Архив за месяц: Февраль 2020

FCC proposes $208M in fines for wireless carriers that sold your location for years

The FCC has officially and finally determined that the major wireless carriers in the U.S. broke the law by secretly selling subscribers’ location data for years with almost no constraints or disclosure. But its Commissioners decry the $208 million penalty proposed to be paid by these enormously rich corporations, calling it “not properly proportioned to the consumer harms suffered.”
Under the proposed fines, T-Mobile would pay $91M; AT&T, $57M; Verizon, $48M; and Sprint, $12M. (Disclosure: TechCrunch is owned by Verizon Media. This does not affect our coverage in the slightest.)
The case has stretched on for more than a year and a half after initial reports that private companies were accessing and selling real-time subscriber location data to anyone willing to pay. Such a blatant abuse of consumers’ privacy caused an immediate outcry, and carriers responded with apparent chagrin — but often failed to terminate or even evaluate these programs in a timely fashion. It turns out they were run with almost no oversight at all, with responsibility delegated to the third party companies to ensure compliance.

LocationSmart didn’t just sell mobile phone locations, it leaked them

Meanwhile the FCC was called on to investigate the nature of these offenses, and spent more than a year doing so in near-total silence, with even its own Commissioners calling out the agency’s lack of communication on such a serious issue.
Finally, in January, FCC Chairman Ajit Pai — who, it really must be noted here, formerly worked for one of the main companies implicated, Securus — announced that the investigation had found the carriers had indeed violated federal law and would soon be punished.

Carriers ‘violated federal law’ by selling your location data, FCC tells Congress

Today brings the official documentation of the fines, as well as commentary from the Commission. In the documents, the carriers are described as not only doing something bad, but doing it poorly — and especially in T-Mobile’s case, continuing to do it well after they said they’d stop:
We find that T-Mobile apparently disclosed its customers’ location information, without their consent, to third parties who were not authorized to receive it. In addition, even after highly publicized incidents put the Company on notice that its safeguards for protecting customer location information were inadequate, T-Mobile apparently continued to sell access to its customers’ location information for the better part of a year without putting in place reasonable safeguards—leaving its customers’ data at unreasonable risk of unauthorized disclosure
The general feeling seems to be that while it’s commendable to recognize this violation and propose what could be considered  substantial fines, the whole thing is, as Commissioner Rosenworcel put it, “a day late and a dollar short.”
The scale of the fines, they say, has little to do with the scale of the offenses — and that’s because the investigation did not adequately investigate or attempt to investigate the scale of those offenses. As Commissioner Starks writes in a lengthy statement:
After all these months of investigation, the Commission still has no idea how many consumers’ data was mishandled by each of the carriers.
We had the power—and, given the length of this investigation, the time—to compel disclosures that would help us understand the true scope of the harm done to consumers. Instead, the Notices calculate the forfeiture based on the number of contracts between the carriers and location aggregators, as well as the number of contracts between those aggregators and third-party location-based service providers. That is a poor and unnecessary proxy for the privacy harm caused by each carrier, each of which has tens of millions of customers that likely had their personal data abused.
Essentially, the FCC didn’t even look at the number or nature of actual harm — it just asked the carriers to provide the number of contracts entered into. As Starks points out, one such contract can and did sometimes represent thousands of individual privacy invasions.
We know there are many—perhaps millions—of additional victims, each with their own harms. Unfortunately, based on the investigation the FCC conducted, we don’t even know how many there were, and the penalties we propose today do not reflect that impact.
And why not go after the individual companies? Securus, Starks says, “behaved outrageously.” But they’re not being fined at all. Even if the FCC lacked the authority to do so, it could have handed off the case to Justice or local authorities that could determine whether these companies violated other laws.
As Rosenworcel notes in her own statement, the fines are also extraordinarily generous even beyond this minimal method of calculating harm:
The agency proposes a $40,000 fine for the violation of our rules—but only on the first day. For every day after that, it reduces to $2,500 per violation. The FCC heavily discounts the fines the carriers potentially owe under the law and disregards the scope of the problem. On top of that, the agency gives each carrier a thirty-day pass from this calculation. This thirty day “get-out-of-jail-free” card is plucked from thin air.
Given that this investigation took place over such a long period, it’s strange that it did not seek to hear from the public or subpoena further details from the companies facilitating the violations. Meanwhile the carriers sought to declare a huge proportion of their responses to the FCC’s questions confidential, including publicly available information, and the agency didn’t question these assertions until Starks and Rosenworcel intervened.
$200M sounds like a lot, but divided among several billion-dollar communications organizations it’s peanuts, especially when you consider that these location-selling agreements may have netted far more than that in the years they were active. Only the carriers know exactly how many times their subscribers’ privacy was violated, and how much money they made from that abuse. And because the investigation has ended without the authority over these matters asking about it, we likely never will know.
The proposed fines, called a Notice of Apparent Liability, are only a tentative finding, and the carriers have 30 days to respond or ask for an extension — the latter of which is the more likely. Once they respond (perhaps challenging the amount or something else) the FCC can take as long as it wants to come up with a final fine amount. And once that is issued, there is no requirement that the fine actually be collected — and the FCC has in fact declined to collect before once the heat died down, though not with a penalty of this scale.
“While I am glad the FCC is finally proposing fines for this egregious behavior, it represents little more than the cost of doing business for these carriers,” Congressman Frank Pallone (D-NJ) said in a statement. “Further, the Commission is still a long way from collecting these fines and holding the companies fully accountable.”
The only thing that led to this case being investigated at all was public attention, and apparently public attention is necessary to ensure the federal government follows through on its duties.
(This article has been substantially updated with new information, plus comments from Commissioner Starks and Rep. Pallone.)

FCC proposes $208M in fines for wireless carriers that sold your location for years

Venmo prototypes a debit card for teenagers

Allowance is going digital. Venmo has been spotted prototyping a new feature that would allow adult users to create for their teenage children a debit card connected to their account. That could potentially let parents set spending notifications and limits while giving kids more flexibility in urgent situations than a few dollars stuffed in a pocket.
Delving into children’s banking could establish a new reason for adults to sign up for Venmo, get them saving more in Venmo debit accounts where the company can earn interest on the cash and drive purchase frequency that racks up interchange fees for Venmo’s owner PayPal .

But Venmo is arriving late to the teen debit card market. Startups like Greenlight and Step let parents manage teen spending on dedicated debit cards. More companies like Kard and neo banking giant Revolut have announced plans to launch their own versions. And Venmo’s prototype uses very similar terminology to that of Current, a frontrunner in the children’s banking space with over 500,000 accounts that raised a $20 million Series B late last year.
The first signs of Venmo’s debit card were spotted by reverse engineering specialist Jane Manchun Wong, who has provided slews of accurate tips to TechCrunch in the past. Hidden in Venmo’s Android app is code revealing a “delegate card” feature, designed to let users create a debit card that’s connected to their account but has limited privileges.
A screenshot generated from hidden code in Venmo’s app, via Jane Manchun Wong
A set-up screen Wong was able to generate from the code shows the option to “Enter your teen’s info,” because “We’ll use this to set up the debit card.” It asks parents to enter their child’s name, birth date and “What does your teen call you?” That’s almost identical to the “What does [your child’s name] call you?” set-up screen for Current’s teen debit card.

When TechCrunch asked about the teen debit feature and when it might launch, a Venmo spokesperson gave a cagey response that implies it’s indeed internally testing the option, writing “Venmo is constantly working to identify ways to refine and enhance the user experience. We frequently test product offerings to understand the value it could have for our users, and I don’t have anything further to share right now.”
Typically, the tech company product development flow sees them come up with ideas, mock them up, prototype them in their real apps as internal-only features, test them externally with small percentages of real users, then launch them officially if feedback and data is positive throughout. It’s unclear when Venmo might launch teen debit cards, though the product could always be scrapped. It’d need to move fast to beat Revolut and Kard to market.
Current’s teen debit card
The launch would build upon the June 2018 launch of Venmo’s branded Mastercard debit card that’s monetized through interchange fees and interest on savings. It offers payment receipts with options to split charges with friends within Venmo, free withdrawls at MoneyPass ATMs, rewards and in-app features for reseting your PIN or disabling a stolen card. Venmo also plans to launch a credit card issued by Synchrony this year.
Venmo might look to equip its teen debit card with popular features from competitors, like automatic weekly allowance deposits, notifications of all purchases or the ability to block spending at certain merchants. It’s unclear if it will charge a fee like the $36 per year subscription for Current.
Current offers these features for parents who set up a teen debit card
Tech startups are increasingly pushing to offer a broad range of financial services where margins are high. It’s an easy way to earn cheap money at a time when unit economics are coming under scrutiny in the wake of the WeWork implosion. Investors are pinning their hopes on efficient financial services too, pouring $34 billion into fintech startups during 2019.
Venmo’s already become a popular way for younger people to split the bill for Uber rides or dinner. Bringing social banking to a teen demographic probably should have been its plan all along.

Venmo prototypes a debit card for teenagers

One year later, the future of foldables remains uncertain

Yesterday, Samsung announced that the Galaxy Flip Z sold out online. What, precisely, that means, is hard to say, of course, without specific numbers from the company. But it’s probably enough to make the company bullish about its latest wade into the foldable waters, in the wake of last year’s Fold — let’s just say “troubles.”
Response to the device has been positive. I wrote mostly nice things about the Flip, with the caveat that the company only loaned out the product for 24 hours (I won’t complain here about heading into the city on a Saturday in 20-degree weather to return the device. I’m mostly not that petty).
Heck, the product even scored a (slightly) better score on iFixit’s repairability meter than the Razr. Keep in mind, it got a 2/10 to Motorola’s 1/10 (the lowest score), but in 2020, we’re all taking victories where we can get them.
There’s been some negative coverage mixed in, as well, of course; iFixit noted that the Flip could have some potential long-term dusty problems due to its hinge, writing, “it seems like dust might be this phone’s Kryptonite.” Also, the $1,400 phone’s new, improved folding glass has proven to be vulnerable to fingernails, of all things — a definite downside if you have, you know, fingers.

Living with the Samsung Galaxy Z Flip

Reports of cracked screens have also begun to surface, owing, perhaps, to cold weather. It’s still hard to say how widespread these concerns are. Samsung’s saving grace, however, could well be the Razr. First the device made it through a fraction of the folds of Samsung’s first-gen product. Then reviewers and users alike complained of a noisy fold mechanism and build quality that might be…lacking.
A review at Input had some major issues with a screen that appeared to fall apart at the seams (again, perhaps due to cold weather). Motorola went on the defensive, issuing the following statement:

We have full confidence in razr’s display, and do not expect consumers to experience display peeling as a result of normal use. As part of its development process, razr underwent extreme temperature testing. As with any mobile phone, Motorola recommends not storing (e.g., in a car) your phone in temperatures below -4 degrees Fahrenheit and above 140 degrees Fahrenheit. If consumers experience device failure related to weather during normal use, and not as a result of abuse or misuse, it will be covered under our standard warranty.

Consensus among reviews is to wait. The Flip is certainly a strong indication that the category is heading in the right direction. And Samsung is licensing its folding glass technology, which should help competitors get a bit of a jump start and hopefully avoid some of the pitfalls of the first-gen Fold and Razr.
A new survey from PCMag shows that 82% of consumers don’t plan to purchase such a device, with things like snapping hinges, fragile screens and creases populating the list of concerns. Which, honestly, fair enough on all accounts.
The rush to get to market has surely done the category a disservice. Those who consider themselves early adopters are exactly the people who regularly read tech reviews, and widespread issues are likely enough to make many reconsider pulling the trigger on a $1,500-$2,000 device. Even early adopters are thrilled about the idea of beta testing for that much money.
Two steps forward, one step back, perhaps? Let’s check back in a generation or two from now and talk.

One year later, the future of foldables remains uncertain

Google launches the first developer preview of Android 11

With the days of desert-themed releases officially behind it, Google today announced the first developer preview of Android 11, which is now available as system images for Google’s own Pixel devices, starting with the Pixel 2.
As of now, there is no way to install the updates over the air. That’s usually something the company makes available at a later stage. These first releases aren’t meant for regular users anyway. Instead, they are a way for developers to test their applications and get a head start on making use of the latest features in the operating system.
“With Android 11 we’re keeping our focus on helping users take advantage of the latest innovations, while continuing to keep privacy and security a top priority,” writes Google VP of Engineering Dave Burke. “We’ve added multiple new features to help users manage access to sensitive data and files, and we’ve hardened critical areas of the platform to keep the OS resilient and secure. For developers, Android 11 has a ton of new capabilities for your apps, like enhancements for foldables and 5G, call-screening APIs, new media and camera capabilities, machine learning, and more.”
Unlike some of Google’s previous early previews, this first version of Android 11 does actually bring quite a few new features to the table. As Burke noted, there are some obligatory 5G features like a new bandwidth estimate API, for example, as well as a new API that checks whether a connection is unmetered so apps can play higher-resolution video, for example.
With Android 11, Google is also expanding its Project Mainline lineup of updatable modules from 10 to 22. With this, Google is able to update critical parts of the operating system without having to rely on the device manufacturers to release a full OS update. Users simply install these updates through the Google Play infrastructure.
Users will be happy to see that Android 11 will feature native support for waterfall screens that cover a device’s edges, using a new API that helps developers manage interactions near those edges.
Also new are some features that developers can use to handle conversational experiences, including a dedicated conversation section in the notification shade, as well as a new chat bubbles API and the ability to insert images into replies you want to send from the notifications pane.
Unsurprisingly, Google is adding a number of new privacy and security features to Android 11, too. These include one-time permissions for sensitive types of data, as well as updates to how the OS handles data on external storage, which it first previewed last year.
As for security, Google is expanding its support for biometrics and adding different levels of granularity (strong, weak and device credential), in addition to the usual hardening of the platform you would expect from a new release.
There are plenty of other smaller updates as well, including some that are specifically meant to make running machine learning applications easier, but Google specifically highlights the fact that Android 11 will also bring a couple of new features to the OS that will help IT manage corporate devices with enhanced work profiles.
This first developer preview of Android 11 is launching about a month earlier than previous releases, so Google is giving itself a bit more time to get the OS ready for a wider launch. Currently, the release schedule calls for monthly developer preview releases until April, followed by three betas and a final release in Q3 2020.

Google launches the first developer preview of Android 11

Twitter acquires Stories template maker Chroma Labs

Is “Twitter Stories” on the way? Or will we just get tools to send prettier tweets? Well now Twitter has the talent for both as it’s just acquired Chroma Labs. Co-founded by Instagram Boomerang inventor John Barnett, Chroma Labs’ Chroma Stories app let you fill in stylish layout templates and frames for posting collages and more to Instagram Stories, Snapchat, and more.
Rather than keeping Chroma Stories around, Twitter will be splitting the Chroma Labs squad up to work on its product, design and engineering teams. The Chroma Stories iPhone app won’t be shut down, but it won’t get more updates and will only work until there’s some breaking change to iOS.

Thrilled to welcome the amazing @Chroma_Labs team including @picturejohn, @alexli, @joshuacharris to @Twitter.
They’ll join our product, design, and eng teams working to give people more creative ways to express themselves on Twitter
— Kayvon Beykpour (@kayvz) February 18, 2020

“When we founded Chroma Labs in 2018, we set out to build a company to inspire creativity and help people tell their visual stories. During the past year, we’ve enabled creators and businesses around the world to create millions of stories with the Chroma Stories app” the Chroma Labs team writes on its site. “We’re proud of this work, and look forward to continuing our mission at a larger scale – with one of the most important services in the world.”
We’ve reached out to Twitter for more details on the deal and any price paid. [Update: Twitter confirms this is an acquisition, not just and acquihire of the team as it first appeared, though Chroma Stories is shutting down. It refused to disclose the terms of the acquisition, but said all seven employees of Chroma Labs are coming aboard. The team will be working on the Conversations division at Twitter, and the deal is meant to boost its talent, leadership, and expertise for serving public discussions. A Twitter spokesperson also confirms that Chroma will shut down its .business and future versions of the app will not be available.]
Founded in late 2018, Chroma Labs had raised a seed round in early 2019 and counted Sweet Capital, Index Ventures, and Combine VC as investors. Barnett’s fellow co-founders include CTO Alex Li, who was an engineering manager on Facebook Photos and Instagram Stories; and Joshua Harris was a product design manager on the Oculus Rift and Facebook’s augmented reality filters.

With Chroma Stories, you could choose between retro filters, holiday themed frames, and snazzy collage templates to make your Storie look special amidst the millions posted each day. Sensor Tower estimates Chroma Stories had 37,000 downloads to date. That tepid reception despite the app’s quality might explain why the team is joining Twitter.
By snatching up some of the smartest talent in visual storytelling, Twitter could give its text-focused app some spice. It’s one of the few social apps without a Stories product already, and its creative tools are quite limited. Better ways to lay out photos in tweets could make Twitter more beautiful and less exhausting to sift through. That might make it more appealing to teens and help it boost its user count, which now lags behind Snapchat.
Twitter has become the world’s public record for words. The Chroma Labs talent might make it the real-time gallery for art and design as well.
[Update 3:05pm Pacific: Twitter confirms that this is a full acquisition of the Chroma Labs company, not just an acquisition as we originally printed.]

Twitter acquires Stories template maker Chroma Labs