes: was it illegal what Uber supposedly did?

Data scraping is more common than people realize. It’s just like how Google spiders the web to make information searchable or how aggregator websites work.

“Where the practice may potentially get problematic is if data scraping turns into something more targeted and invasive,” said Choo Zheng Xi, a litigation lawyer and director at Singapore-based law firm Peter Low & Choo.

Under Singapore’s Computer Misuse and Cybersecurity Act (CMCA), “any person who knowingly causes a computer to perform any function for the purpose of securing access without authority to any program or data held in any computer shall be guilty of an offense.”

That means if under its terms of service Grab owns the data Uber’s reported software supposedly scraped, Uber could be liable. “It’s less controversial if Uber was merely trying to obtain insights into customer behavior by data scraping public interactions on the Grab web page,” Choo explained.

In the US, several lawsuits have been filed in relation to data scraping; a recent one involved data analytics startup hiQ and LinkedIn. The latter had sent hiQ a cease-and-desist barring it from gathering information from public LinkedIn profiles, which hiQ uses to create products it sells to employers.

In turn, hiQ sought a preliminary injunction against LinkedIn. The two sides’ arguments: LinkedIn claimed it had a right to protect the privacy of its users by blocking usage that violates its terms of service, while hiQ countered that it never trespassed but only accessed LinkedIn data available to the world. A US district judge hearing the case ruled in favor of hiQ.

Before understanding what action Grab can take, Choo said more information is needed on the nature of Surfcam, the data it was collecting, and how it was collecting it.

“Apart from whether or not Uber’s broken any laws, if Grab lawyers up, they’d probably be advised to start looking into questions of whether Grab can characterize Uber’s behavior, together with its software developers, as a conspiracy to cause it economic loss by illegal means. Again, the jury’s out on that,” he stated.

Another Singapore-based lawyer, Wayne Ong, said that data scraping per se isn’t illegal – the manner by which the data is obtained is what’s relevant. “The CMCA protects against hacking. If the data used is publicly available, there may not be any hacking involved.”

A string of spy projects

Surfcam is but one of the possible illicit schemes that US authorities are looking into as they launched at least five criminal probes against Uber, the Bloomberg report said.

This is not the first time that embattled ride-hailing company was said to have used software to undermine its competitors.

Last month, the FBI began investigating Uber for using a program internally dubbed Hell to track drivers working for US rival Lyft.

The spy project – no longer in operation – determined which drivers were working double shifts for both companies and collected price information on Lyft.

In other cases, Uber’s widely reported Greyball program for identifying and sidestepping regulators who sought to catch it in markets where it was banned is still under review by the US Justice Department, while the company had settled with the Federal Trade Commission over privacy concerns with a tool for snooping on riders called God View.

(Update at 11pm, October 12: Added Grab’s and Uber’s response to our queries, and legal insights into the issue.)

source : techinasia

Related Articles


No Comments Yet!

There are no comments at the moment, do you want to add one?

Write a comment

Write a Comment

Your email address will not be published.
Required fields are marked *