Uber executives made liberal use of a so-called “kill switch” that cut access to the company’s servers in San Francisco and prevented government authorities around the world from accessing its files, leaked documents reveal. The secretive activities happened in the background while local Uber staff in countries such as France would appear to be working with investigators and tax authorities.
Messages released as part of the leak show Uber lobbyist Mark MacGann telling French IT staff to “appear confused” when they can’t access the data to distract from the kill switch being triggered during a raid. French Uber manager Thibaud Simphal responded: “We’ve used that playbook so many times by now the most difficult part is continuing to act surprised!”
What is a kill switch?
A kill switch isn’t a new idea: it is used to shut down or disable a device or software program to prevent theft or data loss. Typically used in an emergency, even modern laptops have a remote kill switch option that can wipe data if a device is stolen.
Uber appears to have liberally used a kill switch to block access to user and company data stored on servers in the US when they were being raided or under investigation in another country.
Uber Files: ride-hailing firm’s behaviour in the spotlight
The revelations – known as the Uber Files – appeared in documents originally leaked to the Guardian. It includes 124,000 confidential documents from the firm and appears to show Uber regularly flouted the law, duped police officers and lobbied governments around the world.
These documents cover the years 2013 to 2017, as Uber grew into a global transportation powerhouse, and were produced in more than 40 countries. As well as the revelation of regular use of a kill switch, the documents show heavy lobbying to have laws and regulations changed to suit Uber’s business practices, or even examples of flouting laws in some markets.
According to the documents, the kill switch was used to cut access to Uber servers in at least six countries, including during a police raid in Amsterdam. The kill switch order was apparently issued by former Uber CEO Travis Kalanick, telling staff “please hit the kill switch ASAP. Access must be shot down in AMS [Amsterdam]”.
Documents appear to show it was also used in France, Belgium, India, Hungary and Romania and was deployed on at least 12 occasions as the company faced scrutiny and official attention.
Executives had the switch developed while facing multiple raids from officials trying to gain evidence that could be used to shut down the service while it operated on the edges of regulations in place in any given country at that time.
When was Uber’s kill switch used?
The first documented use in the leaked Uber files was in France in 2014, and came following months of anger from traditional taxi services in the country. Regulators raided Uber’s French headquarters on November 19, but Uber was prepared due to a raid in Lyon earlier in the month and so a message was sent after the raid had begun to “kill access now”, with senior executives copied in.
Its attempted use in Belgium was the result of authorities trying to gain access to information on drivers. Eight armed offices arrived unannounced, accompanied by IT experts and ensured local staff couldn’t speak to San Francisco. Former legal director for Uber in Europe, Zac de Kievit, reportedly told Kalanick “our team were detained and did not have an opportunity to raise the kill switch”.
Uber kill switch stopped when new CEO was appointed
Shortly after this successful raid, Uber changed its processes and when another raid happened in France “access to IT tools was cut immediately, so the police won’t be able to get much if anything,” MacGann wrote to Uber’s head of policy and strategy, David Plouffe.
It was already known the company had used its kill switch in Canada and Hong Kong, but the other revelations coming from the Uber leaks show it was considerably more widespread – and implemented on the express orders of senior executives.
This process would be repeated over and again during raids throughout Europe, including the development of methods that allowed it to predict when a raid was likely to happen.
The documents also seem to suggest that while sending profits through tax havens to cut its own tax bill, Uber “sought to deflect attention” by helping authorities collect taxes from its drivers.
MacGann said every time he was personally involved in using the kill switch it was on the express orders of senior management in San Francisco.
Using a kill switch in the way described by the Uber leaks is extremely rare says James Bore, a technical debt collector and security hygienist from Bores Group. “Over a couple of decades, I’ve never come across an organisation with a kill switch designed to frustrate investigations,” Bore says. “I have come across a few where they’re designed to lock down in event of a breach, but that’s a very different use case.
“The only places I’ve dealt with where dawn raids were a potential issue there was very specific training on what to do in the case of a raid – namely stop what you’re doing immediately, move away, and cooperate fully with authorities,”
Uber says it hasn’t used the kill switch since 2017 when Dara Khosrowshahi became the new CEO, replacing Kalanick.
Uber’s senior vice-president of public affairs, Jill Hazelbaker, said in a statement: “We have not and will not make excuses for past behaviour that is clearly not in line with our present values. Instead, we ask the public to judge us by what we’ve done over the last five years and what we will do in the years to come.”