Incident: Uber's Greyball Software Investigation for Evading Regulators.

Published Date: 2017-05-04

Postmortem Analysis
Timeline 1. The software failure incident involving Uber's use of the Greyball tool happened in December 2014 [59314, 59178].
System 1. Greyball software tool [Article 59314, Article 59178]
Responsible Organization 1. Uber [59314, 59178]
Impacted Organization 1. Local transportation regulators in areas where Uber's service had not yet been approved, such as Portland, Oregon [59314, 59178] 2. Portland Bureau of Transportation officials who were denied rides by Uber's Greyball technology in December 2014 [59314, 59178]
Software Causes 1. The software cause of the failure incident was the use of the Greyball software tool by Uber to identify and circumvent government officials trying to regulate Uber's service, leading to a criminal investigation by the US Department of Justice [59314, 59178].
Non-software Causes 1. Ethical concerns and questionable business practices, such as evading local transportation regulators and obstructing inquiries [59314, 59178] 2. Allegations of sexual harassment within the company [59314] 3. Controversies surrounding the behavior of the Chief Executive Travis Kalanick [59314, 59178]
Impacts 1. The software tool "Greyball" used by Uber to evade local transportation regulators had significant impacts on the company, leading to a criminal investigation by the U.S. Department of Justice [Article 59314, Article 59178]. 2. The existence of Greyball and its misuse to identify and circumvent government officials caused a barrage of negative publicity for Uber, adding to the company's already existing problems such as accusations of sexual harassment and other controversies [Article 59314, Article 59178]. 3. The criminal probe and federal investigation into Uber's use of Greyball raised questions about potential federal criminal violations and the likelihood of charges being brought against individuals involved [Article 59314, Article 59178]. 4. The software failure incident involving Greyball led to Uber facing legal and business issues, impacting the company's reputation as an aggressive startup and raising concerns about its leadership under CEO Travis Kalanick [Article 59314, Article 59178]. 5. The misuse of the Greyball technology not only affected Uber's relationship with regulators but also raised concerns about the company obstructing inquiries and evading officials in areas where its service was not yet approved [Article 59314, Article 59178].
Preventions 1. Implementing strict ethical guidelines and oversight on the development and use of software tools like Greyball to ensure compliance with regulations and ethical standards [59314, 59178]. 2. Conducting thorough internal audits and reviews of software tools to identify any potential misuse or unethical practices [59314, 59178]. 3. Providing comprehensive training and education to employees on the proper use of software tools and the consequences of unethical behavior [59314, 59178]. 4. Establishing clear policies and procedures regarding the deployment and monitoring of software tools to prevent misuse and ensure transparency [59314, 59178]. 5. Encouraging a culture of transparency and accountability within the organization to promote ethical decision-making and discourage unethical practices [59314, 59178].
Fixes 1. Implement strict ethical guidelines and compliance measures within the company to prevent the misuse of software tools like Greyball [59314, 59178]. 2. Conduct thorough internal investigations to identify any other potential software tools or practices that may be ethically questionable or legally problematic [59314, 59178]. 3. Enhance transparency and accountability in software development and usage to ensure that tools are used for their intended purposes and in compliance with regulations [59314, 59178]. 4. Collaborate closely with regulatory authorities to address any concerns and ensure full compliance with local transportation regulations [59314, 59178]. 5. Establish clear policies and procedures for the development, deployment, and monitoring of software tools to prevent similar incidents in the future [59314, 59178].
References 1. Uber spokesperson 2. US Department of Justice 3. Portland authorities 4. Bloomberg news service 5. Northern California grand jury 6. Shearman & Sterling law firm 7. Current and former Uber employees 8. Reuters 9. The New York Times

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident related to Uber's use of the Greyball software tool to evade local transportation regulators has happened again within the same organization. The incident involved Uber using the Greyball technology in December 2014 to evade officials in Portland before the service was approved there [59314, 59178]. (b) The software failure incident involving the use of the Greyball software tool by Uber to circumvent regulators has not been reported to have occurred at other organizations.
Phase (Design/Operation) design, operation (a) The software failure incident related to the design phase can be seen in the case of Uber's use of the Greyball software tool. The tool was designed to help Uber identify and circumvent government officials who were trying to clamp down on Uber in areas where its service had not yet been approved. This design decision led to the software being used to evade regulators and operate in locations where it was not authorized, contributing to the software failure incident [59314, 59178]. (b) The software failure incident related to the operation phase occurred when Uber actually used the Greyball software tool to evade transportation regulators. Despite the company acknowledging the software and prohibiting its use for this purpose after it was revealed by the New York Times, the operation of the tool in circumventing government officials led to negative publicity and triggered a criminal investigation by the U.S. Department of Justice [59314, 59178].
Boundary (Internal/External) within_system, outside_system (a) within_system: The software failure incident involving Uber's use of the Greyball tool was primarily due to contributing factors that originated from within the system. The Greyball software tool was developed internally by Uber to identify and circumvent government officials and regulators who were trying to restrict Uber's operations in areas where it had not yet been approved [59314, 59178]. The tool was used to prevent fraud and safeguard drivers, but it was also employed to evade local officials who could potentially penalize Uber or prevent it from operating [59314, 59178]. The technology was part of a broader Uber system called Violation of Terms of Service, which analyzed various data points to determine the legitimacy of ride requests [59314, 59178]. (b) outside_system: The software failure incident involving Uber's Greyball tool also had contributing factors that originated from outside the system. External factors such as government regulations, investigations by transportation officials, and media exposure played a significant role in uncovering the use of the Greyball tool and triggering the criminal investigation by the U.S. Department of Justice [59314, 59178]. The incident received extensive negative publicity and scrutiny from external entities, which further escalated the situation for Uber [59314, 59178].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident occurring due to non-human actions: - The software tool "Greyball" was used by Uber to identify and circumvent government officials trying to clamp down on Uber in areas where its service had not yet been approved [59314, 59178]. - Greyball obscured the real location of Uber cars in various circumstances, including the possibility of physical threats or merely to test new features [59314, 59178]. - The program was part of a broader Uber system that analyzed credit card, device identification, location data, and other factors to predict the legitimacy of ride requests [59314, 59178]. (b) The software failure incident occurring due to human actions: - Uber acknowledged the use of Greyball to evade regulators and prohibited its use for this purpose after the New York Times revealed its existence [59314, 59178]. - The Greyball technique was used against suspected local officials who could have been looking to fine drivers, impound cars, or prevent Uber from operating [59314, 59178]. - Uber used the Greyball technology in December 2014 while operating without approval, citing concerns about its driver-partners being penalized financially [59314, 59178].
Dimension (Hardware/Software) software (a) The software failure incident occurring due to hardware: - There is no information in the provided articles indicating that the software failure incident was due to contributing factors originating in hardware. Therefore, it is unknown. (b) The software failure incident occurring due to software: - The software failure incident in the articles is related to Uber's use of a software tool called "Greyball" that helped the company evade local transportation regulators by identifying and circumventing government officials [59314, 59178]. - Uber acknowledged the software tool and mentioned that it was used to prevent fraud, safeguard drivers, and check ride requests [59314, 59178]. - The software tool analyzed various data points to predict the legitimacy of ride requests and was used to protect drivers from harm [59314, 59178]. - The Greyball software was also used against suspected local officials to avoid fines and prevent Uber from operating in certain areas [59314, 59178]. - The software incident led to a criminal investigation by the U.S. Department of Justice, indicating that the failure was due to contributing factors originating in software [59314, 59178].
Objective (Malicious/Non-malicious) malicious (a) The software failure incident in the articles is related to a malicious objective. Uber's use of the software tool "Greyball" was aimed at helping its drivers evade local transportation regulators by identifying and circumventing government officials who were trying to clamp down on Uber in areas where its service had not yet been approved [59314, 59178]. The software was used to prevent fraud and safeguard drivers but was also employed against suspected local officials who could have been looking to fine drivers, impound cars, or otherwise prevent Uber from operating [59314, 59178]. The system went beyond what was suggested by Uber's terms of service and involved mining credit card information and checking social media profiles to assess the likelihood that the person was in law enforcement [59314, 59178]. The incident led to a criminal investigation by the US Department of Justice [59314, 59178].
Intent (Poor/Accidental Decisions) poor_decisions (a) The intent of the software failure incident: - The software failure incident involving Uber's use of the Greyball tool was primarily due to poor decisions made by the company. - Uber used the Greyball software tool to identify and circumvent government officials who were trying to regulate Uber in areas where its service had not yet been approved, such as Portland, Oregon [59314, 59178]. - The company acknowledged that the program was created to check ride requests to prevent fraud and safeguard drivers but was also used to evade regulators and obstruct their inquiries [59314, 59178]. - Uber's aggressive approach and decision to use the Greyball tool against suspected local officials, going beyond what was suggested by its terms of service, ultimately led to the software failure incident [59314, 59178].
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident related to development incompetence is evident in the articles. Uber's use of the software tool "Greyball" to evade local transportation regulators was a deliberate action taken by the company. The tool was developed and utilized to identify and circumvent government officials trying to clamp down on Uber in areas where its service had not yet been approved. This action was not accidental but a deliberate decision made by the company to bypass regulations and gain an unfair advantage ([59314], [59178]). (b) The software failure incident related to accidental factors is not evident in the articles. The use of the Greyball software tool by Uber to evade regulators was a purposeful and intentional act rather than an accidental introduction of contributing factors.
Duration temporary The software failure incident related to Uber's use of the Greyball software tool can be categorized as a temporary failure. The incident involved the use of the Greyball tool to evade local transportation regulators in areas where Uber's service had not yet been approved. Uber acknowledged the use of the software but prohibited its use for this purpose after the New York Times revealed its existence in March [59314, 59178]. The temporary nature of the failure is evident from the fact that Uber stopped using the Greyball tool for circumventing government officials once the issue was exposed, indicating that the failure was due to specific circumstances and not a permanent issue.
Behaviour omission, value, other (a) crash: The software failure incident related to Uber's use of the Greyball tool did not involve a crash where the system lost state and did not perform any of its intended functions [59314, 59178]. (b) omission: The software failure incident involved omission where the system omitted to perform its intended functions at instances, specifically in evading government officials and denying them rides [59314, 59178]. (c) timing: The software failure incident did not involve timing issues where the system performed its intended functions correctly but too late or too early [59314, 59178]. (d) value: The software failure incident did involve a failure related to the system performing its intended functions incorrectly, such as using Greyball to evade regulators and deny rides to officials [59314, 59178]. (e) byzantine: The software failure incident did not exhibit a byzantine behavior where the system behaved erroneously with inconsistent responses and interactions [59314, 59178]. (f) other: The software failure incident involved other behaviors not covered by the options, such as using the Greyball tool for purposes beyond fraud prevention and driver safety, including evading regulators and obstructing inquiries [59314, 59178].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence property, theoretical_consequence (d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident involving Uber's use of the Greyball tool had consequences related to property. The Greyball technology was used to evade local transportation regulators, potentially impacting the financial penalties or other consequences faced by Uber's driver-partners [59314, 59178]. Additionally, the software failure incident led to a criminal investigation by the U.S. Department of Justice, indicating potential legal and financial implications for the company [59314, 59178].
Domain information, transportation, government (a) The failed system in the articles was related to the production and distribution of information as it involved a software tool called "Greyball" used by Uber to identify and circumvent government officials trying to regulate Uber's service in various areas [59314, 59178]. (b) The failed system also had implications for the transportation industry as Uber used the Greyball software tool to evade local transportation regulators in cities where its service had not yet been approved, such as Portland, Oregon [59314, 59178]. (l) Additionally, the software failure incident had connections to the government sector as it involved Uber using the Greyball technology to avoid government officials who were trying to clamp down on Uber's operations in areas where it was not yet approved [59314, 59178].

Sources

Back to List