* Uber secretly tracked iPhone users after they deleted the app
* The fingerprinting software contradicted Apple’s privacy rules
* Apple CEO Tim Cook threatened to remove Uber from App Store
New reports say Uber used secret software to track iPhone users who had deleted the app. And the fallout isn’t pretty.
According to the New York Times, Uber used a technique called fingerprinting, and it’s actually quite common. In fact, many companies use it to help detect fraud or to prevent people from using the same promotion more than once.
When a person uninstalls an app that has been fingerprinted, they leave a tiny piece of code behind. The developers can then track that code and see if, and when, the app is reinstalled on the same device. In Uber’s case, they took it a step further and were able to secretly track both users who had deleted the app and users who had wiped their phones altogether. They were even able to access a phone’s device registry and Apple serial number.
Apple had previously let developers track and fingerprint their downloads using a Unique Device Identifier, but in 2013 they decided to focus more on user privacy and scaled this process back. Now, app developers face more restrictions when it comes to what information they can glean from their customers.
Uber, however, went against the new App Store terms. Worse still is the fact that Uber went to such great lengths to keep their fingerprinting a secret. The company reportedly used geofencing for Apple’s headquarters, to hide its actions from people at Apple HQ.
The cover-up was enough to catch Apple CEO Tim Cook’s attention, who publicly chastised Uber’s CEO Travis Kalanick and threatened to remove Uber from the App Store altogether.
In a statement, Uber denies the allegations, saying their fingerprinting was only to bolster their existing users’ security. “We absolutely do not track individual users or their location if they’ve deleted the app,” an Uber spokesperson said. “This is a typical way to prevent fraudsters from loading Uber onto a stolen phone, putting in a stolen credit card, taking an expensive ride and then wiping the phone—over and over again. Similar techniques are also used for detecting and blocking suspicious logins to protect our users’ accounts.”
While the scolding from Apple was enough to make Uber change its fingerprinting methods, it still leaves the question: What’s worse, the alleged crime or the cover-up?