I wonder when Dara (CEO) will start being held accountable for Uber. So far his message has been, "That was them, not me". If he is sincere, he should ask the managers of Uber to share all the dirty laundry that they know. Then, he should disclose it publicly and get ahead of it. That for me would qualify as "that was them, not me".
He has been there 3 months, but there are 8 years of scandals built into Uber's culture before he joined. I expect Uber to be on the front page of HN for years to come. That can't be the right PR strategy.
He has to get ahead of it or he will lose credibility with the drip, drip, drip of bad news.
He released the information about the security failure (which occurred a year before he was hired) and fired 3 security managers because of it.
He just issued a new company culture statement (with massive employee participation) that eliminates the prior version's language that encouraged jerks, and includes the statement "We do the right thing".
He's been there 3 months. What else do you expect him to do? It takes time to acclimate to a new company. A CEO really needs to learn the staff, meet as many employees and customers as possible, and soak all this in before they start making big decisions. Being a CEO is never a "shoot first, aim later" type of job.
He didn't fire 3 security managers. They resigned. That may seem academic, but I'm sure it wasn't for the people involved. If they want good publicity from firing people... fire them. If people resign I just assume it was because they got a better job (I've had a coworker pushed out this way -- the CEO just got another company to give him a better offer).
If you want to avoid bad publicity from 'fired' being in the headline, you also avoid the good publicity.
Uber last week said it fired its chief security officer, Joe Sullivan, over his role in the 2016 data breach, which compromised data belonging to 57 million customers and about 600,000 drivers. The resignations Friday came amid mounting frustration within Uber’s security team over Sullivan’s dismissal and the company’s handling of the public disclosure of the breach.
So he fired the CSO, and then those reporting to Sullivan resigned (The departures include most of Sullivan’s direct reports.).
Company culture (at least the previous, step-on-toes one) at Uber was heavily enforced; company culture as it is written down is also heavily enforced at Facebook (where Sullivan was before) and Google and most engineers at Uber come from either. Not sure what is Goldman Sacks (where a lot of Uber managers came from) written company culture, but there is a practiced version of it that is quite distinct (think Uber’s toe-stepping).
Dara did change the cultre at his previous company, starting by drafting a written document there too. Of course, enforcement is key and a longer process than publishing anything but firing a large number of managers will effectively change the culture. I can see how it sounds ridiculous for someone working at 99% of the companies where “company culture” is a cumbersome joke, but not in that context.
Company culture is not a joke at my company. Suggesting the CEO will start to change the culture with a memo would be. But, when your employees can’t afford to buy their options and have golden handcuffs I suppose you make the koolaid taste yummy.
I had an accounting professor who liked to say “If you become an accountant at a company or CEO, you have 3 weeks to find the dirty laundry. After that it becomes your responsibility, and your problem.”
Methinks your accounting professor never was a CEO. It took me a lot longer than 3 weeks at my new job to understand the key structures in the application I work on.
That's a pretty safe supposition no matter what he said. Risk preference is real. There is very little overlap between the set of CEOs and the set of accounting professors.
Maybe we have different expectations of what CEOs should do. Writing culture statements is not hard. Adding "We do the right thing" is not hard. That initiative also started before he joined.
Identifying and owning up to the 8 years of toxic behavior is hard. That’s what would stop the negative news cycle. It is definitely hard, but he gets paid enough for us to have high expectations.
Showing real leadership is hard, harder than worrying about the news cycle. Real leadership is not about flash, not about showing dominance, and definitely not about looking the part publicly.
Who knows what he needs to work on in his first 3 months? Perhaps it is important to listen and understand everything before making decisions, rather than jumping to react so it looks good from a PR perspective.
Writing any culture statement is not hard, but running a process to understand the organization, set a clear direction for the future, and then solidifying values so that everyone in the organization knows is not. Writing a culture statement is also not the only thing he's done, just something that is public.
On a side note, the second you say "lavishly paid CEOs" and "he gets paid enough", you bring a level of disdain into the conversation that makes it hard to continue. We should absolutely hold CEOs of large companies to a high standard, not because of their pay, but because of their position and the responsibility they hold.
He has personal credibility, but do you think he has any credibility with relation to Uber? At best I think the view is that he doesn't know about all of the likely scandals, so that he's being surprised along with us. That doesn't exactly breed credibility in his role at Uber, it just cushions his eventual exist when he realizes that he ran into a burning barn.
No, before you take over CEO of a company with a 8 year track record of being a pretty horrific company, coming off the CEO before forced out due to yet another scandal you get all the dirt before you sign on the dotted line. He knew about this before he took the role. It's all about in how he handles it.
This is the key point. It’s too soon, the jury is still out on the new ceo... but these are encouraging signs. We’ll see in time, because at the end of the day the only real thing that matters is that the culture actually does reform, all while not wrecking the business (ideally actually improving it). That’s a result that will always take longer than 21 short days...
It’s such a difficult challenge to change a company culture at a whale of a company like this one.
Thought experiment: if you inherit a spaghetti codebase with 10 million plus lines of code, how long do you have to find and communicate all the bad surprises?
There's no objective answer, but 6-12 months seems reasonable to me for a new CEO.
I agree, i'm not fan of Uber but a CEO simply can't learn all the ins and outs in a week. More so, i'd imagine that if the stories here are all true, there's all sorts of cover ups that have been happening and in many ways he's having to figure out whom he can trust, let alone how to find the skeletons. I'd imagine he got a pretty substantial incentive for coming on board.
>Uber’s general counsel, Tony West, on Wednesday sent a note to employees, which was seen by Reuters, saying that human surveillance of individuals would no longer be tolerated.
The fact that this even had to be said is sickening on so many levels.
They probably have proportionately far fewer security employees, just far more effective ones.
All snark aside, I'd guess that the vast amount of Uber security staff's role is investigating driver fraud. Uber grew so immensely fast because they offered compelling sign up inducements to drivers, and in lots of cases those were easy to game. It's why Uber got caught "fingerprinting" iPhones by Apple so they could detect whether the same phone was being used to sign up for multiple driver accounts to double dip the signup bonus programs.
>All snark aside, I'd guess that the vast amount of Uber security staff's role is investigating driver fraud.
I thought most companies separate out pure infosec from anti-fraud? Some orgs may house both under the bubble of risk management but there's a big difference between a security engineer and an anti-fraud analyst.
Since the third person mentioned in the article was "Jeff Jones, who handled physical security", I'm assuming Uber lumped anything possibly related to "security" in one org. Which does seem peculiar.
You are correct. All things with even the vaguest hint of security and safety were lumped there. Antifraud, monitoring who touches which logs, being the sole provider of electronic evidence in all investigations, infosec, competitive information, investigating rapes, putting listening devices into the uber app .....very unorthodox.
5 in 120 is 1 in 24. There are 30ish people at my company, and five of them are directly responsible for security and 20 or so are indirectly responsible... so I guess either we're very over-weighted or Uber is very under-weighted.
But you have to look at the threat models, the value of what you're protecting, and the surface areas that you expose. Without comparing those, no useful inferences can be drawn.
Different kind of companies have different needs, a security team doesn't scale like the HR team or the finance team or the ... it's really hard to figure out how much you need to employ.
And when you have breaches and things like that, is it because you didn't have enough security employees? Or is it rather because its focus was bad? Or the employees were bad? Or because the branch tasked to secure the network was bad?
The role varies widely. Typically, there is a lot of administrative work required to manage the cadence of an exec team: Examples - collecting tracking metrics ahead of meeting, tracking action items for completion, preparing materials for customer briefings, etc. A chief of staff helps the CEO get higher output by letting them focus on the decisions and not the process.
Tl;dr - CoS stands in for the CEO in meetings, fills her in on what's going on across the organization (or outside of it), and overall leverages her time. It's beyond someone who just does scheduling but short of being COO, which entails direct reports and accountability.
At my previous company, where raising money and making sense of accounting was a non-trivial, the Chief of Staff was (like the CEO and the CFO) a former investment banker for +10 years. He definitely felt like the #2 of the company (ex-aequo with CTO & CFO) and not an executive assistant.
In practice, he was in charge of internal communication with non CxO people and the CEO, and a lot of things that the CEO had to do that wasn’t direction external relations (typically press): preparing financial documents, coordinating teams with legal, team morale, etc.
Person who manages budgets, day-to-day, organizational specific priorities, tracking higher level objectives, etc. Its basically a high level Program/Project Manager with a horizontal responsibility.
That's essentially what it is in Washington D.C which as far as I know is the origin of the title:
>"The White House Chief of Staff has traditionally been the highest-ranking employee of the White House. The chief of staff's position is a modern successor to the earlier role of the president's private secretary."[1]
Yes, but remember cabinet members are called secretaries — it's right in their titles (e.g., Secretary of State). The President's Chief of Staff has enormous power.
Sir Humphrey: Well briefly, sir, I am the Permanent Under Secretary of State, known as the Permanent Secretary. Woolley here is your Principal Private Secretary. I too have a Principal Private Secretary and he is the Principal Private Secretary to the Permanent Secretary. Directly responsible to me are ten Deputy Secretaries, 87 Under Secretaries and 219 Assistant Secretaries. Directly responsible to the Principal Private Secretaries are plain Private Secretaries, and the Prime Minister will be appointing two Parliamentary Under-Secretaries and you will be appointing your own Parliamentary Private Secretary.
Hacker: Can they all type?
Sir Humphrey: None of us can type. Mrs Mackay types: she's the secretary.
(Yes, it's a comedy show, but the titles are correct)
My favorite is the episode about the Channel Tunnel, in which the French security services plant a bomb to test the British security and gain a diplomatic gain. I thought that was completely ridiculous, just good idea for finishing up a good plot.
Thirty years after, when the official papers of the time were released, what do we discover..?
The President's cabinet are all heads of departments in the Executive branch. They are advisors and implement policy. The word Secretary in a "Secretary of ___" cabinet title is not at all the same as an "office secretary" where duties might include scheduling, answering phones and ordering office supplies. Not even close.
By contrast he Chief of Staff in the White House is a cabinet-level "Official" and it's not even a requirement that the President have one. That should be an indication:
>"The duties of the White House chief of staff vary greatly from one administration to another and, in fact, there is no legal requirement that the president even fill the position. However, since at least 1979, all presidents have found the need for a chief of staff, who typically oversees the actions of the White House staff, manages the president's schedule, and decides who is allowed to meet with the president."[1]
In such situations, Chief of Staff is basically an Executive Assistant, but in big companies, an EA is not a mere secretary who manages the calendar and orders food and books flights. An EA basically becomes the right-hand man/woman of the exec.
Also, Chief of Staff is not merely a Valley term. It's common in DC.
Physical security, digital security and fraud prevention are separate fields. They may all have something to do with "security" but the goals are very different and as a result, the management structure needs to be different. If you fail to do so you will simply dilute the key objectives each of these fields deliver.
it ends every time i get out of the car and give my driver 5 stars. And then it begins again with me being picked up damn near any where i want to at any time in the bay area.
The scandals are for the company , the employees , and the gov to figure out.
As a user (and Im also guessing for the drivers) its one of the best companies out there. Reliable , efficient, high quality.
However, given the amount of animal product we consume, the gaz we use, the slaves that make our stuff, the resources we steal from other countries, the wrappers and electronic we make and trash i would not be judgmental about it.
Unless you are a monk, you are probably making terrible consummer choice every fay.
Totally. We all unquestionably are. But there is a moral difference between doing so out of ignorance or out of personal necessity (you gotta eat) and doing so out of willful ignorance or out of personal luxury.
I did not respond to that post because he uses Uber. Hell, I live somewhere where I can't get a cab, the train doesn't go where I need to go, and Lyft just literally doesn't have cars here (it's weird and I haven't investigated it, but there are times where I just don't get pickups near my house, though they pop up half a mile away if I walk). I use Uber in those situations, and I don't feel bad about it.
I responded to his post because, yanno, certain folks love the term "virtue signaling"--what is it when you sign up for a website just to brag about how little you care about the people around you?
You assume too much. Uber might be good for the customer, but it is a total jerk to the driver.
Last scandal at my hometown, that is unlikely to reach the English speaking world, is as follows.
Our airport, which lays on federal grounds, grants a monopoly of transportation services to certain well established company. Not even city taxis are allowed in (they can drop passangers, but cannot pick up anyone else while they are on premises). Uber attitude towards this situation is the standard one, basically an extended middle finger to every law, institution or authority of the land.
The problem is that if airport security catches an unofficial taxi on premises, they call federal police, the car is taken to a seized and the driver cannot recover until he's paid a very considerable fine (think several months of blue collar wages). Uber strategy to deal with that is to swarm security, so they always catch someone, but the process to deal with the offender is very time consuming and all other Uber cars are free to do business while the guards are preocupied.
Uber will punish any driver that refuses to take airport calls with bad karma, and will "gratiuouly" pay for your fine... once (if you get caught twice, it is on you), but they will not pay you any wages while your car is locked in federal grounds (a time that is measured in weeks, not days). They will also not pay for any damages to the car itself, which unfortunatelly is a rampant problem in this country when vehicles end up under the custody of the government.
So, be very glad to have a car and a chauffeur at your fingertips beck and call, but please do not assume the driver is enjoying it as much as you do.
I always felt that $70 was an absurd price for the $10 worth of gas and 30 minutes to get home from the airport that taxis used to charge before Uber. I believe that Uber creates a more efficient allocation of drivers permitting drivers to make more transactions in a work day. Why should I be concerned that the taxi driver is making too little money when he wasn't concerned about charging me too much money before? We are both engaging in the transaction consensually and we are both able minded adults - why shouldn't that be the end of it as far as ethics go?
While this is unfair of Uber, this is a pretty insane situation. They impound your car for weeks for providing a service consensually? I think that's the real issue here.
Trust me, this story plays out in most US Cities. Google Los Angeles Bandit Cab Enforcemt to find out about Uber and Lyft drivers getting their cars impounded with steep fines and months-long impounds. And then dig around uberpeople.net to see it happening in other cities.
It seems likely kalanick encouraged this stuff. Combine that with weak controls and who knows what upper middle management has dreamed up across the company. I'm sure the CEO is grilling people about all the shit they're doing that will ruin his day when a newspaper reports on it as we speak...
This was an effort to protect the economy from being ground to a halt by destructive litigious action and make courts more efficient. Not to increase liability and accountability within the corporation. Which is why nearly every western country has done the same... it wasn't a conspiracy to protect wealthy people from being punished.
Like many regulations that fail to affect idealistic change, it was done with good intentions and there hasn't been a strong enough support for an alternative to solve this issue... or, less likely, maybe no rational alternatives really do exist.
The simple fact is shit rolls down hill in all big organizations and I'm not convinced it won't happen if corporations weren't singular legal entities. Top tier executives have a way of protecting themselves, while the lower staff tend not to have such protections.
Removing this 'corporations = people' legal structure would incentivize internal deflection to lower levels as a legal strategy instead of the company uniformly fighting back against allegations - making it risky to be a low-level manager and highly disincentivizing employees from taking any real responsibility that would involve legal exposure (aka a huge percentage of management and entrepreneurial jobs).
Ultimately, the tough reality is that it might actually make sense to treat the company as a singular whole, as potentially there are hundreds of people involved in any major corporate incident. Which would be a nightmare in the bureaucratic mess that is the modern justice system.
That said, I'm not 100% convinced that courts can't use common sense to figure out direct liability and involvement within the company, at an individual level. But common sense has never been something the courts or government policy have been known for, at least in the last half-century. The modern justice system has entirely been modeled around the lowest common denominator. Which is very apparent if you've ever tried to challenge something as simple as a traffic ticket in court.
Given that legal/regulatory environment which it currently exists within I could see such a change being abused and being massively inefficient. Especially considering how difficult it is to prove a single persons involvement in a normal crime, let alone trying to sue a company then figuring out 100 individuals culpability...
How can anyone know the motivations of the Justices?
> Like many regulations
Isn't it a court decision, not a regulation? Are we all talking about Citizens United?
> This was an effort to protect the economy from being ground to a halt by destructive litigious action and make courts more efficient.
Is there evidence that such a thing was at risk of happening? I know industry advocates commonly make the claim, but I haven't seen evidence.
IIRC, the court decision was to enable corporations to make political contributions based on their free speech rights as 'people'. How does that serve the purposes quoted above?
And the prior comment references Santa Clara vs Southern Pacific Railway, in which a note on the decisions (not even in the decision itself) stated that corporations were persons for purposes of the 14th amendment. It does not date back to the Joint Stock Companies act but comes from a little later in the post-civil war cases.
I like how you carefully catalog the theoretical damage a recent court precedent going the other way would have inflicted, and just as carefully ignore the actual fallout we’ve already seen from it.
Regardless, my point is that it's entirely possible that without this current legal structure the alternatives will only increase low-level employees legal exposure, while having a marginal impact on the behaviour of wealthy top level executives (which is what people really care about, isn't it?), and while simultaneously flooding the courts with massive inefficient cases, consuming finite resources which could be better spent elsewhere.
Just because you can point out the current system's flaws doesn't automatically mean a comparable better one exists.
Plenty of systems in our economy and legal system are a matter of lesser-of-evils. It's easy to complain but unless you can propose a better alternative, an alternative that won't end up being worse for the poor/middle class average person, then you aren't really helping the situation.
This disconnect from the on-the-ground reality is one of the big reasons I don't support many of these populist activist causes... and yes I've seen "The Corporation" film many times.
>>Just because you can point out the current system's flaws doesn't automatically mean a comparable better one exists.
The flip side of the coin is we should never stop looking for improvements. IMO if executives were held personally liable for gross negligence, for instance, they would suddenly become more interested in things like security best practices (referring to the recent Equifax disaster).
That's some nice snark, but it is self-defeating: we should not be having the death penalty for people, because of its history of abuse against minorities, and the poor standards of evidence. A death penalty on powerful corporations makes more sense because these entities have the means to defend themselves. It is because they are not people that a death penalty is allowable.
Corporations are immortal, which violates the spirit of the original notion and definition of corporations as organizations with a limitied specific charter. Corporations need mortality.
I don't know if you accept it as normal, but I've seen that in each of the four companies I've worked in. Sometimes the chief of staff at the VP level is not an engineer, but the chief of staff to CxO I've seen are usually engineers.
speaking from experience at Google, yes. Obviously depends on size of company, but many C-suite/SVP/High VPs would have a "chief of staff" type person reporting to them.
He has been there 3 months, but there are 8 years of scandals built into Uber's culture before he joined. I expect Uber to be on the front page of HN for years to come. That can't be the right PR strategy.
He has to get ahead of it or he will lose credibility with the drip, drip, drip of bad news.