Biden’s new FTC nominee is a digital privacy advocate critical of Big Tech

President Biden made his latest nomination to the Federal Trade Commission this week, tapping digital privacy expert Alvaro Bedoya to join the agency as it takes a hard look at the tech industry.

Bedoya is the founding director of the Center on Privacy & Technology at Georgetown’s law school and previously served as chief counsel for former Senator Al Franken and the Senate Judiciary Subcommittee on Privacy, Technology, and the Law. Bedoya has worked on legislation addressing some of the most pressing privacy issues in tech, including stalkerware and facial recognition systems.

In 2016, Bedoya co-authored a report titled “The Perpetual Line-Up: Unregulated Police Face Recognition in America,” a year-long investigation that dove deeply into the police use of facial recognition systems in the U.S. The 2016 report examined law enforcement’s reliance on facial recognition systems and biometric databases on a state level. It argued that regulations are desperately needed to curtail potential abuses and algorithmic failures before the technology inevitably becomes even more commonplace.

Bedoya also isn’t shy about calling out Big Tech. In a New York Times op-ed a few years ago, he took aim at Silicon Valley companies giving user privacy lip service in public while quietly funneling millions toward lobbyists to undermine consumer privacy. The new FTC nominee singled out Facebook specifically, pointing to the company’s efforts to undermine the Illinois Biometric Information Privacy Act, a state law that serves as one of the only meaningful checks on invasive privacy practices in the U.S.

Bedoya argued that the tech industry would have an easier time shaping a single, sweeping piece of privacy regulations with its lobbying efforts rather than a flurry of targeted, smaller bills. Antitrust advocates in Congress taking aim at tech today seem to have learned that same lesson as well.

“We cannot underestimate the tech sector’s power in Congress and in state legislatures,” Bedoya wrote. “If the United States tries to pass broad rules for personal data, that effort may well be co-opted by Silicon Valley, and we’ll miss our best shot at meaningful privacy protections.”

If confirmed, Bedoya would join big tech critic Lina Khan, a recent Biden FTC nominee who now chairs the agency. Khan’s focus on antitrust and Amazon in particular would dovetail with Bedoya’s focus on adjacent privacy concerns, making the pair a formidable regulatory presence as the Biden administration seeks to rein in some of the tech industry’s most damaging excesses.

#biden, #biden-administration, #big-tech, #biometrics, #congress, #consumer-privacy, #facial-recognition, #federal-trade-commission, #government, #lina-khan, #privacy, #surveillance, #tc, #united-states

A Sept. 11 Conundrum

What we leave behind.

#amazon-com-inc, #antitrust-laws-and-competition-issues, #apple-inc, #e-commerce, #federal-trade-commission, #regulation-and-deregulation-of-industry, #september-11-2001, #social-media, #spiegel-evan, #wearable-computing

How a Vungle-owned mobile marketer sent Fontmaker to the top of the App Store

Does this sound familiar? An app goes viral on social media, often including TikTok, then immediately climbs to the top of the App Store where it gains even more new installs thanks to the heightened exposure. That’s what happened with the recent No. 1 on the U.S. App Store, Fontmaker, a subscription-based fonts app which appeared to benefit from word-of-mouth growth thanks to TikTok videos and other social posts. But what we’re actually seeing here is a new form of App Store marketing — and one which now involves one of the oldest players in the space: Vungle.

Fontmaker, at first glance, seems to be just another indie app that hit it big.

The app, published by an entity called Mango Labs, promises users a way to create fonts using their own handwriting which they can then access from a custom keyboard for a fairly steep price of $4.99 per week. The app first launched on July 26. Nearly a month later, it was the No. 2 app on the U.S. App Store, according to Sensor Tower data. By August 26, it climbed up one more position to reach No. 1. before slowly dropping down in the top overall free app rankings in the days that followed.

By Aug. 27, it was No. 15, before briefly surging again to No. 4 the following day, then declining once more. Today, the app is No. 54 overall and No. 4 in the competitive Photo & Video category — still, a solid position for a brand-new and somewhat niche product targeting mainly younger users. To date, it’s generated $68,000 in revenue, Sensor Tower reports.

But Fontmaker may not be a true organic success story, despite its Top Charts success driven by a boost in downloads coming from real users, not bots. Instead, it’s an example of how mobile marketers have figured out how to tap into the influencer community to drive app installs. It’s also an example of how it’s hard to differentiate between apps driven by influencer marketing and those that hit the top of the App Store because of true demand — like walkie-talkie app Zello, whose recent trip to No. 1 can be attributed to Hurricane Ida

As it turns out, Fontmaker is not your typical “indie app.” In fact, it’s unclear who’s really behind it. Its publisher, Mango Labs, LLC, is actually an iTunes developer account owned by the mobile growth company JetFuel, which was recently acquired by the mobile ad and monetization firm Vungle — a longtime and sometimes controversial player in this space, itself acquired by Blackstone in 2019.

Vungle was primarily interested in JetFuel’s main product, an app called The Plug, aimed at influencers.

Through The Plug, mobile app developers and advertisers can connect to JetFuel’s network of over 15,000 verified influencers who have a combined 4 billion Instagram followers, 1.5 billion TikTok followers, and 100 million daily Snapchat views.

While marketers could use the built-in advertising tools on each of these networks to try to reach their target audience, JetFuel’s technology allows marketers to quickly scale their campaigns to reach high-value users in the Gen Z demographic, the company claims. This system can be less labor-intensive than traditional influencer marketing, in some cases. Advertisers pay on a cost-per-action (CPA) basis for app installs. Meanwhile, all influencers have to do is scroll through The Plug to find an app to promote, then post it to their social accounts to start making money.

Image Credits: The Plug’s website, showing influencers how the platform works

So while yes, a lot of influencers may have made TikTok videos about Fontmaker, which prompted consumers to download the app, the influencers were paid to do so. (And often, from what we saw browsing the Fontmaker hashtag, without disclosing that financial relationship in any way — an increasingly common problem on TikTok, and area of concern for the FTC.)

Where things get tricky is in trying to sort out Mango Labs’ relationship with JetFuel/Vungle. As a consumer browsing the App Store, it looks like Mango Labs makes a lot of fun consumer apps of which Fontmaker is simply the latest.

JetFuel’s website helps to promote this image, too.

It had showcased its influencer marketing system using a case study from an “indie developer” called Mango Labs and one of its earlier apps, Caption Pro. Caption Pro launched in Jan. 2018. (App Annie data indicates it was removed from the App Store on Aug. 31, 2021…yes, yesterday).

Image Credits: App Annie

Vungle, however, told TechCrunch “The Caption Pro app no longer exists and has not been live on the App Store or Google Play for a long time.” (We can’t find an App Annie record of the app on Google Play).

They also told us that “Caption Pro was developed by Mango Labs before the entity became JetFuel,” and that the case study was used to highlight JetFuel’s advertising capabilities. (But without clearly disclosing their connection.)

“Prior to JetFuel becoming the influencer marketing platform that it is today, the company developed apps for the App Store. After the company pivoted to become a marketing platform, in February 2018, it stopped creating apps but continued to use the Mango Labs account on occasion to publish apps that it had third-party monetization partnerships with,” the Vungle spokesperson explained.

In other words, the claim being made here is that while Mango Labs, originally, were the same folks who have long since pivoted to become JetFuel, and the makers of Caption Pro, all the newer apps published under “Mango Labs, LLC” were not created by JetFuel’s team itself.

“Any apps that appear under the Mango Labs LLC name on the App Store or Google Play were in fact developed by other companies, and Mango Labs has only acted as a publisher,” the spokesperson said.

Image Credits: JetFuel’s website describing Mango Labs as an “indie developer”

There are reasons why this statement doesn’t quite sit right — and not only because JetFuel’s partners seem happy to hide themselves behind Mango Labs’ name, nor because Mango Labs was a project from the JetFuel team in the past. It’s also odd that Mango Labs and another entity, Takeoff Labs, claim the same set of apps. And like Mango Labs, Takeoff Labs is associated with JetFuel too.

Breaking this down, as of the time of writing, Mango Labs has published several consumer apps on both the App Store and Google Play.

On iOS, this includes the recent No. 1 app Fontmaker, as well as FontKey, Color Meme, Litstick, Vibe, Celebs, FITme Fitness, CopyPaste, and Part 2. On Google Play, it has two more: Stickered and Mango.

Image Credits: Mango Labs

Most of Mango Labs’ App Store listings point to JetFuel’s website as the app’s “developer website,” which would be in line with what Vungle says about JetFuel acting as the apps’ publisher.

What’s odd, however, is that the Mango Labs’ app Part2, links to Takeoff Labs’ website from its App Store listing.

The Vungle spokesperson initially told us that Takeoff Labs is “an independent app developer.”

And yet, the Takeoff Labs’ website shows a team which consists of JetFuel’s leadership, including JetFuel co-founder and CEO Tim Lenardo and JetFuel co-founder and CRO JJ Maxwell. Takeoff Labs’ LLC application was also signed by Lenardo.

Meanwhile, Takeoff Labs’ co-founder and CEO Rhai Goburdhun, per his LinkedIn and the Takeoff Labs website, still works there. Asked about this connection, Vungle told us they did not realize the website had not been updated, and neither JetFuel nor Vungle have an ownership stake in Takeoff Labs with this acquisition.

Image Credits: Takeoff Labs’ website showing its team, including JetFuel’s co-founders.

Takeoff Labs’ website also shows off its “portfolio” of apps, which includes Celeb, Litstick, and FontKey — three apps that are published by Mango Labs on the App Store.

On Google Play, Takeoff Labs is the developer credited with Celebs, as well as two other apps, Vibe and Teal, a neobank. But on the App Store, Vibe is published by Mango Labs.

Image Credits: Takeoff Labs’ website, showing its app portfolio.

(Not to complicate things further, but there’s also an entity called RealLabs which hosts JetFuel, The Plug and other consumer apps, including Mango — the app published by Mango Labs on Google Play. Someone sure likes naming things “Labs!”)

Vungle claims the confusion here has to do with how it now uses the Mango Labs iTunes account to publish apps for its partners, which is a “common practice” on the App Store. It says it intends to transfer the apps published under Mango Labs to the developers’ accounts, because it agrees this is confusing.

Vungle also claims that JetFuel “does not make nor own any consumer apps that are currently live on the app stores. Any of the apps made by the entity when it was known as Mango Labs have long since been taken down from the app stores.”

JetFuel’s system is messy and confusing, but so far successful in its goals. Fontmaker did make it to No. 1, essentially growth hacked to the top by influencer marketing.

But as a consumer, what this all means is that you’ll never know who actually built the app you’re downloading or whether you were “influenced” to try it through what were, essentially, undisclosed ads.

Fontmaker isn’t the first to growth hack its way to the top through influencer promotions. Summertime hit Poparrazzi also hyped itself to the top of the App Store in a similar way, as have many others. But Poparazzi has since sunk to No. 89 in Photo & Video, which shows influence can only take you so far.

As for Fontmaker, paid influence got it to No. 1, but its Top Chart moment was brief.

#app-developer, #app-store, #apps, #blackstone, #co-founder, #federal-trade-commission, #google-play, #indie-developer, #itunes, #linkedin, #mobile-applications, #mobile-software, #snapchat, #social-media, #software, #spokesperson, #tc, #technology, #tiktok, #vibe, #video-hosting, #vungle

Today’s real story: The Facebook monopoly

Facebook is a monopoly. Right?

Mark Zuckerberg appeared on national TV today to make a “special announcement.” The timing could not be more curious: Today is the day Lina Khan’s FTC refiled its case to dismantle Facebook’s monopoly.

To the average person, Facebook’s monopoly seems obvious. “After all,” as James E. Boasberg of the U.S. District Court for the District of Columbia put it in his recent decision, “No one who hears the title of the 2010 film ‘The Social Network’ wonders which company it is about.” But obviousness is not an antitrust standard. Monopoly has a clear legal meaning, and thus far Lina Khan’s FTC has failed to meet it. Today’s refiling is much more substantive than the FTC’s first foray. But it’s still lacking some critical arguments. Here are some ideas from the front lines.

To the average person, Facebook’s monopoly seems obvious. But obviousness is not an antitrust standard.

First, the FTC must define the market correctly: personal social networking, which includes messaging. Second, the FTC must establish that Facebook controls over 60% of the market — the correct metric to establish this is revenue.

Though consumer harm is a well-known test of monopoly determination, our courts do not require the FTC to prove that Facebook harms consumers to win the case. As an alternative pleading, though, the government can present a compelling case that Facebook harms consumers by suppressing wages in the creator economy. If the creator economy is real, then the value of ads on Facebook’s services is generated through the fruits of creators’ labor; no one would watch the ads before videos or in between posts if the user-generated content was not there. Facebook has harmed consumers by suppressing creator wages.

A note: This is the first of a series on the Facebook monopoly. I am inspired by Cloudflare’s recent post explaining the impact of Amazon’s monopoly in their industry. Perhaps it was a competitive tactic, but I genuinely believe it more a patriotic duty: guideposts for legislators and regulators on a complex issue. My generation has watched with a combination of sadness and trepidation as legislators who barely use email question the leading technologists of our time about products that have long pervaded our lives in ways we don’t yet understand. I, personally, and my company both stand to gain little from this — but as a participant in the latest generation of social media upstarts, and as an American concerned for the future of our democracy, I feel a duty to try.

The problem

According to the court, the FTC must meet a two-part test: First, the FTC must define the market in which Facebook has monopoly power, established by the D.C. Circuit in Neumann v. Reinforced Earth Co. (1986). This is the market for personal social networking services, which includes messaging.

Second, the FTC must establish that Facebook controls a dominant share of that market, which courts have defined as 60% or above, established by the 3rd U.S. Circuit Court of Appeals in FTC v. AbbVie (2020). The right metric for this market share analysis is unequivocally revenue — daily active users (DAU) x average revenue per user (ARPU). And Facebook controls over 90%.

The answer to the FTC’s problem is hiding in plain sight: Snapchat’s investor presentations:

Snapchat July 2021 investor presentation: Significant DAU and ARPU Opportunity

Snapchat July 2021 investor presentation: Significant DAU and ARPU Opportunity. Image CreditsSnapchat

This is a chart of Facebook’s monopoly — 91% of the personal social networking market. The gray blob looks awfully like a vast oil deposit, successfully drilled by Facebook’s Standard Oil operations. Snapchat and Twitter are the small wildcatters, nearly irrelevant compared to Facebook’s scale. It should not be lost on any market observers that Facebook once tried to acquire both companies.

The market Includes messaging

The FTC initially claimed that Facebook has a monopoly of the “personal social networking services” market. The complaint excluded “mobile messaging” from Facebook’s market “because [messaging apps] (i) lack a ‘shared social space’ for interaction and (ii) do not employ a social graph to facilitate users’ finding and ‘friending’ other users they may know.”

This is incorrect because messaging is inextricable from Facebook’s power. Facebook demonstrated this with its WhatsApp acquisition, promotion of Messenger and prior attempts to buy Snapchat and Twitter. Any personal social networking service can expand its features — and Facebook’s moat is contingent on its control of messaging.

The more time in an ecosystem the more valuable it becomes. Value in social networks is calculated, depending on whom you ask, algorithmically (Metcalfe’s law) or logarithmically (Zipf’s law). Either way, in social networks, 1+1 is much more than 2.

Social networks become valuable based on the ever-increasing number of nodes, upon which companies can build more features. Zuckerberg coined the “social graph” to describe this relationship. The monopolies of Line, Kakao and WeChat in Japan, Korea and China prove this clearly. They began with messaging and expanded outward to become dominant personal social networking behemoths.

In today’s refiling, the FTC explains that Facebook, Instagram and Snapchat are all personal social networking services built on three key features:

  1. “First, personal social networking services are built on a social graph that maps the connections between users and their friends, family, and other personal connections.”
  2. “Second, personal social networking services include features that many users regularly employ to interact with personal connections and share their personal experiences in a shared social space, including in a one-to-many ‘broadcast’ format.”
  3. “Third, personal social networking services include features that allow users to find and connect with other users, to make it easier for each user to build and expand their set of personal connections.”

Unfortunately, this is only partially right. In social media’s treacherous waters, as the FTC has struggled to articulate, feature sets are routinely copied and cross-promoted. How can we forget Instagram’s copying of Snapchat’s stories? Facebook has ruthlessly copied features from the most successful apps on the market from inception. Its launch of a Clubhouse competitor called Live Audio Rooms is only the most recent example. Twitter and Snapchat are absolutely competitors to Facebook.

Messaging must be included to demonstrate Facebook’s breadth and voracious appetite to copy and destroy. WhatsApp and Messenger have over 2 billion and 1.3 billion users respectively. Given the ease of feature copying, a messaging service of WhatsApp’s scale could become a full-scale social network in a matter of months. This is precisely why Facebook acquired the company. Facebook’s breadth in social media services is remarkable. But the FTC needs to understand that messaging is a part of the market. And this acknowledgement would not hurt their case.

The metric: Revenue shows Facebook’s monopoly

Boasberg believes revenue is not an apt metric to calculate personal networking: “The overall revenues earned by PSN services cannot be the right metric for measuring market share here, as those revenues are all earned in a separate market — viz., the market for advertising.” He is confusing business model with market. Not all advertising is cut from the same cloth. In today’s refiling, the FTC correctly identifies “social advertising” as distinct from the “display advertising.”

But it goes off the deep end trying to avoid naming revenue as the distinguishing market share metric. Instead the FTC cites “time spent, daily active users (DAU), and monthly active users (MAU).” In a world where Facebook Blue and Instagram compete only with Snapchat, these metrics might bring Facebook Blue and Instagram combined over the 60% monopoly hurdle. But the FTC does not make a sufficiently convincing market definition argument to justify the choice of these metrics. Facebook should be compared to other personal social networking services such as Discord and Twitter — and their correct inclusion in the market would undermine the FTC’s choice of time spent or DAU/MAU.

Ultimately, cash is king. Revenue is what counts and what the FTC should emphasize. As Snapchat shows above, revenue in the personal social media industry is calculated by ARPU x DAU. The personal social media market is a different market from the entertainment social media market (where Facebook competes with YouTube, TikTok and Pinterest, among others). And this too is a separate market from the display search advertising market (Google). Not all advertising-based consumer technology is built the same. Again, advertising is a business model, not a market.

In the media world, for example, Netflix’s subscription revenue clearly competes in the same market as CBS’ advertising model. News Corp.’s acquisition of Facebook’s early competitor MySpace spoke volumes on the internet’s potential to disrupt and destroy traditional media advertising markets. Snapchat has chosen to pursue advertising, but incipient competitors like Discord are successfully growing using subscriptions. But their market share remains a pittance compared to Facebook.

An alternative pleading: Facebook’s market power suppresses wages in the creator economy

The FTC has correctly argued for the smallest possible market for their monopoly definition. Personal social networking, of which Facebook controls at least 80%, should not (in their strongest argument) include entertainment. This is the narrowest argument to make with the highest chance of success.

But they could choose to make a broader argument in the alternative, one that takes a bigger swing. As Lina Khan famously noted about Amazon in her 2017 note that began the New Brandeis movement, the traditional economic consumer harm test does not adequately address the harms posed by Big Tech. The harms are too abstract. As White House advisor Tim Wu argues in “The Curse of Bigness,” and Judge Boasberg acknowledges in his opinion, antitrust law does not hinge solely upon price effects. Facebook can be broken up without proving the negative impact of price effects.

However, Facebook has hurt consumers. Consumers are the workers whose labor constitutes Facebook’s value, and they’ve been underpaid. If you define personal networking to include entertainment, then YouTube is an instructive example. On both YouTube and Facebook properties, influencers can capture value by charging brands directly. That’s not what we’re talking about here; what matters is the percent of advertising revenue that is paid out to creators.

YouTube’s traditional percentage is 55%. YouTube announced it has paid $30 billion to creators and rights holders over the last three years. Let’s conservatively say that half of the money goes to rights holders; that means creators on average have earned $15 billion, which would mean $5 billion annually, a meaningful slice of YouTube’s $46 billion in revenue over that time. So in other words, YouTube paid creators a third of its revenue (this admittedly ignores YouTube’s non-advertising revenue).

Facebook, by comparison, announced just weeks ago a paltry $1 billion program over a year and change. Sure, creators may make some money from interstitial ads, but Facebook does not announce the percentage of revenue they hand to creators because it would be insulting. Over the equivalent three-year period of YouTube’s declaration, Facebook has generated $210 billion in revenue. one-third of this revenue paid to creators would represent $70 billion, or $23 billion a year.

Why hasn’t Facebook paid creators before? Because it hasn’t needed to do so. Facebook’s social graph is so large that creators must post there anyway — the scale afforded by success on Facebook Blue and Instagram allows creators to monetize through directly selling to brands. Facebooks ads have value because of creators’ labor; if the users did not generate content, the social graph would not exist. Creators deserve more than the scraps they generate on their own. Facebook suppresses creators’ wages because it can. This is what monopolies do.

Facebook’s Standard Oil ethos

Facebook has long been the Standard Oil of social media, using its core monopoly to begin its march upstream and down. Zuckerberg announced in July and renewed his focus today on the metaverse, a market Roblox has pioneered. After achieving a monopoly in personal social media and competing ably in entertainment social media and virtual reality, Facebook’s drilling continues. Yes, Facebook may be free, but its monopoly harms Americans by stifling creator wages. The antitrust laws dictate that consumer harm is not a necessary condition for proving a monopoly under the Sherman Act; monopolies in and of themselves are illegal. By refiling the correct market definition and marketshare, the FTC stands more than a chance. It should win.

A prior version of this article originally appeared on Substack.

#amazon, #apps, #cloudflare, #column, #facebook, #federal-trade-commission, #google, #lina-khan, #mark-zuckerberg, #messenger, #monopoly, #opinion, #pinterest, #policy, #snapchat, #social, #social-media, #social-networks, #startups, #tc, #twitter, #whatsapp

U.S. Takes a New Stab at Facebook Antitrust Suit

After a judge slammed the F.T.C.’s original lawsuit, regulators returned with a more detailed case accusing the platform of being a monopoly.

#antitrust-laws-and-competition-issues, #boasberg-james-e, #computers-and-the-internet, #decisions-and-verdicts, #facebook-inc, #federal-trade-commission, #khan-lina, #social-media, #zuckerberg-mark-e

Two senators urge the FTC to investigate Tesla over “Full Self-Driving” statements

Two Democratic senators have asked the new chair of the Federal Trade Commission to investigate Tesla’s statements about the autonomous capabilities of its Autopilot and Full Self-Driving systems. The senators, Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.), expressed particular concern over Tesla misleading customers into thinking their vehicles are capable of fully autonomous driving.

“Tesla’s marketing has repeatedly overstated the capabilities of its vehicles, and these statements increasingly pose a threat to motorists and other users of the road,” they said. “Accordingly, we urge you to open an investigation into potentially deceptive and unfair practices in Tesla’s advertising and marketing of its driving automation systems and take appropriate enforcement action to ensure the safety of all drivers on the road.”

In their letter to new FTC Chair Lina Khan, they point to a 2019 Youtube video Tesla posted to its channel, which shows a Tesla driving autonomously. The roughly two-minute-long video is titled “Full Self-Driving” and has been viewed over 18 million times.

“Their claims put Tesla drivers – and all of the travelling public – at risk of serious injury or death,” the Senators said.

When it comes to Tesla and formal investigations, when it rains, it pours. The letter was published just two days after the National Highway Transportation Safety Administration said it had opened a preliminary investigation into incidents involving Teslas crashing into parked emergency vehicles.

Lina Khan is the youngest person to ever chair the FTC. She’s widely considered the most progressive appointment in recent history, particularly for her scholarship on antitrust law. But should the FTC choose to investigate Tesla, the case would likely have nothing to do with antitrust law and instead fall under the purview of consumer protection. The FTC has the authority to investigate false or misleading claims from companies regarding their products.

This is not the first time prominent figures have called on the FTC to open an investigation into Tesla’s claims. The Center for Auto Safety and Consumer Watchdog, two special interest groups, also sent a letter in 2018 to the commission over the marketing of Autopilot features. The following year, the NHTSA urged the FTC to investigate whether claims made by Tesla CEO Elon Musk on the Model 3’s safety “constitute[d] unfair or deceptive acts or practices.”

Tesla charges $10,000 for access to a “Full Self-Driving” option at the point of sale, or as a subscription. The company is currently testing beta version 9 of FSD with a few thousand drivers, but the Senators take aim at the beta version, too. “After the [beta 9] update, drivers have posted videos online showing their updated Tesla vehicles making unexpected maneuvers that require human intervention to prevent a crash,” they write. “Mr. Musk’s tepid precautions tucked away on social media are no excuse for misleading drivers and endangering the lives of everyone on the road.”

#automotive, #autopilot, #federal-trade-commission, #full-self-driving, #national-highway-traffic-and-safety-administration, #tesla, #transportation

How the law got it wrong with Apple Card

Advocates of algorithmic justice have begun to see their proverbial “days in court” with legal investigations of enterprises like UHG and Apple Card. The Apple Card case is a strong example of how current anti-discrimination laws fall short of the fast pace of scientific research in the emerging field of quantifiable fairness.

While it may be true that Apple and their underwriters were found innocent of fair lending violations, the ruling came with clear caveats that should be a warning sign to enterprises using machine learning within any regulated space. Unless executives begin to take algorithmic fairness more seriously, their days ahead will be full of legal challenges and reputational damage.

What happened with Apple Card?

In late 2019, startup leader and social media celebrity David Heinemeier Hansson raised an important issue on Twitter, to much fanfare and applause. With almost 50,000 likes and retweets, he asked Apple and their underwriting partner, Goldman Sachs, to explain why he and his wife, who share the same financial ability, would be granted different credit limits. To many in the field of algorithmic fairness, it was a watershed moment to see the issues we advocate go mainstream, culminating in an inquiry from the NY Department of Financial Services (DFS).

At first glance, it may seem heartening to credit underwriters that the DFS concluded in March that Goldman’s underwriting algorithm did not violate the strict rules of financial access created in 1974 to protect women and minorities from lending discrimination. While disappointing to activists, this result was not surprising to those of us working closely with data teams in finance.

There are some algorithmic applications for financial institutions where the risks of experimentation far outweigh any benefit, and credit underwriting is one of them. We could have predicted that Goldman would be found innocent, because the laws for fairness in lending (if outdated) are clear and strictly enforced.

And yet, there is no doubt in my mind that the Goldman/Apple algorithm discriminates, along with every other credit scoring and underwriting algorithm on the market today. Nor do I doubt that these algorithms would fall apart if researchers were ever granted access to the models and data we would need to validate this claim. I know this because the NY DFS partially released its methodology for vetting the Goldman algorithm, and as you might expect, their audit fell far short of the standards held by modern algorithm auditors today.

How did DFS (under current law) assess the fairness of Apple Card?

In order to prove the Apple algorithm was “fair,” DFS considered first whether Goldman had used “prohibited characteristics” of potential applicants like gender or marital status. This one was easy for Goldman to pass — they don’t include race, gender or marital status as an input to the model. However, we’ve known for years now that some model features can act as “proxies” for protected classes.

If you’re Black, a woman and pregnant, for instance, your likelihood of obtaining credit may be lower than the average of the outcomes among each overarching protected category.

The DFS methodology, based on 50 years of legal precedent, failed to mention whether they considered this question, but we can guess that they did not. Because if they had, they’d have quickly found that credit score is so tightly correlated to race that some states are considering banning its use for casualty insurance. Proxy features have only stepped into the research spotlight recently, giving us our first example of how science has outpaced regulation.

In the absence of protected features, DFS then looked for credit profiles that were similar in content but belonged to people of different protected classes. In a certain imprecise sense, they sought to find out what would happen to the credit decision were we to “flip” the gender on the application. Would a female version of the male applicant receive the same treatment?

Intuitively, this seems like one way to define “fair.” And it is — in the field of machine learning fairness, there is a concept called a “flip test” and it is one of many measures of a concept called “individual fairness,” which is exactly what it sounds like. I asked Patrick Hall, principal scientist at bnh.ai, a leading boutique AI law firm, about the analysis most common in investigating fair lending cases. Referring to the methods DFS used to audit Apple Card, he called it basic regression, or “a 1970s version of the flip test,” bringing us example number two of our insufficient laws.

A new vocabulary for algorithmic fairness

Ever since Solon Barocas’ seminal paper “Big Data’s Disparate Impact” in 2016, researchers have been hard at work to define core philosophical concepts into mathematical terms. Several conferences have sprung into existence, with new fairness tracks emerging at the most notable AI events. The field is in a period of hypergrowth, where the law has as of yet failed to keep pace. But just like what happened to the cybersecurity industry, this legal reprieve won’t last forever.

Perhaps we can forgive DFS for its softball audit given that the laws governing fair lending are born of the civil rights movement and have not evolved much in the 50-plus years since inception. The legal precedents were set long before machine learning fairness research really took off. If DFS had been appropriately equipped to deal with the challenge of evaluating the fairness of the Apple Card, they would have used the robust vocabulary for algorithmic assessment that’s blossomed over the last five years.

The DFS report, for instance, makes no mention of measuring “equalized odds,” a notorious line of inquiry first made famous in 2018 by Joy Buolamwini, Timnit Gebru and Deb Raji. Their “Gender Shades” paper proved that facial recognition algorithms guess wrong on dark female faces more often than they do on subjects with lighter skin, and this reasoning holds true for many applications of prediction beyond computer vision alone.

Equalized odds would ask of Apple’s algorithm: Just how often does it predict creditworthiness correctly? How often does it guess wrong? Are there disparities in these error rates among people of different genders, races or disability status? According to Hall, these measurements are important, but simply too new to have been fully codified into the legal system.

If it turns out that Goldman regularly underestimates female applicants in the real world, or assigns interest rates that are higher than Black applicants truly deserve, it’s easy to see how this would harm these underserved populations at national scale.

Financial services’ Catch-22

Modern auditors know that the methods dictated by legal precedent fail to catch nuances in fairness for intersectional combinations within minority categories — a problem that’s exacerbated by the complexity of machine learning models. If you’re Black, a woman and pregnant, for instance, your likelihood of obtaining credit may be lower than the average of the outcomes among each overarching protected category.

These underrepresented groups may never benefit from a holistic audit of the system without special attention paid to their uniqueness, given that the sample size of minorities is by definition a smaller number in the set. This is why modern auditors prefer “fairness through awareness” approaches that allow us to measure results with explicit knowledge of the demographics of the individuals in each group.

But there’s a Catch-22. In financial services and other highly regulated fields, auditors often can’t use “fairness through awareness,” because they may be prevented from collecting sensitive information from the start. The goal of this legal constraint was to prevent lenders from discrimination. In a cruel twist of fate, this gives cover to algorithmic discrimination, giving us our third example of legal insufficiency.

The fact that we can’t collect this information hamstrings our ability to find out how models treat underserved groups. Without it, we might never prove what we know to be true in practice — full-time moms, for instance, will reliably have thinner credit files, because they don’t execute every credit-based purchase under both spousal names. Minority groups may be far more likely to be gig workers, tipped employees or participate in cash-based industries, leading to commonalities among their income profiles that prove less common for the majority.

Importantly, these differences on the applicants’ credit files do not necessarily translate to true financial responsibility or creditworthiness. If it’s your goal to predict creditworthiness accurately, you’d want to know where the method (e.g., a credit score) breaks down.

What this means for businesses using AI

In Apple’s example, it’s worth mentioning a hopeful epilogue to the story where Apple made a consequential update to their credit policy to combat the discrimination that is protected by our antiquated laws. In Apple CEO Tim Cook’s announcement, he was quick to highlight a “lack of fairness in the way the industry [calculates] credit scores.”

Their new policy allows spouses or parents to combine credit files such that the weaker credit file can benefit from the stronger. It’s a great example of a company thinking ahead to steps that may actually reduce the discrimination that exists structurally in our world. In updating their policies, Apple got ahead of the regulation that may come as a result of this inquiry.

This is a strategic advantage for Apple, because NY DFS made exhaustive mention of the insufficiency of current laws governing this space, meaning updates to regulation may be nearer than many think. To quote Superintendent of Financial Services Linda A. Lacewell: “The use of credit scoring in its current form and laws and regulations barring discrimination in lending are in need of strengthening and modernization.” In my own experience working with regulators, this is something today’s authorities are very keen to explore.

I have no doubt that American regulators are working to improve the laws that govern AI, taking advantage of this robust vocabulary for equality in automation and math. The Federal Reserve, OCC, CFPB, FTC and Congress are all eager to address algorithmic discrimination, even if their pace is slow.

In the meantime, we have every reason to believe that algorithmic discrimination is rampant, largely because the industry has also been slow to adopt the language of academia that the last few years have brought. Little excuse remains for enterprises failing to take advantage of this new field of fairness, and to root out the predictive discrimination that is in some ways guaranteed. And the EU agrees, with draft laws that apply specifically to AI that are set to be adopted some time in the next two years.

The field of machine learning fairness has matured quickly, with new techniques discovered every year and myriad tools to help. The field is only now reaching a point where this can be prescribed with some degree of automation. Standards bodies have stepped in to provide guidance to lower the frequency and severity of these issues, even if American law is slow to adopt.

Because whether discrimination by algorithm is intentional, it is illegal. So, anyone using advanced analytics for applications relating to healthcare, housing, hiring, financial services, education or government are likely breaking these laws without knowing it.

Until clearer regulatory guidance becomes available for the myriad applications of AI in sensitive situations, the industry is on its own to figure out which definitions of fairness are best.

#algorithmic-bias, #apple, #apple-card, #artificial-intelligence, #casualty-insurance, #cfpb, #column, #data-discrimination, #discrimination, #diversity, #federal-trade-commission, #financial-services, #fintech, #machine-learning, #occ, #opinion, #payments

Senators press Facebook for answers about why it cut off misinformation researchers

Facebook’s decision to close accounts connected to a misinformation research project last week prompted a broad outcry from the company’s critics — and now Congress is getting involved.

A handful of lawmakers criticized the decision at the time, slamming Facebook for being hostile toward efforts to make the platform’s opaque algorithms and ad targeting methods more transparent. Researchers believe that studying those hidden systems is crucial work for gaining insight on the flow of political misinformation.

The company specifically punished two researchers with NYU’s Cybersecurity for Democracy project who work on Ad Observer, an opt-in browser tool that allows researchers to study how Facebook targets ads to different people based on their interests and demographics.

In a new letter, embedded below, a trio of Democratic senators are pressing Facebook for more answers. Senators Amy Klobuchar (D-MN), Chris Coons (D-DE) and Mark Warner (D-VA) wrote to Facebook CEO Mark Zuckerberg asking for a full explanation on why the company terminated the researcher accounts and how they violated the platform’s terms of service and compromised user privacy. The lawmakers sent the letter on Friday.

“While we agree that Facebook must safeguard user privacy, it is similarly imperative that Facebook allow credible academic researchers and journalists like those involved in the Ad Observatory project to conduct independent research that will help illuminate how the company can better tackle misinformation, disinformation, and other harmful activity that is proliferating on its platforms,” the senators wrote.

Lawmakers have long urged the company to be more transparent about political advertising and misinformation, particularly after Facebook was found to have distributed election disinformation in 2016. Those concerns were only heightened by the platform’s substantial role in spreading election misinformation leading up to the insurrection at the U.S. Capitol, where Trump supporters attempted to overturn the vote.

In a blog post defending its decision, Facebook cited compliance with FTC as one of the reason the company severed the accounts. But the FTC called Facebook’s bluff last week in a letter to Zuckerberg, noting that nothing about the agency’s guidance for the company would preclude it from encouraging research in the public interest.

“Indeed, the FTC supports efforts to shed light on opaque business practices, especially around surveillance-based advertising,” Samuel Levine, the FTC’s acting director for the Bureau of Consumer Protection, wrote.

#amy-klobuchar, #computing, #congress, #facebook, #federal-trade-commission, #mark-zuckerberg, #misinformation, #nyu, #political-advertising, #privacy, #social, #social-media, #software, #tc, #technology, #trump

Facebook cuts off NYU researcher access, prompting rebuke from lawmakers

Facebook shut down accounts belonging to two academic researchers late Tuesday, cutting off their ability to study political ads and misinformation on the world’s biggest social network.

The company accused the academics of engaging in “unauthorized scraping” and compromising user privacy on the platform, claims that Facebook’s many critics are slamming as a thin pretense for killing the transparency work.

The company took action against Laura Edelson and Damon McCoy, two well-known researchers affiliated with NYU’s Cybersecurity for Democracy project who have long sparred with the company. The move cuts off their access to Facebook’s Ad Library — one of the company’s only meaningful transparency efforts to date — and data on popular posts from the social media monitoring service CrowdTangle.

Facebook has a history with Edelson and McCoy. The company served the pair cease and desist letters just weeks before the 2020 election, calling on the team to disable an opt-in browser tool called Ad Observer and unpublish their findings. Ad Observer is a browser tool anyone can install that’s designed to give researchers a rare glimpse into how Facebook targets the ads that have transformed it into a trillion-dollar company.

“Over the last several years, we’ve used this access to uncover systemic flaws in the Facebook Ad Library, identify misinformation in political ads including many sowing distrust in our election system, and to study Facebook’s apparent amplification of partisan misinformation,” Edelson said on Twitter.

“By suspending our accounts, Facebook has effectively ended all this work. Facebook has also effectively cut off access to more than two dozen other researchers and journalists who get access to Facebook data through our project, including our work measuring vaccine misinformation with the Virality Project and many other partners who rely on our data.”

The incident set off a fresh round of criticism about the company’s preference for opacity over transparency when it comes to some of the more dangerous behavior that the platform incubates.

By Wednesday, Facebook’s actions had attracted the attention of some members of Congress. Sen. Ron Wyden (D-OR) criticized Facebook’s decision to punish the researchers under the pretense of protecting users in light of the company’s long history of invasive privacy practices. Wyden also called Facebook’s bluff over its claim that revoking researcher access is an effort to comply with a privacy order from the FTC that the company was issued for its previous user privacy violations.

Sen. Mark Warner (D-VA) also weighed in on Facebook’s latest controversy, calling the decision “deeply concerning.” Warner praised independent researchers for “consistently [improving] the integrity and safety of social media platforms by exposing harmful and exploitative activity.”

“It’s past time for Congress to act to bring greater transparency to the shadowy world of online advertising, which continues to be a major vector for fraud and misconduct,” Warner said.

A number of free press organizations, researchers and misinformation experts also condemned Facebook’s decision Wednesday. “Facebook’s cavalier approach to privacy enabled it to become so dominant,” The Markup’s Julia Angwin and Nabiha Syed wrote in a joint statement.

“But now, when independent researchers want to interrogate that platform and the influence it commands, Facebook is propping up user privacy as a shield to hide behind.”

#congress, #facebook, #facebook-ad-library, #federal-trade-commission, #instagram, #julia-angwin, #mark-warner, #nyu, #online-advertising, #operating-systems, #privacy, #ron-wyden, #social, #social-media, #social-media-platforms, #social-network, #tc, #world-wide-web

Biden nominates another Big Tech enemy, this time to lead the DOJ’s antitrust division

The Biden administration tripled down on its commitment to reining in powerful tech companies Tuesday, proposing committed Big Tech critic Jonathan Kanter to lead the Justice Department’s antitrust division.

Kanter is a lawyer with a long track record of representing smaller companies like Yelp in antitrust cases against Google. He currently practices law at his own firm, which specializes in advocacy for state and federal antitrust enforcement.

“Throughout his career, Kanter has also been a leading advocate and expert in the effort to promote strong and meaningful antitrust enforcement and competition policy,” the White House press release stated. Progressives celebrated the nomination as a win, though some of Biden’s new antitrust hawks have enjoyed support from both political parties.

The Justice Department already has a major antitrust suit against Google in the works. The lawsuit, filed by Trump’s own Justice Department, accuses the company of “unlawfully maintaining monopolies” through anti-competitive practices in its search and search advertising businesses. If successfully confirmed, Kanter would be positioned to steer the DOJ’s big case against Google.

In a 2016 NYT op-ed, Kanter argued that Google is notorious for relying on an anti-competitive “playbook” to maintain its market dominance. Kanter pointed to Google’s long history of releasing free ad-supported products and eventually restricting competition through “discriminatory and exclusionary practices” in a given corner of the market.

Kanter is just the latest high profile Big Tech critic that’s been elevated to a major regulatory role under Biden. Last month, Biden named fierce Amazon critic Lina Khan as FTC chair upon her confirmation to the agency. In March, Biden named another noted Big Tech critic, Columbia law professor Tim Wu, to the National Economic Council as a special assistant for tech and competition policy.

All signs point to the Biden White House gearing up for a major federal fight with Big Tech. Congress is working on a set of Big Tech bills, but in lieu of — or in tandem with — legislative reform, the White House can flex its own regulatory muscle through the FTC and DOJ.

In new comments to MSNBC, the White House confirmed that it is also “reviewing” Section 230 of the Communications Decency Act, a potent snippet of law that protects platforms from liability for user-generated content.

#amazon, #biden, #biden-administration, #big-tech, #chair, #columbia, #competition-law, #congress, #department-of-justice, #doj, #federal-trade-commission, #google, #government, #joe-biden, #lawyer, #lina-khan, #msnbc, #section-230, #tc, #tim-wu, #white-house, #yelp

Venmo removes its global, public feed in a significant app redesign

PayPal-owned payments app Venmo will no longer offer a public, global feed of users’ transactions, as part of a significant redesign focused on expanding the app’s privacy controls and better highlighting some of Venmo’s newer features. The company says it will instead only show users their “friends feed” — meaning, the app’s social feed where you can see just your friends’ transactions.

Venmo has struggled over the years to balance its desire to add a social element to its peer-to-peer payments-based network, with the need to offer users their privacy.

A few years ago, the company was forced to settle a complaint with the FTC over its handling of privacy disclosures in the app along with other issues related to the security and privacy of user transactions. One of the concerns at the time was a setting that made all transactions public by default — a feature the FTC said wasn’t being properly explained to customers. As part of the settlement, Venmo had to inform both new and existing users how to limit the visibility of their transactions, among other changes.

However, privacy issues have continued to follow Venmo over the years. More recently, BuzzFeed News was able to track down President Biden’s secret Venmo account because of the lack of privacy around Venmo friend lists, for example. Afterwards, the company rolled out friend list privacy controls to address the issue.

Image Credits: Venmo

In the newly updated app, Venmo will still highlight this friend list privacy setting so users can choose whether or not they want to have their profile appear on other people’s friends’ lists. Users will also still be able to remove or add contacts from their friend list at any time, block people, and set their transaction privacy either as they post or retroactively to public, private, or friends-only. It’s unclear what advantage posting publicly has though, as the global, public feed is gone. Instead, public transactions would be visible to a users’ non-friends only when someone visited their profile directly.

In addition to the privacy changes, Venmo’s redesign aims to make it easier for people to discover the app’s new features, the company says.

Now, a new bottom navigation option will allow users to toggle between their social feed, Venmo’s products like the Venmo Card and crypto, and their personal profile. The newly elevated “Cards” section will allow Venmo Credit and Debit cardholders to manage their cards and access their rewards and offers, as before. Meanwhile, the “Crypto” tab will let users learn and explore the world of crypto, view real-time trends, and buy, sell or hold different types of cryptocurrencies.

Image Credits: Venmo

Venmo first added support for crypto earlier this year, following parent company PayPal’s move to do the same, and now offers access to Bitcoin, Ethereum, Litecoin and Bitcoin Cash. Before, the option appeared as a small button next to the “Pay or Request” button at the bottom of the screen, which contributed to Venmo’s cluttered feel.

The updated app will also include support for new payment types and expanded purchase protections, which Venmo announced last month, and said would arrive on July 20. Customers will now be able to indicate if their purchase is for “goods and services” when they transact with a seller, which will make the transactions eligible for Venmo’s purchase protection plan — even if the seller doesn’t have a proper “business” account.

Because this now charges sellers a 1.9% plus 10-cent fee, there had been some backlash from users who either misunderstood the changes or just didn’t like them. But the move could help to boost Venmo revenue.

PayPal said in February that Venmo grew users 32% over 2020 to reach 70 million active accounts and expects the app to generate nearly $900 million in revenue this year — likely in part thanks to this and other new initiatives, like its crypto transaction fees.

Image Credits: Venmo

Beyond the more functional changes and the privacy updates, Venmo’s redesign also modernizes the look-and-feel of the app itself, which had become a little dated and overly busy. As Venmo had expanded its array of services, the hamburger (three line) menu in the top right of the old version of the app had turned into a long list of options and settings. Now that’s gone. The app uses new iconography, an updated font, and lots of white space to make it feel fresh and clean.

The app’s changes also somewhat de-emphasize the importance of the social feed itself. Although it may still default to that tab, other options now have equal footing with tabs of their own, instead of being hidden away in a menu or in a smaller button.

Venmo says the redesigned Venmo app will begin to roll out today to select customers and will be available to all users across the U.S. over the next few weeks.

#apps, #biden, #buzzfeed, #cryptocurrencies, #federal-trade-commission, #finance, #mobile-payments, #online-payments, #paypal, #peer-to-peer, #president, #united-states, #venmo

How Do I Stop Robocalls

An F.C.C. rule that went into effect last month is meant to help put a stop to those relentless calls about your extended warranty, and others.

#better-business-bureaus, #federal-communications-commission, #federal-trade-commission, #frauds-and-swindling, #identification-devices, #rosenworcel-jessica, #telemarketing

Biden’s sweeping executive order takes on big tech’s ‘bad mergers,’ ISPs and more

The Biden administration just introduced a sweeping, ambitious plan to forcibly inject competition into some consolidated sectors of the American economy — the tech sector prominent among them — through executive action.

“Today President Biden is taking decisive action to reduce the trend of corporate consolidation, increase competition, and deliver concrete benefits to America’s consumers, workers, farmers, and small businesses,” a new White House fact sheet on the forthcoming order states.

The order, which Biden will sign Friday, initiates a comprehensive “whole-of-government” approach that loops in more then twelve different agencies at the federal level to regulate monopolies, protect consumers and curtail bad behavior from some of the world’s biggest corporations.

In the fact sheet, the White House lays out its plans to take matters to regulate big business into its own hands at the federal level. As far as tech is concerned, that comes largely through emboldening the FTC and the Justice Department — two federal agencies with antitrust enforcement powers.

Most notably for big tech, which is already bracing for regulatory existential threats, the White House explicitly asserts here that those agencies have legal cover to “challenge prior bad mergers that past Administrations did not previously challenge” — i.e. unwinding acquisitions that built a handful of tech companies into the behemoths they are today. The order calls on antitrust agencies to enforce antitrust laws “vigorously.”

Federal scrutiny will prioritize “dominant internet platforms, with particular attention to the acquisition of nascent competitors, serial mergers, the accumulation of data, competition by ‘free’ products, and the effect on user privacy.” Facebook, Google and Amazon are particularly on notice here, though Apple isn’t likely to escape federal attention either.

“Over the past ten years, the largest tech platforms have acquired hundreds of companies—including alleged ‘killer acquisitions’ meant to shut down a potential competitive threat,” the White House wrote in the fact sheet. “Too often, federal agencies have not blocked, conditioned, or, in some cases, meaningfully examined these acquisitions.”

The biggest tech companies have regularly defended their longstanding strategy of buying up the competition by arguing that because those acquisitions went through without friction at the time, they shouldn’t be viewed as illegal in hindsight. In no uncertain terms, the new executive order makes it clear that the Biden administration isn’t having any of it.

The White House also specifically singles out internet service providers for scrutiny, ordering the FCC to prioritize consumer choice and institute broadband “nutrition labels” that clearly state speed caps and hidden feeds. The FCC began working on the labels in the Obama administration but the work was scrapped after Trump took office.

The order also directly calls on the FCC to restore net neutrality rules, which were stripped in 2017 to the widespread horror of open internet advocates and most of the tech industry outside of the service providers that stood to benefit.

The White House will also tell the FTC to create new privacy rules meant to guard consumers against surveillance and the “accumulation of extraordinarily amounts of sensitive personal information,” which free services like Facebook, YouTube and others have leveraged to build their vast empires. The White House also taps the FTC to create rules that protect smaller businesses from being pre-empted by large platforms, which in many cases abuse their market dominance with a different sort of data-based surveillance to out-compete up-and-coming competitors.

Finally, the executive order encourages the FTC to put right to repair rules in place that would free consumers from constraints that discourage DIY and third-party repairs. A new White House Competition Council under the Director of the National Economic Council will coordinate the federal execution of the proposals laid out in the new order.

The antitrust effort from the executive branch mirrors parallel actions in the FTC and Congress. In the FTC, Biden has installed a fearsome antitrust crusader in Lina Khan, a young legal scholar and fierce Amazon critic who proposes a philosophical overhaul to the way the federal government defines monopolies. Khan now leads the FTC as its chair.

In Congress, a bipartisan flurry of bills intended to rein in the tech industry are slowly wending their way toward becoming law, though plenty of hurdles remain. Last month, the House Judiciary Committee debated the six bills, which were crafted separately to help them survive opposing lobbying pushes from the tech industry. These legislative efforts could modernize antitrust laws, which have failed to keep pace with the modern realities of giant, internet-based businesses.

“Competition policy needs new energy and approaches so that we can address America’s monopoly problem,” Sen. Amy Klobuchar, a prominent tech antitrust hawk in Congress, said of the executive order. “That means legislation to update our antitrust laws, but it also means reimagining what the federal government can do to promote competition under our current laws.”

Citing the acceleration of corporate consolidation in recent decades, the White House argues that a handful of large corporations dominates across industries, including healthcare, agriculture and tech and consumers, workers and smaller competitors pay the price for their outsized success. The administration will focus antitrust enforcement on those corners of the market as well as evaluating the labor market and worker protections on the whole.

“Inadequate competition holds back economic growth and innovation… Economists find that as competition declines, productivity growth slows, business investment and innovation decline, and income, wealth, and racial inequality widen,” the White House wrote.

 

#amazon, #america, #biden, #biden-administration, #big-tech, #broadband, #competition-law, #congress, #department-of-justice, #executive, #facebook, #federal-communications-commission, #federal-government, #federal-trade-commission, #google, #government, #healthcare, #internet-service-providers, #lina-khan, #president, #tc, #white-house, #youtube

Biden to Urge More Scrutiny of Big Business

An executive order reflects the administration’s growing embrace of warnings by some economists that declining competition is hobbling the economy’s vitality.

#antitrust-laws-and-competition-issues, #biden-joseph-r-jr, #computers-and-the-internet, #drugs-pharmaceuticals, #federal-communications-commission, #federal-trade-commission, #khan-lina, #law-and-legislation, #net-neutrality, #regulation-and-deregulation-of-industry, #ships-and-shipping

Biden to Urge More Scrutiny of Tech Mergers and Data Privacy

The order is the president’s latest acknowledgment of concerns that the tech giants have obtained outsize market power.

#antitrust-laws-and-competition-issues, #biden-joseph-r-jr, #computers-and-the-internet, #federal-communications-commission, #federal-trade-commission, #khan-lina, #law-and-legislation, #net-neutrality, #regulation-and-deregulation-of-industry

Juul Is Fighting to Keep Its E-Cigarettes on the U.S. Market

The company faces declining sales and thousands of lawsuits claiming it knowingly sold its trendy vaping products to minors. Soon the F.D.A. will decide whether it can keep selling them at all.

#addiction-psychology, #altria-group-inc, #crosthwaite-k-c, #e-cigarettes, #federal-trade-commission, #food-and-drug-administration, #juul-labs-inc, #nicotine, #regulation-and-deregulation-of-industry, #smoking-and-tobacco, #suits-and-litigation-civil, #teenagers-and-adolescence, #your-feed-healthcare, #youth

Congress Faces Renewed Pressure to ‘Modernize Our Antitrust Laws’

After a federal judge threw out state and federal competition cases against Facebook, calls grew for lawmakers to quickly reform century-old monopoly laws.

#amazon-com-inc, #antitrust-laws-and-competition-issues, #apple-inc, #biden-joseph-r-jr, #boasberg-james-e, #buck-ken, #cicilline-david-n, #computers-and-the-internet, #e-commerce, #facebook-inc, #federal-trade-commission, #google-inc, #khan-lina, #law-and-legislation, #regulation-and-deregulation-of-industry, #social-media, #united-states-politics-and-government

Here are the antitrust arguments against Facebook and why a judge rejected them.

A federal judge said the Federal Trade Commission had not made its case that Facebook holds a monopoly over social networking. And he said states had waited too long to sue.

#antitrust-laws-and-competition-issues, #boasberg-james-e, #computers-and-the-internet, #facebook-inc, #federal-trade-commission, #social-media, #suits-and-litigation-civil

Facebook Antitrust Cases Brought By FTC and States Are Thrown Out

The judge, James E. Boasberg, said that the Federal Trade Commission’s complaint lacked facts, and that the agency needed to refile it within 30 days.

#antitrust-laws-and-competition-issues, #computers-and-the-internet, #facebook-inc, #federal-trade-commission, #social-media

Extended Warranties for Cars Are ‘Fraught With Peril for Consumers’

While reputable options exist, the robocalls are almost certainly scams, an industry group warns. And for consumers who feel they have been ripped off, there is no guarantee anyone will help.

#automobiles, #better-business-bureaus, #consumer-protection, #content-type-service, #customer-relations, #federal-trade-commission, #guarantees-and-warranties, #national-assn-of-insurance-commissioners, #regulation-and-deregulation-of-industry, #telemarketing

Perspectives on tackling Big Tech’s market power

The need for markets-focused competition watchdogs and consumer-centric privacy regulators to think outside their respective ‘legal silos’ and find creative ways to work together to tackle the challenge of big tech market power was the impetus for a couple of fascinating panel discussions organized by the Centre for Economic Policy Research (CEPR), which were livestreamed yesterday but are available to view on-demand here.

The conversations brought together key regulatory leaders from Europe and the US — giving a glimpse of what the future shape of digital markets oversight might look like at a time when fresh blood has just been injected to chair the FTC so regulatory change is very much in the air (at least around tech antitrust).

CEPR’s discussion premise is that integration, not merely intersection, of competition and privacy/data protection law is needed to get a proper handle on platform giants that have, in many cases, leveraged their market power to force consumers to accept an abusive ‘fee’ of ongoing surveillance.

That fee both strips consumers of their privacy and helps tech giants perpetuate market dominance by locking out interesting new competition (which can’t get the same access to people’s data so operates at a baked in disadvantage).

A running theme in Europe for a number of years now, since a 2018 flagship update to the bloc’s data protection framework (GDPR), has been the ongoing under-enforcement around the EU’s ‘on-paper’ privacy rights — which, in certain markets, means regional competition authorities are now actively grappling with exactly how and where the issue of ‘data abuse’ fits into their antitrust legal frameworks.

The regulators assembled for CEPR’s discussion included, from the UK, the Competition and Markets Authority’s CEO Andrea Coscelli and the information commissioner, Elizabeth Denham; from Germany, the FCO’s Andreas Mundt; from France, Henri Piffaut, VP of the French competition authority; and from the EU, the European Data Protection Supervisor himself, Wojciech Wiewiórowski, who advises the EU’s executive body on data protection legislation (and is the watchdog for EU institutions’ own data use).

The UK’s CMA now sits outside the EU, of course — giving the national authority a higher profile role in global mergers & acquisition decisions (vs pre-brexit), and the chance to help shape key standards in the digital sphere via the investigations and procedures it chooses to pursue (and it has been moving very quickly on that front).

The CMA has a number of major antitrust probes open into tech giants — including looking into complaints against Apple’s App Store and others targeting Google’s plan to depreciate support for third party tracking cookies (aka the so-called ‘Privacy Sandbox’) — the latter being an investigation where the CMA has actively engaged the UK’s privacy watchdog (the ICO) to work with it.

Only last week the competition watchdog said it was minded to accept a set of legally binding commitments that Google has offered which could see a quasi ‘co-design’ process taking place, between the CMA, the ICO and Google, over the shape of the key technology infrastructure that ultimately replaces tracking cookies. So a pretty major development.

Germany’s FCO has also been very active against big tech this year — making full use of an update to the national competition law which gives it the power to take proactive inventions around large digital platforms with major competitive significance — with open procedures now against Amazon, Facebook and Google.

The Bundeskartellamt was already a pioneer in pushing to loop EU data protection rules into competition enforcement in digital markets in a strategic case against Facebook, as we’ve reported before. That closely watched (and long running) case — which targets Facebook’s ‘superprofiling’ of users, based on its ability to combine user data from multiple sources to flesh out a single high dimension per-user profile — is now headed to Europe’s top court (so likely has more years to run).

But during yesterday’s discussion Mundt confirmed that the FCO’s experience litigating that case helped shape key amendments to the national law that’s given him beefier powers to tackle big tech. (And he suggested it’ll be a lot easier to regulate tech giants going forward, using these new national powers.)

“Once we have designated a company to be of ‘paramount significance’ we can prohibit certain conduct much more easily than we could in the past,” he said. “We can prohibit, for example, that a company impedes other undertaking by data processing that is relevant for competition. We can prohibit that a use of service depends on the agreement to data collection with no choice — this is the Facebook case, indeed… When this law was negotiated in parliament parliament very much referred to the Facebook case and in a certain sense this entwinement of competition law and data protection law is written in a theory of harm in the German competition law.

“This makes a lot of sense. If we talk about dominance and if we assess that this dominance has come into place because of data collection and data possession and data processing you need a parameter in how far a company is allowed to gather the data to process it.”

“The past is also the future because this Facebook case… has always been a big case. And now it is up to the European Court of Justice to say something on that,” he added. “If everything works well we might get a very clear ruling saying… as far as the ECN [European Competition Network] is concerned how far we can integrate GDPR in assessing competition matters.

“So Facebook has always been a big case — it might get even bigger in a certain sense.”

France’s competition authority and its national privacy regulator (the CNIL), meanwhile, have also been joint working in recent years.

Including over a competition complaint against Apple’s pro-user privacy App Tracking Transparency feature (which last month the antitrust watchdog declined to block) — so there’s evidence there too of respective oversight bodies seeking to bridge legal silos in order to crack the code of how to effectively regulate tech giants whose market power, panellists agreed, is predicated on earlier failures of competition law enforcement that allowed tech platforms to buy up rivals and sew up access to user data, entrenching advantage at the expense of user privacy and locking out the possibility of future competitive challenge.

The contention is that monopoly power predicated upon data access also locks consumers into an abusive relationship with platform giants which can then, in the case of ad giants like Google and Facebook, extract huge costs (paid not in monetary fees but in user privacy) for continued access to services that have also become digital staples — amping up the ‘winner takes all’ characteristic seen in digital markets (which is obviously bad for competition too).

Yet, traditionally at least, Europe’s competition authorities and data protection regulators have been focused on separate workstreams.

The consensus from the CEPR panels was very much that that is both changing and must change if civil society is to get a grip on digital markets — and wrest control back from tech giants to that ensure consumers and competitors aren’t both left trampled into the dust by data-mining giants.

Denham said her motivation to dial up collaboration with other digital regulators was the UK government entertaining the idea of creating a one-stop-shop ‘Internet’ super regulator. “What scared the hell out of me was the policymakers the legislators floating the idea of one regulator for the Internet. I mean what does that mean?” she said. “So I think what the regulators did is we got to work, we got busy, we become creative, got our of our silos to try to tackle these companies — the likes of which we have never seen before.

“And I really think what we have done in the UK — and I’m excited if others think it will work in their jurisdictions — but I think that what really pushed us is that we needed to show policymakers and the public that we had our act together. I think consumers and citizens don’t really care if the solution they’re looking for comes from the CMA, the ICO, Ofcom… they just want somebody to have their back when it comes to protection of privacy and protection of markets.

“We’re trying to use our regulatory levers in the most creative way possible to make the digital markets work and protect fundamental rights.”

During the earlier panel, the CMA’s Simeon Thornton, a director at the authority, made some interesting remarks vis-a-vis its (ongoing) Google ‘Privacy Sandbox’ investigation — and the joint working it’s doing with the ICO on that case — asserting that “data protection and respecting users’ rights to privacy are very much at the heart of the commitments upon which we are currently consulting”.

“If we accept the commitments Google will be required to develop the proposals according to a number of criteria including impacts on privacy outcomes and compliance with data protection principles, and impacts on user experience and user control over the use of their personal data — alongside the overriding objective of the commitments which is to address our competition concerns,” he went on, adding: “We have worked closely with the ICO in seeking to understand the proposals and if we do accept the commitments then we will continue to work closely with the ICO in influencing the future development of those proposals.”

“If we accept the commitments that’s not the end of the CMA’s work — on the contrary that’s when, in many respects, the real work begins. Under the commitments the CMA will be closely involved in the development, implementation and monitoring of the proposals, including through the design of trials for example. It’s a substantial investment from the CMA and we will be dedicating the right people — including data scientists, for example, to the job,” he added. “The commitments ensure that Google addresses any concerns that the CMA has. And if outstanding concerns cannot be resolved with Google they explicitly provide for the CMA to reopen the case and — if necessary — impose any interim measures necessary to avoid harm to competition.

“So there’s no doubt this is a big undertaking. And it’s going to be challenging for the CMA, I’m sure of that. But personally I think this is the sort of approach that is required if we are really to tackle the sort of concerns we’re seeing in digital markets today.”

Thornton also said: “I think as regulators we do need to step up. We need to get involved before the harm materializes — rather than waiting after the event to stop it from materializing, rather than waiting until that harm is irrevocable… I think it’s a big move and it’s a challenging one but personally I think it’s a sign of the future direction of travel in a number of these sorts of cases.”

Also speaking during the regulatory panel session was FTC commissioner Rebecca Slaughter — a dissenter on the $5BN fine it hit Facebook with back in 2019 for violating an earlier consent order (as she argued the settlement provided no deterrent to address underlying privacy abuse, leaving Facebook free to continue exploiting users’ data) — as well as Chris D’Angelo, the chief deputy AG of the New York Attorney General, which is leading a major states antitrust case against Facebook.

Slaughter pointed out that the FTC already combines a consumer focus with attention on competition but said that historically there has been separation of divisions and investigations — and she agreed on the need for more joined-up working.

She also advocated for US regulators to get out of a pattern of ineffective enforcement in digital markets on issues like privacy and competition where companies have, historically, been given — at best — what amounts to wrist slaps that don’t address root causes of market abuse, perpetuating both consumer abuse and market failure. And be prepared to litigate more.

As regulators toughen up their stipulations they will need to be prepared for tech giants to push back — and therefore be prepared to sue instead of accepting a weak settlement.

“That is what is most galling to me that even where we take action, in our best faith good public servants working hard to take action, we keep coming back to the same questions, again and again,” she said. “Which means that the actions we are taking isn’t working. We need different action to keep us from having the same conversation again and again.”

Slaughter also argued that it’s important for regulators not to pile all the burden of avoiding data abuses on consumers themselves.

“I want to sound a note of caution around approaches that are centered around user control,” she said. “I think transparency and control are important. I think it is really problematic to put the burden on consumers to work through the markets and the use of data, figure out who has their data, how it’s being used, make decisions… I think you end up with notice fatigue; I think you end up with decision fatigue; you get very abusive manipulation of dark patterns to push people into decisions.

“So I really worry about a framework that is built at all around the idea of control as the central tenant or the way we solve the problem. I’ll keep coming back to the notion of what instead we need to be focusing on is where is the burden on the firms to limit their collection in the first instance, prohibit their sharing, prohibit abusive use of data and I think that that’s where we need to be focused from a policy perspective.

“I think there will be ongoing debates about privacy legislation in the US and while I’m actually a very strong advocate for a better federal framework with more tools that facilitate aggressive enforcement but I think if we had done it ten years ago we probably would have ended up with a notice and consent privacy law and I think that that would have not been a great outcome for consumers at the end of the day. So I think the debate and discussion has evolved in an important way. I also think we don’t have to wait for Congress to act.”

As regards more radical solutions to the problem of market-denting tech giants — such as breaking up sprawling and (self-servingly) interlocking services empires — the message from Europe’s most ‘digitally switched on’ regulators seemed to be don’t look to us for that; we are going to have to stay in our lanes.

So tl;dr — if antitrust and privacy regulators’ joint working just sums to more intelligent fiddling round the edges of digital market failure, and it’s break-ups of US tech giants that’s what’s really needed to reboot digital markets, then it’s going to be up to US agencies to wield the hammers. (Or, as Coscelli elegantly phrased it: “It’s probably more realistic for the US agencies to be in the lead in terms of structural separation if and when it’s appropriate — rather than an agency like ours [working from inside a mid-sized economy such as the UK’s].”)

The lack of any representative from the European Commission on the panel was an interesting omission in that regard — perhaps hinting at ongoing ‘structural separation’ between DG Comp and DG Justice where digital policymaking streams are concerned.

The current competition chief, Margrethe Vestager — who also heads up digital strategy for the bloc, as an EVP — has repeatedly expressed reluctance to impose radical ‘break up’ remedies on tech giants. She also recently preferred to waive through another Google digital merger (its acquisition of fitness wearable Fitbit) — agreeing to accept a number of ‘concessions’ and ignoring major mobilization by civil society (and indeed EU data protection agencies) urging her to block it.

Yet in an earlier CEPR discussion session, another panellist — Yale University’s Dina Srinivasan — pointed to the challenges of trying to regulate the behavior of companies when there are clear conflicts of interest, unless and until you impose structural separation as she said has been necessary in other markets (like financial services).

“In advertising we have an electronically traded market with exchanges and we have brokers on both sides. In a competitive market — when competition was working — you saw that those brokers were acting in the best interest of buyers and sellers. And as part of carrying out that function they were sort of protecting the data that belonged to buyers and sellers in that market, and not playing with the data in other ways — not trading on it, not doing conduct similar to insider trading or even front running,” she said, giving an example of how that changed as Google gained market power.

“So Google acquired DoubleClick, made promises to continue operating in that manner, the promises were not binding and on the record — the enforcement agencies or the agencies that cleared the merger didn’t make Google promise that they would abide by that moving forward and so as Google gained market power in that market there’s no regulatory requirement to continue to act in the best interests of your clients, so now it becomes a market power issue, and after they gain enough market power they can flip data ownership and say ‘okay, you know what before you owned this data and we weren’t allowed to do anything with it but now we’re going to use that data to for example sell our own advertising on exchanges’.

“But what we know from other markets — and from financial markets — is when you flip data ownership and you engage in conduct like that that allows the firm to now build market power in yet another market.”

The CMA’s Coscelli picked up on Srinivasan’s point — saying it was a “powerful” one, and that the challenges of policing “very complicated” situations involving conflicts of interests is something that regulators with merger control powers should be bearing in mind as they consider whether or not to green light tech acquisitions.

(Just one example of a merger in the digital space that the CMA is still scrutizing is Facebook’s acquisition of animated GIF platform Giphy. And it’s interesting to speculate whether, had brexit happened a little faster, the CMA might have stepped in to block Google’s Fitibit merger where the EU wouldn’t.)

Coscelli also flagged the issue of regulatory under-enforcement in digital markets as a key one, saying: “One of the reasons we are today where we are is partially historic under-enforcement by competition authorities on merger control — and that’s a theme that is extremely interesting and relevant to us because after the exit from the EU we now have a bigger role in merger control on global mergers. So it’s very important to us that we take the right decisions going forward.”

“Quite often we intervene in areas where there is under-enforcement by regulators in specific areas… If you think about it when you design systems where you have vertical regulators in specific sectors and horizontal regulators like us or the ICO we are more successful if the vertical regulators do their job and I’m sure they are more success if we do our job properly.

“I think we systematically underestimate… the ability of companies to work through whatever behavior or commitments or arrangement are offered to us, so I think these are very important points,” he added, signalling that a higher degree of attention is likely to be applied to tech mergers in Europe as a result of the CMA stepping out from the EU’s competition regulation umbrella.

Also speaking during the same panel, the EDPS warned that across Europe more broadly — i.e. beyond the small but engaged gathering of regulators brought together by CEPR — data protection and competition regulators are far from where they need to be on joint working, implying that the challenge of effectively regulating big tech across the EU is still a pretty Sisyphean one.

It’s true that the Commission is not sitting on hands in the face of tech giant market power.

At the end of last year it proposed a regime of ex ante regulations for so-called ‘gatekeeper’ platforms, under the Digital Markets Act. But the problem of how to effectively enforce pan-EU laws — when the various agencies involved in oversight are typically decentralized across Member States — is one key complication for the bloc. (The Commission’s answer with the DMA was to suggest putting itself in charge of overseeing gatekeepers but it remains to be seen what enforcement structure EU institutions will agree on.)

Clearly, the need for careful and coordinated joint working across multiple agencies with different legal competencies — if, indeed, that’s really what’s needed to properly address captured digital markets vs structural separation of Google’s search and adtech, for example, and Facebook’s various social products — steps up the EU’s regulatory challenge in digital markets.

“We can say that no effective competition nor protection of the rights in the digital economy can be ensured when the different regulators do not talk to each other and understand each other,” Wiewiórowski warned. “While we are still thinking about the cooperation it looks a little bit like everybody is afraid they will have to trade a little bit of its own possibility to assess.”

“If you think about the classical regulators isn’t it true that at some point we are reaching this border where we know how to work, we know how to behave, we need a little bit of help and a little bit of understanding of the other regulator’s work… What is interesting for me is there is — at the same time — the discussion about splitting of the task of the American regulators joining the ones on the European side. But even the statements of some of the commissioners in the European Union saying about the bigger role the Commission will play in the data protection and solving the enforcement problems of the GDPR show there is no clear understanding what are the differences between these fields.”

One thing is clear: Big tech’s dominance of digital markets won’t be unpicked overnight. But, on both sides of the Atlantic, there are now a bunch of theories on how to do it — and growing appetite to wade in.

#advertising-tech, #amazon, #andreas-mundt, #competition-and-markets-authority, #competition-law, #congress, #data-processing, #data-protection, #data-protection-law, #data-security, #digital-markets-act, #digital-rights, #doubleclick, #elizabeth-denham, #europe, #european-commission, #european-court-of-justice, #european-union, #facebook, #federal-trade-commission, #financial-services, #fitbit, #france, #general-data-protection-regulation, #germany, #human-rights, #margrethe-vestager, #policy, #privacy, #uk-government, #united-kingdom, #united-states, #yale-university

A Senate proposal for a new US agency to protect Americans’ data is back

Democratic Senator Kirsten Gillibrand has revived a bill that would establish a new U.S. federal agency to shield Americans from the invasive practices of tech companies operating in their own backyard.

Last year, Gillibrand (D-NY) introduced the Data Protection Act, a legislative proposal that would create an independent agency designed to address modern concerns around privacy and tech that existing government regulators have proven ill-equipped to handle.

“The U.S. needs a new approach to privacy and data protection and it’s Congress’ duty to step forward and seek answers that will give Americans meaningful protection from private companies that value profits over people,” Sen. Gillibrand said.

The revamped bill, which retains its core promise of a new “Data Protection Agency,” is co-sponsored by Ohio Democrat Sherrod Brown and returns to the new Democratic Senate with a few modifications.

In the spirit of all of the tech antitrust regulation chatter going on right now, the 2021 version of the bill would also empower the Data Protection Agency to review any major tech merger involving a data aggregator or other deals that would see the user data of 50,000 people change hands.

Other additions to the bill would establish an office of civil rights to “advance data justice” and allow the agency to evaluate and penalize high-risk data practices, like the use of algorithms, biometric data and harvesting data from children and other vulnerable groups.

Gillibrand calls the notion of updating regulation to address modern tech concerns “critical” — and she’s not alone. Democrats and Republicans seldom find common ground in 2021, but a raft of new bipartisan antitrust bills show that Congress has at last grasped how important it is to rein in tech’s most powerful companies lest they lose the opportunity altogether.

The Data Protection Act lacks the bipartisan sponsorship enjoyed by the set of new House tech bills, but with interest in taking on big tech at an all-time high, it could attract more support. Of all of the bills targeting the tech industry in the works right now, this one isn’t likely to go anywhere without more bipartisan interest, but that doesn’t mean its ideas aren’t worth considering.

Like some other proposals wending their way through Congress, this bill recognizes that the FTC has failed to meaningfully punish big tech companies for their bad behavior. In Gillibrand’s vision, the Data Protection Agency could rise to modern regulatory challenges where the FTC has failed. In other proposals, the FTC would be bolstered with new enforcement powers or infused with cash that could help the agency’s bite match its bark.

It’s possible that modernizing the tools that federal agencies have at hand won’t be sufficient. Cutting back more than a decade of overgrowth from tech’s data giants won’t be easy, particularly because the stockpile of Americans’ data that made those companies so wealthy is already out in the wild.

A new agency dedicated to wresting control of that data from powerful tech companies could bridge the gap between Europe’s own robust data protections and the absence of federal regulation we’ve seen in the U.S. But until something does, Silicon Valley’s data hoarders will eagerly fill the power vacuum themselves.

#congress, #data-security, #europe, #federal-trade-commission, #policy, #regulation, #senate, #tc, #terms-of-service, #the-battle-over-big-tech, #united-states

Lina Khan Was One of Big Tech’s Biggest Critics. Now She’s Its Regulator.

Lina Khan is the most progressive chair of the Federal Trade Commission in at least a generation.

#antitrust-laws-and-competition-issues, #computers-and-the-internet, #federal-trade-commission, #khan-lina, #united-states-politics-and-government

Lina Khan Named F.T.C. Chair by Biden

Ms. Khan, who first attracted notice as a critic of Amazon, was confirmed by the Senate as a commissioner on the agency on Tuesday.

#amazon-com-inc, #antitrust-laws-and-competition-issues, #apple-inc, #facebook-inc, #federal-trade-commission, #google-inc, #khan-lina, #regulation-and-deregulation-of-industry, #united-states-politics-and-government

Tech antitrust crusader Lina Khan is confirmed as FTC commissioner

The Senate confirmed big tech critic and prominent antitrust scholar Lina Khan as FTC Commissioner Tuesday, signaling a new era of scrutiny for the tech industry. Khan was confirmed in a 69-28 vote, with Republicans joining Democrats in a rare show of bipartisan support for Khan’s ideas on reining in tech’s most powerful companies.

An associate law professor at Columbia, Khan’s star rose with the publication of a landmark paper examining how the government’s outdated ways of identifying monopolies have failed to keep up with modern business realities, particularly in tech. In Khan’s view, that regulatory failure has allowed the biggest tech companies to consolidate unprecedented wealth and power, in turn making it even more difficult to regulate them.

President Biden nominated Khan back in March, sending an early message that Biden would not extend the warm relationship big tech companies enjoyed with the White House under former President Obama.

Khan’s confirmation is a sign that the agency will be prioritizing tech antitrust concerns, a priority that will run parallel to Congressional efforts to bolster the FTC’s enforcement powers. The FTC famously imposed a $5 billion fine on Facebook for privacy violations in 2019, but the record-setting fine was only a glancing blow for a company already worth more than $500 billion.

Last week, Congress revealed a long-anticipated package of bipartisan bills that, if passed, would overhaul tech’s biggest businesses and redraw the industry’s rules for years to come.

A previous bill proposed by Sen. Amy Klobuchar would set aside a pool of money that the FTC could use to create a new division for market and merger research, one step toward modernizing antitrust enforcement to keep up with relentless growth from tech’s most powerful giants.

#amy-klobuchar, #biden, #big-tech, #competition-law, #congress, #federal-trade-commission, #ftc, #lina-khan, #policy, #senate, #tc, #the-battle-over-big-tech, #white-house

Lawmakers, Taking Aim at Big Tech, Push Sweeping Overhaul of Antitrust

A bipartisan group of House members introduced five bills that take direct aim at Amazon, Apple, Facebook and Google.

#amazon-com-inc, #antitrust-laws-and-competition-issues, #apple-inc, #computers-and-the-internet, #facebook-inc, #federal-trade-commission, #google-inc, #law-and-legislation, #regulation-and-deregulation-of-industry

RSA spins off fraud and risk intelligence unit as Outseer

RSA Security has spun out its fraud and risk intelligence business into a standalone company called Outseer that will double down on payment security tools amid an “unprecedented” rise in fraudulent transactions.

Led by CEO Reed Taussig, who was appointed head of RSA’s Anti-Fraud Business Unit last year after previously serving as CEO of ThreatMetrix, the new company will focus solely on fraud detection and management and payments authentication services.

Outseer will continue to operate under the RSA umbrella and will inherit three core services, which are already used by more than 6,000 financial institutions, from the company: Outseer Fraud Manager (formerly RSA Adaptive Authentication), a risk-based account monitoring service; 3-D Secure (formerly Adaptive Authentication for eCommerce), a card-not-present and digital payment authentication mapping service; and FraudAction, which detects and takes down phishing sites, dodgy apps and fraudulent social media pages.

Outseer says its product portfolio is supported by deep investments in data and science, including a global network of verified fraud and transaction data, and a risk engine that the company claims delivers 95% fraud detection rates.

Commenting on the spinout, Taussig said: “Outseer is the culmination of decades of science-driven innovation in anti-fraud and payments authentication solutions. As the digital economy continues to deepen, the Outseer mission to liberate the world from transactional fraud is essential. Our role as a revenue enabler for the global economy will only strengthen as every digital business continues to scale.”

RSA, meanwhile, will continue to focus on integrated risk management and security products, including Archer for risk management, NetWitness for threat detection and response, and SecureID for identity and access management (IAM) capabilities.

The spinout comes less than a year after private equity firm Symphony Technology Group (STG), which recently bought FireEye’s product business for $1.2 billion, acquired RSA Security from Dell Technologies for more than $2 billion. Dell had previously acquired RSA as part of its purchase of EMC in 2016.

It also comes amid a huge rise in online fraud fueled by the COVID-19 pandemic. The Federal Trade Commission said in March that more than 217,000 Americans had filed a coronavirus-related fraud report since January 2020, with losses to COVID-linked fraud totaling $382 million. Similarly, the Consumer Financial Protection Bureau fielded 542,300 fraud complaints in 2020, a 54% increase over 2019.

RSA said that with the COVID-19 pandemic having fueled “unprecedented” growth in fraudulent transactions, Outseer will focus its innovation on payments authentication, mapping to the EMV 3-D Secure 2.x payment standard, and incorporating new technology integrations across the payments and commerce ecosystem. 

“Outseer’s reason for being isn’t just focused on eliminating payments and account fraud,” Taussig added. “These fraudulent transactions are often the pretext for more sinister drug and human trafficking, terrorism, and other nefarious behavior. Outseer has the ability to help make the world a safer place.”

Valuation information for Outseer was not disclosed, nor were headcount figures mentioned in the spinout announcement. Outseer didn’t immediately respond to TechCrunch’s request for more information. 

#3-d, #access-management, #articles, #ceo, #consumer-financial-protection-bureau, #crime, #deception, #e-commerce, #emc, #emv, #federal-trade-commission, #fireeye, #fraud, #head, #identity-theft, #online-fraud, #payments, #phishing, #risk-management, #rsa-security, #security, #symphony-technology-group, #threatmetrix

MoviePass Deceived Users So They’d Use It Less, F.T.C. Says

Federal regulators detailed tactics the company, which settled accusations against it, used to try to make its most active users go to the movies less.

#advertising-and-marketing, #computer-security, #consumer-protection, #federal-trade-commission, #frauds-and-swindling, #helios-and-matheson-analytics-inc, #mobile-applications, #moviepass-inc, #movies, #prices-fares-fees-and-rates

What $10M in daily thefts tells us about crypto security

If you’re among the growing number of people interested in cryptocurrencies, you may be interested to know that nearly 7,000 people lost more than $80 million between October 2020 and March 2021 — a 1,000% increase from a year ago, according to the Federal Trade Commission.

The scams include fake currency exchanges and phony “investment” websites selling the currency. More recently, more than $10 million was stolen in various cryptocurrencies in the days leading up to Elon Musk’s appearance on “Saturday Night Live.”

And here’s the rub: You have no way to protect your accounts from any theft. In the world of cryptocurrency, there are no guarantees. Unlike the traditional banking world, there is no equivalent to the Federal Deposit Insurance Corporation to cover any losses on your account. If your assets are stolen, you’re out of luck.

Nearly 7,000 people have lost more than $80 million between October 2020 and March 2021 — a 1,000% increase from a year ago, according to the Federal Trade Commission.

Enabling secure access to these cryptocurrency assets is absolutely critical to preventing theft — which, as of the end of 2020, amounted to just over $10 million a day — and/or lockout of one’s potential fortune.

But how can you ensure that people can always access their accounts? That depends on how the accounts are set up initially — which usually means that passwords or other knowledge-based authentication (KBA) is involved. Unfortunately, passwords simply aren’t suitable for securing high-value accounts because they can be easily compromised, either through phishing attacks or outright theft.

Plus, if you have a less-used cryptocurrency wallet, you might forget your initial password and might have trouble recovering it — if there is even a mechanism to perform the recovery. KBA is also plagued with problems ranging from lack of recollection (what is my favorite hobby again?) to the wide availability of “personal” information on the web (for a few dollars, you can surely find my mother’s maiden name).

Cryptocurrency account takeovers happen with increasing frequency; it doesn’t help that there are few pre-established trust relationships between users and the exchange or wallet provider and that almost all transactions are finalized within minutes and not easily reversible.

Sadly, these takeovers make use of a very similar pattern that has been observed for years in the traditional banking world: An attacker will first try harvesting and then stuffing stolen credentials. If that doesn’t work — say a user has protected their account by requiring an SMS second factor — they will move on to popular techniques to overcome SMS, such as SIM swapping or a $16 SMS relay service that sends that SMS code to the attacker’s smartphone, which leads to a “successful” account takeover.

Even highly secure tokens or dedicated authenticator apps are vulnerable to replay attacks from a motivated hacker — and with personal fortunes at stake, there is no lack of motivation.

Furthermore, the vast growth in the number of cryptocurrency exchange users coupled with this need for strong cybersecurity has resulted in terrible support experiences where users have to wait for weeks or even months to regain access to their own accounts — simply because it is so difficult for them to prove they are the rightful owner.

Authentication best practices can help

So how do we fix this situation? With standards-based user authentication that has been proven to be resistant to phishing and account takeovers — and that is already embedded into billions of devices worldwide and available to just about any user on a modern browser. The FIDO (Fast IDentity Online) authentication protocols were developed by a who’s who of IT, payments and consumer services and ensure that all cryptographic credentials are stored on a user’s device — thereby eliminating even the most advanced machine-in-the-middle attacks.

The crypto exchange Gemini was an early adopter of FIDO for both its smartphone app and for browser users, with a growing percentage of its users protecting their accounts with FIDO authentication by purchasing FIDO Certified security keys. There have been a number of other exchanges that have added FIDO authentication, such as Coinbase, which also supports FIDO keys. Binance has FIDO for its web versions, but not on its smartphone apps yet. And STEX also has support for various FIDO devices and methods. Finally, Ledger hardware wallets support FIDO directly in their devices.

Ideally, it would be better and more effective if there was broad cryptocurrency industry acceptance of FIDO’s approach to modern authentication and adoption of several related best practices, such as:

  • Standardize authentication flows and practices across crypto exchanges. Better user authentication should be a standard practice for every exchange, not a competitive differentiator. If all leading exchanges moved to industry best practices for account creation, login and recovery, it would help protect customers — and their collective crypto assets.
  • Require users to enroll multiple authenticators to help with account recovery for each cryptocurrency exchange, whether that is two FIDO security keys or a FIDO security key and a biometric authenticator. Having multiple account recovery keys for each cryptocurrency exchange will help lessen support burdens and help users who lose a device. It will also offer users a choice of stronger authentication options.
  • Eliminating less secure backup and recovery options, such as using SMS or other knowledge-based authentication factors, will also help improve overall security, particularly for account recovery.

The bottom line is that for the cryptocurrency market to reach its full potential, its exchanges need to collectively strike a balance between the anonymity and privacy that make crypto unique with the security of accounts and assets. Following the lead of crypto exchanges like Gemini and letting users lock down their accounts is a great step toward protecting users against phishing and account takeovers while maintaining privacy and convenience.

Andrew Shikiar is CMO and executive director of The FIDO Alliance, which promotes the development of, use of, and compliance with standards for authentication and device attestation.

#authentication, #banking, #column, #computer-security, #cryptocurrency, #federal-trade-commission, #opinion, #tc

Elon Musk Impostors Scammed $2 Million in Cryptocurrency, U.S. Says

Overall, nearly 7,000 investors lost $80 million in assorted cryptocurrency scams from October through March, according to a Federal Trade Commission report.

#bitcoin-currency, #dogecoin-project, #federal-trade-commission, #impostors-criminal, #musk-elon, #securities-and-commodities-violations, #virtual-currency

Republican antitrust bill would block all big tech acquisitions

There are about to be a lot of antitrust bills taking aim at big tech, and here’s one more. Senator Josh Hawley (R-MO) rolled out a new bill this week that would take some severe measures to rein in big tech’s power, blocking mergers and acquisitions outright.

The “Trust-Busting for the Twenty-First Century Act” would ban any acquisitions by companies with a market cap of more than $100 billion, including vertical mergers. The bill also proposes changes that would dramatically heighten the financial pain for companies caught engaging in anti-competitive behavior, forcing any company that loses an antirust suit to forfeit profits made through those business practices.

At its core, Hawley’s legislation would snip some of the red tape around antitrust enforcement by amending the Sherman Act, which made monopolies illegal, and the Clayton Act, which expanded the scope of illegal anti-competitive behavior. The idea is to make it easier for the FTC and other regulators to deem a company’s behavior anti-competitive — a key criticism of the outdated antitrust rules that haven’t kept pace with the realities of the tech industry.

The bill isn’t likely to get too far in a Democratic Senate, but it’s not insignificant. Sen. Amy Klobuchar (D-MN), who chairs the Senate’s antitrust subcommittee, proposed legislation earlier this year that would also create barriers for dominant companies with a habit of scooping up their competitors. Klobuchar’s own ideas for curtailing big tech’s power similarly focus on reforming the antitrust laws that have shaped U.S. business for more than a century.

Click to access The%20Trust-Busting%20for%20the%20Twenty-First%20Century%20Act.pdf

The Republican bill may have some overlap with Democratic proposals, but it still hits some familiar notes from the Trump era of hyper-partisan big tech criticism. Hawley slams “woke mega-corporations” in Silicon Valley for exercising too much power over the information and products that Americans consume. While Democrats naturally don’t share that critique, Hawley’s bill makes it clear that antitrust reform targeting big tech is one policy era where both political parties could align on the ends, even if they don’t see eye to eye on the why.

Hawley’s bill is the latest, but it won’t be the last. Rep. David Cicilline (D-RI), who spearheads tech antitrust efforts in the House, previously announce his own plans to introduce a flurry of antitrust reform bills rather than one sweeping piece of legislation. Those bills, which will be more narrowly targeted to make them difficult for tech lobbyists to defeat, are due out in May.