Burners don’t hack Uber, people do

A story broke this week about how people are hacking the Uber referral program to get thousands of dollars in free credits — some apparently by using Burner to create multiple accounts.

From a company standpoint, referral programs are inherently leaky, and most companies build this into the cost of running them. The payoffs of these programs are huge and have contributed to the viral growth of countless companies, but fooling a service into giving you credits for your own personal multiple account signups is clearly against the spirit of things.

You’re also not supposed to advertise your codes, apparently (even though lots of people do it for all kinds of referral programs and coupon codes), because even though Uber, Airbnb, et al give referral credits out freely, and even though they’re widely available and easily googled, these companies are doing their best to control the code system so they can avoid awarding credits where they don’t absolutely have to.

Funnily enough, just a few weeks ago a Burner team member proposed writing a post about exactly this “hack”, detailing step by step how to get Uber credits by using Burner, as a way of promoting the fact that we now support short codes, and to generate awareness generally.

We shot the idea down, but it led to an interesting discussion.

On “hacking” Uber

The first part of the discussion was specifically about the ethics of hacking Uber given both opportunity to ride their tailwind as well as their own aggressive approach to competition and municipal regulations. You can probably form your own views on Uber and how much professional courtesy they deserve.

You would not hear any discussion, on the other hand, on whether to help Burner users hack Kiva.org’s referral system. We certainly believe marketing the Uber opportunity would have had a positive impact on our own business (“up and to the right” FTW!). But should a question about ethical practices on our own part comes down to a review of another company’s conduct? if you start down this path, how do you decide where to draw the line between the Kivas and the Ubers of the world?

On Burner’s part

All this led us to the question of whether it’s ethical for Burner to a) encourage and b) be a part of this kind of thing at all. And what about using Burner to create multiple accounts generally (which is often a “foot-fault” violation of Terms of Service)?

Using Burner numbers during sign-up for new services is actually a very common use case for us, particularly now that we support short codes. Many websites and applications require a phone number as a form of sign-in or “proof” of who you are. But they often don’t tell you how they will or won’t use your number, whether it’s stored or not, and how it might or might not be resold as part of your data profile. Protecting people from this de facto invasion of privacy — giving them control of their identity and data trail — is the essence of the Burner value proposition. And in our public messaging, we want to help people realize the value of doing this.

The real issue here is not that end users are finding workarounds like this. It’s that sites like Uber are using phone numbers as unique proof of identity. News flash: phone numbers are not unique ID keys to people.

In the same way email addresses have become freely available to anyone with a web browser, phone numbers are becoming more universally obtainable. Today, Burner simplifies the process of getting a number down to just a couple of clicks for anyone who can download an app. Burner’s longer-term mission — and the reason we’re backed by investors like Venrock and Founder Collective — is to help drive this change and the tremendous value creation we believe will come of it.

So why does this matter?

If you’re a web or app service provider, you should be paying attention to this, and start treating phone numbers with approximately the same level of authority you treat individual emails (rather than worrying about whether services like ours are policing our users’ activities). Ultimately this evolution — and Burner’s contribution to it — are an important part of a shift in the way companies need to think about data.

We’re also amid an evolution of how we as individuals manage our own identity footprints. As habits change and more people become familiar with burner identities, Burner numbers become will part our personal toolkits in the same way secondary email addresses have. As market and work structures change — for example, as more and more of our work and commerce goes through peer-to-peer marketplaces—we need better tools to manage our communications, in ways that balance trust, reputation, and privacy.

We think we’re building a great tool for this future in Burner. Ultimately, users will find all kinds of creative and innovative uses for it — they already do — and any technology company worth its salt will recognize the need to be responsive to this kind of innovation rather than expecting us to stifle it in its cradle.