Live from Apple’s virtual WWDC 2020

This WWDC is going to be one to remember — if not because of the news it makes, then certainly the show itself. As with the rest of the industry (and world, for that matter), Apple’s been first to go entirely virtual for the first — and possibly last — time.

Beyond that, there’s bound to be plenty of news worth tuning in for. Here’s what we’re expecting out of the event. At the top of the list, is Apple’s long awaited push into ARM processors. There’s plenty of OS-related news, as well, with new versions of iOS, macOS, watchOS and tvOS on the way. A new iMac, headphones and HomePod are also rumored to be on the way.

We’ll be following live remotely, along with you, right here. You can watch the livestream right here. Things kick off at 10AM PT/1PM ET.

from Apple – TechCrunch https://ift.tt/37Pv8eh

Watch Apple’s WWDC keynote live right here

Apple is holding a keynote today on the first day of its developer conference, and the company is expected to talk about a ton of software updates. WWDC is a virtual event this year, but you can expect the same amount of news, in a different format. At 10 AM PT (1 PM in New York, 6 PM in London, 7 PM in Paris), you’ll be able to watch the event as the company is streaming it live.

Rumor has it that the company plans to unveil new versions of its operating systems. Get ready for iOS 14 and its sibling iPadOS 14, a new version of macOS, some updates for watchOS and tvOS as well.

But the most interesting rumor of the year is that Apple could announce a major change for the Mac. The company could start using its own in-house ARM systems on a chip instead of Intel’s processors. It would have a ton of consequences for third-party apps running on your Mac as well as Mac hardware in general. Imagine a MacBook with a battery that lasts as long as what you get from an iPad. There could be some more hardware news, such as a new design for the iMac or some Tile-style hardware trackers.

You can watch the live stream directly on this page as Apple is streaming its conference on YouTube.

If you have an Apple TV, you can download the Apple Events app in the App Store. It lets you stream today’s event and rewatch old ones. The app icon was updated a few days ago for the event.

And if you don’t have an Apple TV and don’t want to use YouTube, the company also lets you live-stream the event from the Apple Events section on its website. This video feed now works in all major browsers — Safari, Microsoft Edge, Google Chrome and Mozilla Firefox.

Of course, you also can read TechCrunch’s live blog if you don’t want to stop everything and watch a video.

from Apple – TechCrunch https://ift.tt/3hMA6wJ

After reopening, Apple is closing stores in four states as COVID-19 numbers climb

Apple today confirmed earlier rumors that it plans to shut down re-opened stores in four states.  Impacted locations include six stores in Arizona, two in Florida, another two in North Carolina and one in South Carolina.

“Due to current COVID-19 conditions in some of the communities we serve, we are temporarily closing stores in these areas. We take this step with an abundance of caution as we closely monitor the situation and we look forward to having our teams and customers back as soon as possible,” the company said in a statement to TechCrunch.

It’s been just over a month since the company began to reopen a handful of locations, as states began wider reopening efforts. The company implemented several safeguards, including mask requirements, temperature checks and enforced social distancing, as well as extended cleaning efforts.

Apple begins reopening some stores with temperature checks and other safeguards in place

“These are not decisions we rush into,” Retail SVP Deirdre O’Brien wrote at the time, “and a store opening in no way means that we won’t take the preventative step of closing it again should local conditions warrant.”

One imagines the company will approach re-re-opening the same way. However, several states have posted increases in COVID-19 cases since government began the process of reopening. Arizona, Florida, Oklahoma, Nevada, Oregon and Texas have all posted record high infection rates in the past week. Given the uncertain nature of the virus’s spread, it seems likely this won’t be the last time Apple and other retailers have to reverse course. 

 

The following locations will be closed, beginning tomorrow,

Florida

• Waterside Shops
• Coconut Point

North Carolina

•  Southpark
• Northlake Mall

South Carolina

• Haywood Mall

Arizona

• Chandler Fashion Center
• Scottsdale Fashion Square
• Arrowhead
• SanTan Village
• Scottsdale Quarter
• La Encantada

More information on specific stores can be found on Apple’s site.

from Apple – TechCrunch https://ift.tt/3hIesd2

French court slaps down Google’s appeal against $57M GDPR fine

France’s top court for administrative law has dismissed Google’s appeal against a $57M fine issued by the data watchdog last year for not making it clear enough to Android users how it processes their personal information.

The State Council issued the decision today, affirming the data watchdog CNIL’s earlier finding that Google did not provide “sufficiently clear” information to Android users — which in turn meant it had not legally obtained their consent to use their data for targeted ads.

“Google’s request has been rejected,” a spokesperson for the Conseil D’Etat confirmed to TechCrunch via email.

“The Council of State confirms the CNIL’s assessment that information relating to targeting advertising is not presented in a sufficiently clear and distinct manner for the consent of the user to be validly collected,” the court also writes in a press release [translated with Google Translate] on its website.

It found the size of the fine to be proportionate — given the severity and ongoing nature of the violations.

Importantly, the court also affirmed the jurisdiction of France’s national watchdog to regulate Google — at least on the date when this penalty was issued (January 2019).

The CNIL’s multimillion dollar fine against Google remains the largest to date against a tech giant under Europe’s flagship General Data Protection Regulation (GDPR) — lending the case a certain symbolic value, for those concerned about whether the regulation is functioning as intended vs platform power.

While the size of the fine is still relative peanuts vs Google’s parent entity Alphabet’s global revenue, changes the tech giant may have to make to how it harvests user data could be far more impactful to its ad-targeting bottom line. 

Under European law, for consent to be a valid legal basis for processing personal data it must be informed, specific and freely given. Or, to put it another way, consent cannot be strained.

In this case French judges concluded Google had not provided clear enough information for consent to be lawfully obtained.

It also objected to a pre-ticked checkbox — which it said does not meet the requirements of the GDPR.

So, tl;dr, the CNIL’s decision has been entirely vindicated.

Reached for comment on the court’s dismissal of its appeal, a Google spokeswoman sent us this statement:

People expect to understand and control how their data is used, and we’ve invested in industry-leading tools that help them do both. This case was not about whether consent is needed for personalised advertising, but about how exactly it should be obtained. In light of this decision, we will now review what changes we need to make.

GDPR came into force in 2018, updating long standing European data protection rules and opening up the possibility of supersized fines of up to 4% of global annual turnover.

However actions against big tech have largely stalled, with scores of complaints being funnelled through Ireland’s Data Protection Commission — on account of a one-stop-shop mechanism in the regulation — causing a major backlog of cases. The Irish DPC has yet to issue decisions on any cross border complaints, though it has said its first ones are imminent — on complaints involving Twitter and Facebook.

Ireland’s data watchdog is also continuing to investigate a number of complaints against Google, following a change Google announced to the legal jurisdiction of where it processes European users’ data — moving them to Google Ireland Limited, based in Dublin, which it said applied from January 22, 2019 — with ongoing investigations by the Irish DPC into a long running complaint related to how Google handles location data and another major probe of its adtech, to name two. 

On the GDPR one-stop shop mechanism — and, indirectly, the wider problematic issue of ‘forum shopping’ and European data protection regulation — the French State Council writes: “Google believed that the Irish data protection authority was solely competent to control its activities in the European Union, the control of data processing being the responsibility of the authority of the country where the main establishment of the data controller is located, according to a ‘one-stop-shop’ principle instituted by the GDPR. The Council of State notes however that at the date of the sanction, the Irish subsidiary of Google had no power of control over the other European subsidiaries nor any decision-making power over the data processing, the company Google LLC located in the United States with this power alone.”

In its own statement responding to the court’s decision, the CNIL also notes its view that GDPR’s one-stop-shop mechanism was not applicable in this case — writing that: “It did so by applying the new European framework as interpreted by all the European authorities in the guidelines of the European Data Protection Committee.”

Privacy NGO noyb — one of the privacy campaign groups which lodged the original ‘forced consent’ complaint against Google, all the way back in May 2018 — welcomed the court’s decision on all fronts, including the jurisdiction point.

Commenting in a statement, noyb’s honorary chairman, Max Schrems, said: “It is very important that companies like Google cannot simply declare themselves to be ‘Irish’ to escape the oversight by the privacy regulators.”

A key question is whether CNIL — or another (non-Irish) EU DPA — will be found to be competent to sanction Google in future, following it’s shift to naming Google Ireland as their data processor.

On the wider ruling, Schrems added: “This decision requires substantial improvements by Google. Their privacy policy now really needs to make it crystal clear what they do with users’ data. Users must also get an option to agree to only some parts of what Google does with their data and refuse other things.”

French digital rights group, La Quadrature du Net — which had filed a related complaint against Google, feeding the CNIL’s investigation — also declared victory today, noting it’s the first sanction in a number of GDPR complaints it has lodged against tech giants on behalf of 12,000 citizens.

Nouvelle victoire !

Le @Conseil_Etat valide intégralement, en la reprenant à son compte, la sanction de 50 millions d'€ contre Google prononcée en janvier 2019 par la CNIL.https://t.co/6gJRL5ZM3r

— La Quadrature du Net (@laquadrature) June 19, 2020

“The rest of the complaints against Google, Facebook, Apple and Microsoft are still under investigation in Ireland. In any case, this is what his authority promises us,” it adds in another tweet.

from Android – TechCrunch https://ift.tt/3dekvCz
via IFTTT

Oracle’s BlueKai tracks you across the web. That data spilled online

Have you ever wondered why online ads appear for things that you were just thinking about?

There’s no big conspiracy. Ad tech can be creepily accurate.

Tech giant Oracle is one of a few companies in Silicon Valley that has near-perfected the art of tracking people across the internet. The company has spent a decade and billions of dollars buying startups to build its very own panopticon of users’ web browsing data.

One of those startups, BlueKai, which Oracle bought for a little over $400 million in 2014, is barely known outside marketing circles, but it amassed one of the largest banks of web tracking data outside of the federal government.

BlueKai uses website cookies and other tracking tech to follow you around the web. By knowing which websites you visit and which emails you open, marketers can use this vast amount of tracking data to infer as much about you as possible — your income, education, political views, and interests to name a few — in order to target you with ads that should match your apparent tastes. If you click, the advertisers make money.

But for a time, that web tracking data was spilling out onto the open internet because a server was left unsecured and without a password, exposing billions of records for anyone to find.

Security researcher Anurag Sen found the database and reported his finding to Oracle through an intermediary — Roi Carthy, chief executive at cybersecurity firm Hudson Rock and former TechCrunch reporter.

TechCrunch reviewed the data and found names, home addresses, email addresses and other identifiable data in the database. The data also revealed sensitive users’ web browsing activity — from purchases to newsletter unsubscribes.

“There’s really no telling how revealing some of this data can be,” said Bennett Cyphers, a staff technologist at the Electronic Frontier Foundation, told TechCrunch.

“Oracle is aware of the report made by Roi Carthy of Hudson Rock related to certain BlueKai records potentially exposed on the Internet,” said Oracle spokesperson Deborah Hellinger. “While the initial information provided by the researcher did not contain enough information to identify an affected system, Oracle’s investigation has subsequently determined that two companies did not properly configure their services. Oracle has taken additional measures to avoid a reoccurrence of this issue.”

Oracle did not name the companies or say what those additional measures were, and declined to answer our questions or comment further.

But the sheer size of the exposed database makes this one of the largest security lapses this year.

The more it knows

BlueKai relies on vacuuming up a never-ending supply of data from a variety of sources to understand trends to deliver the most precise ads to a person’s interests.

Marketers can either tap into Oracle’s enormous bank of data, which it pulls in from credit agencies, analytics firms, and other sources of consumer data including billions of daily location data points, in order to target their ads. Or marketers can upload their own data obtained directly from consumers, such as the information you hand over when you register an account on a website or when you sign up for a company’s newsletter.

But BlueKai also uses more covert tactics like allowing websites to embed invisible pixel-sized images to collect information about you as soon as you open the page — hardware, operating system, browser and any information about the network connection.

This data — known as a web browser’s “user agent” — may not seem sensitive, but when fused together it can create a unique “fingerprint” of a person’s device, which can be used to track that person as they browse the internet.

BlueKai can also tie your mobile web browsing habits to your desktop activity, allowing it to follow you across the internet no matter which device you use.

Say a marketer wants to run a campaign trying to sell a new car model. In BlueKai’s case, it already has a category of “car enthusiasts” — and many other, more specific categories — that the marketer can use to target with ads. Anyone who’s visited a car maker’s website or a blog that includes a BlueKai tracking pixel might be categorized as a “car enthusiast.” Over time that person will be siloed into different categories under a profile that learns as much about you to target you with those ads.

(Sources: DaVooda, Filborg/Getty Images; Oracle BlueKai)

The technology is far from perfect. Harvard Business Review found earlier this year that the information collected by data brokers, such as Oracle, can vary wildly in quality.

But some of these platforms have proven alarmingly accurate.

In 2012, Target mailed maternity coupons to a high school student after an in-house analytics system figured out she was pregnant — before she had even told her parents — because of the data it collected from her web browsing.

Some might argue that’s precisely what these systems are designed to do.

Jonathan Mayer, a science professor at Princeton University, told TechCrunch that BlueKai is one of the leading systems for linking data.

“If you have the browser send an email address and a tracking cookie at the same time, that’s what you need to build that link,” he said.

The end goal: the more BlueKai collects, the more it can infer about you, making it easier to target you with ads that might entice you to that magic money-making click.

But marketers can’t just log in to BlueKai and download reams of personal information from its servers, one marketing professional told TechCrunch. The data is sanitized and masked so that marketers never see names, addresses or any other personal data.

As Mayer explained: BlueKai collects personal data; it doesn’t share it with marketers.

‘No telling how revealing’

Behind the scenes, BlueKai continuously ingests and matches as much raw personal data as it can against each person’s profile, constantly enriching that profile data to make sure it’s up to date and relevant.

But it was that raw data spilling out of the exposed database.

TechCrunch found records containing details of private purchases. One record detailed how a German man, whose name we’re withholding, used a prepaid debit card to place a €10 bet on an esports betting site on April 19. The record also contained the man’s address, phone number and email address.

Another record revealed how one of the largest investment holding companies in Turkey used BlueKai to track users on its website. The record detailed how one person, who lives in Istanbul, ordered $899 worth of furniture online from a homeware store. We know because the record contained all of these details, including the buyer’s name, email address and the direct web address for the buyer’s order, no login needed.

We also reviewed a record detailing how one person unsubscribed from an email newsletter run by an electronics consumer, sent to his iCloud address. The record showed that the person may have been interested in a specific model of car dash-cam. We can even tell based on his user agent that his iPhone was out of date and needed a software update.

The more BlueKai collects, the more it can infer about you, making it easier to target you with ads that might entice you to that magic money-making click.

The data went back for months, according to Sen, who discovered the database. Some logs dated back to August 2019, he said.

“Fine-grained records of people’s web-browsing habits can reveal hobbies, political affiliation, income bracket, health conditions, sexual preferences, and — as evident here — gambling habits,” said the EFF’s Cyphers. “As we live more of our lives online, this kind of data accounts for a larger and larger portion of how we spend our time.”

Oracle declined to say if it informed those whose data was exposed about the security lapse. The company also declined to say if it had warned U.S. or international regulators of the incident.

Under California state law, companies like Oracle are required to publicly disclose data security incidents, but Oracle has not to date declared the lapse. When reached, a spokesperson for California’s attorney general’s office declined to say if Oracle had informed the office of the incident.

Under Europe’s General Data Protection Regulation, companies can face fines of up to 4% of their global annual turnover for flouting data protection and disclosure rules.

Trackers, trackers everywhere

BlueKai is everywhere — even when you can’t see it.

One estimate says BlueKai tracks over 1% of all web traffic — an unfathomable amount of daily data collection — and tracks some of the world’s biggest websites: Amazon, ESPN, Forbes, Glassdoor, Healthline, Levi’s, MSN.com, Rotten Tomatoes, and The New York Times. Even this very article has a BlueKai tracker because our parent company, Verizon Media, is a BlueKai partner.

But BlueKai is not alone. Nearly every website you visit contains some form of invisible tracking code that watches you as you traverse the internet.

As invasive as it is that invisible trackers are feeding your web browsing data to a gigantic database in the cloud, it’s that very same data that has kept the internet largely free for so long.

To stay free, websites use advertising to generate revenue. The more targeted the advertising, the better the revenue is supposed to be.

While the majority of web users are not naive enough to think that internet tracking does not exist, few outside marketing circles understand how much data is collected and what is done with it.

Take the Equifax data breach in 2017, which brought scathing criticism from lawmakers after it collected millions of consumers’ data without their explicit consent. Equifax, like BlueKai, relies on consumers skipping over the lengthy privacy policies that govern how websites track them.

In any case, consumers have little choice but to accept the terms. Be tracked or leave the site. That’s the trade-off with a free internet.

But there are dangers with collecting web-tracking data on millions of people.

“Whenever databases like this exist, there’s always a risk the data will end up in the wrong hands and in a position to hurt someone,” said Cyphers.

Cyphers said the data, if in the hands of someone malicious, could contribute to identity theft, phishing or stalking.

“It also makes a valuable target for law enforcement and government agencies who want to piggyback on the data gathering that Oracle already does,” he said.

Even when the data stays where it’s intended, Cyphers said these vast databases enable “manipulative advertising for things like political issues or exploitative services, and it allows marketers to tailor their messages to specific vulnerable populations,” he said.

“Everyone has different things they want to keep private, and different people they want to keep them private from,” said Cyphers. “When companies collect raw web browsing or purchase data, thousands of little details about real people’s lives get scooped up along the way.”

“Each one of those little details has the potential to put somebody at risk,” he said.

---

Send tips securely over Signal and WhatsApp to +1 646-755-8849.

from iPhone – TechCrunch https://ift.tt/3dinbiP

It’s not just about e-mail, stupid

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast, where we unpack the numbers behind the headlines.

Your humble Equity team is pretty tired but in good spirits, as there was a lot to talk about this week. But, first, three things to start us off:

• First: Read this piece from TechCrunch’s Megan Rose Dickey about Juneteenth and tech companies. This podcast is going out on Juneteenth, so before you hit play, please take a minute to learn more about the day and its significance.
• Second: Danny and Arman from the TechCrunch team have finally launched TechCrunch List, a huge effort to determine which investors are really willing to write early checks. You can find out more here.
• Third: Equity is now on Twitter. Follow us here or understand that you are not cool.

All that said, here’s what we talked about on the show:

• Epic Games is looking to raise a huge stack of cash (Bloomberg, VentureBeat) at a new, higher valuation. We were curious about how its lower-cut store could help it gain inroads with developers big and small. That part of the chat, the take-rate of the Fortnite parent company on the work of others was very cogent to the other main topic of the day:
• Apple vs. DHH. So Hey launched this week, and the new spin on email quickly overshadowed its product launch by getting into a spat with Apple about whether it needs to add the ability to sign up for the paid service on iOS, thus giving Apple a cut of its revenue. DHH and crew do not agree. Apple is under fire for anti-competitive practices at home and abroad — of varying intensity, and from different sources — making this all the more spicy.
• Upgrade raises $40 million for its credit-focused neobank.
• Degreed raises $32 million for its upskilling platform.
• And, at the end, our take on the current health of the startup market. There have been a sheaf of reports lately about what is going on in startup land. We gave our take.

And that’s that. Have a lovely weekend and catch up on some sleep.

Equity drops every Friday at 6:00 am PT, so subscribe to us on Apple Podcasts, Overcast, Spotify and all the casts.

from Apple – TechCrunch https://ift.tt/2N9gqoM

How Reliance Jio Platforms became India’s biggest telecom network

It’s raised $5.7 billion from Facebook. It’s taken $1.5 billion from KKR, another $1.5 billion from Vista Equity Partners, $1.5 billion from Saudi Arabia’s Public Investment Fund, $1.35 billion from Silver Lake, $1.2 billion from Mubadala, $870 million from General Atlantic, $750 million from Abu Dhabi Investment Authority, $600 million from TPG, and $250 million from L Catterton.

And it’s done all that in just nine weeks.

India’s Reliance Jio Platforms is the world’s most ambitious tech company. Founder Mukesh Ambani has made it his dream to provide every Indian with access to affordable and comprehensive telecommunications services, and Jio has so far proven successful, attracting nearly 400 million subscribers in just a few years.

The unparalleled growth of Reliance Jio Platforms, a subsidiary of India’s most-valued firm (Reliance Industries), has shocked rivals and spooked foreign tech companies such as Google and Amazon, both of which are now reportedly eyeing a slice of one of the world’s largest telecom markets.

What can we learn from Reliance Jio Platforms’s growth? What does the future hold for Jio and for India’s tech startup ecosystem in general?

Through a series of reports, Extra Crunch is going to investigate those questions. We previously profiled Mukesh Ambani himself, and in today’s installment, we are going to look at how Reliance Jio went from a telco upstart to the dominant tech company in four years.

India’s richest man built a telecom operator everyone wants a piece of

The birth of a new empire

Months after India’s richest man, Mukesh Ambani, launched his telecom network Reliance Jio, Sunil Mittal of Airtel — his chief rival — was struggling in public to contain his frustration.

That Ambani would try to win over subscribers by offering them free voice calling wasn’t a surprise, Mittal said at the World Economic Forum in January 2017. But making voice calls and the bulk of 4G mobile data completely free for seven months clearly “meant that they have not gotten the attention they wanted,” he said, hopeful the local regulator would soon intervene.

This wasn’t the first time Ambani and Mittal were competing directly against each other: in 2002, Ambani had launched a telecommunications company and sought to win the market by distributing free handsets.

In India, carrier lock-in is not popular as people prefer pay-as-you-go voice and data plans. But luckily for Mittal in their first go around, Ambani’s journey was cut short due to a family feud with his brother — read more about that here.

from Apple – TechCrunch https://ift.tt/2ARGXEr