Last night, Uber released a first-of-its-kind report that examines safety-related incidents on the ride-sharing service. While the scope of the report is limited to the United States and the company’s ride-sharing platform (and not other services such as Uber Eats), it tells an important story about the challenges of safety on a service such as Uber, and sheds light on necessary strategies for combating abuse. But the publication is also a significant new step in how technology companies think about transparency reporting—a step that should be applauded and, hopefully, adopted by more companies. (CDT has engaged with Uber and other companies over the past year to explore best practices for transparency reporting, including safety reporting.)
The publication continues a now well-established trend of technology companies sharing information about how their products and policies affect users. For tech firms, the practice really took off in the wake of Edward Snowden’s 2013 revelations about mass surveillance conducted by the NSA. In an effort to bolster user trust and communicate company values, major tech companies began publishing information about requests from government to access user information. Since then, transparency reporting has become standard practice and a regular (often quarterly or bi-annual) publication for big Silicon Valley companies including Google, Facebook, Twitter, and Apple, along with telecom companies like Verizon and Comcast.
As transparency reporting became a more widely established and even expected practice, it also evolved, both across the industry and in individual reports, as companies experimented with different approaches to sharing data and communicating information with users. One major evolution has been with respect to scope. Because the practice was largely prompted by concerns raised by the Snowden revelations, reporting largely focused on government access to user information. Now, however, it’s common to see reports include information related to intellectual property claims, requests for content removal, and, within the past couple of years, information related to a company’s content moderation policies and practices.
Now, with Uber’s publication, the practice has expanded even further. This new report on safety builds on what Uber and other companies have learned from reporting around government demands and copyright claims: These reports can communicate corporate values, grow user trust through transparency, and offer insight into company policies and practices that impact users’ day-to-day experiences with the service.
Uber’s publication also takes a few cues from lessons learned by companies who have engaged in more “traditional” transparency reporting for several years now. Uber’s U.S. Safety Report isn’t simply a recitation of numbers. Instead, the vast majority of the report is context and “qualitative” data. Much of the report focuses on Uber’s practices around safety, highlighting information that users may not know (e.g., your phone number is anonymized and driver’s aren’t provided with your exact address), internal practices around incident reporting, and digging into the methodology used to categorize safety incidents and calculate the quantitative data. One of the greatest lessons learned from five-plus years of transparency reporting is that numbers only tell part of the story. Uber has clearly learned that lesson and applied it, creating a report that balances numerical data with context.
Other companies could learn from Uber’s U.S. Safety Report. Scale is one area where that’s true: Uber has provided some context in its report by including a sense of scale, sharing the number of Uber rides per second and trips per year. However, reporting around government requests for user data, for example, often lacks similar context, leaving readers to wonder about how the scope and scale of requests relate to user base size. A company may report having received 10,000 requests to access user data, but not whether their user base comprises 5,000, 100,000, or 10 million accounts.
Notably, the report is also clear about its limitations. In one example, the company states that “Data in this report is derived from incident reports, which reflect the description given by the reporting party … [and this] does not necessarily reflect the actual number of occurrences of critical safety incidents … ” This is a logical caveat to the report and also acknowledges a long-standing and well-known problem: the underreporting of sexual assault incidents.
One shortcoming with the publication is with respect to format. The extensive report can only be read as a PDF—which perhaps means that readers will be more likely to read the context around the numbers instead of just the numbers—and the data is not downloadable in any machine-readable way. Machine-readable formats can make the data more accessible and easier to study or use beyond the report itself, one best practice widely but not entirely adopted by extant tech company transparency reporting.
Despite these limitations, the publication of Uber’s U.S. Safety Report is significant. With this publication, Uber has pushed the boundaries of what users can expect from company transparency, hopefully establishing a new practice that will—like transparency reporting before it—become widely accepted in the industry.