INDEX / DIRECTORY / UBER / DIGITAL

Uber DIGITAL

DIGITAL INFRASTRUCTURE AUDIT UPDATED 2026-06-14
Digital Score 0.00 /10 D Uber - BDS-1000 310
Digital 0.00

Evidence-only forensic audit. Scoring happens downstream - see the main dossier for the composite assessment.

Digital Audit: Uber Technologies, Inc.

Audit Phase: Digital (Digital / Technology Forensics) Subject Entity: Uber Technologies, Inc. (NYSE: UBER) Registered Address: 1725 Third Street, San Francisco, California 94158, United States Audit Date: June 2026 Evidence Base: Published corporate disclosures, vendor and partner press releases, SEC filings, technology and trade press, security-incident reporting, and NGO/campaign material. All factual claims are drawn from publicly available sources cited in the End Notes.

Scope and directionality note: Digital assesses the digital/technology nexus to Israel. The serious case is the provision of surveillance, digital, data, or cyber technology to the Israeli state, military, or security services. The reverse direction - Uber procuring technology from Israeli-origin vendors, or embedding Israeli-origin technology into its own consumer platform - is a customer relationship and is recorded explicitly as such, weighted far lower than provision. No transitive guilt is imputed: an Israeli vendor’s other clients, its founders’ military backgrounds, or a parent group’s separate activities are not attributed to Uber. US-entity relationships (e.g. Microsoft, Oracle) are not Israeli-origin and are noted only for completeness. Cyberattacks committed against Uber are recorded as digital context, not as provision.

Enterprise Technology Stack & Vendor Relationships

Israeli-Origin Cybersecurity Vendors (Direction: Uber as customer)

SentinelOne - SentinelOne (founded 2013 by Tomer Weingarten, Almog Cohen, and Ehud Shamir; commercial headquarters in Mountain View, California; an office in Tel Aviv; Israeli-founded with Israeli cybersecurity roots) supplies endpoint detection and response (EDR) software.1 Public evidence that Uber deploys SentinelOne arose from the September 2022 intrusion of Uber’s internal systems: incident reporting documented that, after obtaining privileged access, the attacker logged into a range of Uber’s internal tools and consoles, with SentinelOne named among the security and engineering systems the attacker reached.23 The direction is Uber as the customer procuring a commercial EDR product; SentinelOne is the vendor.

Privileged Access Management (US vendor, recorded for completeness). The same 2022 incident reporting identified Uber’s privileged access management (PAM) platform as Thycotic (the PAM product later branded Delinea) - a US-origin vendor - after the attacker located PowerShell scripts containing hard-coded admin credentials for it.23 No public evidence was identified that Uber’s PAM platform is an Israeli-origin product.

Israeli-Origin Cybersecurity Vendors - Reported But Not Verified

No public evidence was independently verified confirming a current, named Uber customer relationship with the following Israeli-founded cybersecurity vendors: Wiz, CyberArk, Check Point, Claroty, Verint, or NICE Systems. Wiz’s public customers page does not list Uber.4 General reporting confirms these are Israeli-founded firms,5 but none was substantiated as a confirmed Uber vendor in the public record reviewed. No public evidence identified.

Contact-Centre / Workforce Technology

No public evidence was verified of a named Uber relationship with Israeli-origin contact-centre or workforce-management vendors (e.g. NICE CXone, Verint). No public evidence identified.

Procurement & Integrator Relationships

Uber’s platform-software engineering is predominantly in-house, built and operated internally rather than through systems integrators acting as intermediaries for Israeli-origin technology.6 No public evidence was identified of a systems integrator or IT consultancy engaged by Uber that has specifically mandated or deployed Israeli-origin technology as a named deliverable within a disclosed Uber programme.

Procurement Transparency Constraints

Uber does not publicly disclose its full IT and security vendor stack below the level of named partnerships and incident-surfaced tooling. Vendor relationships not surfaced by press releases, SEC filings, or the 2022 incident reporting are not in the public domain. This is the principal evidence gap in this domain.

Surveillance, Biometrics & Retail Technology

Facial Recognition & Biometric Identity Verification (Direction: Uber as customer of a US vendor)

Uber operates a “Real-Time ID Check” feature requiring drivers and couriers to periodically submit a selfie matched against their registered profile photo.7 Public reporting and Microsoft case material attribute the underlying face-matching to Microsoft Azure Cognitive Services (Face API) - a US-entity product - first launched for the US in 2016, with automated comparison and human reviewer fallback.78 No public evidence was identified that Uber deploys facial-recognition, biometric, gait-analysis, or behavioural-analytics technology of Israeli origin (e.g. Oosto/AnyVision, Corsight, BriefCam, Trigo) in this or any other product.

Predictive Analytics & Behavioural Monitoring

Uber operates its own fraud-detection, dynamic-pricing (“surge”), and rider/driver behaviour-analytics systems on proprietary machine-learning infrastructure documented on Uber’s engineering blog.6 No public evidence was identified of Uber procuring Israeli-origin predictive-policing tools, social-media-monitoring platforms, or workforce-surveillance software.

Third-Party and Bundled Deployment

No public evidence identified of Israeli-origin surveillance or biometric technology reaching Uber via third-party platforms, managed security services, or bundled enterprise suites.

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Cloud Provider Relationships (Direction: Uber as customer of US vendors)

Uber historically ran its own physical data centres for roughly a decade. In February 2023 it announced a multi-year migration of the majority of on-premise workloads to public cloud, naming Oracle Cloud Infrastructure and Google Cloud Platform as its providers; AWS was evaluated but not selected as a primary provider, while pre-existing GCP and AWS relationships continued.910 All named providers are US entities; none is an Israeli-origin cloud vendor.

Israeli Cloud-Region Exposure

Google Cloud and AWS both operate infrastructure regions in Israel (Tel Aviv).1112 Because Uber consumes GCP (and historically AWS), workloads could in principle transit such regions depending on configuration. However, no public evidence was identified that Uber has specifically designated, contracted for, or disclosed data residency within any Israeli cloud region.

Project Nimbus & Israeli State Cloud Infrastructure

Project Nimbus is the ~$1.2 billion Israeli-government cloud contract awarded to Google Cloud and AWS; the Israeli cloud regions form part of that programme.1112 No public evidence was identified that Uber participates in, sub-contracts to, or holds any contractual relationship with Project Nimbus. Uber’s relationship with Google and AWS is as a commercial enterprise customer, not as a participant in any sovereign or government cloud programme.

Government Cloud Contracts & Data Sovereignty

No public evidence identified of Uber holding government cloud contracts with Israeli state institutions, marketing data-sovereignty or resilience services to Israeli state or military bodies, or operating/leasing/co-locating dedicated data-centre infrastructure within Israel.

Defence, Intelligence & Security Sector Technology Relationships

Military & Intelligence Contracts

No public evidence was identified of any contract, partnership, memorandum of understanding, or service agreement between Uber and the Israeli Ministry of Defense, the Israel Defense Forces (IDF), the Shin Bet (ISA), Mossad, Unit 8200-linked commercial entities, or any other Israeli state security or intelligence body.

Provision of Technology / Data to the Israeli State or Military

No public evidence was identified of Uber providing surveillance technology, data, software, cloud capacity, AI capability, or digital services to the Israeli state, military, or security services. This is the directionally serious Digital case, and no qualifying evidence of it was found. No public evidence identified.

Dual-Use Technology Provision

No public evidence was identified - in press reporting, official sources, academic literature, or NGO research - of Uber’s commercial technology (ride-hailing, Uber Eats, Uber Freight, or associated AI/ML systems) being deployed for military, intelligence, or law-enforcement surveillance applications in Israel or the occupied Palestinian territories.

Offensive Cyber Capability

No public evidence identified. Uber is a mobility and logistics platform company and does not develop, license, or sell offensive cyber capability, exploit tooling, or weapons systems in any jurisdiction. Uber was itself the victim of a September 2022 intrusion (a social-engineering compromise of an employee, followed by use of hard-coded PAM credentials to reach internal tools); the incident was disclosed by Uber, including to the SEC.2313 This incident was done to Uber and has no nexus to the provision of technology to Israel; it is recorded as digital context only.

Security/Intelligence Background of Technology Partners

Several Israeli-origin or Israeli-founded firms identified in this audit have founders or executives with Israeli technology backgrounds - a common origin pattern for Israeli tech companies. Lior Ron, who co-founded Otto (see Technology Ecosystem) and later led Uber Freight, is publicly reported to have served in Israeli army intelligence (1997–2004).14 These are individual or vendor backgrounds and do not, on the public evidence, establish any defence or intelligence dimension to the relevant commercial relationships. No transitive guilt is imputed.

AI, Algorithmic & Autonomous Systems

Autonomous Driving - Israeli-Origin Technology in Uber’s Platform (Direction: Uber as customer)

Autobrains (Israeli AV technology). In June 2026, Uber, NVIDIA, and Autobrains announced a partnership to launch an autonomous-taxi service, combining Uber’s ride-hailing network, NVIDIA’s DRIVE Hyperion platform, and Autobrains’ “Agentic AI” autonomous-driving system, with Munich selected as the first deployment city.15 Autobrains is an Israeli autonomous-driving company founded in 2019 as a spin-off from the Cortica Group, headquartered with offices in Tel Aviv and Munich and led by founder Igal Raichelgauz.15 The direction is Uber integrating an Israeli-origin AV technology supplier into its mobility platform (Uber as customer/integrator); no provision by Uber to any Israeli entity arises.

Mobileye (Israeli AV technology) via Volkswagen. Uber’s robotaxi partnership with Volkswagen’s MOIA division, with on-road validation testing under way in Los Angeles ahead of a planned late-2026 commercial launch, uses MOIA-built ID. Buzz vehicles whose autonomous-driving compute is sourced from Mobileye, the Israeli-headquartered (Jerusalem) self-driving technology company.1617 Direction: Mobileye technology reaches Uber’s network embedded in a Volkswagen-built vehicle; Uber is the network/customer, not a provider to Israel.

In-House AI/ML Platform

Uber’s core algorithmic systems - routing, surge pricing, fraud detection, demand forecasting, and matching - are built on proprietary machine-learning infrastructure documented on Uber’s engineering blog and are not attributed to Israeli-origin AI vendors in those disclosures.6

AI/ML Provision to Israeli State Bodies

No public evidence identified of Uber providing AI capability, model access, computer-vision systems, training data, or autonomous decision-support to any Israeli state, military, security, or law-enforcement body.

Training Data & Model Development Involving Israeli Population Data

No public evidence identified of Uber’s AI models being trained on, or given access to, Israeli population-surveillance data, intercepted communications, or datasets originating from Israel or the occupied Palestinian territories. Uber’s models are described as trained on its own operational platform data.6

Autonomous Systems & Lethality

No public evidence identified. Uber’s autonomous-driving activity is civilian road-vehicle mobility; the development or deployment of autonomous lethal systems is not within Uber’s business domain. Uber’s former Advanced Technologies Group was divested to Aurora Innovation (a US company) in 2020, with no Israeli state or defence dimension identified.18

Technology Ecosystem & R&D Footprint

Israeli R&D Facilities

No public evidence was identified that Uber operates an R&D facility, engineering office, innovation lab, or accelerator programme within Israel. Reporting on Uber’s 2022 relaunch in Israel described a ride-hailing/taxi-hailing commercial service only, with no R&D or technology-development footprint.19

Historical & Current Commercial Presence in Israel

Uber’s presence in Israel has been a commercial mobility operation, not a technology footprint, and has been intermittent. Uber launched a taxi-hailing service in Israel in 2014; its private-driver pilots (uberDAY / uberNIGHT) were barred by the Tel Aviv District Court in November 2017 over driver-licensing and insurance.2021 Uber relaunched in July 2022 working with licensed taxi drivers,19 then announced in June 2023 that it would end its taxi-hailing service in Israel entirely, citing regulatory uncertainty and limited market share against Gett and Yango.22 Status: discontinued as of June 2023.

Acquisitions & Investments in Israeli Technology Companies

No public evidence was identified of Uber acquiring, or taking a corporate-venture stake in, an Israeli-incorporated technology company. The 2016 acquisition of the self-driving-truck startup Otto (reported at ~$680m) is sometimes described in Israeli press in relation to co-founder Lior Ron; however, Otto (Ottomotto LLC) was a US company headquartered in San Francisco, co-founded by Anthony Levandowski and Lior Ron.1423 This is recorded as a US acquisition with an Israeli-origin co-founder, not the acquisition of an Israeli company. No public evidence identified of an Israeli-registered Uber subsidiary or holding structure.

Patents & IP Co-Development with Israeli Institutions

No public evidence was identified of patent portfolios, licensing, or co-development arrangements between Uber and Israeli-domiciled entities or research institutions (Technion, Hebrew University, Weizmann Institute).

Supplier / Vendor Geopolitical Due Diligence

No public evidence was identified that Uber maintains a technology-supply-chain due-diligence framework specific to the national origin or geopolitical exposure of its software vendors or digital-infrastructure providers.

Civil Society Scrutiny & Regulatory History

NGO & Academic Scrutiny - Technology Supply Chain

No public evidence was identified of an NGO investigation, academic study, or UN report specifically addressing Uber’s technology relationships with the Israeli state, Israeli defence entities, or Israeli-origin vendors. Amnesty International and Human Rights Watch maintain technology/rights research programmes, but no report singling out Uber’s technology nexus to Israel was identified in their published catalogues.2425

BDS & Boycott Campaigns

Uber does not appear as a primary corporate target on the BDS movement’s main campaign lists on grounds of technology provision to Israel.26 Separately, the International Alliance of App-Based Transport Workers - a union federation representing app-based drivers including Uber drivers across multiple countries - voted in February 2024 to join a BDS-aligned boycott of Chevron-branded fuel stations in solidarity with Palestinians.2728 This is a driver/worker action targeting Chevron, not a campaign against Uber as a technology provider, and is recorded for completeness. No public evidence was identified of an organised BDS or NGO campaign specifically targeting Uber’s technology relationships with Israeli state entities.

Export Controls & Sanctions Authorities

No public evidence was identified of any action by US, UK, or EU export-control or sanctions authorities relating to Uber technology sales, services, or data transfers to Israeli state entities. No public evidence identified.

Regulatory & Legal Actions - Technology Sales to Israeli State Entities

No public evidence identified of any regulatory, export-control, or sanctions-body action relating to Uber technology sales or services to Israeli state entities. Uber has faced extensive unrelated regulatory action globally (labour classification, data-privacy/GDPR, ride-hailing licensing), and the September 2022 intrusion drew US securities-disclosure attention via an 8-K filing - none of which relates to Israeli state technology provision.13

Data Breach Disclosures (Uber as victim)

The September 2022 intrusion is recorded above as an attack committed against Uber; it surfaced Uber’s deployment of SentinelOne (Israeli-founded) and Thycotic (US) but established no Israeli state dimension.23 An earlier 2017 breach (concealment of a 57-million-record incident) is a US regulatory and criminal matter with no identified Israeli dimension.13

Evidence Gaps

  1. Full IT and security vendor stack (highest priority) - Uber does not publicly disclose its sub-strategic IT and security vendor relationships; the resident security-product stack beyond what the 2022 incident surfaced (SentinelOne, Thycotic) is undisclosed, so additional Israeli-origin cybersecurity vendor exposure cannot be positively excluded on public evidence.

  2. Reported-but-unverified vendor claims - Customer relationships with Wiz, CyberArk, NICE, and Verint circulate in secondary material but were not substantiated against vendor disclosures, named press releases, or Uber filings in this review.

  3. Autonomous-driving supply chain - The Autobrains and Mobileye relationships are confirmed as procurement/integration (Uber as network/customer), but contract scope, data flows, and current deployment status (Munich and Los Angeles programmes are pre-/early-commercial) are not fully disclosed.

  4. Uber Freight technology stack - Uber Freight’s logistics-analytics and fleet vendor relationships are not comprehensively disclosed; Israeli-origin components embedded there cannot be assessed on public evidence.

End Notes

Footnotes

  1. https://en.wikipedia.org/wiki/SentinelOne

  2. https://blog.gitguardian.com/uber-breach-2022/ 2 3 4

  3. https://www.helpnetsecurity.com/2022/09/16/uber-hacked-attacker-tears-through-the-companys-systems/ 2 3 4

  4. https://www.wiz.io/customers

  5. https://en.wikipedia.org/wiki/Check_Point

  6. https://www.uber.com/en-US/blog/engineering/ 2 3 4

  7. https://news.microsoft.com/transform/how-uber-is-using-driver-selfies-to-enhance-security-powered-by-microsoft-cognitive-services/ 2

  8. https://eng.uber.com/real-time-id-check/

  9. https://www.datacenterknowledge.com/cloud/uber-ditches-on-prem-and-hooks-future-to-gcp-and-oracle-cloud

  10. https://gfmag.com/features/uber-aws-oracle-google-cloud/

  11. https://www.timesofisrael.com/amazon-web-services-to-open-data-centers-in-israel-in-2023/ 2

  12. https://www.timesofisrael.com/googles-first-local-cloud-region-for-israel-goes-live/ 2

  13. https://www.sec.gov/cgi-bin/browse-edgar?action=getcompany&CIK=0001543151&type=8-K&dateb=&owner=include&count=10 2 3

  14. https://en.wikipedia.org/wiki/Lior_Ron_(business_executive) 2

  15. https://www.calcalistech.com/ctechnews/article/hjei429xze 2

  16. https://evmagazine.com/news/how-are-volkswagen-and-uber-redefining-autonomous-taxis

  17. https://www.autoevolution.com/news/autonomous-volkswagen-id-buzz-starts-testing-in-la-commercial-rides-to-be-handled-by-uber-268329.html

  18. https://www.reuters.com/article/uber-aurora/uber-sells-self-driving-car-unit-to-aurora-idUSKBN28S1OJ

  19. https://nocamels.com/2022/07/uber-returns-israel/ 2

  20. https://www.timesofisrael.com/court-bans-uber-ride-sharing-activity-in-israel/

  21. https://techcrunch.com/2017/11/27/uber-is-partially-banned-in-tel-aviv/

  22. https://wageindicator.org/what-we-do/news-stories/gig-news/2023/june-2023-israel-uber-suspends-the-service-in-the-country/

  23. https://en.wikipedia.org/wiki/Ottomotto

  24. https://www.amnesty.org/en/tech/

  25. https://www.hrw.org/topic/technology-and-rights

  26. https://bdsmovement.net/Act-Now-Against-These-Companies-and-Brands

  27. https://bdsmovement.net/IAAWT-Boycott-Chevron-Branded-Gas-Stations

  28. https://peoplesdispatch.org/2024/03/19/app-based-drivers-boycott-chevron-for-complicity-in-israels-genocidal-crimes/