Facebook’s outage likely cost the company over $60 million

Facebook’s outage likely cost the company over $60 million

Enlarge (credit: Getty Images)

In a major outage yesterday, Facebook, along with its sibling sites, WhatsApp and Instagram, became unreachable for hours. Real-time website status tracker DownDetector received over 14 million reports from users who couldn’t use the social media giant’s apps and services.

But beyond the obvious inconvenience to those cut off from these services, yesterday’s outage has had financial repercussions not only for Facebook, but many small businesses that rely on the platform.

Downtime estimated to cost Facebook over $60 million

Facebook’s 2020 revenue was $86 billion. Experts have used this number to approximate the average loss incurred by the company yesterday at $163,565 for every minute of the outage. Over the six-hour period, this sums up to roughly $60 million in lost revenue. Whereas, another report by Fortune pinned the loss at $100 million, while stating that “for many companies, a $100 million drop in revenue over any time period would be a financial event of significant concern. For Facebook, it is (for now) a drop in the bucket that investors will likely shrug off.”

Read 9 remaining paragraphs | Comments

#bgp, #biz-it, #dns, #downtime, #facebook, #instagram, #outage, #tech, #whatsapp

Facebook warned over ‘very small’ indicator LED on smart glasses, as EU DPAs flag privacy concerns

Facebook’s lead privacy regulator in Europe has raised concerns about a pair of ‘smart’ Ray-Ban sunglasses the tech giant is now selling. The glasses include a face-mounted camera which can be used to take pictures and short videos with a verbal cue.

Ireland’s Data Protection Commission (DPC) said Friday that it’s asked the tech giant to demonstrate that an LED indicator light also mounted on the specs — which lights up when the user is taking a video — is an effective way of putting other people on notice that they are being recorded by the wearer.

Italy’s privacy watchdog, the Garante, already raised concerns about Facebook’s smart glasses — but Ireland has an outsized role as a regulator for the tech giant owing to where the company’s regional base is located.

Facebook announced what it couched as the “next step” on the road to making a pair of augmented reality ‘smart’ glasses a full year ago — saying initial specs would not include any AR but announcing a multi-year partnership luxury eyewear giant Luxottica, as it seemingly planned for a pipeline of increasingly feature-loaded ‘smart’ eyewear.

The first Facebook Ray-Ban-branded specs went on sale earlier this month — looking mostly like a standard pair of sunglasses but containing two 5 MP cameras mounted on the front that enable the user to take video of whatever they’re looking at and upload it to a new Facebook app called View. (The sunglasses also contain in-frame speakers so the user can listen to music and take phone calls.)

The specs also include a front mounted LED light which is supposed to switch on to indicate when a video is being recorded. However European regulators are concerned that what the DPC describes as a “very small” indicator is an inadequate mechanism for alerting people to the risk they are being recorded.

Facebook has not demonstrated it conducted comprehensive field testing of the device with a view to assessing the privacy risk it may pose, it added.

“While it is accepted that many devices including smart phones can record third party individuals, it is generally the case that the camera or the phone is visible as the device by which recording is happening, thereby putting those captured in the recordings on notice. With the glasses, there is a very small indicator light that comes on when recording is occurring. It has not been demonstrated to the DPC and Garante that comprehensive testing in the field was done by Facebook or Ray-Ban to ensure the indicator LED light is an effective means of giving notice,” the DPC wrote.

Facebook’s lead EU data protection regulator goes on to say it is calling on the tech giant to “confirm and demonstrate that the LED indicator light is effective for its purpose and to run an information campaign to alert the public as to how this new consumer product may give rise to less obvious recording of their images”.

Facebook has been contacted with questions.

It is not clear whether Facebook engaged with any EU privacy regulators during the design of the smart glasses.

Nor whether or when they might launch in Europe.

The specs sent on sale in the US earlier this month — costing $299. The price to Americans’ privacy is tbc.

Over the years, Facebook has delayed (or even halted) some of its product launches in Europe following regulatory concerns — including a facial tagging feature (which it later reintroduced in another form).

The launch of Facebook’s dating service in Europe was also delayed for more than nine months — and arrived with some claimed changes after an intervention by the DPC.

There are also ongoing limits on how the Facebook-owned messaging platform WhatsApp can share data with Facebook itself in Europe, again owing to regulatory push back. Although plenty of data does still flow from WhatsApp to Facebook in the EU and — zooming out — scores of privacy complaints against the tech giant remain under investigation in the region, meaning these issues are undecided and unenforced.

Earlier this month Ireland’s DPC did announce its first decision against a Facebook company (under the EU’s GDPR)  — hitting WhatsApp with a $267 penalty related to transparency failures. However the DPC has multiple unresolved complaints against Facebook or Facebook-owned businesses still on its desk.

In January the Irish regulator also agreed to “swiftly” resolve a (pre-GDPR) 2013 complaint against Facebook’s data transfers out of the EU to the US. That decision is still pending too.

#data-protection-commission, #europe, #european-union, #eyewear, #facebook, #gadgets, #gdpr, #glasses, #ireland, #italy, #luxottica, #privacy, #ray-ban, #smartglasses, #sunglasses, #united-states, #whatsapp

Facebook revamps its business tool lineup following threats to its ad targeting business

Facebook today is announcing the launch of new products and features for business owners, following the threat to its ad targeting business driven by Apple’s new privacy features, which now allow mobile users to opt out of being tracked across their iOS apps. The social networking giant has repeatedly argued that Apple’s changes would impact small businesses that relied on Facebook ads to reach their customers. But it was not successful in getting any of Apple’s changes halted. Instead, the market is shifting to a new era focused more on user privacy, where personalization and targeting are more of an opt-in experience. That’s required Facebook to address its business advertiser base in new ways.

As the ability to track consumers declines — very few consumers are opting into tracking, studies find — Facebook is rolling out new features that will allow businesses to better position themselves in front of relevant audiences. This includes updates that will let them reach customers, advertise to customers, chat with customers across Facebook apps, generate leads, acquire customers and more.

The company earlier this year began testing a way for customers to explore businesses from underneath News Feed posts by tapping on topics they were interested in — like beauty, fitness, and clothing, and explore content from other related businesses. The feature allows people to come across new businesses that may also like, and would allow Facebook to create its own data set of users who like certain types of content. Over time, it could possibly even turn the feature into an ad unit, where businesses could pay for higher placement.

But for the time being, Facebook will expand this feature to more users across the U.S., and launch it in Australia, Canada, Ireland, Malaysia, New Zealand, Philippines, Singapore, South Africa, and the U.K.

Image Credits: Facebook

Facebook is also making it easier for businesses to chat with customers. They’re already able to buy ads that encourage people to message them on Facebook’s various chat platforms — Messenger, Instagram Direct, or WhatsApp. Now, they’ll be able to choose all the messaging platforms where they’re available, and Facebook will default the chat app showcased in the ad based on where the conversation is most likely to happen.

Image Credits: Facebook

The company will tie WhatsApp to Instagram, as well, as part of this effort. Facebook explains that many businesses market themselves or run shops across Instagram, but rely on WhatsApp to communicate with customers and answer questions. So, Facebook will now allow businesses to add a WhatsApp click-to-chat button to their Instagram profiles.

This change, in particular, represents another move that ties Facebook’s separate apps more closely together, at a time when regulators are considering breaking up Facebook over antitrust concerns. Already, Facebook interconnected Facebook’s Messenger and Instagram messaging services, which would make such a disassembly more complicated. And more recently, it’s begun integrating Messenger directly into Facebook’s platform itself.

Image Credits: Facebook

In a related change, soon businesses will be able to create ads that send users directly to WhatsApp from the Instagram app. (Facebook also already offers ads like this.)

Separately from this news, Facebook announced the launch of a new business directory on WhatsApp, allowing consumers to find shops and services on the chat platform, as well.

Another set of changes being introduced involve an update to Facebook Business Suite. Businesses will be able to manage emails through Inbox and sending remarketing emails; use a new File Manager for creating, managing, and posting content; and access a feature that will allow businesses to test different versions of a post to see which one is most effective.

Image Credits: Facebook

Other new products include tests of paid and organic lead generation tools on Instagram; quote requests on Messenger, where customers answer a few questions prior to their conversations; and a way for small businesses to access a bundle of tools to get started with Facebook ads, which includes a Facebook ad coupon along with free access to QuickBooks for 3 months or free access to Canva Pro for 3 months.

Image Credits: Facebook

Facebook will also begin testing something called “Work Accounts,” which will allow business owners to access their business products, like Business Manager, separately from their personal Facebook account. They’ll be able to manage these accounts on behalf of employees and use single-sign-on integrations.

Work Accounts will be tested through the remainder of the year with a small group of businesses, and Facebook says it expects to expand availability in 2022.

Other efforts it has in store include plans to incorporate more content from creators and local businesses and new features that let users control the content they see, but these changes were not detailed at this time.

Most of the products being announced are either rolling out today or will begin to show up soon.

#advertising-tech, #app-store, #australia, #canada, #canva, #computing, #facebook, #instagram, #ireland, #malaysia, #messenger, #new-zealand, #philippines, #private-message, #singapore, #social, #social-media, #software, #south-africa, #technology, #united-kingdom, #united-states, #whatsapp

WhatsApp will finally let users encrypt their chat backups in the cloud

WhatsApp said on Friday it will give its two billion users the option to encrypt their chat backups to the cloud, taking a significant step to put a lid on one of the tricky ways private communication between individuals on the app can be compromised.

The Facebook-owned service has end-to-end encrypted chats between users for more than a decade. But users have had no option but to store their chat backup to their cloud — iCloud on iPhones and Google Drive on Android — in an unencrypted format.

Tapping these unencrypted WhatsApp chat backups on Google and Apple servers is one of the widely known ways law enforcement agencies across the globe have been able to access WhatsApp chats of suspect individuals for years.

Now WhatsApp says it is patching this weak link in the system.

“WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems,” said Facebook’s chief executive Mark Zuckerberg said in a post announcing the new feature.

Store your own encryption keys

The company said it has devised a system to enable WhatsApp users on Android and iOS to lock their chat backups with encryption keys. WhatsApp says it will offer users two ways to encrypt their cloud backups, and the feature is optional.

In the “coming weeks,” users on WhatsApp will see an option to generate a 64-digit encryption key to lock their chat backups in the cloud. Users can store the encryption key offline or in a password manager of their choice, or they can create a password that backs up their encryption key in a cloud-based “backup key vault” that WhatsApp has developed. The cloud-stored encryption key can’t be used without the user’s password, which isn’t known by WhatsApp.

(Image: WhatsApp/supplied)

“We know that some will prefer the 64-digit encryption key whereas others want something they can easily remember, so we will be including both options. Once a user sets their backup password, it is not known to us. They can reset it on their original device if they forget it,” WhatsApp said.

“For the 64-digit key, we will notify users multiple times when they sign up for end-to-end encrypted backups that if they lose their 64-digit key, we will not be able to restore their backup and that they should write it down. Before the setup is complete, we’ll ask users to affirm that they’ve saved their password or 64-digit encryption key.”

A WhatsApp spokesperson told TechCrunch that once an encrypted backup is created, previous copies of the backup will be deleted. “This will happen automatically and there is no action that a user will need to take,” the spokesperson added.

Potential regulatory pushback?

The move to introduce this added layer of privacy is significant and one that could have far-reaching implications.

End-to-end encryption remains a thorny topic of discussion as governments continue to lobby for backdoors. Apple was reportedly pressured to not add encryption to iCloud Backups after the FBI complained, and while Google has offered users the ability to encrypt their data stored in Google Drive, the company allegedly didn’t tell governments before it rolled out the feature.

When asked by TechCrunch whether WhatsApp, or its parent firm Facebook, had consulted with government bodies — or if it had received their support — during the development process of this feature, the company declined to discuss any such conversations.

“People’s messages are deeply personal and as we live more of our lives online, we believe companies should enhance the security they provide their users. By releasing this feature, we are providing our users with the option to add this additional layer of security for their backups if they’d like to, and we’re excited to give our users a meaningful advancement in the safety of their personal messages,” the company told TechCrunch.

WhatsApp also confirmed that it will be rolling out this optional feature in every market where its app is operational.  It’s not uncommon for companies to withhold privacy features for legal and regulatory reasons. Apple’s upcoming encrypted browsing feature, for instance, won’t be made available to users in certain authoritarian regimes, such as China, Belarus, Egypt, Kazakhstan, Saudi Arabia, Turkmenistan, Uganda, and the Philippines.

At any rate, Friday’s announcement comes days after ProPublica reported that private end-to-end encrypted conversations between two users can be read by human contractors when messages are reported by users.

“Making backups fully encrypted is really hard and it’s particularly hard to make it reliable and simple enough for people to use. No other messaging service at this scale has done this and provided this level of security for people’s messages,” Uzma Barlaskar, product lead for privacy at WhatsApp, told TechCrunch.

“We’ve been working on this problem for many years, and to build this, we had to develop an entirely new framework for key storage and cloud storage that can be used across the world’s largest operating systems and that took time.”

#apple, #apps, #facebook, #google, #google-drive, #icloud, #mark-zuckerberg, #privacy, #signal, #social, #tc, #telegram, #whatsapp

WhatsApp “end-to-end encrypted” messages aren’t that private after all

WhatsApp logo

Enlarge / The security of Facebook’s popular messaging app leaves several rather important devils in its details. (credit: WhatsApp)

Yesterday, independent newsroom ProPublica published a detailed piece examining the popular WhatsApp messaging platform’s privacy claims. The service famously offers “end-to-end encryption,” which most users interpret as meaning that Facebook, WhatsApp’s owner since 2014, can neither read messages itself nor forward them to law enforcement.

This claim is contradicted by the simple fact that Facebook employs about 1,000 WhatsApp moderators whose entire job is—you guessed it—reviewing WhatsApp messages that have been flagged as “improper.”

End-to-end encryption—but what’s an “end”?

This snippet from WhatsApp's <a href="https://faq.whatsapp.com/general/security-and-privacy/end-to-end-encryption/">security and privacy</a> page seems easy to misinterpret.

This snippet from WhatsApp’s security and privacy page seems easy to misinterpret. (credit: Jim Salter)

The loophole in WhatsApp’s end-to-end encryption is simple: The recipient of any WhatsApp message can flag it. Once flagged, the message is copied on the recipient’s device and sent as a separate message to Facebook for review.

Read 14 remaining paragraphs | Comments

#biz-it, #encrypted-messaging, #encryption, #end-to-end-encryption, #facebook, #tech, #whatsapp

UK offers cash for CSAM detection tech targeted at e2e encryption

The UK government is preparing to spend over half a million dollars to encourage the development of detection technologies for child sexual exploitation material (CSAM) that can be bolted on to end-to-end encrypted messaging platforms to scan for the illegal material, as part of its ongoing policy push around Internet and child safety.

In a joint initiative today, the Home Office and the Department for Digital, Media, Culture and Sport (DCMS) announced a “Tech Safety Challenge Fund” — which will distribute up to £425,000 (~$584k) to five organizations (£85k/$117k each) to develop “innovative technology to keep children safe in environments such as online messaging platforms with end-to-end encryption”.

A Challenge statement for applicants to the program adds that the focus is on solutions that can be deployed within e2e encrypted environments “without compromising user privacy”.

“The problem that we’re trying to fix is essentially the blindfolding of law enforcement agencies,” a Home Office spokeswoman told us, arguing that if tech platforms go ahead with their “full end-to-end encryption plans, as they currently are… we will be completely hindered in being able to protect our children online”.

While the announcement does not name any specific platforms of concern, Home Secretary Priti Patel has previously attacked Facebook’s plans to expand its use of e2e encryption — warning in April that the move could jeopardize law enforcement’s ability to investigate child abuse crime.

Facebook-owned WhatsApp also already uses e2e encryption so that platform is already a clear target for whatever ‘safety’ technologies might result from this taxpayer-funded challenge.

Apple’s iMessage and FaceTime are among other existing mainstream messaging tools which use e2e encryption.

So there is potential for very widespread application of any ‘child safety tech’ developed through this government-backed challenge. (Per the Home Office, technologies submitted to the Challenge will be evaluated by “independent academic experts”. The department was unable to provide details of who exactly will assess the projects.)

Patel, meanwhile, is continuing to apply high level pressure on the tech sector on this issue — including aiming to drum up support from G7 counterparts.

Writing in paywalled op-ed in Tory-friendly newspaper, The Telegraph, she trails a meeting she’ll be chairing today where she says she’ll push the G7 to collectively pressure social media companies to do more to address “harmful content on their platforms”.

“The introduction of end-to-end encryption must not open the door to even greater levels of child sexual abuse. Hyperbolic accusations from some quarters that this is really about governments wanting to snoop and spy on innocent citizens are simply untrue. It is about keeping the most vulnerable among us safe and preventing truly evil crimes,” she adds.

“I am calling on our international partners to back the UK’s approach of holding technology companies to account. They must not let harmful content continue to be posted on their platforms or neglect public safety when designing their products. We believe there are alternative solutions, and I know our law enforcement colleagues agree with us.”

In the op-ed, the Home Secretary singles out Apple’s recent move to add a CSAM detection tool to iOS and macOS to scan content on user’s devices before it’s uploaded to iCloud — welcoming the development as a “first step”.

“Apple state their child sexual abuse filtering technology has a false positive rate of 1 in a trillion, meaning the privacy of legitimate users is protected whilst those building huge collections of extreme child sexual abuse material are caught out. They need to see th[r]ough that project,” she writes, urging Apple to press ahead with the (currently delayed) rollout.

Last week the iPhone maker said it would delay implementing the CSAM detection system — following a backlash led by security experts and privacy advocates who raised concerns about vulnerabilities in its approach, as well as the contradiction of a ‘privacy-focused’ company carrying out on-device scanning of customer data. They also flagged the wider risk of the scanning infrastructure being seized upon by governments and states who might order Apple to scan for other types of content, not just CSAM.

Patel’s description of Apple’s move as just a “first step” is unlikely to do anything to assuage concerns that once such scanning infrastructure is baked into e2e encrypted systems it will become a target for governments to widen the scope of what commercial platforms must legally scan for.

However the Home Office’s spokeswoman told us that Patel’s comments on Apple’s CSAM tech were only intended to welcome its decision to take action in the area of child safety — rather than being an endorsement of any specific technology or approach. (And Patel does also write: “But that is just one solution, by one company. Greater investment is essential.”)

The Home Office spokeswoman wouldn’t comment on which types of technologies the government is aiming to support via the Challenge fund, either, saying only that they’re looking for a range of solutions.

She told us the overarching goal is to support ‘middleground’ solutions — denying the government is trying to encourage technologists to come up with ways to backdoor e2e encryption.

In recent years in the UK GCHQ has also floated the controversial idea of a so-called ‘ghost protocol’ — that would allow for state intelligence or law enforcement agencies to be invisibly CC’d by service providers into encrypted communications on a targeted basis. That proposal was met with widespread criticism, including from the tech industry, which warned it would undermine trust and security and threaten fundamental rights.

It’s not clear if the government has such an approach — albeit with a CSAM focus — in mind here now as it tries to encourage the development of ‘middleground’ technologies that are able to scan e2e encrypted content for specifically illegal stuff.

In another concerning development, earlier this summer, guidance put out by DCMS for messaging platforms recommended that they “prevent” the use of e2e encryption for child accounts altogether.

Asked about that, the Home Office spokeswoman told us the tech fund is “not too different” and “is trying to find the solution in between”.

“Working together and bringing academics and NGOs into the field so that we can find a solution that works for both what social media companies want to achieve and also make sure that we’re able to protect children,” said said, adding: “We need everybody to come together and look at what they can do.”

There is not much more clarity in the Home Office guidance to suppliers applying for the chance to bag a tranche of funding.

There it writes that proposals must “make innovative use of technology to enable more effective detection and/or prevention of sexually explicit images or videos of children”.

“Within scope are tools which can identify, block or report either new or previously known child sexual abuse material, based on AI, hash-based detection or other techniques,” it goes on, further noting that proposals need to address “the specific challenges posed by e2ee environments, considering the opportunities to respond at different levels of the technical stack (including client-side and server-side).”

General information about the Challenge — which is open to applicants based anywhere, not just in the UK — can be found on the Safety Tech Network website.

The deadline for applications is October 6.

Selected applicants will have five months, between November 2021 and March 2022 to deliver their projects.

When exactly any of the tech might be pushed at the commercial sector isn’t clear — but the government may be hoping that by keeping up the pressure on the tech sector platform giants will develop this stuff themselves, as Apple has been.

The Challenge is just the latest UK government initiative to bring platforms in line with its policy priorities — back in 2017, for example, it was pushing them to build tools to block terrorist content — and you could argue it’s a form of progress that ministers are not simply calling for e2e encryption to be outlawed, as they frequently have in the past.

That said, talk of ‘preventing’ the use of e2e encryption — or even fuzzy suggestions of “in between” solutions — may not end up being so very different.

What is different is the sustained focus on child safety as the political cudgel to make platforms comply. That seems to be getting results.

Wider government plans to regulate platforms — set out in a draft Online Safety bill, published earlier this year — have yet to go through parliamentary scrutiny. But in one already baked in change, the country’s data protection watchdog is now enforcing a children’s design code which stipulates that platforms need to prioritize kids’ privacy by default, among other recommended standards.

The Age Appropriate Design Code was appended to the UK’s data protection bill as an amendment — meaning it sits under wider legislation that transposed Europe’s General Data Protection Regulation (GDPR) into law, which brought in supersized penalties for violations like data breaches. And in recent months a number of social media giants have announced changes to how they handle children’s accounts and data — which the ICO has credited to the code.

So the government may be feeling confident that it has finally found a blueprint for bringing tech giants to heel.

#apple, #csam, #csam-detection, #e2e-encryption, #encrypted-communications, #encryption, #end-to-end-encryption, #europe, #facebook, #g7, #general-data-protection-regulation, #home-office, #law-enforcement, #policy, #privacy, #social-media, #tc, #uk-government, #united-kingdom, #whatsapp

WhatsApp fined $267M for not telling users how it shared data with Facebook

WhatsApp fined $267M for not telling users how it shared data with Facebook

Enlarge (credit: Stan Honda / Getty Images)

WhatsApp has been fined €225 million for breaking the EU’s data privacy law by not telling its users how it was sharing their data with its parent company Facebook.

In one of the biggest fines relating to the General Data Protection Regulation (GDPR), the Irish data regulator applied a penalty more than four times the level it had initially proposed for the messaging service after coming under pressure from other European countries.

The WhatsApp ruling came after Luxembourg fined Amazon a record €746 million in July for breaching GDPR and Ireland fined Twitter €450 million in December for not informing regulators about a data leak within 72 hours.

Read 9 remaining paragraphs | Comments

#eu, #facebook, #gdpr, #policy, #privacy, #whatsapp

WhatsApp faces $267M fine for breaching Europe’s GDPR

It’s been a long time coming but Facebook is finally feeling some heat from Europe’s much trumpeted data protection regime: Ireland’s Data Protection Commission (DPC) has just announced a €225 million (~$267M) for WhatsApp.

The Facebook-owned messaging app has been under investigation by the Irish DPC, its lead data supervisor in the European Union, since December 2018 — several months after the first complaints were fired at WhatsApp over how it processes user data under Europe’s General Data Protection Regulation (GDPR), once it begun being applied in May 2018.

Despite receiving a number of specific complaints about WhatsApp, the investigation undertaken by the DPC that’s been decided today was what’s known as an “own volition” enquiry — meaning the regulator selected the parameters of the investigation itself, choosing to fix on an audit of WhatsApp’s ‘transparency’ obligations.

A key principle of the GDPR is that entities which are processing people’s data must be clear, open and honest with those people about how their information will be used.

The DPC’s decision today (which runs to a full 266 pages) concludes that WhatsApp failed to live up to the standard required by the GDPR.

Its enquiry considered whether or not WhatsApp fulfils transparency obligations to both users and non-users of its service (WhatsApp may, for example, upload the phone numbers of non-users if a user agrees to it ingesting their phone book which contains other people’s personal data); as well as looking at the transparency the platform offers over its sharing of data with its parent entity Facebook (a highly controversial issue at the time the privacy U-turn was announced back in 2016, although it predated GDPR being applied).

In sum, the DPC found a range of transparency infringements by WhatsApp — spanning articles 5(1)(a); 12, 13 and 14 of the GDPR.

In addition to issuing a sizeable financial penalty, it has ordered WhatsApp to take a number of actions to improve the level of transparency it offer users and non-users — giving the tech giant a three-month deadline for making all the ordered changes.

In a statement responding to the DPC’s decision, WhatsApp disputed the findings and dubbed the penalty “entirely disproportionate” — as well as confirming it will appeal, writing:

“WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate. We will appeal this decision.” 

It’s worth emphasizing that the scope of the DPC enquiry which has finally been decided today was limited to only looking at WhatsApp’s transparency obligations.

The regulator was explicitly not looking into wider complaints — which have also been raised against Facebook’s data-mining empire for well over three years — about the legal basis WhatsApp claims for processing people’s information in the first place.

So the DPC will continue to face criticism over both the pace and approach of its GDPR enforcement.

 

Indeed, prior to today, Ireland’s regulator had only issued one decision in a major cross-border cases addressing ‘Big Tech’ — against Twitter when, back in December, it knuckle-tapped the social network over a historical security breach with a fine of $550k.

WhatsApp’s first GDPR penalty is, by contrast, considerably larger — reflecting what EU regulators (plural) evidently consider to be a far more serious infringement of the GDPR.

Transparency is a key principle of the regulation. And while a security breach may indicate sloppy practice, systematic opacity towards people whose data your adtech empire relies upon to turn a fat profit looks rather more intentional; indeed, it’s arguably the whole business model.

And — at least in Europe — such companies are going to find themselves being forced to be up front about what they’re doing with people’s data.

Is the GDPR working?  

The WhatsApp decision will rekindle the debate about whether the GDPR is working effectively where it counts most: Against the most powerful companies in the world, which are also of course Internet companies.

Under the EU’s flagship data protection regulation, decisions on cross border cases require agreement from all affected regulators — across the 27 Member States — so while the GDPR’s “one-stop-shop” mechanism seeks to streamline the regulatory burden for cross-border businesses by funnelling complaints and investigations via a lead regulator (typically where a company has its main legal establishment in the EU), objections can be raised to that lead supervisory authority’s conclusions (and any proposed sanctions), as has happened here in this WhatsApp case.

Ireland originally proposed a far more low-ball penalty of up to €50M for WhatsApp. However other EU regulators objected to its draft decision on a number of fronts — and the European Data Protection Board (EDPB) ultimately had to step in and take a binding decision (issued this summer) to settle the various disputes.

Through that (admittedly rather painful) joint-working, the DPC was required to increase the size of the fine issued to WhatsApp. In a mirror of what happened with its draft Twitter decision — where the DPC has also suggested an even tinier penalty in the first instance.

While there is a clear time cost in settling disputes between the EU’s smorgasbord of data protection agencies — the DPC submitted its draft WhatsApp decision to the other DPAs for review back in December, so it’s taken well over half a year to hash out all the disputes about WhatsApp’s lossy hashing and so forth — the fact that ‘corrections’ are being made to its decisions and conclusions can land — if not jointly agreed but at least arriving via a consensus getting pushed through by the EDPB — is a sign that the process, while slow and creaky, is working. At least technically.

Even so, Ireland’s data watchdog will continue to face criticism for its outsized role in handling GDPR complaints and investigations — with some accusing the DPC of essentially cherry-picking which issues to examine in detail (by its choice and framing of cases) and which to elide entirely (those issues it doesn’t open an enquiry into or complaints it simply drops or ignores), with its loudest critics arguing it’s therefore still a major bottleneck on effective enforcement of data protection rights across the EU.

The associated conclusion for that critique is that tech giants like Facebook are still getting a pretty free pass to violate Europe’s privacy rules.

But while it’s true that a $267M penalty is the equivalent of a parking ticket for Facebook’s business empire, orders to change how such adtech giants are able to process people’s information at least have the potential to be a far more significant correction on problematic business models.

Again, though, time will be needed to tell whether such wider orders are having the sought for impact.

In a statement reacting to the DPC’s WhatsApp decision today, noyb — the privacy advocacy group founded by long-time European privacy campaigner Max Schrems, said: “We welcome the first decision by the Irish regulator. However, the DPC gets about ten thousand complaints per year since 2018 and this is the first major fine. The DPC also proposed an initial €50MK fine and was forced by the other European data protection authorities to move towards €225M, which is still only 0.08% of the turnover of the Facebook Group. The GDPR foresees fines of up to 4% of the turnover. This shows how the DPC is still extremely dysfunctional.”

Schrems also noted that he and noyb still have a number of pending cases before the DPC — including on WhatsApp.

In further remarks, they raised concerns about the length of the appeals process and whether the DPC would make a muscular defence of a sanction it had been forced to increase by other EU DPAs.

“WhatsApp will surely appeal the decision. In the Irish court system this means that years will pass before any fine is actually paid. In our cases we often had the feeling that the DPC is more concerned with headlines than with actually doing the hard groundwork. It will be very interesting to see if the DPC will actually defend this decision fully, as it was basically forced to make this decision by its European counterparts. I can imagine that the DPC will simply not put many resources on the case or ‘settle’ with WhatsApp in Ireland. We will monitor this case closely to ensure that the DPC is actually following through with this decision.”

#data-protection, #data-protection-commission, #europe, #european-data-protection-board, #european-union, #facebook, #gdpr, #general-data-protection-regulation, #ireland, #noyb, #privacy, #social-media, #social-network, #transparency, #whatsapp

Telegram tops 1 billion downloads

Popular instant messaging app Telegram has joined the elite club of apps that have been downloaded over 1 billion times globally, according to Sensor Tower.

The Dubai-headquartered app, which was launched in late 2013, surpassed the milestone on Friday, the mobile insight firm told TechCrunch. As is the case with the app’s chief rival, WhatsApp, India is the largest market for Telegram. The world’s second largest internet market represents approximately 22% of its lifetime installs, Sensor Tower said.

“[India is] followed by Russia and Indonesia, which represent about 10% and 8% of [all installs], respectively. The app’s installs accelerated in 2021, reaching about 214.7 million installs in the first half of 2021, up 61% year-over-year from 133 million in H1 2020,” it added.

It’s worth noting that the number of installs doesn’t equate to the app’s active userbase. Telegram had about 500 million monthly active users as of early this year, for instance. But the surge in downloads, which coincides with WhatsApp’s poor handling of relaying its privacy policies to its massive userbase, nonetheless suggests that Telegram has enjoyed some additional attention in recent quarters.

Telegram, which earlier this year raised over $1 billion, is the 15th app worldwide to have been downloaded 1 billion times or more, Sensor Tower told TechCrunch. Other apps on the list include WhatsApp, Messenger, Facebook, Instagram, Snapchat, Spotify, and Netflix, according to Sensor Tower. (Mobile research firms don’t track the installs of most Google apps that come pre-installed on Android devices.)

Telegram didn’t immediately respond to a request for comment.

#apps, #social, #telegram, #whatsapp

Move fast and break Facebook: A bull case for antitrust enforcement

This is the second post in a series on the Facebook monopoly. The first post explored how the U.S. Federal Trade Commission should define the Facebook monopoly. I am inspired by Cloudflare’s recent post explaining the impact of Amazon’s monopoly in its industry.

Perhaps it was a competitive tactic, but I genuinely believe it more a patriotic duty: guideposts for legislators and regulators on a complex issue. My generation has watched with a combination of sadness and trepidation as legislators who barely use email question the leading technologists of our time about products that have long pervaded our lives in ways we don’t yet understand.

I, personally, and my company both stand to gain little from this — but as a participant in the latest generation of social media upstarts, and as an American concerned for the future of our democracy, I feel a duty to try.


Mark Zuckerberg has reached his Key Largo moment.

In May 1972, executives of the era’s preeminent technology company — AT&T — met at a secret retreat in Key Largo, Florida. Their company was in crisis.

At the time, Ma Bell’s breathtaking monopoly consisted of a holy trinity: Western Electric (the vast majority of phones and cables used for American telephony), the lucrative long distance service (for both personal and business use) and local telephone service, which the company subsidized in exchange for its monopoly.

Over the next decade, all three government branches — legislators, regulators and the courts — parried with AT&T’s lawyers as the press piled on, battering the company’s reputation in the process. By 1982, a consent decree forced AT&T’s dismantling. The biggest company on earth withered to 30% of its book value and seven independent “Baby Bell” regional operating companies. AT&T’s brand would live on, but the business as the world knew it was dead.

Mark Zuckerberg is, undoubtedly, the greatest technologist of our time. For over 17 years, he has outgunned, outsmarted and outperformed like no software entrepreneur before him. Earlier this month, the U.S. Federal Trade Commission refiled its sweeping antitrust case against Facebook.

Its own holy trinity of Facebook Blue, Instagram and WhatsApp is under attack. All three government branches — legislators, regulators and the courts — are gaining steam in their fight, and the press is piling on, battering the company’s reputation in the process. Facebook, the AT&T of our time, is at the brink. For so long, Zuckerberg has told us all to move fast and break things. It’s time for him to break Facebook.

If Facebook does exist to “make the world more open and connected, and not just to build a company,” as Zuckerberg wrote in the 2012 IPO prospectus, he will spin off Instagram and WhatsApp now so that they have a fighting chance. It would be the ultimate Zuckerbergian chess move. Zuckerberg would lose voting control and thus power over all three entities, but in his action he would successfully scatter the opposition. The rationale is simple:

  1. The United States government will break up Facebook. It is not a matter of if; it is a matter of when.
  2. Facebook is already losing. Facebook Blue, Instagram and WhatsApp all face existential threats. Pressure from the government will stifle Facebook’s efforts to right the ship.
  3. Facebook will generate more value for shareholders as three separate companies.

I write this as an admirer; I genuinely believe much of the criticism Zuckerberg has received is unfair. Facebook faces Sisyphean tasks. The FTC will not let Zuckerberg sneeze without an investigation, and the company has failed to innovate.

Given no chance to acquire new technology and talent, how can Facebook survive over the long term? In 2006, Terry Semel of Yahoo offered $1 billion to buy Facebook. Zuckerberg reportedly remarked, “I just don’t know if I want to work for Terry Semel.” Even if the FTC were to allow it, this generation of founders will not sell to Facebook. Unfair or not, Mark Zuckerberg has become Terry Semel.

The government will break up Facebook

It is not a matter of if; it is a matter of when.

In a speech on the floor of Congress in 1890, Senator John Sherman, the founding father of the modern American antitrust movement, famously said, “If we will not endure a king as a political power, we should not endure a king over the production, transportation and sale of any of the necessities of life. If we would not submit to an emperor, we should not submit to an autocrat of trade with power to prevent competition and to fix the price of any commodity.”

This is the sentiment driving the building resistance to Facebook’s monopoly, and it shows no sign of abating. Zuckerberg has proudly called Facebook the fifth estate. In the U.S., we only have four estates.

All three branches of the federal government are heating up their pursuit. In the Senate, an unusual bipartisan coalition is emerging, with Senators Amy Klobuchar (D-MN), Mark Warner (D-VA), Elizabeth Warren (D-MA) and Josh Hawley (R-MO) each waging a war from multiple fronts.

In the House, Speaker Nancy Pelosi (D-CA) has called Facebook “part of the problem.” Lina Khan’s FTC is likewise only getting started, with unequivocal support from the White House that feels burned by Facebook’s disingenuous lobbying. The Department of Justice will join, too, aided by state attorneys general. And the courts will continue to turn the wheels of justice, slowly but surely.

In the wake of Facebook co-founder Chris Hughes’ scathing 2019 New York Times op-ed, Zuckerberg said that Facebook’s immense size allows it to spend more on trust and safety than Twitter makes in revenue.

“If what you care about is democracy and elections, then you want a company like us to be able to invest billions of dollars per year like we are in building up really advanced tools to fight election interference,” Zuckerberg said.

This could be true, but it does not prove that the concentration of such power in one man’s hands is consistent with U.S. public policy. And the centralized operations could be rebuilt easily in standalone entities.

Time and time again, whether on Holocaust denial, election propaganda or vaccine misinformation, Zuckerberg has struggled to make quick judgments when presented with the information his trust and safety team uncovers. And even before a decision is made, the structure of the team disincentivizes it from even measuring anything that could harm Facebook’s brand. This is inherently inconsistent with U.S. democracy. The New York Times’ army of reporters will not stop uncovering scandal after scandal, contradicting Zuckerberg’s narrative. The writing is on the wall.

Facebook is losing

Facebook Blue, Instagram and WhatsApp all face existential threats. Pressure from the government will stifle Facebook’s efforts to right the ship.

For so long, Facebook has dominated the social media industry. But if you ask Chinese technology executives about Facebook today, they quote Tencent founder Pony Ma: “When a giant falls, his corpse will still be warm for a while.”

Facebook’s recent demise begins with its brand. The endless, cascading scandals of the last decade have irreparably harmed its image. Younger users refuse to adopt the flagship Facebook Blue. The company’s internal polling on two key metrics — good for the world (GFW) and cares about users (CAU) — shows Facebook’s reputation is in tatters. Talent is fleeing, too; Instacart alone recently poached 55 Facebook executives.

In 2012 and 2014, Instagram and WhatsApp were real dangers. Facebook extinguished both through acquisition. Yet today they represent the company’s two most promising, underutilized assets. They are the underinvested telephone networks of our time.

Weeks ago, Instagram head Adam Mosseri announced that the company no longer considers itself a photo-sharing app. Instead, its focus is entertainment. In other words, as the media widely reported, Instagram is changing to compete with TikTok.

TikTok’s strength represents an existential threat. U.S. children 4 to 15 already spend over 80 minutes a day on ByteDance’s TikTok, and it’s just getting started. The demographics are quickly expanding way beyond teenagers, as social products always have. For Instagram, it could be too little too late — as a part of Facebook, Instagram cannot acquire the technology and retain the talent it needs to compete with TikTok.

Imagine Instagram acquisitions of Squarespace to bolster its e-commerce offerings, or Etsy to create a meaningful marketplace. As a part of Facebook, Instagram is strategically adrift.

Likewise, a standalone WhatsApp could easily be a $100 billion market cap company. WhatsApp has a proud legacy of robust security offerings, but its brand has been tarnished by associations with Facebook. Discord’s rise represents a substantial threat, and WhatsApp has failed to innovate to account for this generation’s desire for community-driven messaging. Snapchat, too, is in many ways a potential WhatsApp killer; its young users use photography and video as a messaging medium. Facebook’s top augmented reality talents are leaving for Snapchat.

With 2 billion monthly active users, WhatApp could be a privacy-focused alternative to Facebook Blue, and it would logically introduce expanded profiles, photo-sharing capabilities and other features that would strengthen its offerings. Inside Facebook, WhatsApp has suffered from underinvestment as a potential threat to Facebook Blue and Messenger. Shareholders have suffered for it.

Beyond Instagram and WhatsApp, Facebook Blue itself is struggling. Q2’s earnings may have skyrocketed, but the increase in revenue hid a troubling sign: Ads increased by 47%, but inventory increased by just 6%. This means Facebook is struggling to find new places to run its ads. Why? The core social graph of Facebook is too old.

I fondly remember the day Facebook came to my high school; I have thousands of friends on the platform. I do not use Facebook anymore — not for political reasons, but because my friends have left. A decade ago, hundreds of people wished me happy birthday every year. This year it was 24, half of whom are over the age of 50. And I’m 32 years old. Teen girls run the social world, and many of them don’t even have Facebook on their phones.

Zuckerberg’s newfound push into the metaverse has been well covered, but the question remains: Why wouldn’t a Facebook serious about the metaverse acquire Roblox? Of course, the FTC would currently never allow it.

Facebook’s current clunky attempt at a hardware solution, with an emphasis on the workplace, shows little sign of promise. The launch was hardly propitious, as CNN reported, “While Bosworth, the Facebook executive, was in the middle of describing how he sees Workrooms as a more interactive way to gather virtually with coworkers than video chat, his avatar froze midsentence, the pixels of its digital skin turning from flesh-toned to gray. He had been disconnected.”

This is not the indomitable Facebook of yore. This is graying Facebook, freezing midsentence.

Facebook will generate more value for shareholders as three separate companies

Zuckerberg’s control of 58% of Facebook’s voting shares has forestalled a typical Wall Street reckoning: Investors are tiring of Zuckerberg’s unilateral power. Many justifiably believe the company is more valuable as the sum of its parts. The success of AT&T’s breakup is a case in point.

Five years after AT&T’s 1984 breakup, AT&T and the Baby Bells’ value had doubled compared to AT&T’s pre-breakup market capitalization. Pressure from Japanese entrants battered Western Electric’s market share, but greater competition in telephony spurred investment and innovation among the Baby Bells.

AT&T turned its focus to competing with IBM and preparing for the coming information age. A smaller AT&T became more nimble, ready to focus on the future rather than dwell on the past.

Standalone Facebook Blue, Instagram and WhatsApp could drastically change their futures by attracting talent and acquiring new technologies.

The U.K.’s recent opposition to Facebook’s $400 million GIPHY acquisition proves Facebook will struggle mightily to acquire even small bolt-ons.

Zuckerberg has always been one step ahead. And when he wasn’t, he was famously unprecious: “Copying is faster than innovating.” If he really believes in Facebook’s mission and recognizes that the situation cannot possibly get any better from here, he will copy AT&T’s solution before it is forced upon him.

Regulators are tying Zuckerberg’s hands behind his back as the company weathers body blows and uppercuts from Beijing to Silicon Valley. As Zuckerberg’s idol Augustus Caesar might have once said, carpe diem. It’s time to break Facebook.

#antitrust, #column, #congress, #facebook, #government, #instagram, #lina-khan, #mark-zuckerberg, #messenger, #opinion, #policy, #social, #social-media, #tc, #united-states, #whatsapp

LOVE unveils a modern video messaging app with a business model that puts users in control

A London-headquartered startup called LOVE, valued at $17 million following its pre-seed funding, aims to redefine how people stay in touch with close family and friends. The company is launching a messaging app that offers a combination of video calling as well as asynchronous video and audio messaging, in an ad-free, privacy-focused experience with a number of bells and whistles, including artistic filters and real-time transcription and translation features.

But LOVE’s bigger differentiator may not be its product alone, but rather the company’s mission.

LOVE aims for its product direction to be guided by its user base in a democratic fashion as opposed to having the decisions made about its future determined by an elite few at the top of some corporate hierarchy. In addition, the company’s longer-term goal is ultimately to hand over ownership of the app and its governance to its users, the company says.

These concepts have emerged as part of bigger trends towards a sort of “web 3.0,” or next phase of internet development, where services are decentralized, user privacy is elevated, data is protected, and transactions take place on digital ledgers, like a blockchain, in a more distributed fashion.

LOVE’s founders are proponents of this new model, including serial entrepreneur Samantha Radocchia, who previously founded three companies and was an early advocate for the blockchain as the co-founder of Chronicled, an enterprise blockchain company focused on the pharmaceutical supply chain.

As someone who’s been interested in emerging technology since her days of writing her anthropology thesis on currency exchanges in “Second Life’s” virtual world, she’s now faculty at Singularity University, where she’s given talks about blockchain, A.I., Internet of Things, Future of Work, and other topics. She’s also authored an introductory guide to the blockchain with her book “Bitcoin Pizza.”

Co-founder Christopher Schlaeffer, meanwhile, held a number of roles at Deutsche Telekom, including Chief Product & Innovation Officer, Corporate Development Officer, and Chief Strategy Officer, where he along with Google execs introduced the first mobile phone to run Android. He was also Chief Digital Officer at the telecommunication services company VEON.

The two crossed paths after Schlaeffer had already begun the work of organizing a team to bring LOVE to the public, which includes co-founders Chief Technologist, Jim Reeves, also previously of VEON, and Chief Designer, Timm Kekeritz, previously an interaction designer at international design firm IDEO in San Francisco, design director at IXDS, and founder of design consultancy Raureif in Berlin, among other roles.

Explained Radocchia, what attracted her to join as CEO was the potential to create a new company that upholds more positive values than what’s often seen today —  in fact, the brand name “LOVE” is a reference to this aim. She was also interested in the potential to think through what she describes as “new business models that are not reliant on advertising or harvesting the data of our users,” she says.

To that end, LOVE plans to monetize without any advertising. While the company isn’t ready to explain its business model in full, it would involve users opting in to services through granular permissions and membership, we’re told.

“We believe our users will much rather be willing to pay for services they consciously use and grant permissions to in a given context than have their data used for an advertising model which is simply not transparent,” says Radocchia.

LOVE expects to share more about the model next year.

As for the LOVE app itself, it’s a fairly polished mobile messenger offering an interesting combination of features. Like any other video chat app, you can you video call with friends and family, either in one-on-one calls or in groups. Currently, LOVE supports up to 5 call participants, but expects to expand that as it scales. The app also supports video and audio messaging for asynchronous conversations. There are already tools that offer this sort of functionality on the market, of course — like WhatsApp, with its support for audio messages, or video messenger Marco Polo. But they don’t offer quite the same expanded feature set.

Image Credits: LOVE

For starters, LOVE limits its video messages to 60 seconds for brevity’s sake. (As anyone who’s used Marco Polo knows, videos can become a bit rambling, which makes it harder to catch up when you’re behind on group chats.) In addition, LOVE allows you to both watch the video content as well as read the real-time transcription of what’s being said — the latter which comes in handy not only for accessibility’s sake, but also for those times you want to hear someone’s messages but aren’t in a private place to listen or don’t have headphones. Conversations can also be translated into 50 different languages.

“A lot of the traditional communication or messenger products are coming from a paradigm that has always been text-based,” explains Radocchia. “We’re approaching it completely differently. So while other platforms have a lot of the features that we do, I think that…the perspective that we’ve approached it has completely flipped it on its head,” she continues. “As opposed to bolting video messages on to a primarily text-based interface, [LOVE is] actually doing it in the opposite way and adding text as a sort of a magically transcribed add-on — and something that you never, hopefully, need to be typing out on your keyboard again,” she adds.

The app’s user interface, meanwhile, has been designed to encourage eye-to-eye contact with the speaker to make conversations feel more natural. It does this by way of design elements where bubbles float around as you’re speaking and the bubble with the current speaker grows to pull your focus away from looking at yourself. The company is also working with the curator of Serpentine Gallery in London, Hans Ulrich-Obrist, to create new filters that aren’t about beautification or gimmicks, but are instead focused on introducing a new form of visual expression that makes people feel more comfortable on camera.

For the time being, this has resulted in a filter that slightly abstracts your appearance, almost in the style of animation or some other form of visual arts.

The app claims to use end-to-end encryption and the automatic deletion of its content after seven days — except for messages you yourself recorded, if you’ve chosen to save them as “memorable moments.”

“One of our commitments is to privacy and the right-to-forget,” says Radocchia. “We don’t want to be or need to be storing any of this information.”

LOVE has been soft-launched on the App Store where it’s been used with a number of testers and is working to organically grow its user base through an onboarding invite mechanism that asks users to invite at least three people to join you. This same onboarding process also carefully explains why LOVE asks for permissions — like using speech recognition to create subtitles, or

LOVE says its at valuation is around $17 million USD following pre-seed investments from a combination of traditional startup investors and strategic angel investors across a variety of industries, including tech, film, media, TV, and financial services. The company will raise a seed round this fall.

The app is currently available on iOS, but an Android version will arrive later in the year. (Note that LOVE does not currently support the iOS 15 beta software, where it has issues with speech transcription and in other areas. That should be resolved next week, following an app update now in the works.)

#a-i, #android, #animation, #app-store, #apps, #berlin, #blockchain, #ceo, #chief-digital-officer, #co-founder, #computing, #curator, #deutsche-telekom, #encryption, #facebook-messenger, #financial-services, #google, #ideo, #instant-messaging, #london, #love, #marco-polo, #messenger, #mobile, #mobile-applications, #recent-funding, #san-francisco, #serial-entrepreneur, #singularity-university, #social, #social-media, #software, #speaker, #startups, #technology, #whatsapp

Messenger celebrates its 10th anniversary with new features and a plan to become the ‘connective tissue’ for real-time experiences

To celebrate its ten year anniversary, Messenger today announced a handful of new features: poll games, word effects, contact sharing, and birthday gifting via Facebook Pay. But beyond the fun features, Facebook has been testing a way to add voice and video calls back into the Facebook app, rather than on Messenger.

“We are testing audio and video calls within the Facebook app messaging experience so people can make and receive calls regardless of which app they’re using,” a representative from Facebook told TechCrunch. “This will give people on Facebook easy ways to connect with their communities where they already are.”

Although earlier in Facebook history, the Messenger app had operated as a standalone experience, Facebook tells us that it’s now starting to see Messenger less as a separate entity — more of an underlying technology that can help to power many of the new experiences Facebook is now developing.

“We’ve been focused more on real-time experiences — Watch Together, Rooms, Live Audio Rooms — and we’ve started to think of Messenger as a connective tissue regardless of the surface,” a Facebook spokesperson told us.  “This is a test, but the bigger vision is for us to unlock content and communities that may not be accessible in Messenger, and that the Facebook app is going to become more about shared real-time experiences,” they added.

Given the company’s move in recent months to integrate its underlying communication infrastructure, it should come to reason that Facebook would ultimately add more touchpoints for accessing its new Messenger-powered features inside the desktop app, as well. When asked for comment on this point, the spokesperson said the company didn’t have any details to share at this time. However, they noted that the test is a part of Facebook’s broader vision to enable more real-time experiences across Facebook’s services.

Despite the new integrations, the standalone version of Messenger isn’t going away.

Facebook says that people who want a more “full-featured” messaging, audio and video calling experience” should continue to use Messenger.

Image Credits: Messenger

As for today’s crop of new features — including polls, word effects, contact sharing, and others — the goal is to  celebrate Messenger’s ability to keep people in touch with their family a friends.

To play the new poll games, users can tap “Polls” in their group chat and select the “Most Likely To” tab — then, they can choose from questions like “most likely to miss their flight?” or “most likely to give gifts on their own birthday?”, select names of chat participants to be included as potential answers, and send the poll.

Contact sharing will make it easier to share others’ Facebook contacts through Messenger, while birthday gifting lets users send birthday-themed payments on Messenger via Facebook Pay. There will also be other “birthday expression tools,” including a birthday song soundmoji, “Messenger is 10!” sticker pack, a new balloon background, a message effect, and AR effect to celebrate Messenger’s double-digit milestone.

Image Credits: Messenger

Meanwhile, word effects lets users manually input a phrase, and any time they send a message with that phrase, an accompanying emoji will float across the screen. In an example, Messenger showed the phrase “happy birthday” accompanied with a word effect of confetti emojis flooding the screen. (That one’s pretty tame, but this could be a remarkable application of the poop emoji.) The company only shared a “sneak peak” of this feature, as it’s not rolling out immediately.

In total, Facebook is announcing a total of ten features, most of which will begin rolling out today.

Messenger has come a long way over the past decade.

Ten years ago, Facebook acqui-hired a small group messaging start-up called Beluga, started by three former Google employees (apparently, a functional group thread was a white whale back then — simpler times). Several months later, the company unveiled Messenger, a standalone messaging app.

But three years into Messenger’s existence, it was no longer an optional add-on to the Facebook experience, but a mandatory download for anyone who wanted to keep up with their friends on the go. Facebook removed the option to send messages within its flagship app, directing users to use Messenger instead. Facebook’s reasoning behind this, the company told TechCrunch at the time, was that they wanted to eliminate the confusion of having two different mobile messaging systems. Just months earlier, Facebook had spent $19 billion to acquire WhatsApp and woo international users. Though removing Messenger from the Facebook app was controversial, the app reached 1.2 billion users three years later in 2017.

Today, Facebook has declared that it wants to evolve into a “metaverse” company, and on the same day as the anti-trust filing last week, Mark Zuckerberg unveiled a product that applies virtual reality in an impressively boring way: helping people attend work meetings. This metaverse would be enabled by technologies built by Facebook’s platform team, noted Vice President of Messenger Stan Chudnovsky. However, he added that people in the metaverse will still need platforms like Messenger.

“I don’t think messaging is going anywhere, even in the metaverse, because a asynchronous communication is going to continue to exist,” Chudnovsky said. People will still need to send messages to those who aren’t currently available to chat, he explained. Plus, Chudnovsky believes this sort of communication will become even more popular with the launch of the metaverse, as the technology will help to serve as a bridge between your phone, real life, and the metaverse.

“if anything is gonna happen more, not less. Because messaging is that things that just continues to grow with every new platform leap,” he said.

Additional reporting: Sarah Perez

#apps, #computing, #facebook, #facebook-messenger, #instagram, #instant-messaging, #mark-zuckerberg, #messenger, #mobile-applications, #social, #social-media, #software, #stan-chudnovsky, #technology, #virtual-reality, #whatsapp

Homegrown app helping Kabul residents steer clear of danger

Taliban fighters stand guard in a vehicle along the roadside in Kabul on August 16, 2021.

Enlarge / Taliban fighters stand guard in a vehicle along the roadside in Kabul on August 16, 2021. (credit: Getty Images)

As Kabul fell on Sunday, 20 young Afghan tech workers tracked the Taliban’s advance, broadcasting real-time reports of gunfire, explosions, and traffic jams across the city through a new app.

Called Ehtesab, the app relies on ground-level reports from a vetted team of users to a private WhatsApp group.

The reports, which are then verified by the app’s fact checkers, range from security incidents, such as fires, gunshots and bombings, to road closures and traffic problems to electricity cuts. Sara Wahedi, the 26-year-old founder of the app, said the team tried to confirm the reports with the interior ministry, “when it used to exist.”

Read 17 remaining paragraphs | Comments

#ehtesab, #kabul, #policy, #tech, #whatsapp

Social platforms wrestle with what to do about the Taliban

With the hasty U.S. military withdrawal from Afghanistan underway after two decades occupying the country, social media platforms have a complex new set of policy decisions to make.

The Taliban has been social media-savvy for years, but those companies will face new questions as the notoriously brutal, repressive group seeks to present itself as Afghanistan’s legitimate governing body to the rest of the world. Given its ubiquity among political leaders and governments, social media will likely play an even more central role for the Taliban as it seeks to cement control and move toward governing.

Facebook has taken some early precautions to protect its users from potential reprisals as the Taliban seizes power. Through Twitter, Facebook’s Nathaniel Gleicher announced a set of new measures the platform rolled out over the last week. The company added a “one-click” way for people in Afghanistan to instantly lock their accounts, hiding posts on their timeline and preventing anyone they aren’t friends with from downloading or sharing their profile picture.

Facebook also removed the ability for users to view and search anyone’s friends list for people located in Afghanistan. On Instagram, pop-up alerts will provide Afghanistan-based users with information on how to quickly lock down their accounts.

The Taliban has long been banned on Facebook under the company’s rules against dangerous organizations. “The Taliban is sanctioned as a terrorist organization under US law… This means we remove accounts maintained by or on behalf of the Taliban and prohibit praise, support, and representation of them,” a Facebook spokesperson told the BBC.

The Afghan Taliban is actually not designated as a foreign terrorist organization by the U.S. State Department, but the Taliban operating out of Pakistan has held that designation since 2010. While it doesn’t appear on the list of foreign terrorist organizations, the Afghanistan-based Taliban is defined as a terror group according to economic sanctions that the U.S. put in place after 9/11.

While the Taliban is also banned from Facebook-owned WhatsApp, the platform’s end-to-end encryption makes enforcing those rules on WhatsApp more complex. WhatsApp is ubiquitous in Afghanistan and both the Afghan military and the Taliban have relied on the chat app to communicate in recent years. Though Facebook doesn’t allow the Taliban on its platforms, the group turned to WhatsApp to communicate its plans to seize control to the Afghan people and discourage resistance in what was a shockingly swift and frictionless sprint to power. The Taliban even set up WhatsApp number as a sort of help line for Afghans to report violence or crime, but Facebook quickly shut down the account.

Earlier this week, Facebook’s VP of content policy Monika Bickert noted that even if the U.S. does ultimately remove the Taliban from its lists of sanctioned terror groups, the platform would reevaluate and make its own decision. “… We would have to do a policy analysis on whether or not they nevertheless violate our dangerous organizations policy,” Bickert said.

Like Facebook, YouTube maintains that the Taliban is banned from its platform. YouTube’s own decision also appears to align with sanctions and could be subject to change if the U.S. approach to the Taliban shifts.

“YouTube complies with all applicable sanctions and trade compliance laws, including relevant U.S. sanctions,” a YouTube spokesperson told TechCrunch. “As such, if we find an account believed to be owned and operated by the Afghan Taliban, we terminate it. Further, our policies prohibit content that incites violence.”

On Twitter, Taliban spokesperson Zabihullah Mujahid has continued to share regular updates about the group’s activities in Kabul. Another Taliban representative, Qari Yousaf Ahmadi, also freely posts on the platform. Unlike Facebook and YouTube, Twitter doesn’t have a blanket ban on the group but will enforce its policies on a post-by-post basis.

If the Taliban expands its social media footprint, other platforms might be facing the same set of decisions. TikTok did not respond to TechCrunch’s request for comment, but previously told NBC that it considers the Taliban a terrorist organization and does not allow content that promotes the group.

The Taliban doesn’t appear to have a foothold beyond the most mainstream social networks, but it’s not hard to imagine the former insurgency turning to alternative platforms to remake its image as the world looks on.

While Twitch declined to comment on what it might do if the group were to use the platform, it does have a relevant policy that takes “off-service conduct” into account when banning users. That policy was designed to address reports of abusive behavior and sexual harassment among Twitch streamers.

The new rules also apply to accounts linked to violent extremism, terrorism, or other serious threats, whether those actions take place on or off Twitch. That definition would likely preclude the Taliban from establishing a presence on the platform, even if the U.S. lifts sanctions or changes its terrorist designations in the future.

#afghanistan, #encryption, #facebook, #kabul, #military, #pakistan, #social, #social-media, #social-media-platforms, #spokesperson, #taliban, #tc, #united-states, #whatsapp

Today’s real story: The Facebook monopoly

Facebook is a monopoly. Right?

Mark Zuckerberg appeared on national TV today to make a “special announcement.” The timing could not be more curious: Today is the day Lina Khan’s FTC refiled its case to dismantle Facebook’s monopoly.

To the average person, Facebook’s monopoly seems obvious. “After all,” as James E. Boasberg of the U.S. District Court for the District of Columbia put it in his recent decision, “No one who hears the title of the 2010 film ‘The Social Network’ wonders which company it is about.” But obviousness is not an antitrust standard. Monopoly has a clear legal meaning, and thus far Lina Khan’s FTC has failed to meet it. Today’s refiling is much more substantive than the FTC’s first foray. But it’s still lacking some critical arguments. Here are some ideas from the front lines.

To the average person, Facebook’s monopoly seems obvious. But obviousness is not an antitrust standard.

First, the FTC must define the market correctly: personal social networking, which includes messaging. Second, the FTC must establish that Facebook controls over 60% of the market — the correct metric to establish this is revenue.

Though consumer harm is a well-known test of monopoly determination, our courts do not require the FTC to prove that Facebook harms consumers to win the case. As an alternative pleading, though, the government can present a compelling case that Facebook harms consumers by suppressing wages in the creator economy. If the creator economy is real, then the value of ads on Facebook’s services is generated through the fruits of creators’ labor; no one would watch the ads before videos or in between posts if the user-generated content was not there. Facebook has harmed consumers by suppressing creator wages.

A note: This is the first of a series on the Facebook monopoly. I am inspired by Cloudflare’s recent post explaining the impact of Amazon’s monopoly in their industry. Perhaps it was a competitive tactic, but I genuinely believe it more a patriotic duty: guideposts for legislators and regulators on a complex issue. My generation has watched with a combination of sadness and trepidation as legislators who barely use email question the leading technologists of our time about products that have long pervaded our lives in ways we don’t yet understand. I, personally, and my company both stand to gain little from this — but as a participant in the latest generation of social media upstarts, and as an American concerned for the future of our democracy, I feel a duty to try.

The problem

According to the court, the FTC must meet a two-part test: First, the FTC must define the market in which Facebook has monopoly power, established by the D.C. Circuit in Neumann v. Reinforced Earth Co. (1986). This is the market for personal social networking services, which includes messaging.

Second, the FTC must establish that Facebook controls a dominant share of that market, which courts have defined as 60% or above, established by the 3rd U.S. Circuit Court of Appeals in FTC v. AbbVie (2020). The right metric for this market share analysis is unequivocally revenue — daily active users (DAU) x average revenue per user (ARPU). And Facebook controls over 90%.

The answer to the FTC’s problem is hiding in plain sight: Snapchat’s investor presentations:

Snapchat July 2021 investor presentation: Significant DAU and ARPU Opportunity

Snapchat July 2021 investor presentation: Significant DAU and ARPU Opportunity. Image CreditsSnapchat

This is a chart of Facebook’s monopoly — 91% of the personal social networking market. The gray blob looks awfully like a vast oil deposit, successfully drilled by Facebook’s Standard Oil operations. Snapchat and Twitter are the small wildcatters, nearly irrelevant compared to Facebook’s scale. It should not be lost on any market observers that Facebook once tried to acquire both companies.

The market Includes messaging

The FTC initially claimed that Facebook has a monopoly of the “personal social networking services” market. The complaint excluded “mobile messaging” from Facebook’s market “because [messaging apps] (i) lack a ‘shared social space’ for interaction and (ii) do not employ a social graph to facilitate users’ finding and ‘friending’ other users they may know.”

This is incorrect because messaging is inextricable from Facebook’s power. Facebook demonstrated this with its WhatsApp acquisition, promotion of Messenger and prior attempts to buy Snapchat and Twitter. Any personal social networking service can expand its features — and Facebook’s moat is contingent on its control of messaging.

The more time in an ecosystem the more valuable it becomes. Value in social networks is calculated, depending on whom you ask, algorithmically (Metcalfe’s law) or logarithmically (Zipf’s law). Either way, in social networks, 1+1 is much more than 2.

Social networks become valuable based on the ever-increasing number of nodes, upon which companies can build more features. Zuckerberg coined the “social graph” to describe this relationship. The monopolies of Line, Kakao and WeChat in Japan, Korea and China prove this clearly. They began with messaging and expanded outward to become dominant personal social networking behemoths.

In today’s refiling, the FTC explains that Facebook, Instagram and Snapchat are all personal social networking services built on three key features:

  1. “First, personal social networking services are built on a social graph that maps the connections between users and their friends, family, and other personal connections.”
  2. “Second, personal social networking services include features that many users regularly employ to interact with personal connections and share their personal experiences in a shared social space, including in a one-to-many ‘broadcast’ format.”
  3. “Third, personal social networking services include features that allow users to find and connect with other users, to make it easier for each user to build and expand their set of personal connections.”

Unfortunately, this is only partially right. In social media’s treacherous waters, as the FTC has struggled to articulate, feature sets are routinely copied and cross-promoted. How can we forget Instagram’s copying of Snapchat’s stories? Facebook has ruthlessly copied features from the most successful apps on the market from inception. Its launch of a Clubhouse competitor called Live Audio Rooms is only the most recent example. Twitter and Snapchat are absolutely competitors to Facebook.

Messaging must be included to demonstrate Facebook’s breadth and voracious appetite to copy and destroy. WhatsApp and Messenger have over 2 billion and 1.3 billion users respectively. Given the ease of feature copying, a messaging service of WhatsApp’s scale could become a full-scale social network in a matter of months. This is precisely why Facebook acquired the company. Facebook’s breadth in social media services is remarkable. But the FTC needs to understand that messaging is a part of the market. And this acknowledgement would not hurt their case.

The metric: Revenue shows Facebook’s monopoly

Boasberg believes revenue is not an apt metric to calculate personal networking: “The overall revenues earned by PSN services cannot be the right metric for measuring market share here, as those revenues are all earned in a separate market — viz., the market for advertising.” He is confusing business model with market. Not all advertising is cut from the same cloth. In today’s refiling, the FTC correctly identifies “social advertising” as distinct from the “display advertising.”

But it goes off the deep end trying to avoid naming revenue as the distinguishing market share metric. Instead the FTC cites “time spent, daily active users (DAU), and monthly active users (MAU).” In a world where Facebook Blue and Instagram compete only with Snapchat, these metrics might bring Facebook Blue and Instagram combined over the 60% monopoly hurdle. But the FTC does not make a sufficiently convincing market definition argument to justify the choice of these metrics. Facebook should be compared to other personal social networking services such as Discord and Twitter — and their correct inclusion in the market would undermine the FTC’s choice of time spent or DAU/MAU.

Ultimately, cash is king. Revenue is what counts and what the FTC should emphasize. As Snapchat shows above, revenue in the personal social media industry is calculated by ARPU x DAU. The personal social media market is a different market from the entertainment social media market (where Facebook competes with YouTube, TikTok and Pinterest, among others). And this too is a separate market from the display search advertising market (Google). Not all advertising-based consumer technology is built the same. Again, advertising is a business model, not a market.

In the media world, for example, Netflix’s subscription revenue clearly competes in the same market as CBS’ advertising model. News Corp.’s acquisition of Facebook’s early competitor MySpace spoke volumes on the internet’s potential to disrupt and destroy traditional media advertising markets. Snapchat has chosen to pursue advertising, but incipient competitors like Discord are successfully growing using subscriptions. But their market share remains a pittance compared to Facebook.

An alternative pleading: Facebook’s market power suppresses wages in the creator economy

The FTC has correctly argued for the smallest possible market for their monopoly definition. Personal social networking, of which Facebook controls at least 80%, should not (in their strongest argument) include entertainment. This is the narrowest argument to make with the highest chance of success.

But they could choose to make a broader argument in the alternative, one that takes a bigger swing. As Lina Khan famously noted about Amazon in her 2017 note that began the New Brandeis movement, the traditional economic consumer harm test does not adequately address the harms posed by Big Tech. The harms are too abstract. As White House advisor Tim Wu argues in “The Curse of Bigness,” and Judge Boasberg acknowledges in his opinion, antitrust law does not hinge solely upon price effects. Facebook can be broken up without proving the negative impact of price effects.

However, Facebook has hurt consumers. Consumers are the workers whose labor constitutes Facebook’s value, and they’ve been underpaid. If you define personal networking to include entertainment, then YouTube is an instructive example. On both YouTube and Facebook properties, influencers can capture value by charging brands directly. That’s not what we’re talking about here; what matters is the percent of advertising revenue that is paid out to creators.

YouTube’s traditional percentage is 55%. YouTube announced it has paid $30 billion to creators and rights holders over the last three years. Let’s conservatively say that half of the money goes to rights holders; that means creators on average have earned $15 billion, which would mean $5 billion annually, a meaningful slice of YouTube’s $46 billion in revenue over that time. So in other words, YouTube paid creators a third of its revenue (this admittedly ignores YouTube’s non-advertising revenue).

Facebook, by comparison, announced just weeks ago a paltry $1 billion program over a year and change. Sure, creators may make some money from interstitial ads, but Facebook does not announce the percentage of revenue they hand to creators because it would be insulting. Over the equivalent three-year period of YouTube’s declaration, Facebook has generated $210 billion in revenue. one-third of this revenue paid to creators would represent $70 billion, or $23 billion a year.

Why hasn’t Facebook paid creators before? Because it hasn’t needed to do so. Facebook’s social graph is so large that creators must post there anyway — the scale afforded by success on Facebook Blue and Instagram allows creators to monetize through directly selling to brands. Facebooks ads have value because of creators’ labor; if the users did not generate content, the social graph would not exist. Creators deserve more than the scraps they generate on their own. Facebook suppresses creators’ wages because it can. This is what monopolies do.

Facebook’s Standard Oil ethos

Facebook has long been the Standard Oil of social media, using its core monopoly to begin its march upstream and down. Zuckerberg announced in July and renewed his focus today on the metaverse, a market Roblox has pioneered. After achieving a monopoly in personal social media and competing ably in entertainment social media and virtual reality, Facebook’s drilling continues. Yes, Facebook may be free, but its monopoly harms Americans by stifling creator wages. The antitrust laws dictate that consumer harm is not a necessary condition for proving a monopoly under the Sherman Act; monopolies in and of themselves are illegal. By refiling the correct market definition and marketshare, the FTC stands more than a chance. It should win.

A prior version of this article originally appeared on Substack.

#amazon, #apps, #cloudflare, #column, #facebook, #federal-trade-commission, #google, #lina-khan, #mark-zuckerberg, #messenger, #monopoly, #opinion, #pinterest, #policy, #snapchat, #social, #social-media, #social-networks, #startups, #tc, #twitter, #whatsapp

WhatsApp shuts down Taliban helpline in Kabul

Experts in the region said shutting down the WhatsApp numbers was "absurd" and "unhelpful."

Enlarge / Experts in the region said shutting down the WhatsApp numbers was “absurd” and “unhelpful.” (credit: SOPA Images | Getty Images)

WhatsApp has shut down a complaints helpline set up by the Taliban when it took control of Kabul, after the messaging app came under pressure to block the group from using its services.

The complaints number was supposed to act as an emergency hotline for civilians to report violence, looting or other problems. The Taliban advertised the helpline on Sunday when it captured the city, and has used similar WhatsApp hotlines in the past, for example when it took over the city of Kunduz in 2016.

After taking Kabul, the Taliban pledged to create a stable government and not to harm the “life, property and honor” of citizens.

Read 15 remaining paragraphs | Comments

#afghanistan, #biz-it, #facebook, #policy, #taliban, #whatsapp

T-Mobile confirms it was hacked after customer data posted online

T-Mobile has confirmed “unauthorized access” to its systems, days after a portion of customer data was listed for sale on a known cybercriminal forum.

The U.S. cell giant, which last year completed a $26 billion merger with Sprint, confirmed an intrusion but that it has “not yet determined that there is any personal customer data involved.” The company said that its investigation will “take some time,” and no timeline was given.

“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed,” the company said.

Vice reported this weekend that T-Mobile was investigating a possible intrusion after a seller was claiming to be in possession of millions of records. The seller told Vice that they had 100 million records on T-Mobile customers, which included customer account names, phone numbers, the IMEI numbers of phones on the account, and Social Security number and driver’s license information — details that the company often collects to verify the identities of its customers.

Vice verified a sample of the records from the seller, suggesting the data is in at least partially valid.

The forum post, which TechCrunch has seen, asks for 6 bitcoin, or about $275,000, for data on a 30 million subset of customer data. The data was allegedly obtained from a T-Mobile-run database server that was connected to the internet, according to a screenshot posted by Bleeping Computer, which also reported that the seller has the IMEI database “going back to 2004.” IMEI and ISMI numbers can be used to uniquely identify and locate a cellphone user.

An earlier post seen by TechCrunch from the same seller and using the same sample of data claimed to have 124 million records, but still did not name T-Mobile as the source of the data. The post was deleted in the past few days.

This is by our count the fifth time that T-Mobile was hacked in recent years.

In January, T-Mobile said it had a data breach that saw cybercriminals steal about 200,000 call records and other subscriber data. Last year, T-Mobile had two incidents — it admitted a breach on its email systems that saw hackers access some T-Mobile employee email accounts and access customer data; and a breach of a million prepaid customers’ personal and billing information months later. In 2018, T-Mobile said as many as two million customers may have had their personal information scraped.


You can send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop.

#deutsche-telekom, #driver, #securedrop, #security, #sprint, #t-mobile, #t-mobile-uk, #technology, #telecommunications, #telephony, #united-states, #whatsapp

Facebook brings end-to-end encryption to Messenger calls and Instagram DMs

Facebook has extended the option of using end-to-end encryption for Messenger voice calls and video calls.

End-to-end encryption (E2EE) — a security feature that prevents third-parties from eavesdropping on calls and chats — has been available for text conversations on Facebook’s flagship messaging service since 2016. Although the company has faced pressure to roll back its end-to-end encryption plans, Facebook is now extending this protection to both voice and video calls on Messenger, which means that “nobody else, including Facebook, can see or listen to what’s sent or said.”

“End-to-end encryption is already widely used by apps like WhatsApp to keep personal conversations safe from hackers and criminals,” Ruth Kricheli, director of product management for Messenger, said in a blog post on Friday. “It’s becoming the industry standard and works like a lock and key, where just you and the people in the chat or call have access to the conversation.”

Facebook has some other E2EE features in the works, too. It’s planning to start public tests of end-to-end encryption for group chats and calls in Messenger in the coming weeks and is also planning a limited test of E2EE for Instagram direct messages. Those involved in the trial will be able to opt-in to end-to-end encrypted messages and calls for one-on-one conversations carried out on the photo-sharing platform.

Beyond encryption, the social networking giant is also updating its expiring messages feature, which is similar to the ephemeral messages feature available on Facebook-owned WhatsApp. It’s now offering more options for people in the chat to choose the amount of time before all new messages disappear, from as few as 5 seconds to as long as 24 hours.

“People expect their messaging apps to be secure and private, and with these new features, we’re giving them more control over how private they want their calls and chats to be,” Kricheli added.

News of Facebook ramping up its E2EE rollout plans comes just days after the company changed its privacy settings — again.

#apps, #computing, #e2ee, #encryption, #end-to-end-encryption, #facebook, #facebook-messenger, #instagram, #messenger, #mobile-applications, #operating-systems, #product-management, #security, #social-media, #software, #whatsapp

WhatsApp and other social media platforms restricted in Zambia amidst ongoing elections

Several users from Zambia have taken to Twitter informing the general public that WhatsApp has been restricted in the country amidst ongoing general elections holding today.

The president and parliamentary elections culminate in a face-off between current President Edgar Lungu and opposition Hakainde Hichilema.

Internet monitoring organization Netblocks further corroborated these reports adding that multiple internet providers in Zambia had restricted access to the American social messaging platform. Some of these networks include Zambian government-owned Zamtel, Airtel Zambia, Liquid Telecom, and MTN.

Just this week, reports circulated that the Zambian government had threatened to shut down the internet if Zambians “failed to use the cyberspace during this year’s election correctly.” The reports say the government intended to go through with its plans from Thursday, the polling day, till Sunday, when vote counts are expected to have ended.

However, the Zambian government, via its Information and Broadcasting Services Permanent Secretary, Amos Malupenga, came out to deny the reports, calling them ‘malicious.’ Nevertheless, he mentioned that the government would not tolerate abuse of the internet and if any mischief occurred, there would be no hesitation to take appropriate measures.

“The government, therefore, expects citizens to use the internet responsibly. But if some people choose to abuse the internet to mislead and misinform, the government will not hesitate to invoke relevant legal provisions to forestall any breakdown of law and order as the country passes through the election period,” Malupenga said.

Zambia isn’t the first African country to witness this during an election as social media restrictions and internet shutdowns are now a recurring theme for most African states.

Countries like Cameroon, Congo, Uganda, Tanzania, Guinea, Togo, Benin, Mali, Mauritania have faced social media restrictions and internet shutdowns during elections. A handful of others like Chad, Nigeria, and Ethiopia, on the other hand, have experienced similar restrictions for unrelating events.

Most governments argue that they carry out social media restrictions and internet shutdowns to maintain security during elections; however, it’s glaring to see the process as a means to curb the spread of vital information among voters and the media within and outside the country.

Today’s event shows that despite denying reports about an imminent internet shutdown, the Zambian government is heading in that direction by first cutting off WhatsApp. While writing on the WhatsApp restriction, Netblocks also reported that the Zambian government has proceeded to restrict other social media platforms, including Facebook, Instagram, Messenger, and Twitter.

Still, internet users in Zambia are now using VPN services to bypass the restrictions on WhatsApp and these other social media platforms. Yet, it remains to be seen if the government will enforce a full internet shutdown.

#africa, #airtel, #cameroon, #elections, #ethiopia, #instagram, #liquid-telecom, #messenger, #netblocks, #nigeria, #social-media-platforms, #tanzania, #tc, #uganda, #vpn, #whatsapp, #zambia

WhatsApp gains the ability to transfer chat history between mobile operating systems

WhatsApp users will finally be able to move their entire chat history between mobile operating systems — something that’s been one of users’ biggest requests to date. The company today introduced a feature that will soon become available to users of both iOS and Android devices, allowing them to move their WhatsApp voice notes, photos, and conversations securely between devices when they switch between mobile operating systems.

The company had been rumored to be working on such functionality for some time, but the details of which devices would be initially supported or when it would be released weren’t yet known.

In product leaks, WhatsApp had appeared to be working on an integration into Android’s built-in transfer app, the Google Data Transfer Tool, which lets users move their files from one Android device to another, or switch from iOS to Android.

The feature WhatsApp introduced today, however, works with Samsung devices and Samsung’s own transfer tool, known as Smart Switch. Today, Smart Switch helps users transfer contacts, photos, music, messages, notes, calendars, and more to Samsung Galaxy devices. Now, it will transfer WhatsApp chat history, too.

WhatsApp showed off the new tool at Samsung’s Galaxy Unpacked event, and announced Samsung’s newest Galaxy foldable devices would get the feature first in the weeks to come. The feature will later roll out to Android more broadly. WhatsApp didn’t say when iOS users would gain access.

To use the feature, WhatsApp users will connect their old and new device together via a USB-C to Lightning cable, and launch Smart Switch. The new phone will then prompt you to scan a QR code using your old phone and export your WhatsApp history. To complete the transfer, you’ll sign into WhatsApp on the new device and import the messages.

Building such a feature was non-trivial, the company also explained, as messages across its service are end-to-end encrypted by default and stored on users’ devices. That meant the creation of a tool to move chat history between operating systems required additional work from both WhatsApp as well as operating system and device manufacturers in order to build it in a secure way, the company said.

“Your WhatsApp messages belong to you. That’s why they are stored on your phone by default, and not accessible in the cloud like many other messaging services,” noted Sandeep Paruchuri, product manager at WhatsApp, in a statement about the launch. “We’re excited for the first time to make it easy for people to securely transfer their WhatsApp history from one operating system to another. This has been one of our most requested features from users for years and we worked together with operating systems and device manufacturers to solve it,” he added.

 

#android, #apps, #chat, #computing, #galaxy, #google, #messaging, #mobile, #mobile-applications, #operating-system, #operating-systems, #privacy, #product-manager, #samsung, #samsung-electronics, #samsung-unpacked, #security, #social, #social-media, #software, #whatsapp

Signal now lets you choose disappearing messages by default for new chats

The encrypted chat app Signal is adding a few new options for users looking to lock down their messages. The app will now allow anyone to turn on a default timer for disappearing messages, automatically applying the settings to any newly initiated conversations.

Signal’s disappearing messages option deletes chats for both the sender and receiver after a set amount of time passes. Previously, you had to toggle the option on and select an interval for each individual conversation, which made it easy to overlook the extra privacy feature if you had a lot of chats going at once.

Signal is also adding more options for how long disappearing messages stick around before evaporating. The app’s users can now select an interval up to four weeks and as low as 30 seconds. You can even lower than to a single second in the app’s custom time options.

On any chat app, it’s important to remember that disappearing messages vanish from the user interface but that doesn’t mean they’re gone for good. Anything you share online can live on indefinitely via screenshots or through someone taking a photo of an app’s screen with another device.

Signal wants its users to keep this in mind, noting that the disappearing message options are best for saving storage space and keeping conversation history to a minimum, just in case. “This is not for situations where your contact is your adversary,” the company wrote in a blog post.

The app remains one of the most popular end-to-end encrypted messaging options to date and earlier this year even managed to absorb some WhatsApp users who grew skittish over data sharing policy changes at Facebook.

The privacy-minded messaging app is very well regarded for its strong feature set and the company’s independence, though Signal remains relatively small compared to Facebook’s own end-to-end encrypted WhatsApp, which the company acquired in 2014. As of December 2020, Signal boasted around 20 million monthly active users, while WhatsApp hit 2 billion users early last year.

#computing, #end-to-end-encryption, #mobile-applications, #operating-systems, #signal, #social, #social-media, #software, #tc, #whatsapp

Twitter now in compliance with India’s new IT rules, government says

Twitter is now complying with India’s new IT rules, New Delhi told a court Tuesday, in a move that is expected to ease months-long tension between the American social media network and the government of the key overseas market.

A lawyer representing the Indian government told the Delhi High Court that Twitter’s recent steps — appointment of chief compliance officer, nodal contact person and resident grievance officer in the country — have made the social network “prima facie” compliant with the new law.

A Twitter spokesperson in India didn’t immediately return a text.

India’s new IT rules, which were unveiled in February this year, mandates significant social media firms, among other things, to appoint officials to address on-ground concerns in the country.

Facebook and Google complied with this requirement in May, when the proposed rules went into effect in the South Asian market.

Twitter, which was facing heat from the Indian government for not blocking some tweets that the Indian government had deemed objectionable, had requested additional few months to comply with the new rules and in the meantime vacated the required roles with temporary staff.

Tension has been brewing between the two for several months. Twitter labeled a tweet from Sambit Patra, the spokesperson of India’s ruling party BJP, in May as “manipulated media.” Days later, a special squad of Delhi police that investigates terrorism and other crimes made a surprise visit to two of Twitter’s offices in the country to seek information about Twitter’s rationale to term Patra’s tweets as manipulated.

Twitter at the time said it was “concerned by recent events regarding our employees in India and the potential threat to freedom of expression for the people we serve.”

The firm’s slow-efforts to comply with the new IT rules had cost the firm liability protection in the country last month, the Indian government said earlier. Internet services enjoy what is broadly referred to as “safe harbor” protection that say that tech platforms won’t be held liable for the things their users post or share online.

The new rules also require significant social media firms operating encrypted messaging services to devise a way to trace originator of messages for special cases. Several firms including Facebook’s WhatsApp and Signal have not complied with this requirement. WhatsApp has sued the Indian government over this requirement.

This is a developing story. More to follow…

#apple, #asia, #facebook, #government, #india, #signal, #social, #twitter, #twitter-india, #whatsapp

WhatsApp photos and videos can now disappear after a single viewing

WhatsApp said that it would soon let users send disappearing photos and videos and this week the feature will be rolling out to everybody. Anyone using the Facebook-owned messaging app can share a photo or video in “view once” mode, allowing a single viewing before the media in question goes poof. Media shared with “view once” selected will show up as opened after the intended audience takes a peek.

The company notes that the new feature could be helpful for an array of needs that definitely aren’t sending nudes, like sharing a photo of some clothes you tried on or giving someone your wifi password. In the fine print, the company would like to remind you that just because the photos or video will vanish, that doesn’t prevent someone from taking a screenshot (and you won’t know if they do).

Facebook says the new feature is a step to give users “even more control over their privacy,” a song it’s been singing since Mark Zuckerberg first declared a new “privacy-focused vision” for the company back in 2019. Facebook has made a few gestures toward letting people wrest control of their online privacy since then, streamlining audience controls on its core app and enabling disappearing messages in WhatsApp.

The company has also been talking a big game about bringing end-to-end encryption to its full stable of messaging services, which it plans to make interoperable in the future. WhatsApp enabled end-to-end encryption by default back in 2016, but for Messenger and Instagram, the hallmark privacy measure could still be years out.

#encryption, #facebook, #mark-zuckerberg, #messenger, #mobile-applications, #online-privacy, #private-message, #social, #social-media, #tc, #whatsapp

Facebook warns of ‘headwinds’ to its ad business from regulators and Apple

Facebook posted its second quarter earnings Wednesday, beating expectations with $29 billion in revenue.

The world’s biggest social media company was expected to report $27.8 billion in revenue for the quarter, a 50 percent increase from the same period in 2020. Facebook reported earnings per share of $3.61, which also bested expectations.

In the first financial period to really reflect a return to quasi-economic normalcy after a very online pandemic year, Facebook met user growth expectations. At the end of March, Facebook boasted 2.85 billion monthly active users across its network of apps. At the end of its second quarter, Facebook reported 2.9 billion monthly active users, roughly what was expected.

The company’s shares opened at $375 on Wednesday morning and were down to $360 in a dip following the earnings report.

In spite of a strong quarter, Facebook is warning of change ahead — namely impacts to its massive ad business, which generated $28.5 billion out of the company’s $29 billion this quarter. The company specifically named privacy-focused updates to Apple’s mobile operating system as a threat to its business.

“We continue to expect increased ad targeting headwinds in 2021 from regulatory and platform changes, notably the recent iOS updates, which we expect to have a greater impact in the third quarter compared to the second quarter,” the company stated its investor report outlook.

 

No matter what Facebook planned to report Wednesday, the company is a financial beast. Bad press and user mistrust in the West haven’t done much to hurt its bottom line and the company’s ad business is looking as dominant as ever. Short of meaningful antitrust reform in the U.S. or a surging competitor, there’s little to stand in Facebook’s way. The former might still be a long shot given partisan gridlock in Congress, even with the White House involved, but Facebook is finally facing a threat from the latter.

For years, it’s been difficult to imagine a social media platform emerging as a proper rival to the company, given Facebook’s market dominance and nasty habit of acquiring competitors or brazenly copying their innovations, but it’s clear that TikTok is turning into just that. YouTube is huge, but the platforms matured in parallel and co-exist, offering complementary experiences.

TikTok hit 700 million monthly active users in July 2020 and surpassed three billions global downloads earlier this month, becoming the only non-Facebook owned app to do so, according to data from Sensor Tower. If the famously addictive short form video app can successfully siphon off some of the long hours that young users spend on Instagram and Facebook’s other platforms and make itself a cozy home for brands in the process, the big blue giant out of Menlo Park might finally have something to lose sleep over.

#computing, #congress, #earnings, #facebook, #facebook-stories, #instagram, #messenger, #mobile-applications, #operating-systems, #sensor-tower, #social, #social-media, #software, #tc, #united-states, #whatsapp, #white-house

This tool tells you if NSO’s Pegasus spyware targeted your phone

Over the weekend, an international consortium of news outlets reported that several authoritarian governments — including Mexico, Morocco and the United Arab Emirates — used spyware developed by NSO Group to hack into the phones of thousands of their most vocal critics, including journalists, activists, politicians and business executives.

A leaked list of 50,000 phone numbers of potential surveillance targets was obtained by Paris-based journalism nonprofit Forbidden Stories and Amnesty International and shared with the reporting consortium, including The Washington Post and The Guardian. Researchers analyzed the phones of dozens of victims to confirm they were targeted by the NSO’s Pegasus spyware, which can access all of the data on a person’s phone. The reports also confirm new details of the government customers themselves, which NSO Group closely guards. Hungary, a member of the European Union where privacy from surveillance is supposed to be a fundamental right for its 500 million residents, is named as an NSO customer.

The reporting shows for the first time how many individuals are likely targets of NSO’s intrusive device-level surveillance. Previous reporting had put the number of known victims in the hundreds or more than a thousand.

NSO Group sharply rejected the claims. NSO has long said that it doesn’t know who its customers target, which it reiterated in a statement to TechCrunch on Monday.

Researchers at Amnesty, whose work was reviewed by the Citizen Lab at the University of Toronto, found that NSO can deliver Pegasus by sending a victim a link which when opened infects the phone, or silently and without any interaction at all through a “zero-click” exploit, which takes advantage of vulnerabilities in the iPhone’s software. Citizen Lab researcher Bill Marczak said in a tweet that NSO’s zero-clicks worked on iOS 14.6, which until today was the most up-to-date version.

Amnesty’s researchers showed their work by publishing meticulously detailed technical notes and a toolkit that they said may help others identify if their phones have been targeted by Pegasus.

The Mobile Verification Toolkit, or MVT, works on both iPhones and Android devices, but slightly differently. Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones. MVT will let you take an entire iPhone backup (or a full system dump if you jailbreak your phone) and feed in for any indicators of compromise (IOCs) known to be used by NSO to deliver Pegasus, such as domain names used in NSO’s infrastructure that might be sent by text message or email. If you have an encrypted iPhone backup, you can also use MVT to decrypt your backup without having to make a whole new copy.

The Terminal output from the MVT toolkit, which scans iPhone and Android backup files for indicators of compromise. (Image: TechCrunch)

The toolkit works on the command line, so it’s not a refined and polished user experience and requires some basic knowledge of how to navigate the terminal. We got it working in about 10 minutes, plus the time to create a fresh backup of an iPhone, which you will want to do if you want to check up to the hour. To get the toolkit ready to scan your phone for signs of Pegasus, you’ll need to feed in Amnesty’s IOCs, which it has on its GitHub page. Any time the indicators of compromise file updates, download and use an up-to-date copy.

Once you set off the process, the toolkit scans your iPhone backup file for any evidence of compromise. The process took about a minute or two to run and spit out several files in a folder with the results of the scan. If the toolkit finds a possible compromise, it will say so in the outputted files. In our case, we got one “detection,” which turned out to be a false positive and has been removed from the IOCs after we checked with the Amnesty researchers. A new scan using the updated IOCs returned no signs of compromise.

Given it’s more difficult to detect an Android infection, MVT takes a similar but simpler approach by scanning your Android device backup for text messages with links to domains known to be used by NSO. The toolkit also lets you scan for potentially malicious applications installed on your device.

The toolkit is — as command line tools go — relatively simple to use, though the project is open source so not before long surely someone will build a user interface for it. The project’s detailed documentation will help you — as it did us.

Read more:


You can send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

#amnesty-international, #android, #cisco, #computing, #espionage, #european-union, #government, #hungary, #iphone, #mexico, #microsoft, #morocco, #nso, #nso-group, #paris, #pegasus, #securedrop, #security, #smartphones, #software, #spyware, #the-guardian, #the-washington-post, #united-arab-emirates, #vmware, #whatsapp

Ireland must ‘swiftly’ investigate legality of Facebook-WhatsApp data-sharing, says EDPB

Facebook’s lead regulator in the European Union must “swiftly” investigate the legality of data-sharing related to a controversial WhatsApp policy update, following an order by the European Data Protection Board (EDPB).

We’ve reached out to the Irish Data Protection Commission (DPC) for a response.

Updated terms had been set to be imposed upon users of the Facebook-owned messaging app early this year — but in January Facebook delayed the WhatsApp terms update until May after a major privacy backlash and ongoing confusion over the details of its user data processing.

Despite WhatsApp going ahead with the policy update, the ToS has continued to face scrutiny from regulators and rights organizations around the world.

The Indian government, for example, has repeatedly ordered Facebook to withdraw the new terms. While, in Europe, privacy regulators and consumer protection organizations have raised objections about how opaque terms are being pushed on users — and in May a German data protection authority issued a temporary (national) blocking order.

Today’s development follows that and is significant as it’s the first urgent binding decision adopted by the EDPB under the bloc’s General Data Protection Regulation (GDPR).

Although the Board has not agreed to order the adoption of final measures against Facebook-WhatsApp as the requesting data supervisor, the Hamburg DPA, had asked — saying that “conditions to demonstrate the existence of an infringement and an urgency are not met”.

The Board’s intervention in the confusing mess around the WhatsApp policy update follows the use of GDPR Article 66 powers by Hamburg’s data protection authority.

In May the latter ordered Facebook not to apply the new terms to users in Germany — saying its analysis found the policy granted “far-reaching powers” to WhatsApp to share data with Facebook, without it being clear what legal basis the tech giant was relying upon to be able process users’ data.

Hamburg also accused the Irish DPC of failing to investigate the Facebook-WhatsApp data sharing when it raised concerns — hence seeking to take matters into its own hands by making an Article 66 intervention.

As part of the process it asked the EDPB to take a binding decision — asking it to take definitive steps to block data-sharing between WhatsApp and Facebook — in a bid to circumvent the Irish regulator’s glacial procedures by getting the Board to order enforcement measures that could be applied stat across the whole bloc.

However the Board’s assessment found that Hamburg had not met the bar for demonstrating the Irish DPC “failed to provide information in the context of a formal request for mutual assistance under Article 61 GDPR”, as it puts it.

It also decided that the adoption of updated terms by WhatsApp — which it nonetheless says “contain similar problematic elements as the previous version” — cannot “on its own” justify the urgency for the EDPB to order the lead supervisor to adopt final measures under Article 66(2) GDPR.

The upshot — as the Hamburg DPA puts it — is that data exchange between WhatsApp and Facebook remains “unregulated at the European level”.

Article 66 powers

The importance of Article 66 of the GDPR is that it allows EU data protection authorities to derogate from the regulation’s one-stop-shop mechanism — which otherwise funnels cross border complaints (such as those against Big Tech) via a lead data supervisor (oftentimes the Irish DPC), and is thus widely seen as a bottleneck to effective enforcement of data protection (especially against tech giants).

An Article 66 urgency proceeding allows any data supervisor across the EU to immediately adopt provisional measures — provided a situation meets the criteria for this kind of emergency intervention. Which is one way to get around a bottleneck, even if only for a time-limited period.

A number of EU data protection authorities have used (or threatened to use) Article 66 powers in recent years, since GDPR came into application in 2018, and the power is increasingly proving its worth in reconfiguring certain Big Tech practices — with, for example, Italy’s DPA using it recently to force TikTok to remove hundreds of thousands of suspected underage accounts.

Just the threat of Article 66’s use back in 2019 (also by Hamburg) was enough to encourage Google to suspend manual reviews of audio reviews of recordings captured by its voice AI, Google Assistant. (And later led to a number of major policy changes by several tech giants who had similarly been manually reviewing users’ interactions with their voice AIs.)

At the same time, Article 66 provisional measures can only last three months — and only apply nationally, not across the whole EU. So it’s a bounded power. (Perhaps especially in this WhatsApp-Facebook case, where the target is a ToS update, and Facebook could just wait out the three months and apply the policy anyway in Germany after the suspension order lapses.)

This is why Hamburg wanted the EDPB to make a binding decision. And it’s certainly a blow to privacy watchers eager for GDPR enforcement to fall on tech giants like Facebook that the Board has declined to do so in this case.

Unregulated data-sharing

Responding to the Board’s decision not to impose definitive measures to prevent data sharing between WhatsApp and Facebook, the Hamburg authority expressed disappointment — see below for its full statement — and also lamented that the EDPB has not set a deadline for the Irish DPC to conduct the investigation into the legal basis of the data-sharing.

Ireland’s data protection authority has only issued one final GDPR decision against a tech giant to date (Twitter) — so there is plenty of cause to be concerned that without a concrete deadline the ordered probe could be kicked down the road for years.

Nonetheless, the EDPB’s order to the Irish DPC to