5G phones are here but there’s no rush to upgrade

This year’s Mobile World Congress — the CES for Android device makers — was awash with 5G handsets.

The world’s No.1 smartphone seller by marketshare, Samsung, got out ahead with a standalone launch event in San Francisco, showing off two 5G devices, just before fast-following Android rivals popped out their own 5G phones at launch events across Barcelona this week.

We’ve rounded up all these 5G handset launches here. Prices range from an eye-popping $2,600 for Huawei’s foldable phabet-to-tablet Mate X — and an equally eye-watering $1,980 for Samsung’s Galaxy Fold; another 5G handset that bends — to a rather more reasonable $680 for Xiaomi’s Mi Mix 3 5G, albeit the device is otherwise mid-tier. Other prices for 5G phones announced this week remain tbc.

Here are all the 5G phones announced at MWC

Android OEMs are clearly hoping the hype around next-gen mobile networks can work a little marketing magic and kick-start stalled smartphone growth. Especially with reports suggesting Apple won’t launch a 5G iPhone until at least next year. So 5G is a space Android OEMs alone get to own for a while.

Chipmaker Qualcomm, which is embroiled in a bitter patent battle with Apple, was also on stage in Barcelona to support Xiaomi’s 5G phone launch — loudly claiming the next-gen tech is coming fast and will enhance “everything”.

“We like to work with companies like Xiaomi to take risks,” lavished Qualcomm’s president Cristiano Amon upon his hosts, using 5G uptake to jibe at Apple by implication. “When we look at the opportunity ahead of us for 5G we see an opportunity to create winners.”

Despite the heavy hype, Xiaomi’s on stage demo — which it claimed was the first live 5G video call outside China — seemed oddly staged and was not exactly lacking in latency.

“Real 5G — not fake 5G!” finished Donovan Sung, the Chinese OEM’s director of product management. As a 5G sales pitch it was all very underwhelming. Much more ‘so what’ than ‘must have’.

Whether 5G marketing hype alone will convince consumers it’s past time to upgrade seems highly unlikely.

Phones sell on features rather than connectivity per se, and — whatever Qualcomm claims — 5G is being soft-launched into the market by cash-constrained carriers whose boom times lie behind them, i.e. before over-the-top players had gobbled their messaging revenues and monopolized consumer eyeballs.

All of which makes 5G an incremental consumer upgrade proposition in the near to medium term.

Use-cases for the next-gen network tech, which is touted as able to support speeds up to 100x faster than LTE and deliver latency of just a few milliseconds (as well as connecting many more devices per cell site), are also still being formulated, let alone apps and services created to leverage 5G.

But selling a network upgrade to consumers by claiming the killer apps are going to be amazing but you just can’t show them any yet is as tough as trying to make theatre out of a marginally less janky video call.

“5G could potentially help [spark smartphone growth] in a couple of years as price points lower, and availability expands, but even that might not see growth rates similar to the transition to 3G and 4G,” suggests Carolina Milanesi, principal analyst at Creative Strategies, writing in a blog post discussing Samsung’s strategy with its latest device launches.

“This is not because 5G is not important, but because it is incremental when it comes to phones and it will be other devices that will deliver on experiences, we did not even think were possible. Consumers might end up, therefore, sharing their budget more than they did during the rise of smartphones.”

The ‘problem’ for 5G — if we can call it that — is that 4G/LTE networks are capably delivering all the stuff consumers love right now: Games, apps and video. Which means that for the vast majority of consumers there’s simply no reason to rush to shell out for a ‘5G-ready’ handset. Not if 5G is all the innovation it’s got going for it.

LG V50 ThinQ 5G with a dual screen accessory for gaming

Use cases such as better AR/VR are also a tough sell given how weak consumer demand has generally been on those fronts (with the odd branded exception).

The barebones reality is that commercial 5G networks are as rare as hen’s teeth right now, outside a few limited geographical locations in the U.S. and Asia. And 5G will remain a very patchy patchwork for the foreseeable future.

Indeed, it may take a very long time indeed to achieve nationwide coverage in many countries, if 5G even ends up stretching right to all those edges. (Alternative technologies do also exist which could help fill in gaps where the ROI just isn’t there for 5G.)

So again consumers buying phones with the puffed up idea of being able to tap into 5G right here, right now (Qualcomm claimed 2019 is going to be “the year of 5G!”) will find themselves limited to just a handful of urban locations around the world.

Analysts are clear that 5G rollouts, while coming, are going to be measured and targeted as carriers approach what’s touted as a multi-industry-transforming wireless technology cautiously, with an eye on their capex and while simultaneously trying to figure out how best to restructure their businesses to engage with all the partners they’ll need to forge business relations with, across industries, in order to successfully sell 5G’s transformative potential to all sorts of enterprises — and lock onto “the sweep spot where 5G makes sense”.

Enterprise rollouts therefore look likely to be prioritized over consumer 5G — as was the case for 5G launches in South Korea at the back end of last year.

“4G was a lot more driven by the consumer side and there was an understanding that you were going for national coverage that was never really a question and you were delivering on the data promise that 3G never really delivered… so there was a gap of technology that needed to be filled. With 5G it’s much less clear,” says Gartner’s Sylvain Fabre, discussing the tech’s hype and the reality with TechCrunch ahead of MWC.

“4G’s very good, you have multiple networks that are Gbps or more and that’s continuing to increase on the downlink with multiple carrier aggregation… and other densification schemes. So 5G doesn’t… have as gap as big to fill. It’s great but again it’s applicability of where it’s uniquely positioned is kind of like a very narrow niche at the moment.”

“It’s such a step change that the real power of 5G is actually in creating new business models using network slicing — allocation of particular aspects of the network to a particular use-case,” Forrester analyst Dan Bieler also tells us. “All of this requires some rethinking of what connectivity means for an enterprise customer or for the consumer.

“And telco sales people, the telco go-to-market approach is not based on selling use-cases, mostly — it’s selling technologies. So this is a significant shift for the average telco distribution channel to go through. And I would believe this will hold back a lot of the 5G ambitions for the medium term.”

To be clear, carriers are now actively kicking the tyres of 5G, after years of lead-in hype, and grappling with technical challenges around how best to upgrade their existing networks to add in and build out 5G.

Many are running pilots and testing what works and what doesn’t, such as where to place antennas to get the most reliable signal and so on. And a few have put a toe in the water with commercial launches (globally there are 23 networks with “some form of live 5G in their commercial networks” at this point, according to Fabre.)

But at the same time 5G network standards are yet to be fully finalized so the core technology is not 100% fully baked. And with it being early days “there’s still a long way to go before we have a real significant impact of 5G type of services”, as Bieler puts it. 

There’s also spectrum availability to factor in and the cost of acquiring the necessary spectrum. As well as the time required to clear and prepare it for commercial use. (On spectrum, government policy is critical to making things happen quickly (or not). So that’s yet another factor moderating how quickly 5G networks can be built out.)

And despite some wishful thinking industry noises at MWC this week — calling for governments to ‘support digitization at scale’ by handing out spectrum for free (uhhhh, yeah right) — that’s really just whistling into the wind.

Rolling out 5G networks is undoubtedly going to be very expensive, at a time when carriers’ businesses are already faced with rising costs (from increasing data consumption) and subdued revenue growth forecasts.

“The world now works on data” and telcos are “at core of this change”, as one carrier CEO — Singtel’s Chua Sock Koong — put it in an MWC keynote in which she delved into the opportunities and challenges for operators “as we go from traditional connectivity to a new age of intelligent connectivity”.

Chua argued it will be difficult for carriers to compete “on the basis of connectivity alone” — suggesting operators will have to pivot their businesses to build out standalone business offerings selling all sorts of b2b services to support the digital transformations of other industries as part of the 5G promise — and that’s clearly going to suck up a lot of their time and mind for the foreseeable future.

In Europe alone estimates for the cost of rolling out 5G range between €300BN and €500BN (~$340BN-$570BN), according to Bieler. Figures that underline why 5G is going to grow slowly, and networks be built out thoughtfully; in the b2b space this means essentially on a case-by-case basis.

Simply put carriers must make the economics stack up. Which means no “huge enormous gambles with 5G”. And omnipresent ROI pressure pushing them to try to eke out a premium.

“A lot of the network equipment vendors have turned down the hype quite a bit,” Bieler continues. “If you compare this to the hype around 3G many years ago or 4G a couple of years ago 5G definitely comes across as a soft launch. Sort of an evolutionary type of technology. I have not come across a network equipment vendors these days who will say there will be a complete change in everything by 2020.”

On the consumer pricing front, carriers have also only just started to grapple with 5G business models. One early example is TC parent Verizon’s 5G home service — which positions the next-gen wireless tech as an alternative to fixed line broadband with discounts if you opt for a wireless smartphone data plan as well as 5G broadband.

From the consumer point of view, the carrier 5G business model conundrum boils down to: What is my carrier going to charge me for 5G? And early adopters of any technology tend to get stung on that front.

Although, in mobile, price premiums rarely stick around for long as carriers inexorably find they must ditch premiums to unlock scale — via consumer-friendly ‘all you can eat’ price plans.

Still, in the short term, carriers look likely to experiment with 5G pricing and bundles — basically seeing what they can make early adopters pay. But it’s still far from clear that people will pay a premium for better connectivity alone. And that again necessitates caution. 

5G bundled with exclusive content might be one way carriers try to extract a premium from consumers. But without huge and/or compelling branded content inventory that risks being a too niche proposition too. And the more carriers split their 5G offers the more consumers might feel they don’t need to bother, and end up sticking with 4G for longer.

It’ll also clearly take time for a 5G ‘killer app’ to emerge in the consumer space. And such an app would likely need to still be able to fallback on 4G, again to ensure scale. So the 5G experience will really need to be compellingly different in order for the tech to sell itself.

On the handset side, 5G chipset hardware is also still in its first wave. At MWC this week Qualcomm announced a next-gen 5G modem, stepping up from last year’s Snapdragon 855 chipset — which it heavily touted as architected for 5G (though it doesn’t natively support 5G).

If you’re intending to buy and hold on to a 5G handset for a few years there’s thus a risk of early adopter burn at the chipset level — i.e. if you end up with a device with a suckier battery life vs later iterations of 5G hardware where more performance kinks have been ironed out.

Intel has warned its 5G modems won’t be in phones until next year — so, again, that suggests no 5G iPhones before 2020. And Apple is of course a great bellwether for mainstream consumer tech; the company only jumps in when it believes a technology is ready for prime time, rarely sooner. And if Cupertino feels 5G can wait, that’s going to be equally true for most consumers.

Zooming out, the specter of network security (and potential regulation) now looms very large indeed where 5G is concerned, thanks to East-West trade tensions injecting a strange new world of geopolitical uncertainty into an industry that’s never really had to grapple with this kind of business risk before.

Chinese kit maker Huawei’s rotating chairman, Guo Ping, used the opportunity of an MWC keynote to defend the company and its 5G solutions against U.S. claims its network tech could be repurposed by the Chinese state as a high tech conduit to spy on the West — literally telling delegates: “We don’t do bad things” and appealing to them to plainly to: “Please choose Huawei!”

Huawei rotating resident, Guo Ping, defends the security of its network kit on stage at MWC 2019

When established technology vendors are having to use a high profile industry conference to plead for trust it’s strange and uncertain times indeed.

In Europe it’s possible carriers’ 5G network kit choices could soon be regulated as a result of security concerns attached to Chinese suppliers. The European Commission suggested as much this week, saying in another MWC keynote that it’s preparing to step in try to prevent security concerns at the EU Member State level from fragmenting 5G rollouts across the bloc.

In an on stage Q&A Orange’s chairman and CEO, Stéphane Richard, couched the risk of destabilization of the 5G global supply chain as a “big concern”, adding: “It’s the first time we have such an important risk in our industry.”

Geopolitical security is thus another issue carriers are having to factor in as they make decisions about how quickly to make the leap to 5G. And holding off on upgrades, while regulators and other standards bodies try to figure out a trusted way forward, might seem the more sensible thing to do — potentially stalling 5G upgrades in the meanwhile.

Given all the uncertainties there’s certainly no reason for consumers to rush in.

Smartphone upgrade cycles have slowed globally for a reason. Mobile hardware is mature because it’s serving consumers very well. Handsets are both powerful and capable enough to last for years.

And while there’s no doubt 5G will change things radically in future, including for consumers — enabling many more devices to be connected and feeding back data, with the potential to deliver on the (much hyped but also still pretty nascent) ‘smart home’ concept — the early 5G sales pitch for consumers essentially boils down to more of the same.

“Over the next ten years 4G will phase out. The question is how fast that happens in the meantime and again I think that will happen slower than in early times because [with 5G] you don’t come into a vacuum, you don’t fill a big gap,” suggests Gartner’s Fabre. “4G’s great, it’s getting better, wi’fi’s getting better… The story of let’s build a big national network to do 5G at scale [for all] that’s just not happening.”

“I think we’ll start very, very simple,” he adds of the 5G consumer proposition. “Things like caching data or simply doing more broadband faster. So more of the same.

“It’ll be great though. But you’ll still be watching Netflix and maybe there’ll be a couple of apps that come up… Maybe some more interactive collaboration or what have you. But we know these things are being used today by enterprises and consumers and they’ll continue to be used.”

So — in sum — the 5G mantra for the sensible consumer is really ‘wait and see’.

from Android – TechCrunch https://ift.tt/2TjgjvJ
via IFTTT

5G phones are here but there’s no rush to upgrade

This year’s Mobile World Congress — the CES for Android device makers — was awash with 5G handsets.

The world’s No.1 smartphone seller by marketshare, Samsung, got out ahead with a standalone launch event in San Francisco, showing off two 5G devices, just before fast-following Android rivals popped out their own 5G phones at launch events across Barcelona this week.

We’ve rounded up all these 5G handset launches here. Prices range from an eye-popping $2,600 for Huawei’s foldable phabet-to-tablet Mate X — and an equally eye-watering $1,980 for Samsung’s Galaxy Fold; another 5G handset that bends — to a rather more reasonable $680 for Xiaomi’s Mi Mix 3 5G, albeit the device is otherwise mid-tier. Other prices for 5G phones announced this week remain tbc.

Here are all the 5G phones announced at MWC

Android OEMs are clearly hoping the hype around next-gen mobile networks can work a little marketing magic and kick-start stalled smartphone growth. Especially with reports suggesting Apple won’t launch a 5G iPhone until at least next year. So 5G is a space Android OEMs alone get to own for a while.

Chipmaker Qualcomm, which is embroiled in a bitter patent battle with Apple, was also on stage in Barcelona to support Xiaomi’s 5G phone launch — loudly claiming the next-gen tech is coming fast and will enhance “everything”.

“We like to work with companies like Xiaomi to take risks,” lavished Qualcomm’s president Cristiano Amon upon his hosts, using 5G uptake to jibe at Apple by implication. “When we look at the opportunity ahead of us for 5G we see an opportunity to create winners.”

Despite the heavy hype, Xiaomi’s on stage demo — which it claimed was the first live 5G video call outside China — seemed oddly staged and was not exactly lacking in latency.

“Real 5G — not fake 5G!” finished Donovan Sung, the Chinese OEM’s director of product management. As a 5G sales pitch it was all very underwhelming. Much more ‘so what’ than ‘must have’.

Whether 5G marketing hype alone will convince consumers it’s past time to upgrade seems highly unlikely.

Phones sell on features rather than connectivity per se, and — whatever Qualcomm claims — 5G is being soft-launched into the market by cash-constrained carriers whose boom times lie behind them, i.e. before over-the-top players had gobbled their messaging revenues and monopolized consumer eyeballs.

All of which makes 5G an incremental consumer upgrade proposition in the near to medium term.

Use-cases for the next-gen network tech, which is touted as able to support speeds up to 100x faster than LTE and deliver latency of just a few milliseconds (as well as connecting many more devices per cell site), are also still being formulated, let alone apps and services created to leverage 5G.

But selling a network upgrade to consumers by claiming the killer apps are going to be amazing but you just can’t show them any yet is as tough as trying to make theatre out of a marginally less janky video call.

“5G could potentially help [spark smartphone growth] in a couple of years as price points lower, and availability expands, but even that might not see growth rates similar to the transition to 3G and 4G,” suggests Carolina Milanesi, principal analyst at Creative Strategies, writing in a blog post discussing Samsung’s strategy with its latest device launches.

“This is not because 5G is not important, but because it is incremental when it comes to phones and it will be other devices that will deliver on experiences, we did not even think were possible. Consumers might end up, therefore, sharing their budget more than they did during the rise of smartphones.”

The ‘problem’ for 5G — if we can call it that — is that 4G/LTE networks are capably delivering all the stuff consumers love right now: Games, apps and video. Which means that for the vast majority of consumers there’s simply no reason to rush to shell out for a ‘5G-ready’ handset. Not if 5G is all the innovation it’s got going for it.

LG V50 ThinQ 5G with a dual screen accessory for gaming

Use cases such as better AR/VR are also a tough sell given how weak consumer demand has generally been on those fronts (with the odd branded exception).

The barebones reality is that commercial 5G networks are as rare as hen’s teeth right now, outside a few limited geographical locations in the U.S. and Asia. And 5G will remain a very patchy patchwork for the foreseeable future.

Indeed, it may take a very long time indeed to achieve nationwide coverage in many countries, if 5G even ends up stretching right to all those edges. (Alternative technologies do also exist which could help fill in gaps where the ROI just isn’t there for 5G.)

So again consumers buying phones with the puffed up idea of being able to tap into 5G right here, right now (Qualcomm claimed 2019 is going to be “the year of 5G!”) will find themselves limited to just a handful of urban locations around the world.

Analysts are clear that 5G rollouts, while coming, are going to be measured and targeted as carriers approach what’s touted as a multi-industry-transforming wireless technology cautiously, with an eye on their capex and while simultaneously trying to figure out how best to restructure their businesses to engage with all the partners they’ll need to forge business relations with, across industries, in order to successfully sell 5G’s transformative potential to all sorts of enterprises — and lock onto “the sweep spot where 5G makes sense”.

Enterprise rollouts therefore look likely to be prioritized over consumer 5G — as was the case for 5G launches in South Korea at the back end of last year.

“4G was a lot more driven by the consumer side and there was an understanding that you were going for national coverage that was never really a question and you were delivering on the data promise that 3G never really delivered… so there was a gap of technology that needed to be filled. With 5G it’s much less clear,” says Gartner’s Sylvain Fabre, discussing the tech’s hype and the reality with TechCrunch ahead of MWC.

“4G’s very good, you have multiple networks that are Gbps or more and that’s continuing to increase on the downlink with multiple carrier aggregation… and other densification schemes. So 5G doesn’t… have as gap as big to fill. It’s great but again it’s applicability of where it’s uniquely positioned is kind of like a very narrow niche at the moment.”

“It’s such a step change that the real power of 5G is actually in creating new business models using network slicing — allocation of particular aspects of the network to a particular use-case,” Forrester analyst Dan Bieler also tells us. “All of this requires some rethinking of what connectivity means for an enterprise customer or for the consumer.

“And telco sales people, the telco go-to-market approach is not based on selling use-cases, mostly — it’s selling technologies. So this is a significant shift for the average telco distribution channel to go through. And I would believe this will hold back a lot of the 5G ambitions for the medium term.”

To be clear, carriers are now actively kicking the tyres of 5G, after years of lead-in hype, and grappling with technical challenges around how best to upgrade their existing networks to add in and build out 5G.

Many are running pilots and testing what works and what doesn’t, such as where to place antennas to get the most reliable signal and so on. And a few have put a toe in the water with commercial launches (globally there are 23 networks with “some form of live 5G in their commercial networks” at this point, according to Fabre.)

But at the same time 5G network standards are yet to be fully finalized so the core technology is not 100% fully baked. And with it being early days “there’s still a long way to go before we have a real significant impact of 5G type of services”, as Bieler puts it. 

There’s also spectrum availability to factor in and the cost of acquiring the necessary spectrum. As well as the time required to clear and prepare it for commercial use. (On spectrum, government policy is critical to making things happen quickly (or not). So that’s yet another factor moderating how quickly 5G networks can be built out.)

And despite some wishful thinking industry noises at MWC this week — calling for governments to ‘support digitization at scale’ by handing out spectrum for free (uhhhh, yeah right) — that’s really just whistling into the wind.

Rolling out 5G networks is undoubtedly going to be very expensive, at a time when carriers’ businesses are already faced with rising costs (from increasing data consumption) and subdued revenue growth forecasts.

“The world now works on data” and telcos are “at core of this change”, as one carrier CEO — Singtel’s Chua Sock Koong — put it in an MWC keynote in which she delved into the opportunities and challenges for operators “as we go from traditional connectivity to a new age of intelligent connectivity”.

Chua argued it will be difficult for carriers to compete “on the basis of connectivity alone” — suggesting operators will have to pivot their businesses to build out standalone business offerings selling all sorts of b2b services to support the digital transformations of other industries as part of the 5G promise — and that’s clearly going to suck up a lot of their time and mind for the foreseeable future.

In Europe alone estimates for the cost of rolling out 5G range between €300BN and €500BN (~$340BN-$570BN), according to Bieler. Figures that underline why 5G is going to grow slowly, and networks be built out thoughtfully; in the b2b space this means essentially on a case-by-case basis.

Simply put carriers must make the economics stack up. Which means no “huge enormous gambles with 5G”. And omnipresent ROI pressure pushing them to try to eke out a premium.

“A lot of the network equipment vendors have turned down the hype quite a bit,” Bieler continues. “If you compare this to the hype around 3G many years ago or 4G a couple of years ago 5G definitely comes across as a soft launch. Sort of an evolutionary type of technology. I have not come across a network equipment vendors these days who will say there will be a complete change in everything by 2020.”

On the consumer pricing front, carriers have also only just started to grapple with 5G business models. One early example is TC parent Verizon’s 5G home service — which positions the next-gen wireless tech as an alternative to fixed line broadband with discounts if you opt for a wireless smartphone data plan as well as 5G broadband.

From the consumer point of view, the carrier 5G business model conundrum boils down to: What is my carrier going to charge me for 5G? And early adopters of any technology tend to get stung on that front.

Although, in mobile, price premiums rarely stick around for long as carriers inexorably find they must ditch premiums to unlock scale — via consumer-friendly ‘all you can eat’ price plans.

Still, in the short term, carriers look likely to experiment with 5G pricing and bundles — basically seeing what they can make early adopters pay. But it’s still far from clear that people will pay a premium for better connectivity alone. And that again necessitates caution. 

5G bundled with exclusive content might be one way carriers try to extract a premium from consumers. But without huge and/or compelling branded content inventory that risks being a too niche proposition too. And the more carriers split their 5G offers the more consumers might feel they don’t need to bother, and end up sticking with 4G for longer.

It’ll also clearly take time for a 5G ‘killer app’ to emerge in the consumer space. And such an app would likely need to still be able to fallback on 4G, again to ensure scale. So the 5G experience will really need to be compellingly different in order for the tech to sell itself.

On the handset side, 5G chipset hardware is also still in its first wave. At MWC this week Qualcomm announced a next-gen 5G modem, stepping up from last year’s Snapdragon 855 chipset — which it heavily touted as architected for 5G (though it doesn’t natively support 5G).

If you’re intending to buy and hold on to a 5G handset for a few years there’s thus a risk of early adopter burn at the chipset level — i.e. if you end up with a device with a suckier battery life vs later iterations of 5G hardware where more performance kinks have been ironed out.

Intel has warned its 5G modems won’t be in phones until next year — so, again, that suggests no 5G iPhones before 2020. And Apple is of course a great bellwether for mainstream consumer tech; the company only jumps in when it believes a technology is ready for prime time, rarely sooner. And if Cupertino feels 5G can wait, that’s going to be equally true for most consumers.

Zooming out, the specter of network security (and potential regulation) now looms very large indeed where 5G is concerned, thanks to East-West trade tensions injecting a strange new world of geopolitical uncertainty into an industry that’s never really had to grapple with this kind of business risk before.

Chinese kit maker Huawei’s rotating chairman, Guo Ping, used the opportunity of an MWC keynote to defend the company and its 5G solutions against U.S. claims its network tech could be repurposed by the Chinese state as a high tech conduit to spy on the West — literally telling delegates: “We don’t do bad things” and appealing to them to plainly to: “Please choose Huawei!”

Huawei rotating resident, Guo Ping, defends the security of its network kit on stage at MWC 2019

When established technology vendors are having to use a high profile industry conference to plead for trust it’s strange and uncertain times indeed.

In Europe it’s possible carriers’ 5G network kit choices could soon be regulated as a result of security concerns attached to Chinese suppliers. The European Commission suggested as much this week, saying in another MWC keynote that it’s preparing to step in try to prevent security concerns at the EU Member State level from fragmenting 5G rollouts across the bloc.

In an on stage Q&A Orange’s chairman and CEO, Stéphane Richard, couched the risk of destabilization of the 5G global supply chain as a “big concern”, adding: “It’s the first time we have such an important risk in our industry.”

Geopolitical security is thus another issue carriers are having to factor in as they make decisions about how quickly to make the leap to 5G. And holding off on upgrades, while regulators and other standards bodies try to figure out a trusted way forward, might seem the more sensible thing to do — potentially stalling 5G upgrades in the meanwhile.

Given all the uncertainties there’s certainly no reason for consumers to rush in.

Smartphone upgrade cycles have slowed globally for a reason. Mobile hardware is mature because it’s serving consumers very well. Handsets are both powerful and capable enough to last for years.

And while there’s no doubt 5G will change things radically in future, including for consumers — enabling many more devices to be connected and feeding back data, with the potential to deliver on the (much hyped but also still pretty nascent) ‘smart home’ concept — the early 5G sales pitch for consumers essentially boils down to more of the same.

“Over the next ten years 4G will phase out. The question is how fast that happens in the meantime and again I think that will happen slower than in early times because [with 5G] you don’t come into a vacuum, you don’t fill a big gap,” suggests Gartner’s Fabre. “4G’s great, it’s getting better, wi’fi’s getting better… The story of let’s build a big national network to do 5G at scale [for all] that’s just not happening.”

“I think we’ll start very, very simple,” he adds of the 5G consumer proposition. “Things like caching data or simply doing more broadband faster. So more of the same.

“It’ll be great though. But you’ll still be watching Netflix and maybe there’ll be a couple of apps that come up… Maybe some more interactive collaboration or what have you. But we know these things are being used today by enterprises and consumers and they’ll continue to be used.”

So — in sum — the 5G mantra for the sensible consumer is really ‘wait and see’.

from iPhone – TechCrunch https://ift.tt/2TjgjvJ

5G phones are here but there’s no rush to upgrade

This year’s Mobile World Congress — the CES for Android device makers — was awash with 5G handsets.

The world’s No.1 smartphone seller by marketshare, Samsung, got out ahead with a standalone launch event in San Francisco, showing off two 5G devices, just before fast-following Android rivals popped out their own 5G phones at launch events across Barcelona this week.

We’ve rounded up all these 5G handset launches here. Prices range from an eye-popping $2,600 for Huawei’s foldable phabet-to-tablet Mate X — and an equally eye-watering $1,980 for Samsung’s Galaxy Fold; another 5G handset that bends — to a rather more reasonable $680 for Xiaomi’s Mi Mix 3 5G, albeit the device is otherwise mid-tier. Other prices for 5G phones announced this week remain tbc.

Here are all the 5G phones announced at MWC

Android OEMs are clearly hoping the hype around next-gen mobile networks can work a little marketing magic and kick-start stalled smartphone growth. Especially with reports suggesting Apple won’t launch a 5G iPhone until at least next year. So 5G is a space Android OEMs alone get to own for a while.

Chipmaker Qualcomm, which is embroiled in a bitter patent battle with Apple, was also on stage in Barcelona to support Xiaomi’s 5G phone launch — loudly claiming the next-gen tech is coming fast and will enhance “everything”.

“We like to work with companies like Xiaomi to take risks,” lavished Qualcomm’s president Cristiano Amon upon his hosts, using 5G uptake to jibe at Apple by implication. “When we look at the opportunity ahead of us for 5G we see an opportunity to create winners.”

Despite the heavy hype, Xiaomi’s on stage demo — which it claimed was the first live 5G video call outside China — seemed oddly staged and was not exactly lacking in latency.

“Real 5G — not fake 5G!” finished Donovan Sung, the Chinese OEM’s director of product management. As a 5G sales pitch it was all very underwhelming. Much more ‘so what’ than ‘must have’.

Whether 5G marketing hype alone will convince consumers it’s past time to upgrade seems highly unlikely.

Phones sell on features rather than connectivity per se, and — whatever Qualcomm claims — 5G is being soft-launched into the market by cash-constrained carriers whose boom times lie behind them, i.e. before over-the-top players had gobbled their messaging revenues and monopolized consumer eyeballs.

All of which makes 5G an incremental consumer upgrade proposition in the near to medium term.

Use-cases for the next-gen network tech, which is touted as able to support speeds up to 100x faster than LTE and deliver latency of just a few milliseconds (as well as connecting many more devices per cell site), are also still being formulated, let alone apps and services created to leverage 5G.

But selling a network upgrade to consumers by claiming the killer apps are going to be amazing but you just can’t show them any yet is as tough as trying to make theatre out of a marginally less janky video call.

“5G could potentially help [spark smartphone growth] in a couple of years as price points lower, and availability expands, but even that might not see growth rates similar to the transition to 3G and 4G,” suggests Carolina Milanesi, principal analyst at Creative Strategies, writing in a blog post discussing Samsung’s strategy with its latest device launches.

“This is not because 5G is not important, but because it is incremental when it comes to phones and it will be other devices that will deliver on experiences, we did not even think were possible. Consumers might end up, therefore, sharing their budget more than they did during the rise of smartphones.”

The ‘problem’ for 5G — if we can call it that — is that 4G/LTE networks are capably delivering all the stuff consumers love right now: Games, apps and video. Which means that for the vast majority of consumers there’s simply no reason to rush to shell out for a ‘5G-ready’ handset. Not if 5G is all the innovation it’s got going for it.

LG V50 ThinQ 5G with a dual screen accessory for gaming

Use cases such as better AR/VR are also a tough sell given how weak consumer demand has generally been on those fronts (with the odd branded exception).

The barebones reality is that commercial 5G networks are as rare as hen’s teeth right now, outside a few limited geographical locations in the U.S. and Asia. And 5G will remain a very patchy patchwork for the foreseeable future.

Indeed, it may take a very long time indeed to achieve nationwide coverage in many countries, if 5G even ends up stretching right to all those edges. (Alternative technologies do also exist which could help fill in gaps where the ROI just isn’t there for 5G.)

So again consumers buying phones with the puffed up idea of being able to tap into 5G right here, right now (Qualcomm claimed 2019 is going to be “the year of 5G!”) will find themselves limited to just a handful of urban locations around the world.

Analysts are clear that 5G rollouts, while coming, are going to be measured and targeted as carriers approach what’s touted as a multi-industry-transforming wireless technology cautiously, with an eye on their capex and while simultaneously trying to figure out how best to restructure their businesses to engage with all the partners they’ll need to forge business relations with, across industries, in order to successfully sell 5G’s transformative potential to all sorts of enterprises — and lock onto “the sweep spot where 5G makes sense”.

Enterprise rollouts therefore look likely to be prioritized over consumer 5G — as was the case for 5G launches in South Korea at the back end of last year.

“4G was a lot more driven by the consumer side and there was an understanding that you were going for national coverage that was never really a question and you were delivering on the data promise that 3G never really delivered… so there was a gap of technology that needed to be filled. With 5G it’s much less clear,” says Gartner’s Sylvain Fabre, discussing the tech’s hype and the reality with TechCrunch ahead of MWC.

“4G’s very good, you have multiple networks that are Gbps or more and that’s continuing to increase on the downlink with multiple carrier aggregation… and other densification schemes. So 5G doesn’t… have as gap as big to fill. It’s great but again it’s applicability of where it’s uniquely positioned is kind of like a very narrow niche at the moment.”

“It’s such a step change that the real power of 5G is actually in creating new business models using network slicing — allocation of particular aspects of the network to a particular use-case,” Forrester analyst Dan Bieler also tells us. “All of this requires some rethinking of what connectivity means for an enterprise customer or for the consumer.

“And telco sales people, the telco go-to-market approach is not based on selling use-cases, mostly — it’s selling technologies. So this is a significant shift for the average telco distribution channel to go through. And I would believe this will hold back a lot of the 5G ambitions for the medium term.”

To be clear, carriers are now actively kicking the tyres of 5G, after years of lead-in hype, and grappling with technical challenges around how best to upgrade their existing networks to add in and build out 5G.

Many are running pilots and testing what works and what doesn’t, such as where to place antennas to get the most reliable signal and so on. And a few have put a toe in the water with commercial launches (globally there are 23 networks with “some form of live 5G in their commercial networks” at this point, according to Fabre.)

But at the same time 5G network standards are yet to be fully finalized so the core technology is not 100% fully baked. And with it being early days “there’s still a long way to go before we have a real significant impact of 5G type of services”, as Bieler puts it. 

There’s also spectrum availability to factor in and the cost of acquiring the necessary spectrum. As well as the time required to clear and prepare it for commercial use. (On spectrum, government policy is critical to making things happen quickly (or not). So that’s yet another factor moderating how quickly 5G networks can be built out.)

And despite some wishful thinking industry noises at MWC this week — calling for governments to ‘support digitization at scale’ by handing out spectrum for free (uhhhh, yeah right) — that’s really just whistling into the wind.

Rolling out 5G networks is undoubtedly going to be very expensive, at a time when carriers’ businesses are already faced with rising costs (from increasing data consumption) and subdued revenue growth forecasts.

“The world now works on data” and telcos are “at core of this change”, as one carrier CEO — Singtel’s Chua Sock Koong — put it in an MWC keynote in which she delved into the opportunities and challenges for operators “as we go from traditional connectivity to a new age of intelligent connectivity”.

Chua argued it will be difficult for carriers to compete “on the basis of connectivity alone” — suggesting operators will have to pivot their businesses to build out standalone business offerings selling all sorts of b2b services to support the digital transformations of other industries as part of the 5G promise — and that’s clearly going to suck up a lot of their time and mind for the foreseeable future.

In Europe alone estimates for the cost of rolling out 5G range between €300BN and €500BN (~$340BN-$570BN), according to Bieler. Figures that underline why 5G is going to grow slowly, and networks be built out thoughtfully; in the b2b space this means essentially on a case-by-case basis.

Simply put carriers must make the economics stack up. Which means no “huge enormous gambles with 5G”. And omnipresent ROI pressure pushing them to try to eke out a premium.

“A lot of the network equipment vendors have turned down the hype quite a bit,” Bieler continues. “If you compare this to the hype around 3G many years ago or 4G a couple of years ago 5G definitely comes across as a soft launch. Sort of an evolutionary type of technology. I have not come across a network equipment vendors these days who will say there will be a complete change in everything by 2020.”

On the consumer pricing front, carriers have also only just started to grapple with 5G business models. One early example is TC parent Verizon’s 5G home service — which positions the next-gen wireless tech as an alternative to fixed line broadband with discounts if you opt for a wireless smartphone data plan as well as 5G broadband.

From the consumer point of view, the carrier 5G business model conundrum boils down to: What is my carrier going to charge me for 5G? And early adopters of any technology tend to get stung on that front.

Although, in mobile, price premiums rarely stick around for long as carriers inexorably find they must ditch premiums to unlock scale — via consumer-friendly ‘all you can eat’ price plans.

Still, in the short term, carriers look likely to experiment with 5G pricing and bundles — basically seeing what they can make early adopters pay. But it’s still far from clear that people will pay a premium for better connectivity alone. And that again necessitates caution. 

5G bundled with exclusive content might be one way carriers try to extract a premium from consumers. But without huge and/or compelling branded content inventory that risks being a too niche proposition too. And the more carriers split their 5G offers the more consumers might feel they don’t need to bother, and end up sticking with 4G for longer.

It’ll also clearly take time for a 5G ‘killer app’ to emerge in the consumer space. And such an app would likely need to still be able to fallback on 4G, again to ensure scale. So the 5G experience will really need to be compellingly different in order for the tech to sell itself.

On the handset side, 5G chipset hardware is also still in its first wave. At MWC this week Qualcomm announced a next-gen 5G modem, stepping up from last year’s Snapdragon 855 chipset — which it heavily touted as architected for 5G (though it doesn’t natively support 5G).

If you’re intending to buy and hold on to a 5G handset for a few years there’s thus a risk of early adopter burn at the chipset level — i.e. if you end up with a device with a suckier battery life vs later iterations of 5G hardware where more performance kinks have been ironed out.

Intel has warned its 5G modems won’t be in phones until next year — so, again, that suggests no 5G iPhones before 2020. And Apple is of course a great bellwether for mainstream consumer tech; the company only jumps in when it believes a technology is ready for prime time, rarely sooner. And if Cupertino feels 5G can wait, that’s going to be equally true for most consumers.

Zooming out, the specter of network security (and potential regulation) now looms very large indeed where 5G is concerned, thanks to East-West trade tensions injecting a strange new world of geopolitical uncertainty into an industry that’s never really had to grapple with this kind of business risk before.

Chinese kit maker Huawei’s rotating chairman, Guo Ping, used the opportunity of an MWC keynote to defend the company and its 5G solutions against U.S. claims its network tech could be repurposed by the Chinese state as a high tech conduit to spy on the West — literally telling delegates: “We don’t do bad things” and appealing to them to plainly to: “Please choose Huawei!”

Huawei rotating resident, Guo Ping, defends the security of its network kit on stage at MWC 2019

When established technology vendors are having to use a high profile industry conference to plead for trust it’s strange and uncertain times indeed.

In Europe it’s possible carriers’ 5G network kit choices could soon be regulated as a result of security concerns attached to Chinese suppliers. The European Commission suggested as much this week, saying in another MWC keynote that it’s preparing to step in try to prevent security concerns at the EU Member State level from fragmenting 5G rollouts across the bloc.

In an on stage Q&A Orange’s chairman and CEO, Stéphane Richard, couched the risk of destabilization of the 5G global supply chain as a “big concern”, adding: “It’s the first time we have such an important risk in our industry.”

Geopolitical security is thus another issue carriers are having to factor in as they make decisions about how quickly to make the leap to 5G. And holding off on upgrades, while regulators and other standards bodies try to figure out a trusted way forward, might seem the more sensible thing to do — potentially stalling 5G upgrades in the meanwhile.

Given all the uncertainties there’s certainly no reason for consumers to rush in.

Smartphone upgrade cycles have slowed globally for a reason. Mobile hardware is mature because it’s serving consumers very well. Handsets are both powerful and capable enough to last for years.

And while there’s no doubt 5G will change things radically in future, including for consumers — enabling many more devices to be connected and feeding back data, with the potential to deliver on the (much hyped but also still pretty nascent) ‘smart home’ concept — the early 5G sales pitch for consumers essentially boils down to more of the same.

“Over the next ten years 4G will phase out. The question is how fast that happens in the meantime and again I think that will happen slower than in early times because [with 5G] you don’t come into a vacuum, you don’t fill a big gap,” suggests Gartner’s Fabre. “4G’s great, it’s getting better, wi’fi’s getting better… The story of let’s build a big national network to do 5G at scale [for all] that’s just not happening.”

“I think we’ll start very, very simple,” he adds of the 5G consumer proposition. “Things like caching data or simply doing more broadband faster. So more of the same.

“It’ll be great though. But you’ll still be watching Netflix and maybe there’ll be a couple of apps that come up… Maybe some more interactive collaboration or what have you. But we know these things are being used today by enterprises and consumers and they’ll continue to be used.”

So — in sum — the 5G mantra for the sensible consumer is really ‘wait and see’.

from Apple – TechCrunch https://ift.tt/2TjgjvJ

Facebook admits 18% of Research spyware users were teens, not

Facebook has changed its story after initially trying to downplay how it targeted teens with its Research program that a TechCrunch investigation revealed was paying them gift cards to monitor all their mobile app usage and browser traffic. “Less than 5 percent of the people who chose to participate in this market research program were teens” a Facebook spokesperson told TechCrunch and many other news outlets in a damage control effort 7 hours after we published our report on January 29th. At the time,  Facebook claimed that it had removed its Research app from iOS. The next morning we learned that wasn’t true, as Apple had already forcibly blocked the Facebook Research app for violating its Enterprise Certificate program that supposed to reserved for companies distributing internal apps to employees.

It turns out that wasn’t the only time Facebook deceived the public in its response regarding the Research VPN scandal. TechCrunch has attained Facebook’s unpublished February 21st response to questions about the Research program in a letter from Senator Mark Warner, who wrote to CEO Mark Zuckerberg that “Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me.”

In the response from Facebook’s VP of US public policy Kevin Martin, the company admits that (emphasis ours) “At the time we ended the Facebook Research App on Apple’s iOS platform, less than 5 percent of the people sharing data with us through this program were teens. Analysis shows that number is about 18 percent when you look at the complete lifetime of the program, and also add people who had become inactive and uninstalled the app.” So 18 percent of research testers were teens. It was only less than 5 percent when Facebook got caught. Given users age 13 to 35 were eligible for Facebook’s Research program, 13 to 18 year olds made of 22 percent of the age range. That means Facebook clearly wasn’t trying to minimize teen involvement, nor were they just a tiny fraction of users.

WASHINGTON, DC – APRIL 10: Facebook co-founder, Chairman and CEO Mark Zuckerberg testifies before a combined Senate Judiciary and Commerce committee hearing in the Hart Senate Office Building on Capitol Hill April 10, 2018 in Washington, DC. Zuckerberg, 33, was called to testify after it was reported that 87 million Facebook users had their personal information harvested by Cambridge Analytica, a British political consulting firm linked to the Trump campaign. (Photo by Chip Somodevilla/Getty Images)

Warner asked Facebook “Do you think any use reasonable understood Facebook was using this data for commercial purposes includingto track competitors?” Facebook response indicates it never told Research users anything about tracking “competitors”, and instead dances around the question. Facebook says the registration process told users the data would help the company “understand how people use mobile apps,” “improve . . . services,” and “introduce new features for millions of people around the world.”

Facebook had also told reporters on January 29th regarding teens’ participation, “All of them with signed parental consent forms.” Yet in its response to Senator Warner, Facebook admitted that “Potential participants were required to confirm that they were over 18 or provide other evidence of parental consent, though the vendors did not require a signed parental consent form for teen users.” In some cases, underage users merely had to check a box to claim they had parental consent, and there was no verification of users’ ages or that their parents actually approved.

Facebook pays teens to install VPN that spies on them

So to quickly recap:

• TechCrunch reports on January 29th that Facebook is paying teens and adults up to $20 in gift cards per month to install a Research VPN with Root network access to spy on all their mobile app activity, web browsing, and even encrypted communications.
• TechCrunch informs Facebook and Apple that Facebook’s Research app violates Apple’s Enterprise Certificate rules.
• That night, Facebook claims it shut down the Research app on iOS but didn’t violate Apple’s policy, and tells reporters only 5 percent of Research users were teens and they all had signed parental consent forms.
• The next morning, Apple tells TechCrunch that it forcibly shut down Facebook Research on iOS for violating the Enterprise Certificate rules, and invalidates Facebook’s Certificate thereby breaking its internal iOS apps for 30 hours, including its Workplace chat and task management apps as well as its shuttle schedule and lunch menu
• TechCrunch reports Google’s Screenwise Meter market research app was also breaking Apple’s Enterprise Certificate rules, but it quickly apologies and shuts down the app on iOS though it still has its internal iOS apps invalidated for 6 hours.
• Senator Warner issues a letter demanding answers about Facebook Research from Mark Zuckerberg, while Senators Blumenthal and Markey also issue sternly worded reprimands of Facebook.
• Facebook’s VP of production engineering and security Pedro Canahuati publishes an internal memo disputing our reporting by saying the program was never secret, but its points are swiftly dismantled by TechCrunch after we reveal that legal action was threatened if a Research user spoke publicly about the app.
• TechCrunch reports that Apple failed to block dozens of hardcore pornography and real-money gambling apps abusing Enterprise Certificate program to sidestep the App Store’s rules, and Apple shuts them down.
• Facebook tells TechCrunch on February 21st that it’s ceased recruiting users for its Research program on Android where it was still running, and  that it will shut down its similar Onavo market research spyware VPN on Android after Apple banned it last year.
• That same day, Facebook issues this response to Senator Warner that shows its initial response to reporters wasn’t accurate.

Facebook targeted teens with ads on Instagram and Snapchat to join the Research program without revealing its involvement

The contradictions between Facebook’s initial response to reporters and what it told Warner, who has the power to pursue regulation of the the tech giant, shows Facebook willingness to move fast and play loose with the truth when it’s less accountable. It’s no wonder the company never shared the response with TechCrunch or posted a blog post or press release about it.

Facebook’s attempt to minimize the issue in the wake of backlash exemplifies the trend of of the social network’s “reactionary” PR strategy that employees described to BuzzFeed’s Ryan Mac. The company often views its scandals as communications errors rather than actual product screwups or as signals of deep-seeded problems with Facebook’s respect for privacy. Facebook needs to learn to take its lumps, change course, and do better rather than constantly trying to challenge details of negative press about it, especially before it has all the necessary information. Until then, the never-ending news cycle of Facebook’s self-made disasters will continue.

Here is Facebook’s full response to Senator Warner’s inquiry [PDF], and below is Warner’s original letter to Mark Zuckerberg.

View this document on Scribd

Additional reporting by Krystal Hu

from Apple – TechCrunch https://ift.tt/2UkSpgg

Privacy complaints received by tech giants’ favorite EU watchdog up more than 2x since GDPR

A report by the lead data watchdog for a large number of tech giants operating in Europe shows a significant increase in privacy complaints and data breach notifications since the region’s updated privacy framework came into force last May.

The Irish Data Protection Commission (DPC)’s annual report, published today, covers the period May 25, aka the day the EU’s General Data Protection Regulation (GDPR) came into force, to December 31 2018 and shows the DPC received more than double the amount of complaints post-GDPR vs the first portion of 2018 prior to the new regime coming in: With 2,864 and 1,249 complaints received respectively.

That makes a total of 4,113 complaints for full year 2018 (vs just 2,642 for 2017). Which is a year on year increase of 36 per cent.

But the increase pre- and post-GDPR is even greater — 56 per cent — suggesting the regulation is working as intended by building momentum and support for individuals to exercise their fundamental rights.

“The phenomenon that is the [GDPR] has demonstrated one thing above all else: people’s interest in and appetite for understanding and controlling use of their personal data is anything but a reflection of apathy and fatalism,” writes Helen Dixon, Ireland’s commissioner for data protection.

She adds that the rise in the number of complaints and queries to DPAs across the EU since May 25 demonstrates “a new level of mobilisation to action on the part of individuals to tackle what they see as misuse or failure to adequately explain what is being done with their data”.

While Europe has had online privacy rules since 1995 a weak regime of enforcement essentially allowed them to be ignored for decades — and Internet companies to grab and exploit web users’ data without full regard and respect for European’s privacy rights.

But regulators hit the reset button last year. And Ireland’s data watchdog is an especially interesting agency to watch if you’re interested in assessing how GDPR is working, given how many tech giants have chosen to place their international data flows under the Irish DPC’s supervision.

More cross-border complaints

“The role places an important duty on the DPC to safeguard the data protection rights of hundreds of millions of individuals across the EU, a duty that the GDPR requires the DPC to fulfil in cooperation with other supervisory authorities,” the DPC writes in the report, discussing its role of supervisory authority for multiple tech multinationals and acknowledging both a “greatly expanded role under the GDPR” and a “significantly increased workload”.

A breakdown of GDPR vs Data Protection Act 1998 complaint types over the report period suggests complaints targeted at multinational entities have leapt up under the new DP regime.

For some complaint types the old rules resulted in just 2 per cent of complaints being targeted at multinationals vs close to a quarter (22 per cent) in the same categories under GDPR.

It’s the most marked difference between the old rules and the new — underlining the DPC’s expanded workload in acting as a hub (and often lead supervisory agency) for cross-border complaints under GDPR’s one-stop shop mechanism.

The category with the largest proportions of complaints under GDPR over the report period was access rights (30%) — with the DPC receiving a full 582 complaints related to people feeling they’re not getting their due data. Access rights was also most complained about under the prior data rules over this period.

Other prominent complaint types continue to be unfair processing of data (285 GDPR complaints vs 178 under the DPA); disclosure (217 vs 138); and electronic direct marketing (111 vs 36).

EU policymakers’ intent with GDPR is to redress the imbalance of weakly enforced rights — including by creating new opportunities for enforcement via a regime of supersized fines. (GDPR allows for penalties as high as up to 4 per cent of annual turnover, and in January the French data watchdog slapped Google with a $57M GDPR penalty related to transparency and consent — albeit still far off that theoretical maximum.)

Importantly, the regulation also introduced a collective redress option which has been adopted by some EU Member States.

This allows for third party organizations such as consumer rights groups to lodge data protection complaints on individuals’ behalf. The provision has led to a number of strategic complaints being filed by organized experts since last May (including in the case of the aforementioned Google fine) — spinning up momentum for collective consumer action to counter rights erosion. Again that’s important in a complex area that remains difficult for consumers to navigate without expert help.

For upheld complaints the GDPR ‘nuclear option’ is not fines though; it’s the ability for data protection agencies to order data controllers to stop processing data.

That remains the most significant tool in the regulatory toolbox. And depending on the outcome of various ongoing strategic GDPR complaints it could prove hugely significant in reshaping what data experts believe are systematic privacy incursions by adtech platform giants.

And while well-resourced tech giants may be able to factor in even very meaty financial penalties, as just a cost of doing a very lucrative business, data-focused business models could be far more precarious if processors can suddenly be slapped with an order to limit or even cease processing data. (As indeed Facebook’s business just has in Germany, where antitrust regulators have been liaising with privacy watchdogs.)

Data breach notifications also up

GDPR also shines a major spotlight on security — requiring privacy by design and default and introducing a universal requirement for swiftly reporting data breaches across the bloc, again with very stiff penalties for non-compliance.

On the data breach front, the Irish DPC says it received a total of 3,687 data breach notifications between May 25 and December 31 last year — finding just four per cent (145 cases) did not meet the definition of a personal-data breach set out in GDPR. That means it recorded a total of 3,542 valid data protection breaches over the report period — which it says represents an increase of 27 per cent on 2017 breach report figures.

“As in other years, the highest category of data breaches notified under the GDPR were classified as Unauthorised Disclosures and accounted for just under 85% of the total data-breach notifications received between 25 May and 31 December 2018,” it notes, adding: “The majority occurred in the private sector (2,070).”

More than 4,000 data breach notifications were recorded by the watchdog for full year 2018, the report also states.

The DPC further reveals that it was notified of 38 personal data breaches involving 11 multinational technology companies during the post-GDPR period of 2018. Which means breaches involving tech giants.

“A substantial number of these notifications involved the unauthorised disclosure of, and unauthorised access to, personal data as a result of bugs in software supplied by data processors engaged by the organisations,” it writes, saying it opened several investigations as a result (such as following the Facebook Token breach in September 2018).

Open probes of tech giants

As of 31 December 2018, the DPC says it had 15 investigations open in relation to multinational tech companies’ compliance with GDPR.

Below is the full list of the DPC’s currently open investigations of multinationals — including the tech giant under scrutiny; the origin of the inquiry; and the issues being examined:

• Facebook Ireland Limited — Complaint-based inquiry: “Right of Access and Data Portability. Examining whether Facebook has discharged its GDPR obligations in respect of the right of access to personal data in the Facebook ‘Hive’ database and portability of “observed” personal data”
• Facebook Ireland Limited — Complaint-based inquiry: “Lawful basis for processing in relation to Facebook’s Terms of Service and Data Policy. Examining whether Facebook has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data of individuals using the Facebook platform.”
• Facebook Ireland Limited — Complaint-based inquiry: “Lawful basis for processing. Examining whether Facebook has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data in the context of behavioural analysis and targeted advertising on its platform.”
• Facebook Ireland Limited — Own-volition inquiry: “Facebook September 2018 token breach. Examining whether Facebook Ireland has discharged its GDPR obligations to implement organisational and technical measures to secure and safeguard the personal data of its users.”
• Facebook Ireland Limited — Own-volition inquiry: “Facebook September 2018 token breach. Examining Facebook’s compliance with the GDPR’s breach notification obligations.”
• Facebook Inc. — Own-volition inquiry: “Facebook September 2018 token breach. Examining whether Facebook Inc. has discharged its GDPR obligations to implement organizational and technical measures to secure and safeguard the personal data of its users.”
• Facebook Ireland Limited — Own-volition inquiry: “Commenced in response to large number of breaches notified to the DPC during the period since 25 May 2018 (separate to the token breach). Examining whether Facebook has discharged its GDPR obligations to implement organisational and technical measures to secure and safeguard the personal data of its users.”
• Instagram (Facebook Ireland Limited) — Complaint-based inquiry: “Lawful basis for processing in relation to Instagram’s Terms of Use and Data Policy. Examining whether Instagram has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data of individuals using the Instagram platform.”
• WhatsApp Ireland Limited — Complaint-based inquiry: “Lawful basis for processing in relation to WhatsApp’s Terms of Service and Privacy Policy. Examining whether WhatsApp has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data of individuals using the WhatsApp platform.”
• WhatsApp Ireland Limited — Own-volition inquiry: “Transparency. Examining whether WhatsApp has discharged its GDPR transparency obligations with regard to the provision of information and the transparency of that information to both users and non-users of WhatsApp’s services, including information provided to data subjects about the processing of information between WhatsApp and other Facebook companies.”
• Twitter International Company — Complaint-based inquiry: “Right of Access. Examining whether Twitter has discharged its obligations in respect of the right of access to links accessed on Twitter.”
• Twitter International Company — Own-volition inquiry: “Commenced in response to the large number of breaches notified to the DPC during the period since 25 May 2018. Examining whether Twitter has discharged its GDPR obligations to implement organisational and technical measures to secure and safeguard the personal data of its users.”
• LinkedIn Ireland Unlimited Company — Complaint-based inquiry: “Lawful basis for processing. Examining whether LinkedIn has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data in the context of behavioural analysis and targeted advertising on its platform.”
• Apple Distribution International — Complaint-based inquiry: “Lawful basis for processing. Examining whether Apple has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data in the context of behavioural analysis and targeted advertising on its platform.”
• Apple Distribution International — Complaint-based inquiry: “Transparency. Examining whether Apple has discharged its GDPR transparency obligations in respect of the information contained in its privacy policy and online documents regarding the processing of personal data of users of its services.”

“The DPC’s role in supervising the data-processing operations of the numerous large data-rich multinational companies — including technology internet and social media companies — with EU headquarters located in Ireland changed immeasurably on 25 May 2018,” the watchdog acknowledges.

“For many, including Apple, Facebook, Microsoft, Twitter, Dropbox, Airbnb, LinkedIn, Oath [disclosure: TechCrunch is owned by Verizon Media Group; aka Oath/AOL], WhatsApp, MTCH Technology and Yelp, the DPC acts as lead supervisory authority under the GDPR OSS [one-stop shop] facility.”

The DPC notes in the report that between May 25 and December 31 2018 it received 136 cross-border processing complaints through the regulation’s OSS mechanism (i.e. which had been lodged by individuals with other EU data protection authorities).

A breakdown of these (likely) tech giant focused GDPR complaints shows a strong focus on consent, right of erasure, right of access and the lawfulness of data processing:

Breakdown of cross-border complaint types received by the DPC under GDPR’s OSS mechanism

While the Irish DPC acts as the lead supervisor for many high profile GDPR complaints which relate to how tech giants are handling people’s data, it’s worth emphasizing that the OSS mechanism does not mean Ireland is sitting in sole judgement on Silicon Valley’s giants’ rights incursions in Europe.

The mechanism allows for other DPAs to be involved in these cross-border complaints.

And the European Data Protection Board, the body that works with all the EU Member States’ DPAs to help ensure consistent application of the regulation, can trigger a dispute resolution process if a lead agency considers it cannot implement a concerned agency objection. The aim is to work against forum shopping.

In a section on “EU cooperation”, the DPC further writes:

Our fellow EU regulators, alongside whom we sit on the European Data Protection Board (EDPB), follow the activities and results of the Irish DPC closely, given that a significant number of people in every EU member state are potentially impacted by processing activities of the internet companies located in Ireland. EDPB activity is intense, with monthly plenary meetings and a new system of online data sharing in relation to cross-border processing cases rolled out between the authorities. The DPC has led on the development of EDPB guidance on arrangements for Codes of Conduct under the GDPR and these should be approved and published by the EDPB in Q1 of 2019. The DPC looks forward to industry embracing Codes of Conduct and raising the bar in individual sectors in terms of standards of data protection and transparency. Codes of Conduct are important because they will more comprehensively reflect the context and reality of data-processing activities in a given sector and provide clarity to those who sign up to the standards that need to be attained in addition to external monitoring by an independent body. It is clarity of standards that will drive real results.

Over the reported period the watchdog also reveals that it issued 23 formal requests seeking detailed information on compliance with various aspects of the GDPR from tech giants, noting too that since May 25 it has engaged with platforms on “a broad range of issues” — citing the following examples to give a flavor of these concerns:

• Google on the processing of location data
• Facebook on issues such as the transfer of personal data from third-party apps to Facebook and Facebook’s collaboration with external researchers
• Microsoft on the processing of telemetry data collected by its Office product
• WhatsApp on matters relating to the sharing of personal data with other Facebook companies

“Supervision engagement with these companies on the matters outlined is ongoing,” the DPC adds of these issues.

Adtech sector “must comply” with GDPR 

Talking of ongoing action, a GDPR complaint related to the security of personal data that’s systematically processed to power behavioral advertising is another open complaint on the DPC’s desk.

The strategic complaint was filed by a number of individuals in multiple EU countries (including Ireland) last fall. Since then the individuals behind the complaints have continued to submit and publish evidence they argue bolsters their case against the behavioral ad targeting industry (principally Google and the IAB which set the spec involved in the real-time bidding (RTB) system).

The Irish DPC makes reference to this RTB complaint in the annual report, giving the adtech industry what amounts to a written warning that while the advertising ecosystem is “complex”, with multiple parties involved in “high-speed, voluminous transactions” related to bidding for ad space and serving ad content “the protection of personal data is a prerequisite to the processing of any personal data within this ecosystem and ultimately the sector must comply with the standards set down by the GDPR”.

The watchdog also reports that it has engaged with “several stakeholders, including publishers and data brokers on one side, and privacy advocates and affected individuals on the other”, vis-a-vis the RTB complaint, and says it will continue prioritizing its scrutiny of the sector in 2019 — “in cooperation with its counterparts at EU level so as to ensure a consistent approach across all EU member states”.

It goes on to say that some of its 15 open investigations into tech giants will both conclude this year and “contribute to answering some of the questions relating to this complex area”. So, tl;dr, watch this space.

Responding to the DPC’s comments on the RTB complaint, Dr Johnny Ryan, chief policy and industrial relations officer of private browser Brave — and also one of the complainants — told us they expect the DPC to act “urgently”.

“We have brought our complaint before the DPC and other European regulators because there is a dire need to fix adtech so that it’s works safely,” he told TechCrunch. “The DPC itself recognizes that online advertising is a priority. The IAB and Google online ‘ad auction’ system enables companies to broadcast what every single person online reads, watches, and listens to online to countless parties. There is no control over what happens to these data. The evidence that we have submitted to the DPC shows that this occurs hundreds of billions of times a day.”

“In view of the upcoming European elections, it is particularly troubling that the IAB and Google’s systems permit voters to be profiled in this way,” he added. “Clearly, this infringes the security and integrity principles of the GDPR, and we expect the DPC to act urgently.”

The IAB has previously rejected the complaints as “false”, arguing any security risk is “theoretical”; while Google has said it has policies in place to prohibit advertisers from targeting sensitive categories of data. But the RTB complaint itself pivots on GDPR’s security requirements which demand that personal data be processed in a manner that “ensures appropriate security”, including “protection against unauthorised or unlawful processing and against accidental loss”.

So the security of the RTB system is the core issue which the Irish DPC, along with agencies in the UK and Poland, will have to grapple with as a priority this year.

The complainants have also said they intend to file additional complaints in more markets across Europe, so more DPAs are likely to join the scrutiny of RTB, as concerned supervisory agencies, which could increase pressure on the Irish DPC to act.

Schrems II vs Facebook 

The watchdog’s report also includes an update on long-running litigation filed by European privacy campaigner Max Schrems concerning a data transfer mechanism known as standard contractual clauses (SCCs) — and originally only targeted at Facebook’s use of the mechanism.

The DPC decided to refer Schrems’ original challenge to the Irish courts — which have since widened the action by referring a series of legal questions up to the EU’s top court with (now) potential implications for the legality of the EU’s ‘flagship’ Privacy Shield data transfer mechanism.

That was negotiated following the demise of its predecessor Safe Harbor, in 2015, also via a Schrems legal challenge, going on to launch in August 2016 — despite ongoing concerns from data experts. Privacy Shield is now used by close to 4,500 companies to authorize transfers of EU users’ personal data to the US.

So while Schrems’ complaint about SCCs (sometimes also called “model contract clauses”) was targeted at Facebook’s use of them the litigation could end up having major implications for very many more companies if Privacy Shield itself comes unstuck.

More recently Facebook has sought to block the Irish judges’ referral of legal questions to the Court of Justice of the EU (CJEU) — winning leave to appeal last summer (though judges did not stay the referral in the meanwhile).

In its report the DPC notes that the substantive hearing of Facebook’s appeal took place over January 21, 22 and 23 before a five judge Supreme Court panel.

“Oral arguments were made on behalf of Facebook, the DPC, the U.S. Government and Mr Schrems,” it writes. “Some of the central questions arising from the appeal include the following: can the Supreme Court revisit the facts found by the High Court relating to US law? (This arises from allegations by Facebook and the US Government that the High Court judgment, which underpins the reference made to the CJEU, contains various factual errors concerning US law).

“If the Supreme Court considers that it may do so, further questions will then arise for the Court as to whether there are in fact errors in the judgment and if so, whether and how these should be addressed.”

“At the time of going to print there is no indication as to when the Supreme Court judgment will be delivered,” it adds. “In the meantime, the High Court’s reference to the CJEU remains valid and is pending before the CJEU.”

from Apple – TechCrunch https://ift.tt/2H3XYMy

Report: Disney in talks with AT&T to buy WarnerMedia’s 10% Hulu stake

Disney is in discussions to buy AT&T’s 10 percent stake in Hulu, which it comes into by way of its WarnerMedia acquisition, according to a report from Variety this morning. The news is not surprising – AT&T had already said it was exploring a sale. And Disney has been looking to increase its stake in Hulu following its deal for 20th Century Fox which, when closed, will see Disney picking up Fox’s 30 percent share in Hulu.

Currently, Disney owns a 30 percent stake in Hulu’s streaming service. That means the Fox deal will give it a 60 percent stake in Hulu. Snagging AT&T’s Hulu share would bring Disney’s ownership to 70 percent.

Comcast/NBCU is Hulu’s other major owner, but isn’t currently prepared to sell, Variety said.

AT&T had detailed its streaming plans to investors in November, noting at the time it was thinking of selling its Hulu stake as part of its larger goal to “monetize assets” that were not essential to its current strategies and to help pay down its debt. Its Hulu share is valued at $930 million.

AT&T has little interest in Hulu because it’s building out its own internet-based streaming services, including live TV service DirecTV Now; the more lightweight WatchTV; and a new service that leverages its WarnerMedia properties. WarnerMedia also today operates streaming services for its brands, like HBO NOW, Boomerang, DC Universe, and others.

Disney, meanwhile, is preparing to launch its family-friendly Netflix competitor, Disney+, but sees Hulu as a place to house its more adult-oriented programming and general entertainment properties.

Hulu today has 25 million subscribers, but is still a smaller player compared with Netflix because it’s not yet available worldwide. It also hasn’t invested into original programming at Netflix’s scale. Disney’s increased ownership will change these things and could help Hulu compete on the market against larger rivals like Netflix, AT&T/WarnerMedia, and soon Apple, as well.

from Apple – TechCrunch https://ift.tt/2EnDN9p

Thailand passes controversial cybersecurity law that could enable government surveillance

Thailand’s government passed a controversial cybersecurity bill today that has been criticized for vagueness and the potential to enable sweeping access internet user data.

The bill (available in Thai) was amended late last year following criticism over potential data access, but it passed the country’s parliament with 133 positives votes and no rejections although there were 16 absentees.

There are concerns around a number of clauses, chiefly the potential for the government — which came to power via a military coup in 2014 — to search and seize data and equipment in cases that are deemed issues of national emergency. That could enable internet traffic monitoring and access to private data, including communications, without a court order.

The balance of power beyond enforcement has also been questioned. Critics have highlighted the role of the National Cybersecurity Committee, which is headed by the Prime Minister and holds considerable weight in carrying out the law. The Committee has been called upon to include representation from the industry and civic groups to give it greater oversight and balance.

Added together, there’s a fear that the law could be weaponized by the government to silence critics. Thailand already has powerful lese majeste laws, which make it illegal to criticize the monarchy and have been used to jail citizens for comments left on social media and websites. The country has also censored websites in the past, including the Daily Mail and, for a nearly six-month period in 2007, YouTube.

“The Asia Internet Coalition is deeply disappointed that Thailand’s National Assembly has voted in favor of a Cybersecurity Law that overemphasizes a loosely-defined national security agenda, instead of its intended objective of guarding against cyber risks,” read a statement from Jeff Paine, managing director of Asia Internet Coalition — an alliance of international tech firms that include Facebook, Google and Apple.

“Protecting online security is a top priority, however the Law’s ambiguously defined scope, vague language and lack of safeguards raises serious privacy concerns for both individuals and businesses, especially provisions that allow overreaching authority to search and seize data and electronic equipment without proper legal oversight. This would give the regime sweeping powers to monitor online traffic in the name of an emergency or as a preventive measure, potentially compromising private and corporate data,” Paine added.

Reaction to the law has seen a hashtag (#พรบไซเบอร์) trend on Twitter in Thailand, while other groups have spoken out on the potential implications.

Thailand isn’t alone in introducing controversial internet laws. New regulations, passed last summer, came into force in near-neighbor Vietnam on January 1 and sparked similar concerns around free speech online.

That Vietnamese law broadly forbids internet users from organizing with, or training, others for anti-state purposes, spreading false information, and undermining the nation state’s achievements or solidarity. It also requires foreign internet companies to operate a local office and store user information on Vietnamese soil. That’s something neither Google nor Facebook has complied with, despite the Vietnamese government’s recent claim that the former is investigating a local office launch.

from Apple – TechCrunch https://ift.tt/2VqZ9cY