Do you use Unroll.me to unsubscribe from unwanted email subscriptions? If you've ever taken a ride with Lyft, information about your trips may now be in the hands of Uber.
The New York Times, in a Sunday profile of Uber CEO Travis Kalanick, reported that the app-based car service, as part of its competitive intelligence efforts, purchased data about Lyft rides to keep tabs on its rival. Uber purchased the data from an analytics company called Slice Intelligence, which owns Unroll.me.
Using Unroll.me, "Slice collected its customers' emailed Lyft receipts from their inboxes and sold the anonymized data to Uber," the report notes. "Uber used the data as a proxy for the health of Lyft's business."
Slice confirmed to the Times that it sells anonymized ride receipts from Lyft -- and Uber -- but declined to tell the newspaper who buys the data. The report notes that Lyft also has a "competitive intelligence" team.
Uber vs. Apple
Meanwhile, the report also reveals that Uber was almost kicked out of Apple's App Store in 2015 for hiding unscrupulous behavior from Apple engineers.
At issue was "widespread account fraud in places like China, where tricksters bought stolen iPhones that were erased and resold." These drivers would create "dozens" of email addresses that signed up for Uber accounts and requested rides, then pocket the incentives Uber was offering to its most productive drivers.
Starting in 2014, Uber essentially tagged these phones so the devices couldn't be reused for other scams even after they were wiped. But the practice was against Apple's rules, so Uber "geofenced" Apple headquarters so engineers there wouldn't find out. Of course, Apple did find out, and CEO Tim Cook was not pleased. He reportedly demanded that Uber quit it, and Kalanick agreed, the Times reports.
Uber did not immediately respond to PCMag's request for comment, but in a statement to Engadget denied that it tracks people after they have deleted the app.
"We absolutely do not track individual users or their location if they've deleted the app," Uber said. "As the New York Times story notes towards the very end, this is a typical way to prevent fraudsters from loading Uber onto a stolen phone, putting in a stolen credit card, taking an expensive ride and then wiping the phone -- over and over again. Similar techniques are also used for detecting and blocking suspicious logins to protect our users' accounts. Being able to recognize known bad actors when they try to get back onto our network is an important security measure for both Uber and our users."
This is just the latest snafu for Uber, which has been caught driving its autonomous cars in California without a permit and hiding shady practices from regulators, as well as dealing with a sexual harrassment suit.
This story originally appeared on PCMag