Transparency Report: Government Requests for Data
Overview
Updated September 22, 2020
In this report, Uber is sharing an overview of information that was provided to federal and state regulators and law enforcement agencies in the US and Canada between January and December 2019.
Regulatory reporting requirements
Uber’s technology connects riders with drivers who operate in a highly regulated sector. Regulatory agencies like the California Public Utilities Commission oversee offline services like electricity, construction, and taxis in addition to rideshare trips. They are empowered by law to require rideshare companies to report information about the trips that are facilitated by their apps. These agencies may request information about trips, trip requests, pickup and dropoff areas, fares, vehicles, and drivers in their jurisdictions for a given time period. There is a risk that information like pickup and dropoff locations may allow government agencies—or anyone else who obtains this information—to identify individual riders by associating it with publicly available records. That is why we’ve specified the total number of drivers and riders whose trip details have been reported below.
In some cases, reporting requirements for online companies may differ from or exceed what regulators demand from offline companies. And in other cases, online companies are requested to produce different types of information—like an electronic trip receipt with a trip route instead of a paper log. Both occur because regulators assume that technology companies maintain and therefore should provide these records.
The tables below show how many riders and drivers were affected by regulatory reporting requirements for our rideshare platform in the US and Canada during the 2019 calendar year.
Regulatory requests
United States
City/state | Riders affected | Drivers affected |
|---|---|---|
Alabama | 0 | 150 |
California | 17,090,000 | 318,000 |
Colorado | 0 | <50 |
Delaware | 0 | 200 |
Florida | 0 | 0 |
Georgia | 0 | 75,000 |
Honolulu, HI | 0 | 0 |
Bloomington, IL | 0 | 1,000 |
Chicago, IL | 5,390,000 | 130,000 |
Iowa | <50 | <50 |
Kentucky | 0 | 10,000 |
Maryland | 0 | 84,000 |
Massachusetts | 0 | 94,000 |
Minneapolis, MN | 0 | <50 |
Mississippi | 0 | 50 |
Montana | 10 | 0 |
Nebraska | 1,000 | 50 |
Nevada | 0 | 33,000 |
New Jersey | 100 | 150 |
New Orleans, LA | 0 | 13,000 |
New York | 0 | 207,000 |
New York City, NY | 10,150,000 | 100,000 |
Bend, OR | 0 | <50 |
Portland, OR | 1,009,000 | 16,000 |
Redmond, OR | 0 | 0 |
Philadelphia, PA | 0 | 2,000 |
Rhode Island | 0 | 20,000 |
South Dakota | 0 | 1,000 |
Burlington, VT | 0 | 50 |
Kennewick, WA | 0 | 0 |
Olympia, WA | 0 | <50 |
Seattle, WA | 0 | 14,000 |
Tacoma, WA | 0 | 6,000 |
Yakima, WA | 0 | <50 |
Washington, DC | 3,700,000 | 0 |
Values reported have been rounded.
Canada
City/province | Riders affected | Drivers affected |
|---|---|---|
Calgary, AB | 600,000 | 5,000 |
Barrie, ON | 0 | 4,000 |
Brampton, ON | 0 | 62,000 |
Guelph, ON | 0 | 4,000 |
Hamilton, ON | 200,000 | 23,000 |
London, ON | 0 | 6,000 |
Mississauga, ON | 1,200,000 | 75,000 |
Niagara, ON | 0 | 2,000 |
Oakville, ON | 0 | 44,000 |
Ottawa, ON | 640,000 | 10,000 |
Toronto, ON | 2,800,000 | 88,000 |
Vaughan, ON | 0 | 64,000 |
Waterloo, ON | 0 | 6,000 |
Regina, SK | 0 | 600 |
Saskatoon, SK | 0 | 800 |
Quebec | 0 | 12,000 |
Values reported have been rounded.
Airport reporting requirements
Separate from state and local regulatory agencies, airport authorities have the ability to regulate commercial activity taking place on airport property, including ridesharing. Generally, in order to operate at airports, rideshare companies are required to enter into agreements prepared and enforced by each individual airport authority. These agreements vary by airport and often require rideshare companies to report information such as monthly trip volumes (airport pickups and dropoffs); when vehicles enter and exit the airport area; where vehicles pick up and drop off within the airport area; and/or each vehicle’s license plate number.
The tables below show the number of riders and drivers affected by airport reporting requirements for our rideshare platform in the US.
Airport requests
United States airports (A-M)
Airport code | Riders affected | Drivers affected |
|---|---|---|
AGS | 0 | 2,000 |
ALB | 0 | 5,000 |
ATL | 0 | 67,000 |
AUS | 0 | 24,000 |
AVL | 0 | 2,000 |
BLI | 0 | 600 |
BNA | 0 | 20,000 |
BOS | 0 | 52,000 |
BTR | 0 | 3,000 |
BUF | 0 | 8,000 |
BUR | 0 | 74,000 |
BWI | 0 | 44,000 |
CAE | 0 | 4,000 |
CHA | 0 | 2,000 |
CHS | 0 | 8,000 |
CLT | 0 | 18,000 |
CMH | 0 | 12,000 |
COS | 0 | 4,000 |
CVG | 0 | 8,000 |
DCA | 0 | 70,000 |
DEN | 0 | 27,000 |
DFW | 0 | 55,000 |
DLH | 0 | 400 |
DTW | 0 | 17,000 |
EUG | 0 | 1,000 |
FAT | 0 | 2,000 |
FLL | 0 | 81,000 |
GEG | 0 | 2,000 |
GRR | 0 | 3,000 |
GSO | 0 | 6,000 |
HKS | 0 | 100 |
HND | 0 | 800 |
IAD | 0 | 60,000 |
IAG | 0 | 2,000 |
JAN | 0 | 1,000 |
JAX | 0 | 10,000 |
JEAN | 0 | 200 |
LAS | 0 | 28,000 |
LAX | 0 | 82,000 |
LCK | 0 | 3,000 |
LGB | 0 | 55,000 |
MCO | 0 | 47,000 |
MDT | 0 | 3,000 |
MEM | 0 | 6,000 |
MFR | 0 | 600 |
MIA | 0 | 84,000 |
MRY | 0 | 2,000 |
MSP | 0 | 15,000 |
Values reported have been rounded.
United States airports (N-Z)
Airport code | Riders affected | Drivers affected |
|---|---|---|
OAK | 0 | 61,000 |
ONT | 0 | 26,000 |
ORF | 0 | 10,000 |
PAE | 0 | 5,000 |
PDX | 0 | 12,000 |
PHL | 0 | 50,000 |
PHX | 0 | 28,000 |
PIT | 0 | 11,000 |
POE | 0 | 35,000 |
PSP | 0 | 6,000 |
RDU | 0 | 15,000 |
RNO | 0 | 2,000 |
ROA | 0 | 1,000 |
RSW | 0 | 8,000 |
SAN | 0 | 33,000 |
SAT | 0 | 18,000 |
SAV | 0 | 6,000 |
SBA | 0 | 3,000 |
SBP | 0 | 1,000 |
SEA | 0 | 20,000 |
SFB | 0 | 17,000 |
SFO | 0 | 76,000 |
SJC | 0 | 54,000 |
SLC | 0 | 10,000 |
SMF | 0 | 16,000 |
SMX | 0 | 400 |
SNA | 0 | 60,000 |
SSF | 0 | 200 |
SYR | 0 | 5,000 |
TPA | 0 | 33,000 |
TUS | 0 | 4,000 |
TZA | 0 | 200 |
XNA | 0 | 2,000 |
Values reported have been rounded.
Law enforcement requests
Uber receives requests from law enforcement agencies in the United States and abroad who seek information about our users relating to criminal law enforcement investigations. We have a legal obligation to respond to valid government requests for user data. Our dedicated team of experts, who are trained to manage these requests, ensure that any disclosure of information is consistent with our internal policies and applicable law. To learn more about our process and requirements for responding to law enforcement requests in the US, please see Uber’s Guidelines for United States Law Enforcement. For the rest of the world, please see the Uber Guidelines for Law Enforcement Authorities - Outside the US.
Uber Technologies Inc. offers many products and services, including, but not limited to, ridesharing, food delivery, and Uber for Business. The tables below represent law enforcement data requests related to our products and services.
The US statistics below represent the number of requests and legal process types received from law enforcement authorities. We also disclose the number of user accounts affected by these requests, and how often we’ve responded with relevant information. The Canada statistics below represent the number of legal process and emergency requests as well as the number of users affected by these requests, and how often we’ve responded with relevant information.
Law enforcement data requests
United States
Process received¹ | Number of data requests | Number of users whose data was disclosed | Percentage of requests where some user data was disclosed |
|---|---|---|---|
Emergency | 1,578 | 1,265 | 46.8% |
Court order | 202 | 355 | 62.9% |
Search warrant | 956 | 2,239 | 75.0% |
Subpoena | 3,116 | 5,006 | 60.3% |
¹Contains national security requests received by Uber, including orders and directives issued under the Foreign Intelligence Surveillance Act and national security letters. Pursuant to US law, these numbers are reported within ranges and are subject to a one-year reporting delay. For the time period of September 2018 to September 2019, we received between 0 and 99 national security requests, which targeted between 0 and 99 user accounts.
Canada
Number of data requests | Number of users whose data was disclosed | Percentage of requests where some user data was disclosed | |
|---|---|---|---|
Emergency | 230 | 191 | 49.1% |
Legal process | 111 | 317 | 82.0% |
Frequently asked questions
- Why is Uber publishing this report?
Rideshare companies have long been required to provide regulators with information about the trips that are facilitated with their apps, but few provide public transparency about these requirements. By publishing this report, we hope to give consumers more visibility into how their data is shared between companies and government agencies and enable them to consider the type and scope of data that regulators have access to. Uber’s Transparency Report was the first of its kind to address rideshare services and gives an overview of what we provide to government agencies in the US and Canada.
- What does this report cover?
Currently, this report covers data we are compelled to share with regulators, airports, and law enforcement agencies for different parts of our business in the US and Canada. This report is not an exhaustive overview; for example, it does not cover the location data that local jurisdictions compel us to share about trips taken with bikes and scooters. However, we’re committed to expanding the report in the future to cover our growing set of mobility options and adequately reflect the ever-growing and complex reporting requirements we’re subject to as a regulated global business.
- How do you determine what data to produce in response to these requests?
When regulatory agencies ask for more information than is necessary to fulfill their obligations—or information that is commercially or personally sensitive—we seek to narrow our response. This may involve negotiations with the regulatory agency, and in some cases it has required defending ourselves in legal proceedings before the agency or in court.
- Do regulators tell you why they need the information or what they do with it?
Not always. But we do ask for this information to ensure that data requests are limited to legitimate regulatory purposes.
- Do regulatory agencies disclose this information to other parties?
We have attempted to limit agencies from disclosing commercially or personally sensitive information. But agencies may disregard our requests and complaints, collecting far more data than necessary to fulfill their obligations and therefore creating additional risks that this data is publicly exposed. In addition, regulatory agencies may disclose this information through open data portals or when responding to Freedom of Information Act requests.
- Do taxis have the same reporting requirements?
Only in some cases. Taxis are not always bound by the same agencies or regulations as Uber is. Depending on the location, the authorities and rules that apply to each type of company may vary.
- Why are state and local regulators separate from airport regulators in your report?
State and local regulators have very different objectives from airport authorities. State and local regulators, like public utility commissions, are responsible for ensuring that certain companies operate in accordance with the applicable regulations, including those governing safety. Airport authorities often defer to state and/or local regulations but may require additional data requirements that allow them to track and count the number of vehicles on their property.
- How are reporting requirements for airports determined?
Rideshare companies must agree to airport rules as part of the permitting process. Each airport authority independently determines what information is required to be reported to them.
- Do airports require information about which products people are using (such as UberX vs. Uber Black)?
Yes, some ask to have information broken out by ride option type or the regulatory framework that each vehicle is operating under.
- Do airports get the same information from taxis, limousines, and livery providers?
Yes. The information airports request and receive from taxis, limousines, and livery providers is generally consistent with what is disclosed in this report.
- Do airports disclose the information they receive to the Transportation Security Administration (TSA)?
Airport authorities don’t tell us what they do with the information we provide.
- Why do you get requests from law enforcement agencies?
During a criminal investigation, law enforcement agencies may ask us for information about user(s) that’s relevant to the investigation. Our dedicated team of experts, who are trained to manage these requests, work to ensure that any information we disclose is consistent with our policies and applicable law.
- What does Uber do when it receives a request for user information?
Uber is committed to protecting the privacy and security of our users’ data. With limited exceptions like emergencies, we require a valid and sufficient legal process from official government agencies before we disclose any information about our users. When we receive a request from law enforcement, we review it to ensure that it satisfies legal requirements. We object to overly broad, vague, or unreasonable requests.
- Does Uber report information about US national security requests?
Yes. National security requests include orders and directives issued under the Foreign Intelligence Surveillance Act (FISA) and national security letters (NSLs). Unfortunately, we’re prohibited from reporting exact numbers of NSLs or FISA orders received; pursuant to US law, these numbers are reported within ranges and are subject to a one-year reporting delay.
To learn more about our process and requirements for responding to law enforcement requests in the US, see Uber’s Guidelines for United States Law Enforcement. For the rest of the world, see the Uber Guidelines for Law Enforcement Authorities - Outside the US.
Company