I don't think they did this, but one smart way for Uber to protect screenshots like this would be to include unique hex value colors depending which employee is logged into the dashboard. i.e. a different shade of blue in one of the cells for each employee who logs in. Then when the screenshot is published, you just eyedrop the color and you know who leaked it.
You would still get caught. You can reverse the timestamp from the "last 7 days" and the partial week column. You can get the timestamp from the numbers by summing until you hit the magic number, and taking the timestamp of the last transaction.
You would also need to delete the last two columns, and likely round-off the rest of the figures.
i actually think its a really simple solution for the problem at hand... its also hard to detect. the leaker didn't bother this time, but why not have such a simple mechanism in place?
There's a few more methods that I've used in real life. The trick is to have a number of them active, so that even if one method is thwarted(like by photocopying the image to monochrome), other methods still provide you enough unique information.
Some things we came up with(which actually helped find a leaker of a screen shot many of you may have seen on ycombinator a few years ago):
For protecting tabular data:
- Vary background colors slightly
- Fudge some numbers +/- .1% - low enough to not affect actual calculations.
- Change fonts for punctuation or some numbers(commas can be discernible by font type).
- Slightly adjust column/row widths
- Provide obvious personal identifying information on the page, so the person thinks thats the only thing they need to redact ;)
You could intentionally change some number or the other by a tiny bit that is not significant (and only noticeable to a very diligent observer who has comparison data) so that when comparing to the real numbers you see which number was changed by how much and find out who it is that way.
