Menu

Timesdelhi.com

February 22, 2019

Facebook removes its Onavo surveillance VPN app from Google Play

Delhi/India/Politics/TC by

Facebook will end its unpaid market research programs and proactively take its Onavo VPN app off the Google Play store in the wake of backlash following TechCrunch’s investigation about Onavo code being used in a Facebook Research app the sucked up data about teens. The Onavo Protect app will eventually shut down, and will immediately cease pulling in data from users for market research though it will continue operating as a Virtual Private Network in the short-term to allow users to find a replacement.

Facebook has also ceased to recruit new users for the Facebook Research app that still runs on Android but was forced off of iOS by Apple after we reported on how it violated Apple’s Enterprise Certificate program for employee-only apps. Existing Facebook Research app studies will continue to run, though.

A Facebook spokesperson confirmed the change and provided this statement “Market research helps companies build better products for people. We are shifting our focus to reward-based market research which means we’re going to end the Onavo program.”

With the suspicions about big tech giants and looming regulation leading to more intense scrutiny of privacy practices, Facebook has decided that giving users a utility like a VPN in exchange for quietly examining their usage of other apps and mobile browsing data isn’t a wise strategy. Instead, it will focus on paid programs where users explicitly understand what privacy they’re giving up for direct financial compensation.

Facebok acquired Onavo in 2013 for a reported $200 million to use its VPN app the gather data about what people were doing on their phones. That data revealed WhatsApp was sending far more messages per day than Messenger, convincing Facebook to pay a steep sum of $19 billion to buy WhatsApp. Facebook went on to frame Onavo as a way for users to reduce their data usage, block dangerous websites, keep their traffic safe from snooping — while Facebook itself was analyzing that traffic. The insights helped it discover new trends in mobile usage, keep an eye on competitors, and figure out what features or apps to copy. Cloning became core to Facebook’s product strategy over the past years, with Instagram’s versions of Snapchat Stories growing larger than the original.

But last year, privacy concerns led Apple to push Facebook to remove the Onavo VPN app from the App Store, though it continued running on Google Play. But Facebook quietly repurposed Onavo code for use in its Facebook Research app that TechCrunch found was paying users in the U.S. and India ages 13 to 35 up to $20 in gift cards per month to give it VPN and root network access to spy on all their mobile data.

Facebook ran the program in secret, obscured by intermediary beta testing services like Betabound and Applause. It only informed users it recruited with ads on Instagram, Snapchat and elsewhere that they were joining a Facebook Research program after they’d begun signup and signed non-disclosure agreements. A Facebook claimed in a statement that “there was nothing ‘secret’ about this”, but it had threatened legal action if users publicly discussed the Research program.

But the biggest problem for Facebook was that its Research app abused Apple’s Enterprise Certificate program meant for employee-only apps to distribute the app outside the company. That led Apple to ban the Research app from iOS and invalidate Facebook’s certificate. This shut down Facebook’s internal iOS collaboration tools, pre-launch test versions of its popular apps, and even its lunch menu and shuttle schedule to break for 30 hours, causing chaos at the company’s offices.

In an attempt to preempt any more scandals around Onavo and the Facebook Research app or Google stepping in to block the apps, Facebook is now taking Onavo off the Play Store and stopping recruitment of Research testers.

News Source = techcrunch.com

California to close data breach notification loopholes under new law

Uncategorised by

California, which has some of the strongest data breach notification laws in the U.S., thinks it can do even better.

The golden state’s attorney general Xavier Becerra announced a new bill Thursday that aims to close loopholes in its existing data breach notification laws by expanding the requirements for companies to notify users or customers if their passport and government ID numbers, along with biometric data, such as fingerprints, and iris and facial recognition scans, have been stolen.

The updated draft legislation lands a few months after the Starwood hack, which Becerra and Democratic state assembly member Marc Levine, who introduced the bill, said prompted the law change.

Marriott-owned hotel chain Starwood said data on fewer than 383 million unique guests was stolen in the data breach, revealed in September, including guest names, postal addresses, phone numbers, dates of birth, genders, email addresses, some encrypted payment card data and other reservation information. Starwood also disclosed that five million passport numbers were stolen.

Although Starwood came clean and revealed the data breach, companies are not currently legally obligated to disclose that passport numbers or biometric data have been stolen. Under California state law, only Social Security numbers, driver’s license numbers, banking information, passwords, medical and health insurance information and data collected through automatic license plate recognition systems must be reported.

That’s set to change, under the new California assembly bill 1130, the state attorney general said.

“We have an opportunity today to make our data breach law stronger and that’s why we’re moving today to make it more difficult for hackers and cybercriminals to get your private information,” said Becerra at a press conference in San Francisco. “AB 1130 closes a gap in California law and ensures that our state remains the nation’s leader in data privacy and protection,” he said.

Several other states, like Alabama, Florida and Oregon, already require data breach notifications in the event of passport number breaches, and also biometric data in the case of Iowa and Nebraska, among others.

California remains, however, one of only a handful of states that require the provision of credit monitoring or identity theft protection after certain kinds of breaches.

Thursday’s bill comes less than a year after state lawmakers passed the California Privacy Act into law, greatly expanding privacy rights for consumers — similar to provisions provided to Europeans under the newly instituted General Data Protection Regulation. The state privacy law, passed in June and set to go into effect in 2020, was met with hostility by tech companies headquartered in the state, prompting a lobbying effort to push for a superseding but weaker federal privacy law.

News Source = techcrunch.com

DoorDash raises $400M round, now valued at $7.1B

Delivery company DoorDash is announcing that it has raised $400 million in Series F financing.

Earlier this month, The Wall Street Journal reported that the company was looking to raise $500 million at a valuation of $6 billion or more. In fact, DoorDash now says the funding came at a $7.1 billion valuation.

The round was led by Temasek and Dragoneer Investment Group, with participation from previous investors SoftBank Vision Fund, DST Global, Coatue Management, GIC, Sequoia Capital and Y Combinator.

DoorDash has been raising money at an impressive rate, with a $535 million round last March followed by a $250 million round (valuing the company at $4 billion) in August.

Co-founder and CEO Tony Xu told me the round is “a reflection of superior performance over the past year.” Apparently, the company is currently seeing 325 percent growth, year-over-year, and it points to recent data from Second Measure showing that the service has overtaken Uber Eats in U.S. market share for online food delivery — DoorDash now comes in second to Grubhub.

“I think the numbers speak for themselves,” Xu said. “If you just run the math on DoorDash’s course and speed, we’re on track to be number one.”

Tony Xu of DoorDash

He attributed the company’s growth to three factors: its geographic reach (3,300 cities in the United States and Canada), its selection of partners (not just restaurants — Walmart is using DoorDash for grocery deliveries) and DoorDash Drive, which allows businesses to use the DoorDash network to make their own deliveries.

He added that DoorDash has been “growing in a disciplined way, turning markets towards profitability.”

The funding, Xu said, will allow the company to continue investing in Drive, in its DashPass subscription service (where you pay $9.99 per month for free deliveries on orders of $15 or more from select restaurants) and in more hiring. And while DoorDash is currently available in all 50 states, Xu said there’s still plenty of room to cover additional territory in the U.S. and especially Canada.

“To me, this round … really changes the position of the company, not only as we march towards market leadership, but as we go beyond restaurants and become the last mile for commerce,” he said.

Not all of DoorDash’s recent news has been good. Along with Instacart, the company has been under scrutiny for subsidizing its driver payments with customer tips.

When asked about the criticism, Xu said the current compensation system was tested “not in a quarter, not in a month, but tested for months” before being implemented in 2017, and since then, there’s been a “significant increase” in retention among “dashers,” along with improved dasher satisfaction and on-time deliveries.

“When it comes to this pay model that has been in the press, the most important thing, I would say, is looking again at the facts and results,” he said.

News Source = techcrunch.com

Twitter’s latest test changes ‘Retweet with Comment’ so it looks more like a Reply

Twitter’s new prototype testing program isn’t the only way it’s working to fix conversations on its site. The company confirmed it’s currently running another public-facing test focused on making Twitter “more conversational” – but this time with Retweets instead of Replies. The test involves using a thin line to connect a quote-style retweet to the person commenting on the tweet, instead of placing the quoted tweet in a box as before.

Here are some visual aids.

Today, when you comment on a tweet you’re reposting, the original tweet is boxed in like this:

The new test sees Twitter eliminating the box entirely, and connecting the comment to the tweet using the same sort of line that is used today with Replies.

For example, here is a before and after of the change. (Click through to the tweet to view the images larger). You can see the original look on the left, and the update using the line on the right:

We asked Twitter if this was a permanent change or just a test, and a spokesperson confirmed it was the latter.

The test was available on Android on Tuesday of this week, but began rolling out to iOS users yesterday.

Despite the launch of the new testing program, the company said it would continue to A/B test various conversational features and other changes within its public app.

“The fact that we’re doing this [Twitter prototype testing program] doesn’t mean that we don’t do regular testing – like we do with all our development processes in our regular app all the time,” Sara Haider, Twitter’s director of product management, had noted in an interview at CES in January.

The prototype program, meanwhile, serves as more of an experimental testing grounds where Twitter users are able to directly influence the development process with their feedback and opinions.

Twitter had learned over the years that some of the best ideas come from the community itself. Many of its products – including @ Replies, the hashtag (#), tweetstorms (now “threads”), and Retweets (originally “RT”) – were developed in response to how people were already using Twitter. Now, Twitter hopes to tap into the hive mind to build whatever else in coming next.

But not all of Twitter’s changes are community-driven. (After all, I’m not sure anyone was really all that concerned about how Retweets were displayed.)

That means you’ll still see Twitter testing smaller changes like this one in the public app.

Whether or not the lines will eventually come to replace the box for Retweets still remains to be seen, however. While it does make the comment seem more like someone is continuing a conversation, the update arguably makes it easier to confuse a Retweet with a Reply, too.

“We’re working on updates to Retweet with Comment as part of our efforts to make Twitter more conversational,” a spokesperson for Twitter confirmed to TechCrunch. They also hinted we’d see more tests of this nature in the future, as well.

 

News Source = techcrunch.com

Verified Startup Lawyer: Stephane Levy

Stephane Levy got his start in the days of Silicon Alley almost two decades ago, and built up his practice with New York startups and beyond through all the ups and downs since then.

Today, as a partner at Cooley LLP, he works with a wide range of companies, from company formation, seed and later stage rounds, all the way through to M&A transactions and IPOs. He also teaches at Cornell University Law School as an adjunct professor, on legal matters affecting emerging companies and venture capital transactions.

“We met him in the very early days, and his help on all things relating to the company, investors, corporate decisions, fundraising, and just simple strategy has been spot on. He’s always someone I can rely on to give me honest feedback that will eventually play out to be true.” Sachin Kamdar, New York City, CEO, Parsely


On the New York startup scene

“I was probably one of a handful of tech lawyers in NY, at least of my vintage, working with startups and venture funds in the early and mid 2000s, so I kind of grew up doing that stuff in New York when most of the other corporate lawyers in the city were focused on more traditional M&A, private equity, capital markets, etc.”

When a client is having a rough time

“I’m not going to drop a company just because they are going through hard times or treat them any different. It’s a mixed bag out there, and at the end of the day you’ll have some really successful companies and some that are having a tougher time, but you have to take a long view. If a company is going through a really tough time — for example, they’re having trouble raising money — them not getting any attention from their lawyer will really compound some of the issues.”

What makes startup lawyers good

“The key is to try to bring your judgment to bare and say, “Listen, there’s going to be some risk. I’m not going to advocate you do everything on my punch list of ideal things you can be doing from a legal perspective, but if you have to focus on a few things to stay out of trouble for now, these would be them.” Not every lawyer is able to give that type of guidance or has, I guess, the experience or the judgment to be able to do that, but that’s something that entrepreneurs really value.”

Sample horror story

“Let’s say three founders take a third each and they don’t impose vesting. A year later, one of the founders leaves to go get a job somewhere and doesn’t want to give a portion of the equity back. Those are potentially really significant errors that could cost the company and the founders.  I just feel bad because the reality is we’ve automated a lot of our formation processes up front such that it really doesn’t cost much for founders to get state of the art documents in place from the get go.”

Below, you’ll find the rest of the founder reviews, the full interview, and more details like pricing and fee structures. This article is part of our ongoing series covering great lawyers and other experts who founders love to work with. More details here.

Click here to register for Extra Crunch, or log in here.

News Source = techcrunch.com

1 2 3 12,591
Go to Top