Window Snyder’s new startup Thistle Technologies raises $2.5M seed to secure IoT devices

The Internet of Things has a security problem. The past decade has seen wave after wave of new internet-connected devices, from sensors through to webcams and smart home tech, often manufactured in bulk but with little — if any — consideration to security. Worse, many device manufacturers make no effort to fix security flaws, while others simply leave out the software update mechanisms needed to deliver patches altogether.

That sets up an entire swath of insecure and unpatchable devices to fail, and destined to be thrown out when they break down or are invariably hacked.

Security veteran Window Snyder thinks there is a better way. Her new startup, Thistle Technologies, is backed with $2.5 million in seed funding from True Ventures with the goal of helping IoT manufacturers reliably and securely deliver software updates to their devices.

Snyder founded Thistle last year, and named it after the flowering plant with sharp prickles designed to deter animals from eating them. “It’s a defense mechanism,” Snyder told TechCrunch, a name that’s fitting for a defensive technology company. The startup aims to help device manufacturers without the personnel or resources to integrate update mechanisms into their device’s software in order to receive security updates and better defend against security threats.

“We’re building the means so that they don’t have to do it themselves. They want to spend the time building customer-facing features anyway,” said Snyder. Prior to founding Thistle, Snyder worked in senior cybersecurity positions at Apple, Intel, and Microsoft, and also served as chief security officer at Mozilla, Square, and Fastly.

Thistle lands on the security scene at a time when IoT needs it most. Botnet operators are known to scan the internet for devices with weak default passwords and hijack their internet connections to pummel victims with floods of internet traffic, knocking entire websites and networks offline. In 2016, a record-breaking distributed denial-of-service attack launched by the Mirai botnet on internet infrastructure giant Dyn knocked some of the biggest websites — Shopify, SoundCloud, Spotify, Twitter — offline for hours. Mirai had ensnared thousands of IoT devices into its network at the time of the attack.

Other malicious hackers target IoT devices as a way to get a foot into a victim’s network, allowing them to launch attacks or plant malware from the inside.

Since device manufacturers have done little to solve their security problems among themselves, lawmakers are looking at legislating to curb some of the more egregious security mistakes made by default manufacturers, like using default — and often unchangeable — passwords and selling devices with no way to deliver security updates.

California paved the way after passing an IoT security law in 2018, with the U.K. following shortly after in 2019. The U.S. has no federal law governing basic IoT security standards.

Snyder said the push to introduce IoT cybersecurity laws could be “an easy way for folks to get into compliance” without having to hire fleets of security engineers. Having an update mechanism in place also helps to keeps the IoT devices around for longer — potentially for years longer — simply by being able to push fixes and new features.

“To build the infrastructure that’s going to allow you to continue to make those devices resilient and deliver new functionality through software, that’s an incredible opportunity for these device manufacturers. And so I’m building a security infrastructure company to support that security needs,” she said.

With the seed round in the bank, Snyder said the company is focused on hiring device and back-end engineers, product managers, and building new partnerships with device manufacturers.

Phil Black, co-founder of True Ventures — Thistle’s seed round investor — described the company as “an astute and natural next step in security technologies.” He added: “Window has so many of the qualities we look for in founders. She has deep domain expertise, is highly respected within the security community, and she’s driven by a deep passion to evolve her industry.”

#apple, #bank, #botnet, #california, #co-founder, #computer-security, #computing, #cybercrime, #cyberwarfare, #dyn, #fastly, #intel, #internet-of-things, #internet-traffic, #malware, #microsoft, #mirai, #science-and-technology, #security, #shopify, #soundcloud, #spotify, #startups, #technology, #true-ventures, #united-kingdom, #united-states

0

Running apps still lag behind on privacy and security

Some of the most popular running apps are still lagging behind on security and privacy. That’s the verdict from security researchers who examined the leading running apps five years apart and found only a few apps had improved — and not by much.

Running apps know and learn a lot about you as you use them. Your health data, like your height and weight, are used to calculate how many calories you burn, and your location data can track your workout route from door-to-door.

But in the wrong hands, this data can identify where you live or where you work. In 2018, Strava said it would simplify its privacy features to allow its users greater control over their data, after researchers found Strava app users were inadvertently sharing their workout data and revealing military bases and secret government facilities.

Now, researchers at U.K. cybersecurity firm Pen Test Partners say many of the top apps — Strava, Runkeeper, MapMyRun, Nike Run Club, and Runtastic — still don’t use basic security measures to prevent hackers from breaking in, or health and fitness data spilling out.

Only Runtastic had set a stronger password policy over the past five years, while the other apps still allow some of the most basic passwords like “123456” and “password,” the researchers found in their testing. Malicious hackers often automate their attacks by targeting user accounts with known or easy-to-guess passwords. Worse, none of the apps allow users to set up two-factor authentication, a feature that puts an additional barrier in place to prevent malicious hackers from reusing stolen passwords. Data from Google shows even the simplest form of two-factor authentication can prevent most automated password reuse attacks.

We asked each of the app makers why they had not implemented two-factor authentication. None of the companies commented.

The researchers also found that while Runtastic, Nike Run Club, and MapMyRun had improved their privacy controls, Strava had seen “no significant change.”

From their report: “Strava and Runkeeper are configured to publicly share user data by default. It is possible to change these settings in the application, but it takes some time to find them and set them correctly, which is probably not the first consideration for a regular user.”

“Nike Run Club, Runtastic and MapMyRun [were] found to have better privacy policy settings enabled, which means they do not share users’ data by default, like the other applications do. They only share your training information with friends or followers,” the report said.

#google, #mobile-applications, #mobile-software, #multi-factor-authentication, #nike, #password, #password-manager, #pen-test-partners, #runkeeper, #runtastic, #security, #software, #strava, #united-kingdom

0

UK’s IoT ‘security by design’ law will cover smartphones too

Smartphones will be included in the scope of a planned “security by design” U.K. law aimed at beefing up the security of consumer devices, the government said today.

It made the announcement in its response to a consultation on legislative plans aimed at tackling some of the most lax security practices long-associated with the Internet of Things (IoT).

The government introduced a security code of practice for IoT device manufacturers back in 2018 — but the forthcoming legislation is intended to build on that with a set of legally binding requirements.

A draft law was aired by ministers in 2019 — with the government focused on IoT devices, such as webcams and baby monitors, which have often been associated with the most egregious device security practices.

Its plan now is for virtually all smart devices to be covered by legally binding security requirements, with the government pointing to research from consumer group “Which?” that found that a third of people kept their last phone for four years, while some brands only offer security updates for just over two years.

The forthcoming legislation will require smartphone and device makers like Apple and Samsung to inform customers of the duration of time for which a device will receive software updates at the point of sale.

It will also ban manufacturers from using universal default passwords (such as “password” or “admin”), which are often preset in a device’s factory settings and easily guessable — making them meaningless in security terms.

California already passed legislation banning such passwords in 2018 with the law coming into force last year.

Under the incoming U.K. law, manufacturers will additionally be required to provide a public point of contact to make it simpler for anyone to report a vulnerability.

The government said it will introduce legislation as soon as parliamentary time allows.

Commenting in a statement, digital infrastructure minister Matt Warman added: “Our phones and smart devices can be a gold mine for hackers looking to steal data, yet a great number still run older software with holes in their security systems.

“We are changing the law to ensure shoppers know how long products are supported with vital security updates before they buy and are making devices harder to break into by banning easily guessable default passwords.

“The reforms, backed by tech associations around the world, will torpedo the efforts of online criminals and boost our mission to build back safer from the pandemic.”

A DCMS spokesman confirmed that laptops, PCs and tablets with no cellular connection will not be covered by the law, nor will secondhand products. Although he added that the intention is for the scope to be adaptive, to ensure the law can keep pace with new threats that may emerge around devices.

#california, #computer-security, #cryptography, #europe, #gadgets, #internet-of-things, #iot, #mobile, #password, #security, #smart-devices, #smartphones, #united-kingdom

0

‘Bowl food’ startup Poke House closes $24M Series B led by Eulero Capital to expand in Europe

The FoodTech industry is effectively now going into fast food. Sweetgreen in the US is a ‘fast-casual’ restaurant chain that serves healthy “bowl food”. It’s raised $478.6M. A similar firm is Sweetfin. Both employ a lot of tech in their back-end to improve efficiencies.

Into this area has come European startup Poke House, which is effectively industrializing the production of “poke bowls” for food delivery platforms. Poke House specializes in bowl food that often includes marinated fish that’s cubed and layered up with sticky rice, pickles, noodles, etc.

The company has now raised €20 million ($24m) in a Series B funding round led by Eulero Capital, with the backing of FG2 Capital and reinvestment from Milan Investment Partners SGR. It using tech and data to optimize the production and delivery of its product via all the major food delivery platforms such as Uber East etc. The Italy-born food tech startup claims to have built a “€100M+ company” inside two years.

Founded by Matteo Pichi and Vittoria Zanetti, Poke House has opened 30+ stores in Italy, Portugal and Spain, and now has 400 employees. It’s claiming an expected turnover of €40M+ in 2021.

With the funding, the startup will start opening new stores in existing markets, enter France and start in expansion in the UK.

Poke House says it uses a lot of tech on its back-end, tracking every element of the supply chain to optimize the business. It also analyzes data from third-party delivery platforms (ie. Deliveroo, Glovo, UberEats) to deliver a sub-10 mins food preparation time, and a delivery time under 25 mins.

Matteo Pichi, Co-Founder of Poke House said: “The pandemic has challenged our food sector, and we see technology as the way forward to innovate and digitalize the traditional restaurant experience. We are seeing a shift in people’s desires in fast but healthy food. Poke bowls fit this new need and it promotes a more balanced, active and sustainable lifestyle with quick and healthy food options available nearby.”

Speaking to TechCrunch, Pichi added: “Our competitors are the fast-growing healthy concepts such as Sweetgreen or Sweetfin in the US. But in the same time, we think we are lucky because we really are one of the first brands built 100% from food delivery experts or former employees. Our next competitors are gonna be full native virtual brands extremely strong in data analysis and digital brand building. We use food delivery platforms as media platforms and we invest heavier than competitors in the channel.”

Gianfranco Burei, Founding Partner of Eulero Capital said: “Poke House business model rides some of the main trends in the food sector (food-tech, healthy food, delivery, customization) and has all the characteristics and talents to position the company among the top players at European level. We are thrilled to be a partner of Poke House in an innovative and forward-looking project, in line with our investment strategy which is based on the search for companies included in the macro-trends that will characterize the economic, technological and social evolution of the coming years.”

#co-founder, #companies, #deliveroo, #distribution, #europe, #food, #food-delivery, #food-tech, #france, #healthy-food, #italy, #online-food-ordering, #partner, #poke, #portugal, #spain, #supply-chain, #sweetgreen, #tc, #uber, #uber-eats, #united-kingdom, #united-states

0

UK drone startup sees.ai gets go ahead to trial beyond-visual-line-of-sight (BVLOS) flights

The UK’s Civil Aviation Authority (CAA) has given the go ahead to local startup sees.ai, which is developing a beyond-visual-line-of-sight (BVLOS) command & control solution to aid data capture for industrial use-cases, to trial a concept for routine BVLOS operations — the first such authorization for a U.K. company, the regulator said today.

The test is taking place under a sandbox program announced back in May 2019 — directing government funding and regulatory support to R&D in the drone space — initially through virtual testing, such as of avoid and detect systems.

Sees.ai, an early participant in the sandbox, has now secured authorization to trial a concept for routine BVLOS operations at three (physical) sites without needing to pre-authorise each flight.

The Techstars-backed startup is focused on drone operations in industrial settings — building tech to scale the use of drones for inspection and maintenance purposes in industries, such as the oil & gas sector, by enabling pilots to remote-control craft from a central location, rather than needing to be on site for each flight.

But it’s clear BVLOS capabilities will be essential for other uses of drone tech — such as delivery — hence the CAA calling the trial “a significant step forward for the drone industry”.

“By testing the concept in industrial environments for inspection, monitoring and maintenance purposes, sees.ai aims to prove the safety of its system within this context initially, before extending it to address increasingly challenging missions over time,” it added.

Under current U.K. rules, drone operators must keep their aircraft within line of sight and follow the country’s drone code — unless they have specific permissions to do otherwise.

One company that previously gained such permission was U.S. tech giant Amazon — which started testing BVLOS delivery drones in the UK back in 2016 — and continues to work on bringing a commercial drone delivery service to market, under its Prime Air brand.

Amazon’s effort has already been years in the making (it’s been running experiments since 2013) — and last year the FT, citing a Prime Air source, reported that it still remains “years” out from realizing the goal of drone deliveries at scale. So while (another) U.K. trial of BVLOS drone tech is being lauded as a significant development for the industry by the regulator, any Brits expecting drone deliveries in the wild anytime soon are likely to be disappointed.

The CAA authorization for the sees.ai trial will enable the BVLOS test flights to operate under 150ft — initially requiring an observer to remain in visual line of sight with the aircraft and be able to communicate with the remote pilot if necessary, per the regulator.

So, technically then, the trials will begin as extended-line-of-sight (EVLOS), which still entail limits vs true BVLOS — enabling drone flights to operate further than 500m from the remote pilot (by deploying flight observers) but not removing on-site observers entirely, as is the ultimate industry goal.

In a regulatory roadmap published last fall the CAA wrote that many steps are required to arrive at the sought-for situation of BVLOS being ‘business as usual’ in non-segregated airspace — so there still looks to be a long road ahead before commercial drones will be able to legally whiz around gathering data (or delivering stuff) far from any humans in the loop.

“The long-term aspiration of operators is for BVLOS operations to be a routine part of business across the UK. This vision requires a significant volume of evidence, experience and learning by everyone involved. There will inevitably be a need for innovators and the CAA to build, test, learn and repeat in small steps to work towards the vision,” the CAA roadmap notes.

Commenting on sees.ai’s trial authorization in a statement, CEO John McKenna dubbed it a “significant milestone”, adding: “We are accelerating towards a future where drones fly autonomously at scale — high up alongside manned aviation and low down inside our industrial sites, suburbs and cities. Securing this UK-first permission is a major step on this journey which will deliver big benefits to society across public health & safety, efficiency and environmental impact.”

 

#aerospace, #amazon, #artificial-intelligence, #bvlos, #civil-aviation-authority, #drones, #emerging-technologies, #europe, #prime-air, #regulatory-sandbox, #robotics, #techstars, #united-kingdom

0

‘Pure’ nutritional supplements startup Feel closes $6.2M investment, led by Fuel Ventures

Earlier this year we covered the launch of Heights, a new supplements startup in an increasingly hot category. Feel, is a year-old UK startup with another twist on this world: pure nutritional supplements. It’s now closed a $6.2 million investment, led by Fuel Ventures, with participation from TMT Investments, Sova VC, Richard Longhurst (founder of LoveHoney.com) and Igor Ryabenkiy (founder and GP of Altair Capital).

Feel founder Boris Hodakel says he spun his startup up after looking at the UK’s big health and retail brands including Graze, Tesco, Bulk Powders and Simba Sleep.

In many ways Feel is very akin to Graze. The supplements arrive in a post-box-friendly box and is available in a range of subscription packages. This is basically ‘Graze nuts, but for supplements.’

Feel has a direct-to-consumer subscription model, and is claiming a 60x growth in its first year and 21,000 active subscriptions.

Hodakel’s contention is that while Feel provides higher grade supplements to consumers which cost more to produce, it manages to keep costs down for consumers via direct-to-consumer model.

Hodakel, founder and CEO of Feel said: “Not all vitamins are created equal and the majority you find on retail shelves have a dirty formula that is difficult to absorb by the body, missing natural elements. We’re the cleanest alternative in the market – backed up by science –  and continually invest in making our formulas as effective as possible while still affordable.”

He says he started Feel because, having a skin problem, supplements were part of his health routine, but “the aha moment” happened he realized how many fillers were in normal supplements. “All our formulas are researched and formulated in-house, and we keep updating them, like our flagship multivitamin in just two years is already in its 3rd version,” he said.

Mark Pearson, managing partner at Fuel Ventures added: “The growth and the expansion of Feel’s product line present a really exciting time for Feel and we are supporting them in becoming a significant disruptor to the health supplement market.” 

Alexander Chikunov, Partner at Sova VC added, “Feel is in the process of disrupting consumer habits around vitamin intake, and changing a marketplace worth $144bn by providing its customers with top-quality products, combined with flawless and friendly service.”

#altair-capital, #ceo, #europe, #founder, #fuel-ventures, #managing-partner, #mark-pearson, #startup-company, #tc, #tesco, #tmt-investments, #united-kingdom, #vitamins

0

UK gov’t triggers national security scrutiny of Nvidia-Arm deal

The UK government has intervened to trigger public interest scrutiny of chipmaker’s Nvidia’s planned to buy Arm Holdings.

The secretary of state for digital issues, Oliver Dowden, said today that the government wants to ensure that any national security implications of the semiconductor deal are explored.

Nvidia’s $40BN acquisition of UK-based Arm was announced last September but remains to be cleared by regulators.

The UK’s Competition and Markets Authority (CMA) began to solicit views on the proposed deal in January.

Domestic opposition to Nvidia’s plan has been swift, with one of the original Arm co-founders kicking off a campaign to ‘save Arm’ last year. Hermann Hauser warned that Arm’s acquisition by a U.S. entity would end its position as a company independent of U.S. interests — risking the U.K.’s economic sovereignty by surrendering its most powerful trade weapon.

The intervention by Department of Digital, Media, Culture and Sport (DCMS) — using statutory powers set out in the Enterprise Act 2002 — means the competition regulator has been instructed to begin a phase 1 investigation.

The CMA has a deadline of July 30 to submit its report to the secretary of state.

Commenting in a statement, Dowden said: “Following careful consideration of the proposed takeover of ARM, I have today issued an intervention notice on national security grounds. As a next step and to help me gather the relevant information, the UK’s independent competition authority will now prepare a report on the implications of the transaction, which will help inform any further decisions.”

“We want to support our thriving UK tech industry and welcome foreign investment but it is appropriate that we properly consider the national security implications of a transaction like this,” he added.

At the completion of the CMA’s phase 1 investigation Dowden will have an option to clear the deal, i.e. if no national security or competition concerns have been identified; or to clear it with remedies to address any identified concerns.

He could also refer the transaction for further scrutiny by instructing the CMA to carry out an in-depth phase 2 investigation.

After the phase 1 report has been submitted there is no set period when the secretary of state must make a decision on next steps — but DCMS notes that a decision should be made as soon as “reasonably practicable” to reduce uncertainty.

While Dowden’s intervention has been made on national security grounds, additional concerns have been raised about impact of an Nvidia take-over of Arm — specifically on U.K. jobs and on Arm’s open licensing model.

Nvidia sought to address those concerns last year, claiming it’s committed to Arm’s licensing model and pledging to expand the Cambridge, UK offices of Arm — saying it would create “a new global center of excellence in AI research” at the UK campus.

However it’s hard to see what commercial concessions could be offered to assuage concern over the ramifications of an Nvidia-owed Arm on the UK’s economic sovereignty. That’s because it’s a political risk, which would require a political solution to allay, such as at a treaty level — something which isn’t in Nvidia’s gift (alone) to give.

National security concerns are a rising operational risk for tech companies involved in the supply of cutting edge infrastructure, such as semiconductor design and next-gen networks — where a relative paucity of competitors not only limits market choice but amps up the political calculations.

Proposed mergers are one key flash point as market consolidation takes on an acute politico-economic dimension.

However tech companies’ operations are being more widely squeezed in the name of national security — such as, in recent years, the U.S. government’s attacks on China-based 5G infrastructure suppliers like Huawei, with former president Trump seeking to have the company barred from supplying next-gen networks not only within the U.S. but to national networks of Western allies.

Nor has (geo)political pressure been applied purely over key infrastructure companies in recent years; with Trump claiming a national security justification to try and shake down the Chinese-owned social networking company, TikTok — in another example that speaks to how tech tools are being coopted into wider geopolitical power-plays, fuelled by countries’ economic and political self-interest.

#arm-holdings, #artificial-intelligence, #cambridge, #cma, #competition-and-markets-authority, #computer-security, #europe, #huawei, #ma, #national-security, #nvidia, #oliver-dowden, #security, #semiconductor, #tiktok, #trump, #u-s-government, #uk-government, #united-kingdom, #united-states

0

Uber hit with default ‘robo-firing’ ruling after another EU labor rights GDPR challenge

Labor activists challenging Uber over what they allege are ‘robo-firings’ of drivers in Europe have trumpeted winning a default judgement in the Netherlands — where the Court of Amsterdam ordered the ride-hailing giant to reinstate six drivers who the litigants claim were unfairly terminated “by algorithmic means.”

The court also ordered Uber to pay the fired drivers compensation.

The challenge references Article 22 of the European Union’s General Data Protection Regulation (GDPR) — which provides protection for individuals against purely automated decisions with a legal or significant impact.

The activists say this is the first time a court has ordered the overturning of an automated decision to dismiss workers from employment.

However the judgement, which was issued on February 24, was issued by default — and Uber says it was not aware of the case until last week, claiming that was why it did not contest it (nor, indeed, comply with the order).

It had until March 29 to do so, per the litigants, who are being supported by the App Drivers & Couriers Union (ADCU) and Worker Info Exchange (WIE).

Uber argues the default judgement was not correctly served and says it is now making an application to set the default ruling aside and have its case heard “on the basis that the correct procedure was not followed.”

It envisages the hearing taking place within four weeks of its Dutch entity, Uber BV, being made aware of the judgement — which it says occurred on April 8.

“Uber only became aware of this default judgement last week, due to representatives for the ADCU not following proper legal procedure,” an Uber spokesperson told TechCrunch.

A spokesperson for WIE denied that correct procedure was not followed but welcomed the opportunity for Uber to respond to questions over how its driver ID systems operate in court, adding: “They [Uber] are out of time. But we’d be happy to see them in court. They will need to show meaningful human intervention and provide transparency.”

Uber pointed to a separate judgement by the Amsterdam Court last month — which rejected another ADCU- and WIE-backed challenge to Uber’s anti-fraud systems, with the court accepting its explanation that algorithmic tools are mere aids to human “anti-fraud” teams who it said take all decisions on terminations.

“With no knowledge of the case, the Court handed down a default judgement in our absence, which was automatic and not considered. Only weeks later, the very same Court found comprehensively in Uber’s favour on similar issues in a separate case. We will now contest this judgement,” Uber’s spokesperson added.

However WIE said this default judgement “robo-firing” challenge specifically targets Uber’s Hybrid Real-Time ID System — a system that incorporates facial recognition checks and which labor activists recently found misidentifying drivers in a number of instances.

It also pointed to a separate development this week in the U.K. where it said the City of London Magistrates Court ordered the city’s transport regulator, TfL, to reinstate the licence of one of the drivers revoked after Uber routinely notified it of a dismissal (also triggered by Uber’s real time ID system, per WIE).

Reached for comment on that, a TfL spokesperson said: “The safety of the travelling public is our top priority and where we are notified of cases of driver identity fraud, we take immediate licensing action so that passenger safety is not compromised. We always require the evidence behind an operator’s decision to dismiss a driver and review it along with any other relevant information as part of any decision to revoke a licence. All drivers have the right to appeal a decision to remove a licence through the Magistrates’ Court.”

The regulator has been applying pressure to Uber since 2017 when it took the (shocking to Uber) decision to revoke the company’s licence to operate — citing safety and corporate governance concerns.

Since then Uber has been able to continue to operate in the U.K. capital but the company remains under pressure to comply with a laundry list of requirements set by TfL as it tries to regain a full operator licence.

Commenting on the default Dutch judgement on the Uber driver terminations in a statement, James Farrar, director of WIE, accused gig platforms of “hiding management control in algorithms.”

“For the Uber drivers robbed of their jobs and livelihoods this has been a dystopian nightmare come true,” he said. “They were publicly accused of ‘fraudulent activity’ on the back of poorly governed use of bad technology. This case is a wake-up call for lawmakers about the abuse of surveillance technology now proliferating in the gig economy. In the aftermath of the recent U.K. Supreme Court ruling on worker rights gig economy platforms are hiding management control in algorithms. This is misclassification 2.0.”

In another supporting statement, Yaseen Aslam, president of the ADCU, added: “I am deeply concerned about the complicit role Transport for London has played in this catastrophe. They have encouraged Uber to introduce surveillance technology as a price for keeping their operator’s license and the result has been devastating for a TfL licensed workforce that is 94% BAME. The Mayor of London must step in and guarantee the rights and freedoms of Uber drivers licensed under his administration.”  

When pressed on the driver termination challenge being specifically targeted at its Hybrid Real-Time ID system, Uber declined to comment in greater detail — claiming the case is “now a live court case again”.

But its spokesman suggested it will seek to apply the same defence against the earlier “robo-firing” charge — when it argued its anti-fraud systems do not equate to automated decision making under EU law because “meaningful human involvement [is] involved in decisions of this nature”.

 

#app-drivers-couriers-union, #artificial-intelligence, #automated-decisions, #europe, #european-union, #facial-recognition, #gdpr, #general-data-protection-regulation, #gig-worker, #james-farrar, #labor, #lawsuit, #london, #netherlands, #transport-for-london, #uber, #united-kingdom

0

Clim8 raises $8M from 7pc Ventures, launches climate-focused investing app for retail investors

Ethical investing remains something of a confusing maze, with a great deal of ‘greenwashing’ going on. A new UK startup is hoping to fix that with the launch of its new app and platform for retail investors.

Clim8 Investhas raised $8 million from 7pc Ventures (early backers of Oculus, acquired by Facebook),  British Business Bank Future Fund and a numbers of technology entrepreneurs and executives including Marcus Exall (Monese), Marcus Mosen (N26),  Paul Willmott (Lego Digital, McKinsey), Doug Scott (Redbrain), Matt Wilkins (Thought Machine), Andrew Cocker (Skyscanner), Steve Thomson (Redbrain), Monica Kalia (Neyber, Goldman Sachs), Doug Monro (Adzuna), Erik Nygard (Limejump). 

Consumers will be able to invest in companies and supply chains that are focused on tackling climate change. It will be competing with similar startups in the space such as London-based Tickr (backed by $3m from Ada Ventures), Helios in Paris, and Yova in Zurich.

Duncan Grierson, CEO of Clim8 said in a statement: “We are launching at an exciting time for sustainable investing. 2020 was an exceptional year for environmentally-focused investment offerings, as investors looked harder at climate-related opportunities. Sustainable investments have continued to outperform markets since the beginning of the Covid-19 Crisis and we believe this will continue.”

Grierson has 20 years of experience in the green space and was a winner of the EY Entrepreneur of Year Cleantech award.

The startup will take advantage of new, higher EU rules around the disclosure requirements for sustainable investment funds. Users can choose between either stocks and shares ISAs (up to £20k) or a taxable general investment account.

#ada-ventures, #adzuna, #articles, #ceo, #corporate-social-responsibility, #economy, #europe, #european-union, #facebook, #finance, #goldman-sachs, #london, #monese, #n26, #paris, #retail-investors, #social-finance, #tc, #technology-entrepreneurs, #united-kingdom, #zurich

0

Austin’s newest unicorn: The Zebra raises $150M after doubling revenue in 2020

The Zebra, an Austin-based company that operates an insurance comparison site, has raised $150 million in a Series D round that propels it into unicorn territory.

Both the round size and valuation are a substantial bump from the $38.5 million Series C that Austin-based The Zebra raised in February of 2020. (The company would not disclose its valuation at that time, saying now only that its new valuation of over $1 billion is a “nice step up.”)

The Zebra also would not disclose the name of the firm that led its Series D round, but sources familiar with the deal said it was London-based Hedosophia. Existing backers Weatherford Capital and Accel also participated in the funding event.

The round size also is bigger than all of The Zebra’s prior rounds combined, bringing the company’s total raised to $261.5 million since its 2012 inception. Previous backers also include Silverton Partners, Ballast Point Ventures, Daher Capital, Floodgate Fund, The Zebra CEO Keith Melnick, KDT and others. 

According to Melnick, the round was all primary, and included no debt or secondary.

The Zebra started out as a site for people looking for auto insurance via its real-time quote comparison tool. The company partners with the top 10 auto insurance carriers in the U.S. Over time, it’s also “naturally” evolved to offer homeowners insurance with the goal of eventually branching out into renters and life insurance. It recently launched a dedicated home and auto bundled product, although much of its recent growth still revolves around its core auto offering, according to Melnick.

Like many other financial services companies, The Zebra has benefited from the big consumer shift to digital services since the beginning of the COVID-19 pandemic.

And we know this because the company is one of the few that are refreshingly open about their financials. The Zebra doubled its net revenue in 2020 to $79 million compared to $37 million in 2019, according to Melnick, who is former president of travel metasearch engine Kayak. March marked the company’s highest-performing month ever, he said, with revenue totaling $12.5 million — putting the company on track to achieve an annual run rate of $150 million this year. For some context, that’s up from $8 million in September of 2020 and $6 million in May of 2020.

Also, its revenue per applicant has grown at a clip of 100% year over year, according to Melnick. And The Zebra has increased its headcount to over 325, compared to about 200 in early 2020.

“We’ve definitely improved our relationships with carriers and seen more carrier participation as they continue to embrace our model,” Melnick said. “And we’ve leaned more into brand marketing efforts.”

The Zebra CEO Keith Melnick. Image courtesy of The Zebra

The company was even profitable for a couple of months last year, somewhat “unintentionally,” according to Melnick.

“We’re not highly unprofitable or burning through money like crazy,” he told TechCrunch. “This new raise wasn’t to fund operations. It’s more about accelerating growth and some of our product plans. We’re pulling forward things that were planned for later in time. We still had a nice chunk of money sitting on our balance sheet.”

The company also plans to use its new capital to do more hiring and focus strongly on continuing to build The Zebra’s brand, according to Melnick. Some of the things the company is planning include a national advertising campaign and adding tools and information so it can serve as an “insurance advisor,” and not just a site that refers people to carriers. It’s also planning to create more “personalized experiences and results” via machine learning.

“We are accelerating our efforts to make The Zebra a household name,” Melnick said. “And we want a deeper connection with our users.” It also aims to be there for a consumer through their lifecycle — as they move from being renters to homeowners, for example.

And while an IPO is not out of the question, he emphasizes that it’s not the company’s main objective at this time.

“I definitely try not to get locked on to a particular exit strategy. I just want to make sure we continue to build the best company we can. And then, I think the exit will make itself apparent,” Melnick said. “I’m not blind and am very aware that public market valuations are strong right now and that may be the right decision for us, but for now, that’s not the ultimate goal for me.”

To the CEO, there’s still plenty of runway.

“This is a big milestone, but I do feel like for us that this is just the beginning,” he said. “We’ve just scratched the surface of it.”

Early investor Mark Cuban believes the company is at an inflection point.

” ‘Startup’ isn’t the right word anymore,” he said in a written statement. “The Zebra is a full fledged tech company that is taking on – and solving – some of the biggest challenges in the $638B insurance industry.”

Accel Partner John Locke said the firm has tripled down on its investment in The Zebra because of its confidence in not only what the company is doing but also its potential.

“In an increasingly noisy insurance landscape that includes insurtechs and traditional carriers, giving consumers the ability to compare everything in one place is is more and more valuable,” he told TechCrunch. “I think The Zebra has really seized the mantle of becoming the go-to site for people to compare insurance and then that’s showing up in the numbers, referral traffic and fundraise interest.”

#accel, #animals, #austin, #auto-insurance, #ballast-point-ventures, #connect, #finance, #financial-services, #floodgate-fund, #funding, #fundings-exits, #hedosophia, #insurance, #insurtech, #john-locke, #life-insurance, #machine-learning, #mark-cuban, #model, #recent-funding, #silverton-partners, #startups, #the-zebra, #united-kingdom, #united-states, #venture-capital, #zebra

0

Facebook takes down 16,000 groups trading fake reviews after another poke by UK’s CMA

Facebook has removed 16,000 groups that were trading fake reviews on its platform after another intervention by the UK’s Competition and Markets Authority (CMA), the regulator said today.

The CMA has been leaning on tech giants to prevent their platforms being used as thriving marketplaces for selling fake reviews since it began investigating the issue in 2018 — pressuring both eBay and Facebook to act against fake review sellers back in 2019.

The two companies pledged to do more to tackle the insidious trade last year, after coming under further pressure from the regulator — which found that Facebook-owned Instagram was also a thriving hub of fake review trades.

The latest intervention by the CMA looks considerably more substantial than last year’s action — when Facebook removed a mere 188 groups and disabled 24 user accounts. Although it’s not clear how many accounts the tech giant has banned and/or suspended this time it has removed orders of magnitude more groups. (We’ve asked.)

Facebook was contacted with questions but it did not answer what we asked directly, sending us this statement instead:

“We have engaged extensively with the CMA to address this issue. Fraudulent and deceptive activity is not allowed on our platforms, including offering or trading fake reviews. Our safety and security teams are continually working to help prevent these practices.”

Since the CMA has been raising the issue of fake review trading, Facebook has been repeatedly criticised for not doing enough to clean up its platforms, plural.

Today the regulator said the social media giant has made further changes to the systems it uses for “identifying, removing and preventing the trading of fake and/or misleading reviews on its platforms to ensure it is fulfilling its previous commitments”.

It’s not clear why it’s taken Facebook well over a year — and a number of high profile interventions — to dial up action against the trade in fake reviews. But the company suggested that the resources it has available to tackle the problem had been strained as a result of the COVID-19 pandemic and associated impacts, such as home working. (Facebook’s full year revenue increased in 2020 but so too did its expenses.)

According to the CMA changes Facebook has made to its system for combating traders of fake reviews include:

  • suspending or banning users who are repeatedly creating Facebook groups and Instagram profiles that promote, encourage or facilitate fake and misleading reviews
  • introducing new automated processes that will improve the detection and removal of this content
  • making it harder for people to use Facebook’s search tools to find fake and misleading review groups and profiles on Facebook and Instagram
  • putting in place dedicated processes to make sure that these changes continue to work effectively and stop the problems from reappearing

Again it’s not clear why Facebook would not have already been suspending or banning repeat offenders — at least, not if it was actually taking good faith action to genuinely quash the problem, rather than seeing if it could get away with doing the bare minimum.

Commenting in a statement, Andrea Coscelli, chief executive of the CMA, essentially makes that point, saying: “Facebook has a duty to do all it can to stop the trading of such content on its platforms. After we intervened again, the company made significant changes — but it is disappointing it has taken them over a year to fix these issues.”

“We will continue to keep a close eye on Facebook, including its Instagram business. Should we find it is failing to honour its commitments, we will not hesitate to take further action,” Coscelli added.

A quick search on Facebook’s platform for UK groups trading in fake reviews appears to return fewer obviously dubious results than when we’ve checked in on this problem in 2019 and 2020. Although the results that were returned included a number of private groups so it was not immediately possible to verify what content is being solicited from members.

We did also find a number of Facebook groups offering Amazon reviews intended for other European markets, such as France and Spain (and in one public group aimed at Amazon Spain we found someone offering a “fee” via PayPal for a review; see below screengrab) — suggesting Facebook isn’t applying the same level of attention to tackling fake reviews that are being traded by users in markets where it’s faced fewer regulatory pokes than it has in the UK.

Screengrab: TechCrunch

#competition-and-markets-authority, #europe, #facebook, #fake-reviews, #instagram, #policy, #social, #social-media, #united-kingdom

0

Education non-profit Edraak ignored a student data leak for two months

Edraak, an online education non-profit, exposed the private information of thousands of students after uploading student data to an unprotected cloud storage server, apparently by mistake.

The non-profit, founded by Jordan’s Queen Rania and headquartered in the kingdom’s capital, was set up in 2013 to promote education across the Arab region. The organization works with several partners, including the British Council and edX, a consortium set up by Harvard, Stanford, and MIT.

In February, researchers at U.K. cybersecurity firm TurgenSec found one of Edraak’s cloud storage servers containing at least tens of thousands of students’ data, including spreadsheets with students’ names, email addresses, gender, birth year, country of nationality, and some class grades.

TurgenSec, which runs Breaches.UK, a site for disclosing security incidents, alerted Edraak to the security lapse. A week later, their email was acknowledged by the organization but the data continued to spill. Emails seen by TechCrunch show the researchers tried to alert others who worked at the organization via LinkedIn requests, and its partners, including the British Council.

Two months passed and the server remained open. At its request, TechCrunch contacted Edraak, which closed the servers a few hours later.

In an email this week, Edraak chief executive Sherif Halawa told TechCrunch that the storage server was “meant to be publicly accessible, and to host public course content assets, such as course images, videos, and educational files,” but that “student data is never intentionally placed in this bucket.”

“Due to an unfortunate configuration bug, however, some academic data and student information exports were accidentally placed in the bucket,” Halawa confirmed.

“Unfortunately our initial scan did not locate the misplaced data that made it there accidentally. We attributed the elements in the Breaches.UK email to regular student uploads. We have now located these misplaced reports today and addressed the issue,” Halawa said.

The server is now closed off to public access.

It’s not clear why Edraak ignored the researchers’ initial email, which disclosed the location of the unprotected server, or why the organization’s response was not to ask for more details. When reached, British Council spokesperson Catherine Bowden said the organization received an email from TurgenSec but mistook it for a phishing email.

Edraak’s CEO Halawa said that the organization had already begun notifying affected students about the incident, and put out a blog post on Thursday.

Last year, TurgenSec found an unencrypted customer database belonging to U.K. internet provider Virgin Media that was left online by mistake, containing records linking some customers to adult and explicit websites.

More from TechCrunch:


Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

#articles, #british-council, #ceo, #computing, #cyberspace, #education, #edx, #email, #harvard, #jordan, #linkedin, #mit, #online-education, #phishing, #security, #server, #spamming, #spokesperson, #stanford, #united-kingdom, #virgin-media, #web-server

0

Private chef parties at home startup Yhangry raises $1.5M Seed from VC angels and Ollie Locke

There’s an “uber for everything” these days and now there are “Ubers for personal chefs”. Just take a look at PopTop or 100 Pleats for instance. Now in London, there is Yhangry (which brands itself as the appropriately shouty YHANGRY). This is a “private chef parties at home” website, and no doubt an app at some point. The startup has now raised a $1.5 million Seed round from a number of notable UK angels which also includes a few UK VCs for good measure, as well as ‘Made In Chelsea’ TV star Ollie Locke.

Founders Heinin Zhang and Siddhi Mittal created the startup before the pandemic, which lets people order a made-to-measure dinner party online. Although it trundled along until Covid, it had to pivot into virtual chef classes during lockdowns last year and this. The company is now poised to take advantage of London’s unlocking, which will see legal outdoor and indoor dining return.

The startup also speaks to the decentralization of experiences going on in the wake of the pandemic. In 2019 we were working out in gyms and going to restaurants. In 2021 we are working out at home and bringing the restaurant to us.

Normally booking private dinner parties involves a lot of hassle. The idea here is that Yhangry makes the whole affair as easy to order as an Uber Eats or Deliveroo.

Investors in the Seed round include Carmen Rico (Blossom Capital), Eileen Burbidge (Passion Capital), Orson Stadler (Antler) and Martin Mignot (Index Ventures), Made In Chelsea star Ollie Locke, plus fellow tech founders including Jack Tang (Urban), Adnan Ebrahim (MindLabs), Alex Fitzgerald (Cuckoo Internet), Georgina Kirby (Vinehealth) and Deepali Nangia (Alma Angels). Yhangry’s statement said all the investors are also keen customers. I bet they are.

Co-founder Mittal said in a statement: “By making private chef experiences more accessible and affordable, our customers regularly tell us they are finally able to catch up with friends at home… 70% of our customers have never had a private chef before and for them, the freedom and flexibility to curate their own evening is priceless.”

Yhangry now has 130 chefs on its books. Chefs have to pass a cooking trial and adhere to Covid rules. The funding will be used to double the size of the startup’s team.

The menus start at £17pp for six people. The price of the booking covers everything, including the cost of the fresh ingredients, but customers can add extras, such as wine etc. Since its launch in December 2019, the firm says it has served more than 7,000 Londoners.

Yhangry says it will enter key European markets, such as Paris, Berlin, Lisbon and Barcelona.

How will Yhangry survive post-Covid, with restaurants/bars opening up again?

Mittal said: “When restaurants were open between our launch and March 2020, we saw demand because people want to be able to spend time with their friends in a relaxed setting, and aren’t limited to the two-hour slot you get in a restaurant. Once places start to open up again, we believe Yhangry will follow this trend of at-home dining and socializing – not to mention for people who are not ready yet to go out to a busy pub or restaurant.”

#articles, #barcelona, #berlin, #chef, #co-founder, #companies, #deliveroo, #economy, #eileen-burbidge, #europe, #lisbon, #london, #martin-mignot, #online-food-ordering, #paris, #passion-capital, #restaurant, #startup-company, #tc, #uber, #uber-eats, #united-kingdom

0

Hiro Capital puts $2.3M into team sports tracking platform PlayerData — as does Sir Terry Leahy

Hiro Capital has gradually been making a name for itself as an investor in the area know as ‘Digital Sports’ or DSports for shorts. It’s now led a $2.3m funding round in PlayerData. While the round might sound small, the area it’s going into is large and growing. Also investing in the round is Sir Terry Leahy, previously the CEO of Tesco, the largest British retailer.

Edinburgh, UK-based PlayerData uses wearable technology and software tracking to give grass-roots and professional sports teams feedback on their training. It can, for instance, allow coaches to replay key moments from a game, even modeling different outcomes based on player positioning.

This is Hiro Capital’s 4th DSports and ‘connected fitness’ investment, and it joins Zwift, FitXR and NURVV. Hiro has also invested in eight games startups in the UK, USA and Europe, as befits the heritage of cofounder and partner Ian Livingstone, OBE,CBE, who is the former chairman of Tomb Raider publisher Eidos plc and all-round gaming pioneer.

PlayerData says it has captured more than 10,000 team sessions across UK soccer and rugby, and logged over 50 million meters of play. It also has strong network effects, it says. Every time a new team encounters one using Playerdata’s platform, it generates 5 more clubs as users.

Roy Hotrabhvanon is cofounder and CEO of PlayerData, and is a former international-level archer. He’s joined by Hayden Ball, cofounder and CTO, a firmware and cloud infrastructure expert.

playerdata app

playerdata app

In a statement Hotrabhvanon said: “Our mission is to bring fine-grained data and insight to clubs across team sports, helping them supercharge their game-making, improve player performance, and avoid injury… Our ultimate goal is to implement cutting-edge insights from pioneering wearables that are applicable to any team in any discipline at any level.”

Cherry Freeman, co-founding Partner at Hiro says: “PlayerData ticks all of our key boxes: a huge TAM with over 3m grass-roots clubs; a deep moat built on shared player data, machine learning and highly actionable predictive algorithms; compelling customer network effects; and a really impressive yet humble founding team.”

The PlayerData news forms part of a wider growth in digital sports, which includes such breakout names as Peloton, Tonal, Mirror, as well as Hiro’s portfolio investment, Zwift. With the pandemic putting an emphasison both home workouts and general health, the fascination with digital measurement of performance now has a growing grip on the sector.

Speaking to TechCrunch, Freeman added: “We think there are something like 3 million teams that are potential customers for PlayerData. Obviously the number of runners is enormous, and they only need to get a small slice of that market to have a very, very large business. At the end of the day everyone, everyone works out, even if you just go for a walk, so the target market’s huge and they started with running but their technology is applicable to a whole raft of other sports.”

#capital, #ceo, #chairman, #cofounder, #cycling, #edinburgh, #europe, #fiction, #finance, #hiro, #machine-learning, #partner, #player, #tc, #tesco, #tonal, #united-kingdom, #united-states, #wearable-technology, #zwift

0

UK’s Digital Markets Unit starts work on pro-competition reforms

A new UK public body that will be tasked with helping regulate the most powerful companies in the digital sector to ensure competition thrives online and consumers of digital services have more choice and control over their data has launched today.

The Digital Markets Unit (DMU), which was announced in November last year — following a number of market reviews and studies examining concerns about the concentration of digital market power — does not yet have statutory powers itself but the government has said it will consult on the design of the new “pro-competition regime” this year and legislate to put the DMU on a statutory footing as soon as parliamentary time allows.

Concerns about the market power of adtech giants Facebook and Google are key drivers for the regulatory development.

As a first job, the unit will look at how codes of conduct could work to govern the relationship between digital platforms and third parties such as small businesses which rely on them to advertise or use their services to reach customers — to feed into future digital legislation.

The role of powerful intermediary online gatekeepers is also being targeted by lawmakers in the European Union who proposed legislation at the end of last year which similarly aims to create a regulatory framework that can ensure fair dealing between platform giants and the smaller entities which do business under their terms.

The UK government said today that the DMU will take a sector neutral approach in examining the role of platforms across a range of digital markets, with a view to promoting competition.

The unit has been asked to work with the comms watchdog Ofcom, which the government named last year as its pick for regulating social media platforms under planned legislation due to be introduced this year (aka, the Online Safety Bill as it’s now called).

While that forthcoming legislation is intended to regulate a very wide range of online harms which may affect consumers — from bullying and hate speech to child sexual exploitation and other speech-related issues (raising plenty of controversy, and specific concerns about associated implications for privacy and security) — the focus for the DMU is on business impacts and consumer controls which may also have implications for competition in digital markets.

As part of its first work program, the government said the secretary of state for digital has asked the DMU to work with Ofcom to look specifically at how a code would govern the relationships between platforms and content providers such as news publishers — “including to ensure they are as fair and reasonable as possible”, as its press release puts it.

This suggests the DMU will be taking a considered look at recent legislation passed in Australia — which makes it mandatory for platforms to negotiate with news publishers to pay for reuse of their content.

Earlier this year, the head of the UK’s Competition and Markets Authority (CMA), which the DMU will sit within, told the BBC that Australia’s approach of having a backstop of mandatory arbitration if commercial negotiations between tech giants and publishers fail is a “sensible” approach.

The DMU will also work closely with the CMA’s enforcement division — which currently has a number of open investigations into tech giants, including considering complaints against Apple and Google; and an in-depth probe of Facebook’s Giphy acquisition.

Other UK regulators the government says the DMU will work closely with include the data protection watchdog (the ICO) and the Financial Conduct Authority.

It also said the unit will also coordinate with international partners, given digital competition is an issue that’s naturally globally in nature — adding that it’s already discussing its approach through bilateral engagement and as part of its G7 presidency.

“The Digital Secretary will host a meeting of digital and tech ministers in April as he seeks to build consensus for coordination on better information sharing and joining up regulatory and policy approaches,” it added.

The DMU will be led by Will Hayter, who takes up an interim head post in early May following a stint at the Cabinet Office working on Brexit transition policy. Prior to that he worked for several years at the CMU and also Ofcom, among other roles in regulatory policy.

 

#apple, #australia, #big-tech, #competition-and-markets-authority, #digital-markets-unit, #europe, #european-union, #facebook, #financial-conduct-authority, #g7, #google, #ofcom, #online-harms, #online-safety-bill, #policy, #social-media-platforms, #uk-government, #united-kingdom

0

Answers being sought from Facebook over latest data breach

Facebook’s lead data protection regulator in the European Union is seeking answers from the tech giant over a major data breach reported on over the weekend.

The breach was reported on by Business Insider on Saturday which said personal data (including email addresses and mobile phone numbers) of more than 500M Facebook accounts had been posted to a low level hacking forum — making the personal information on hundreds of millions of Facebook users’ accounts freely available.

“The exposed data includes the personal information of over 533M Facebook users from 106 countries, including over 32M records on users in the US, 11M on users in the UK, and 6M on users in India,” Business Insider said, noting that the dump includes phone numbers, Facebook IDs, full names, locations, birthdates, bios, and some email addresses.

Facebook responded to the report of the data dump by saying it related to a vulnerability in its platform it had “found and fixed” in August 2019 — dubbing the info “old data” which it also claimed had been reported on in 2019. However as security experts were quick to point out, most people don’t change their mobile phone number often — so Facebook’s trigger reaction to downplay the breach looks like an ill-thought through attempt to deflect blame.

It’s also not clear whether all the data is all ‘old’, as Facebook’s initial response suggests.

There’s plenty of reasons for Facebook to try to downplay yet another data scandal. Not least because, under European Union data protection rules, there are stiff penalties for companies that fail to promptly report significant breaches to relevant authorities. And indeed for breaches themselves — as the bloc’s General Data Protection Regulation (GDPR) bakes in an expectation of security by design and default.

By pushing the claim that the leaked data is “old” Facebook may be hoping to peddle the idea that it predates the GDPR coming into application (in May 2018).

However the Irish Data Protection Commission (DPC), Facebook’s lead data supervisor in the EU, told TechCrunch that it’s not abundantly clear whether that’s the case at this point.

“The newly published dataset seems to comprise the original 2018 (pre-GDPR) dataset and combined with additional records, which may be from a later period,” the DPC’s deputy commissioner, Graham Doyle said in a statement.

“A significant number of the users are EU users. Much of the data appears to been data scraped some time ago from Facebook public profiles,” he also said.

“Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality. Because the scraping took place prior to GDPR, Facebook chose not to notify this as a personal data breach under GDPR.”

Doyle said the regulator sought to establish “the full facts” about the breach from Facebook over the weekend and is “continuing to do so” — making it clear that there’s an ongoing lack of clarity on the issue, despite the breach itself being claimed as “old” by Facebook.

The DPC also made it clear that it did not receive any proactive communication from Facebook on the issue — despite the GDPR putting the onus on companies to proactively inform regulators about significant data protection issues. Rather the regulator had to approach Facebook — using a number of channels to try to obtain answers from the tech giant.

Through this approach the DPC said it learnt Facebook believes the information was scraped prior to the changes it made to its platform in 2018 and 2019 in light of vulnerabilities identified in the wake of the Cambridge Analytica data misuse scandal.

A huge database of Facebook phone numbers was found unprotected online back in September 2019.

Facebook had also earlier admitted to a vulnerability with a search tool it offered — revealing in April 2018 that somewhere between 1BN and 2BN users had had their public Facebook information scraped via a feature which allowed people to look up users by inputting a phone number or email — which is one potential source for the cache of personal data.

Last year Facebook also filed a lawsuit against two companies it accused of engaging in an international data scraping operation.

But the fallout from its poor security design choices continue to dog Facebook years after its ‘fix’.

More importantly, the fallout from the massive personal data spill continues to affect Facebook users whose information is now being openly offered for download on the Internet — opening them up to the risk of spam and phishing attacks and other forms of social engineering (such as for attempted identity theft).

There are still more questions than answers about how this “old” cache of Facebook data came to be published online for free on a hacker forum.

The DPC said it was told by Facebook that “the data at issue appears to have been collated by third parties and potentially stems from multiple sources”.

The company also claimed the matter “requires extensive investigation to establish its provenance with a level of confidence sufficient to provide your Office and our users with additional information” — which is a long way of suggesting that Facebook has no idea either.

“Facebook assures the DPC it is giving highest priority to providing firm answers to the DPC,” Doyle also said. “A percentage of the records released on the hacker website contain phone numbers and email address of users.

“Risks arise for users who may be spammed for marketing purposes but equally users need to be vigilant in relation to any services they use that require authentication using a person’s phone number or email address in case third parties are attempting to gain access.”

“The DPC will communicate further facts as it receives information from Facebook,” he added.

At the time of writing Facebook had not responded to a request for comment about the breach.

Facebook users who are concerned whether their information is in the dump can run a search for their phone number or email address via the data breach advice site, haveibeenpwned.

According to haveibeenpwned’s Troy Hunt, this latest Facebook data dump contains far more mobile phone numbers than email addresses.

He writes that he was sent the data a few weeks ago — initially getting 370M records and later “the larger corpus which is now in very broad circulation”.

“A lot of it is the same, but a lot of it is also different,” Hunt also notes, adding: “There is not one clear source of this data.”

 

#computer-security, #data-breach, #data-security, #european-union, #facebook, #gdpr, #general-data-protection-regulation, #social-media, #tc, #troy-hunt, #united-kingdom

0

UK’s antitrust watchdog takes a closer look at Facebook-Giphy

Potential threats to the free flow of GIFs continue to trouble the UK’s competition watchdog.

Facebook’s $400M purchase of Giphy, announced last year, is now facing an in-depth probe by the CMA after the regulator found the acquisition raises competition concerns related to digital advertising. It now has until September 15 to investigate and report.

The watchdog took a first look at the deal last summer. It kept on looking into 2021. And then last week the CMA laid out its concerns — saying the (already completed) Facebook-Giphy acquisition could further reduce competition in the digital advertising market where the former is already a kingpin player (with over 50% share of the display advertising market).

The regulator said it had found evidence that, prior to the acquisition, Giphy had planned to expand its own digital advertising partnerships to other countries, including the UK.

“If Giphy and Facebook remain merged, Giphy could have less incentive to expand its digital advertising, leading to a loss of potential competition in this market,” it wrote a week ago.

The CMA also said it was worried a Facebook-owned Giphy could harm social media rivals were the tech giant were to squeeze the supply of animated pixels to others — or require rivals to sign up to worse terms (such as forcing them to hand over user data which it might then use to further fuel its ad targeting engines, gaining yet more market power).

On March 25 the companies were given five days by the regulator to address its concerns — by offering legally binding proposals intended to allay concerns.

An in-depth ‘phase 2’ investigation could have been avoided if concessions were offered which were acceptable to the regulator but that is evidently not the case as the CMA has announced the phase 2 referral today. And given the announcement has come just five working days after the last notification it appears no concessions were offered.

We’ve reached out to Facebook and the CMA for comment.

A Facebook spokesperson said: “We will continue to fully cooperate with the CMA’s investigation. This merger is good for competition and in the interests of everyone in the UK who uses Giphy and our services — from developers to service providers to content creators.”

While Facebook has already completed its acquisition of Giphy, the CMA’s investigation continues to put a freeze on its ability to integrate Giphy more deeply into its wider business empire.

Albeit, given Facebook’s dominant position in the digital advertising space, its business need to move fast via product innovation is a lot less pressing than years past — when it was building its market dominance free from regulatory intervention.

In recent years, the CMA has been paying close mind to the digital ad market. Back in 2019 it reported report substantial concerns over the power of the adtech duopoly, Google and Facebook. Although in its final report it said it would wait for the government to legislate, rather than make an intervention to address market power imbalances itself.

The UK is now in the process of setting up a pro-competition regulator with a dedicated focus on big tech — in response to concerns about the ‘winner takes all’ dynamics seen in digital markets. This incoming Digital Market Unit will oversee a “pro-competition” regime for Internet platforms that will see fresh compliance requirements in the coming years.

In the meanwhile, the CMA continues to scrutinize tech deals and strategic changes — including recently opening a probe of Google’s plan to depreciate support for third party cookies in Chrome after complaints from other industry players.

In January it also announced it was taking a look at Uber’s plan to acquire Autocab. However on Monday it cleared that deal, finding only “limited indirect” competition between the pair, and not finding evidence to indicate Autocab was likely to become a significant and more direct competitor to Uber in the future.

The regulator also considered whether Autocab and Uber could seek to put Autocab’s taxi company customers that compete against Uber at a disadvantage by reducing the quality of the booking and dispatch software sold to them, or by forcing them to pass data to Uber. But its phase 1 probe found other credible software suppliers and referral networks that the CMA said these taxi companies could switch to if Uber were to act in such a way — leading to it to clear the deal.

#advertising-tech, #antitrust, #competition-and-markets-authority, #digital-advertising, #europe, #facebook, #giphy, #privacy, #social, #united-kingdom

0

Facebook gets a C – Startup rates the ‘ethics’ of social media platforms, targets asset managers

By now you’ve probably heard of ESG (Environmental, Social, Governance) ratings for companies, or ratings for their carbon footprint. Well, now a UK company has come up with a way of rating the ‘ethics’ social media companies. 
  
EthicsGrade is an ESG ratings agency, focusing on AI governance. Headed up Charles Radclyffe, the former head of AI at Fidelity, it uses AI-driven models to create a more complete picture of the ESG of organizations, harnessing Natural Language Processing to automate the analysis of huge data sets. This includes tracking controversial topics, and public statements.

Frustrated with the green-washing of some ‘environmental’ stocks, Radclyffe realized that the AI governance of social media companies was not being properly considered, despite presenting an enormous risk to investors in the wake of such scandals as the manipulation of Facebook by companies such as Cambridge Analytica during the US Election and the UK’s Brexit referendum.

EthicsGrade Industry Summary Scorecard – Social Media

The idea is that these ratings are used by companies to better see where they should improve. But the twist is that asset managers can also see where the risks of AI might lie.

Speaking to TechCrunch he said: “While at Fidelity I got a reputation within the firm for being the go-to person, for my colleagues in the investment team, who wanted to understand the risks within the technology firms that we were investing in. After being asked a number of times about some dodgy facial recognition company or a social media platform, I realized there was actually a massive absence of data around this stuff as opposed to anecdotal evidence.”

He says that when he left Fidelity he decided EthicsGrade would out to cover not just ESGs but also AI ethics for platforms that are driven by algorithms.

He told me: “We’ve built a model to analyze technology governance. We’ve covered 20 industries. So most of what we’ve published so far has been non-tech companies because these are risks that are inherent in many other industries, other than simply social media or big tech. But over the next couple of weeks, we’re going live with our data on things which are directly related to tech, starting with social media.”

Essentially, what they are doing is a big parallel with what is being done in the ESG space.

“The question we want to be able to answer is how does Tik Tok compare against Twitter or Wechat as against WhatsApp. And what we’ve essentially found is that things like GDPR have done a lot of good in terms of raising the bar on questions like data privacy and data governance. But in a lot of the other areas that we cover, such as ethical risk or a firm’s approach to public policy, are indeed technical questions about risk management,” says Radclyffe.

But, of course, they are effectively rating algorithms. Are the ratings they are giving the social platforms themselves derived from algorithms? EthicsGrade says they are training their own AI through NLP as they go so that they can automate what is currently very human analysts centric, just as ‘sustainalytics’ et al did years ago in the environmental arena.

So how are they coming up with these ratings? EthicsGrade says are evaluating “the extent to which organizations implement transparent and democratic values, ensure informed consent and risk management protocols, and establish a positive environment for error and improvement.” And this is all achieved, they say, all through publicly available data – policy, website, lobbying etc. In simple terms, they rate the governance of the AI not necessarily the algorithms themselves but what checks and balances are in place to ensure that the outcomes and inputs are ethical and managed.

“Our goal really is to target asset owners and asset managers,” says Radclyffe. “So if you look at any of these firms like, let’s say Twitter, 29% of Twitter is owned by five organizations: it’s Vanguard, Morgan Stanley, Blackrock, State Street and ClearBridge. If you look at the ownership structure of Facebook or Microsoft, it’s the same firms: Fidelity, Vanguard and BlackRock. And so really we only need to win a couple of hearts and minds, we just need to convince the asset owners and the asset managers that questions like the ones journalists have been asking for years are pertinent and relevant to their portfolios and that’s really how we’re planning to make our impact.”

Asked if they look at content of things like Tweets, he said no: “We don’t look at content. What we concern ourselves is how they govern their technology, and where we can find evidence of that. So what we do is we write to each firm with our rating, with our assessment of them. We make it very clear that it’s based on publicly available data. And then we invite them to complete a survey. Essentially, that survey helps us validate data of these firms. Microsoft is the only one that’s completed the survey.”

Ideally, firms will “verify the information, that they’ve got a particular process in place to make sure that things are well-managed and their algorithms don’t become discriminatory.”

In an age increasingly driven by algorithms, it will be interesting to see if this idea of rating them for risk takes off, especially amongst asset managers.

#articles, #artificial-intelligence, #asset-management, #blackrock, #environmentalism, #esg, #europe, #facebook, #facial-recognition, #fidelity, #finance, #governance, #microsoft, #morgan-stanley, #natural-language-processing, #social-media, #tc, #technology, #twitter, #united-kingdom, #united-states

0

Google promises better 3D maps

Google is announcing a handful of major updates to Google Maps today that range from bringing its Live View AR directions indoors to adding weather data to its maps, but the most tantalizing news — which in typical Google fashion doesn’t have an ETA just yet — is that Google plans to bring a vastly improved 3D layer to Google maps.

Using photogrammetry, the same technology that also allows Microsoft’s Flight Simulator to render large swaths of the world in detail, Google is also building a model of the world for its Maps service.

“We’re going to continue to improve that technology that helps us fuse together the billions of aerials, StreetView and satellite images that we have to really help us move from that flat 2D map to a more accurate 3D model than we’ve ever had. And be able to do that more quickly. And to bring more detail to it than we’ve ever been able to do before,” Dane Glasgow, Google’s VP for Geo Product Experience, said in a press event ahead of today’s announcement. He noted that this 3D layer will allow the company to visualize all its data in new and interesting ways.

Image Credits: Google

How exactly this will play out in reality remains to be seen, but Glasgow showed off a new 3D route preview, for example, with all of the typically mapping data overlayed on top of the 3D map.

Glasgow also noted that this technology will allow Google to parse out small features like stoplights and building addresses, which in turn will result in better directions.

“We also think that the 3D imagery will allow us to visualize a lot of new information and data overlaid on top, you know, everything from helpful information like traffic or accidents, transit delays, crowdedness — there’s lots of potential here to bring new information,” he explained.

Image Credits: Google

As for the more immediate future, Google announced a handful of new features today that are all going to roll out in the coming months. Indoor Live View is the flashiest of these. Google’s existing AR Live View walking directions currently only work outdoors, but thanks to some advances in its technology to recognize where exactly you are (even without a good GPS signal), the company is now able to bring this indoors. This feature is already live in some malls in the U.S. in Chicago, Long Island, Los Angeles, Newark, San Francisco, San Jose, and Seattle, but in the coming months, it’ll come to select airports, malls and transit stations in Tokyo and Zurich as well (just in time for vaccines to arrive and travel to — maybe — rebound). Because Google is able to locate you by comparing the images around you to its database, it can also tell what floor you are on and hence guide you to your gate at the Zurich airport, for example (though in my experience, there are few places with better signage than airports…).

Also new are layers for weather data (but not weather radar) and air quality in Google Maps. The weather layer will be available globally on Android and iOS in the coming months, with the air quality layer only launching for Australia, India and the U.S. at first.

Image Credits: Google

Talking about air quality, Google Maps will also get a new eco-friendly routing option that lets you pick the driving route that produces the least CO2 (coming to Android and iOS later this year), and it will finally feature support for low emission zones, a feature of many a European City. Low emission zones on Google Maps will launch in June in Germany, France, Spain and the UK on Android and iOS. More countries will follow later.

And to bring this all together, Google will update its directions interface to show you all of the possible modes of transportations and routing options, prioritized based on your own preferences, as well as based on what’s popular in the city you are in (think he subway in NYC or bike-sharing in Portland).

Also new are more integrated options for curbside grocery pickups in partnership with Instacart and Albertsons, if that’s your thing.

And there you have it. As is so often the case with Google’s announcement, the most exciting new features the company showed off don’t have an ETA and may never launch, but until then you can hold yourself over by getting your weather forecasts on Google Maps.

#albertsons, #android, #artificial-intelligence, #australia, #chicago, #computing, #eta, #france, #germany, #google, #google-search, #google-maps, #gps, #india, #instacart, #los-angeles, #maps, #newark, #operating-systems, #portland, #san-francisco, #san-jose, #seattle, #software, #spain, #tokyo, #united-kingdom, #united-states, #zurich

0

Men’s health startup Manual raises $30M Series A from US and European investors

Men’s health and wellbeing startup Manual has raised a $30m Series A round from US-based Sonoma Brands and Waldencast, and Manual’s existing European investors Felix Capital and Cherry Ventures. FJ Labs and the GISEV Family Office also participated in the round. The cash will be used for product development and international expansion. Manual provides diagnostics, treatments and ongoing care and plans to expand across Europe, Asia and Latin America. The company has already expanded to Brazil.

Manual is competing with Numan (raised $13M), also from the UK (Manual launched a month earlier than them). In the US it is competing with Ro (raised $876.1M) and Hims (listed). All these brands tend to focus on issues like vitamins and erectile dysfunction, with the, often common refrain of, ‘normalizing’ the idea that men should look after themselves better, across a number of fronts and removing stigma’s around sexual health. It performs blood tests and other tests to analyze heart health, gut health, testosterone, sleep, energy, and immunity. They are pushing at a large market, as men historically avoid doctors.

Manual app

Manual app

George Pallis, CEO and Founder, previously led marketing at Wise and Deliveroo. In a statement he said: “We’ve been encouraged to see men of all ages increasingly turning to Manual to solve multiple health problems, with almost half of our customers seeking help for more than one issue. It’s clear that a health concern may have more than one cause, and we can provide customers with the ability to treat their health in a more holistic way. Using different treatments to understand and improve their wellbeing.”

Speaking to during an interview Pallis added: “We built our own teleconsultation product and have different applications for the blood test offering. When you get your results we will offer a clinician, we’ll walk you through all the data and the learnings. We offer tools where people can monitor their progress and have regular check-ins with our medical team.”

Antoine Nussenbaum, co-Founder and partner of Felix Capital, commented: “There is still much work to be done to remove the taboo when it comes to men looking after their wellbeing and talking openly about health concerns. But we’re starting to see a shift happen amongst consumers.”

Kevin Murphy, Managing Director of Sonoma Brands, commented: “Manual exists to empower men to take better care of themselves and to live fuller lives by doing so. George and his team have the clarity of vision and the skill to make Manual a leader in this exciting and important area.”

#antoine-nussenbaum, #articles, #asia, #brazil, #ceo, #cherry-ventures, #deliveroo, #energy, #europe, #felix-capital, #fj-labs, #health, #latin-america, #leader, #manual, #online-food-ordering, #tc, #united-kingdom, #united-states, #well-being

0

FatFace tells customers to keep its data breach ‘strictly private’

Clothing giant FatFace had a data breach, but doesn’t want you to tell anyone about it.

The company sent an email to customers this week disclosing that it first detected a breach on January 17. A hacker made off with the customer’s name, email and postal address, and the last four-digits of their credit card. “Full payment card information was not compromised,” the notice reiterated.

But despite going out to thousands of customers, the email said to “keep this email and the information included within it strictly private and confidential,” an entirely unenforceable request.

Under the U.K. data protection laws, a company must disclose a data breach within 72 hours of becoming aware of an incident, but there are no legal requirements on the customer to keep the information confidential. It didn’t take long for the company to face flack from the public. The company didn’t have much to say in response, asking instead to “DM us with any questions.”

In a statement sent via crisis communications firm Kekst CNC, FatFace said: “The notification email was marked private and confidential due to the nature of the communication, which was intended for the individual concerned. Given its contents, we wanted to make this clear, which is why we marked it private and confidential.” (FatFace declined to attribute the statement to a named spokesperson.)

TechCrunch obtained a near-identical email sent to its staff from a former employee who asked not to be named. The email to employees was largely the same as the customer email, but warned that staff may have had their bank account information and their National Insurance numbers — the U.K. equivalent of Social Security — compromised.

FatFace confirmed “a select number of employees, former employees and customers and providing appropriate guidance and support,” but would not say specifically how many customers and employees were affected by the breach.

#computer-security, #computing, #crisis-communications, #cybercrime, #data-breach, #data-security, #email, #information-technology, #security, #spokesperson, #united-kingdom

0

Astroscale launches its ELSA-d orbital debris removal satellite

Space startup Astroscale has launched ELSA-d, the demonstration mission for its End-of-Life Services by Astroscale (ELSA) technology, which aims to dock with, and then safely remove, orbital debris. Astroscale’s demonstrator package includes two separate payloads, a servicer that represents its future production spacecraft, and a ‘client’ satellite that’s meant to represent the debris satellites it’ll be de-orbiting on behalf of customers in future.

The Astrocale payload was launched via a Soyuz rocket that took off early this morning from Kazakhstan carrying 38 commercial satellites from 18 countries. It’s the first Astroscale spacecraft to reach orbit, since the startup’s founding in 2013 by Japanese entrepreneur Nobu Okada. Astroscale had launched a micro satellite designed to measure small-scale debris in 2017, but all 18 of the satellites on that particular mission failed to reach orbit, due to human error in the launch vehicle’s programming.

This ELSA-d mission is a much more ambitious effort, and involves what amounts to an active on-orbit demonstration of the technology that Astroscale ultimately hopes to commercialize. The mission profile includes repeat docking and release maneuvers between the servicer satellite and the simulated client satellite, which is equipped with a ferromagnetic plate to assist the servicer with its magnetic docking procedure.

Astroscale hopes to prove out a range of its advertised capabilities with this demonstration, including the servicer’s ability to search out and located the client satellite, inspect it for damage, and then dock with it as mentioned, in both non-tumbling and tumbling scenarios (ie., a payload that’s maintaining a stable orbit, and one that’s spinning end-over-end in space with no ability to control its own attitude).

There’s a lot riding on this mission, which will be controlled from a ground center established by Astroscale in the UK. Aside from its long-term commercial ambitions, the startup is also contracted to partner with JAXA on the Japanese space agency’s first orbital debris removal mission, which aims to be the first in the world to remove a large object from orbit, representing the spent upper stage of a launch rocket.

#aerospace, #articles, #astroscale, #entrepreneur, #jaxa, #kazakhstan, #orbital-debris, #outer-space, #partner, #space, #space-debris, #spaceflight, #startups, #tc, #united-kingdom

0

Credit-and-collect fintech start-up Diem raises $5.5M Seed led by Fasanara Capital

Diem, a London, UK-based fintech start-up has raised a seed round of $5.5 million led by Fasanara Capital, and Angel investor Chris Adelsbach, founder of Outrun Ventures. Additional investors include Andrea Molteni (early investor in Farfetch), Ben Demiri (co-chairman at fashion tech PlatformE) and Nicholas Kirkwood (founder of the eponymous brand). 

Diem is a debit card with an app affording instant cash access, traditional banking service benefits (debit card, domestic and international bank transfers), but also allowing consumers to dispose of goods for eventual resale. The idea here is that this feeds into the so-called circular economy, making Diem attractive from an environmental point of view. Some estimates put the amount of worth of goods disposed of in the last 15 years at $6.9Tn.

Here’s how it works: You have an old time of clothing, phone, book or bag, for instance. You load the item it into the app. The app makes you an offer for what the item is worth. If you accept, cash is loaded into your account and there’s a facility to spend in the item, which is then resold. The incentive, therefore, is not to throw away the object and add to landfill, because you have now turned it into cash. Think “neo bank meets people who sell your stuff on eBay”

Geri Cupi said in a statement: “Diem’s mission is to empower consumers to value, unlock, and enjoy wealth they never knew they had. All of this while fuelling the circular economy and supporting the commitment to sustainability as our key value proposition. DIEM makes it possible for capitalism and sustainability to co-exist.”

Lead Investor and CEO at Fasanara Capital, Francesco Filia, said: “Fasanara is excited to announce our partnership with DIEM and Geri Cupi… [it’s] a new generation fintech powered by principles of circular economy and look forward to support its growth.”

#bank, #bank-transfers, #banking, #cash, #ceo, #debit-card, #europe, #farfetch, #founder, #london, #money, #outrun-ventures, #tc, #united-kingdom

0

Trading platform eToro to go public via SPAC merger in $10B deal

Multi-asset investing and trading platform and Robinhood competitor eToro announced Tuesday it will go public via a merger with SPAC FinTech Acquisition Corp. V in a massive $10.4 billion deal.

Once the transaction closes sometime in the third quarter, the combined company will operate as eToro Group Ltd. and is expected to be listed on the Nasdaq exchange.

The 14-year-old Israeli company was founded on a “vision of opening up capital markets.” It launched its platform in the U.S. just over two years ago and has seen rapid growth as of late. Last year, eToro said it added over 5 million new registered users and generated gross revenues of $605 million, representing 147% year over year growth. In January alone, the company added over 1.2 million new registered users and executed more than 75 million trades on its platform. That compares to 2019 when monthly registrations averaged 192,000 and 2020, when they grew to 440,000.

eToro said its platform is capitalizing on a number of secular trends such as the rise of digital wealth platforms, growing retail participation and mainstream crypto adoption. The company no doubt benefitted from the recent rise in retail investment interest, and in consumer investment apps and services specifically, which resulted from the so-called ‘meme stock’ activity that began with Redditors trading GameStop stock in order to frustrate institutional short-sellers.

The platform, which spans “social” stock trading and cryptocurrency exchange, in November 2019 acquired Delta, the crypto portfolio tracker app. eToro claims to be one of the first regulated platforms to offer cryptoassets. Its platform is regulated in the U.K., Europe, Australia, the U.S. and Gibraltar.

The transaction includes commitments for a $650 million common share private placement from leading investors including ION Investment Group, SoftBank Vision Fund 2, Third Point LLC, Fidelity Management & Research Company LLC and Wellington Management. The overall $10.4 billion implied equity value of the merger arrangement includes an implied enterprise value for eToro of $9.6 billion.

eToro currently has over 20 million registered users across 100 countries, and its social community is rapidly expanding due to the growth of its total addressable market, supported in part by secular trends such as the growth of digital wealth platforms and the rise in retail participation.

It expects to receivedapproval from FINRA for a broker dealer license, with plans to launch stocks in the U.S. in the second half of 2021. In a written statement, FinTech V chairman Betsy Cohen said that its sponsor platform Fintech Masala seeks out companies “with outsized growth, effective controls and excellent management teams.”

“eToro meets all three of these criteria,” she added. “In the last few years, eToro has solidified its position as the leading online social trading platform outside the U.S., outlined its plans for the U.S. market, and diversified its income streams. It is now at an inflection point of growth, and we believe eToro is exceptionally positioned to capitalize on this opportunity.”

#australia, #betsy-cohen, #broker, #cryptocurrency, #cryptocurrency-exchange, #etoro, #europe, #finance, #financial-services, #financial-technology, #finra, #fintech, #gamestop, #ing-group, #money, #robinhood, #softbank, #softbank-vision-fund, #spac, #tc, #third-point-llc, #united-kingdom, #united-states, #wellington-management

0

InBalance Research forecasts demand for energy suppliers to ensure they optimize distribution

From distributed homes in Cambridge, Mass. and Cambridge, England, inBalance Research is joining Y Combinator as it looks to accelerate its business as the oracle for independent energy providers, utilities, and market makers.

Selling a service it calls Delphi, the very early stage startup is hoping to provide analysis for power producers and utilities on the demand forecasts of energy markets.

The orchestration of energy load across the grid has become a more pressing issue for utilities around the country after witnessing the disastrous collapse of Texas’ power grid in response to its second “once-in-a-century” storm in the last decade.

 

“If we want to address the solution longterm, it’s a two part solution,” said inBalance co-founder and chief executive, Thomas Marge. “It’s a combination of hardware and software. You need the right assets online and you need the right software that can ensure that markets operate when there are extreme market shocks.”

Prices for electricity change every 15 minutes, and sometimes those pries can fluctuate wildly. In some places, even without the weather conditions that demolished the Texas grid and drove some companies out of business, prices can double in a matter of hours, according to inBalance.

That’s what makes forecasting tools important, the company said. As prices spike, asset managers of finite responsive resources such as hydro and storage need to decide if they will offer more value to the market now or later. Coming online too early or too late will decrease the revenue for their clean generation and increase peak prices for consumers.

The situation is even worse, according to the company, if storage and intermittent renewables come online at the same time. That can create downward price pressure for both the storage and renewable assets, which, in turn, can lead to increased fossil fuel generation later the same day, once cleaner sources are depleted.

The software to predict those pressures is what inBalance claims to provide. Marge and his fellow co-founders, Rajan Troll and Edwin Fennell have always been interested in the problems associated with big data and energy.

For Marge, that began when he worked on a project to optimize operations for wind farms during a stint in Lexington, Mass.

“Fundamentally we’re a data science solution,” said Marge. “It’s a combination of knowing what factors influence every single asset on every single market in North America. We have a glimpse into how those assets are going to be working one day before to one hour before in order to do price forecasting.” 

So far, one utility using the company’s software in the Northeast has managed to curb its emissions by 0.2%. With a focus on renewables, inBalance is hoping to roll out larger reductions to the 3,000 market participants that are also using its forecasting tools for other services. Another application is in the work inBalance is conducting with a gas peaker plant to help offset the intermittency of renewable generation sources.

The reduction in emissions in New England is particularly impressive given that the company only began working with the utility there in December. Given its forecasting tools, the company is able to provide a window into which assets might be most valuable at what time — including, potentially, natural gas peaking plants, hydropower, pumped hydropower (basically an energy storage technology), battery or flywheel energy storage projects and demand response technologies that encourage businesses and consumers to reduce consumption in response to price signals, Marge said.

Already, six companies have taken a trip to see the Delphi software and come away as early users. They include a global renewable asset manager and one of the top ten largest utilities in the U.S., according to Marge.

“We use machine learning to accurately forecast electricity prices from terabytes of public and proprietary data. The solution required for daily power system stability is both hardware—like storage and electric vehicle charging—and the software required to optimally use it. inBalance exists to be that software solution,” the company said in a statement. 

 

#articles, #cambridge, #delphi, #early-stage-startup, #energy, #energy-storage, #machine-learning, #massachusetts, #natural-gas, #north-america, #renewable-energy, #smart-grid, #tc, #texas, #united-kingdom, #united-states, #y-combinator

0

Taiwanese reassurances that water shortages won’t hit chipmaking show climate change’s direct threat to tech

A weekend statement from the Taiwanese government over its ability to provide water to the nation’s chip manufacturers in the face of an unprecedented drought make it clear that climate change is a direct threat to the foundations of the tech industry.

As reported by Bloomberg, Taiwanese president Tsai Ing-wen took to Facebook on Sunday to post about the nation’s capacity to provide water to its citizens and businesses in the face of the worst drought the nation has faced in 56 years.

The nation said that it would have sufficient water reserves to ensure manufacturing of semiconductors by companies like Taiwan Semiconductor Manufacturing wouldn’t stop.

These chips sit at the foundation of the tech industry and any disruption in production could have disastrous consequences for the global economy. Already, supply constraints have caused stoppages at automakers like General Motors and Volkswagen, and chip manufacturing facilities are running close to capacity.

The Biden administration has emphasized the need for the U.S. to strengthen its semiconductor manufacturing supply when it issued an executive order last month to address ongoing chip shortages that have idled manufacturing plants around the country.

“Taiwan’s water shortage and its effect on semis is a wake up call for every technology investor, every founder and the entire venture ecosystem. It is complexity theory made manifest and only serves to show that scalable, data-driven solutions rapidly deployed across large industrial markets are our only hope in correcting the course,” wrote Vaughn Blake, a partner at the energy-focused investment firm Blue Bear Capital.

Taiwan’s water woes and their ability to severely impact the semiconductor industry aren’t new. They were even flagged in a 2016 Harvard Business School case study analysis. And TSMC is already working to address its water consumption.

By 2016, TSMC had already worked to improve its water purification and recycling efforts — necessary for an industry that consumes between 2-9 million gallons of water per day. (Intel alone used 9 billion gallons of water in 2015). At least some of TSMC’s fabrication facilities have managed to achieve recycling rates of 90% on industrial wastewater, according to the Harvard case study.

But as Moore’s Law drives down the size and increases the demand for even more precision and fewer impurities in the manufacturing process, water use at fabs is going up. Next generation chips may be consuming as much as 1.5 times more water, which means better recycling is needed to compensate.

For startups, we need to be looking at ways to lower the cost and improve the performance of wastewater recycling and desalination, both increasingly energy-intensive propositions.

Some companies are doing just that. These are businesses like Blue Boson out of the UK, which purports to have developed a quantum-based water treatment technology. Its claims sound more like science fiction, but its website touts some of the best research universities in the world. Fido, a leak detection company also out of the UK tracks potential spots where water is wasted, and both Pontic Technology and Micronic are American companies developing water and fluid sterilization systems.

Numix, another purification startup, seems designed to remove the heavy metals that are part and parcel of industrial manufacturing. And Divining Labs out of Los Angeles is using artificial intelligence to better predict and manage stormwater runoff to collect more resources for water use.

“Upton Sinclair said, ‘It is difficult to get a man to understand something, when his salary depends on him not understanding it,’” Blake of Blue Bear Capital wrote. “Well, to all the founders and investors out there, it looks like all tech is climate tech for the foreseeable future, lest there be no tech at all.”

#artificial-intelligence, #biden-administration, #energy, #executive, #fido, #general-motors, #harvard, #harvard-business-school, #intel, #los-angeles, #manufacturing, #president, #sanitation, #semiconductor, #semiconductors, #taiwan, #tc, #tsai-ing-wen, #tsmc, #united-kingdom, #united-states, #volkswagen, #water-treatment

0