Apple threatened to pull Uber app over privacy concerns


The New York Times ran a profile of Uber CEO Travis Kalanick. Leading the article is an untold tangle with Apple over its app. The company had deployed a sophisticated digital fingerprinting of its users. The fingerprint persisted even when iPhones were erased. Apple CEO Tim Cook threatened to pull the app from the App Store if Uber didn't reverse its surveillance.

The idea of fooling Apple, the main distributor of Uber's app, began in 2014.

At the time, Uber was dealing with widespread account fraud in places like China, where tricksters bought stolen iPhones that were erased and resold. Some Uber drivers there would then create dozens of fake email addresses to sign up for new Uber rider accounts attached to each phone, and request rides from those phones, which they would then accept. Since Uber was handing out incentives to drivers to take more rides, the drivers could earn more money this way.

To halt the activity, Uber engineers assigned a persistent identity to iPhones with a small piece of code, a practice called "fingerprinting." Uber could then identify an iPhone and prevent itself from being fooled even after the device was erased of its contents.

This is clearly in violation of the App Store guidelines. Its't hardly the first time a developer went out of bounds, but what's interesting is how Uber tried to conceal it's disallowed capabilities.

To hide its activities from Apple, Uber designed its software to not activate this ability near Apple's corporate offices. When Apple employees at its headquarters reviewed the app, the code didn't reveal its functionality.