Ex-Lyft driver claims Uber's Hell project violated privacy laws

The complaint argues Uber's GPS tracking breached the Federal Wiretap Act

25/04/2017: Uber has been hit by another blow this week, as a former Lyft driver has filed a complaint against the company alleging it used bespoke software to spy on rivals' drivers, an action that would violate US state privacy laws.

The lawsuit claims that a secret internal program known as 'Hell' was used to track drivers and build a database of those employees that worked for both Uber and Lyft. This data would then be used to prioritise sending work to those employees who used both services, in an effort to tempt drivers away from using Lyft.

By using Hell spyware, "Uber employees, contractors, and/or agents were able to access the location of up to eight Lyft drivers at one time and obtain their unique Lyft ID. Each Lyft ID is unique, akin to a social security number, which allowed Uber to track Lyft drivers' locations over time", the filing to the US District Court for the Northern District of California reads.

"Uber was looking for overlap between the location data so that it could target drivers working for both platforms in order to improve the Uber platform and harm the Lyft platform," the complaint states.

Advertisement
Advertisement - Article continues below

Uber's Hell program was used "millions of times" between 2014 and 2016, according to the complaint. As a result, Lyft reportedly suffered from a lack of drivers, preventing the company from operating a cheap service, and leaving customers with inflated wait times.

The former Lyft employee argues that this represents "unlawful invasion of privacy and interception of electronic communications and images in violation of the Federal Wiretap Act".

The suit states that around 315,000 drivers were working for Lyft in 2016, 60% of whom had also worked for Uber. The remainder, about 126,000 drivers, worked exclusively for Lyft and could be considered an entire class of plaintiff, the filing argues.

The Hell program, first surfaced by the Information on 12 April, was initially dismissed by Uber, which refuted claims it prioritised drivers. However, since then the company has been silent.

This is not the first time Uber has been accused of misusing tracking software. Uber allegedly violated data protection laws when it apparently used software known as "Heaven View" to track the positions of "high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends and ex-spouses", according to a lawsuit last year.

Meanwhile,  Uber made use of a tool known as "Greyball", the New York Times revealed last month, to track law enforcement and officials trying to clamp down on Uber services. As the company was operating in cities such as Boston and Portland without state permission, the program allowed Uber to avoid sting operations trying to shut down its service.

The NYT this week reported that Apple threatened to kick Uber's app off iOS for violating Apple privacy rules by using tracking software to stop fraud in China.

IT Pro has approached both Uber and Lyft for comment, but did not receive a reply at the time of publication.

13/04/2017: Uber reportedly targeted Lyft drivers with "Hell" program

In an effort to remain at the top of the ride-hailing pyramid, Uber reportedly developed a program that exploited its major competitor, Lyft.

Advertisement
Advertisement - Article continues below

A report by The Information claimed the secretive software-based program, referred to as "Hell," kept tabs on Lyft drivers between 2014 and 2016, before Uber ended it sometime in 2016. The devilish name was allegedly given to contrast the previous "God View" and "Heaven" programs, which allowed Uber to internally track its own drivers and employees.

A small group of data scientists and top Uber executives, including CEO Travis Kalanick, initially developed Hell by creating fake rider accounts for Lyft, it's alleged. The location of these accounts were then edited, allowing those behind the program to see where Lyft vehicles were throughout an entire city.

The report suggests the employees were also able to determine which drivers were "double-apping," or driving for both Lyft and Uber. Uber supposedly obtained this information upon realising that Lyft drivers had unchanging, special numbered IDs. These IDs allowed the group to continuously monitor pinpointed Lyft drivers.

The ride-hailing giant then reportedly offered incentives to these drivers, such as bonuses for reaching a target amount of rides, in the hope of getting them to ditch Lyft and drive solely for Uber.

Kalanick and his secretive group also allegedly sent more riders to double-apping drivers than to drivers who worked exclusively for Uber.

IT Pro has contacted both Uber and Lyft for comment, but hadn't received a response at the time of publication.

A Lyft spokesperson did, however, provide The Information with a statement (via TechCrunch), saying: "We are in a competitive industry. However, if true, these allegations are very concerning."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/strategy/27302/driverless-cars-news/page/0/4
Business strategy

Uber car involved in fatal crash had software flaws

6 Nov 2019
Visit/strategy/27302/driverless-cars-news
Business strategy

Uber car involved in fatal crash had software flaws

6 Nov 2019
Visit/strategy/27302/driverless-cars-news/page/0/3
Business strategy

Uber car involved in fatal crash had software flaws

6 Nov 2019
Visit/strategy/27302/driverless-cars-news/page/0/1
Business strategy

Uber car involved in fatal crash had software flaws

6 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019