Thursday, November 12, 2020

Act now before Google kills us, 135-strong coalition of startups warns EU antitrust chief

A coalition of 135 startups and tech companies with services in verticals including travel, accommodation and jobs have written to the European Commission to urge antitrust action against Google — warning that swift enforcement is needed or some of their businesses may not survive.

They also argue the Commission needs to act now or it risks undermining its in-train reform of digital regulations — which is due to be lay out in draft form early next month.

The letter has been inked by veteran Internet players such as Booking.com, Expedia, Kayak, Opentable, Tripadvisor and Yelp, co-signing along with a raft of (mostly) smaller European startups across all three verticals.

A further 30 co-signatories are business associations and organizations in related and other areas such as media/publishing — making for a total of 165 entities calling for Google to face swift antitrust banhammers.

A European Commission spokesperson confirmed to TechCrunch it’s received the Google critics’ letter — saying it will reply “in due course”.

‘Not competing on the merits’

While there have been complaints on this front before — the Commission has said it’s been hearing rumblings of discontent in the travel segment since for years at this point — a growing coalition of businesses (including some based in the US) are bandying together to pressure the EU antitrust chief to clip Google’s wings — with, for example, jobs-related businesses joining the travel startups whose complaints we reported on recently.

Reuters, which obtained the letter earlier, reports that the coalition is the largest ever to complain in concert to the EU’s competition division.

In the letter, which TechCrunch has reviewed, the group argues that Google is violating a 2017 EU competition enforcement decision over Google Shopping that barred the tech giant from self-preferencing and unfairly demoting rivals.

The group argues Google is unfairly leveraging its dominant position in Internet search to grab marketshare in the verticals where they operate — pointing to a feature Google displays at the top of search results (called ‘OneBoxes’) where it points Internet users to its own services, simultaneously steering them away from rival services.

The Commission is considering limiting such self-preferencing in forthcoming legislative proposals that it wants to apply to dominant ‘gatekeeper’ Internet platforms — which Google would presumably be classified as.

For, now, though no such ex ante regulation exists — and the coalition argues the Commission needs to pull its finger out and flex its existing antitrust powers to stop Google’s market abuse before its too late for their businesses.

“Google’s technical integration of its own specialised search services into its near monopoly general search service continues to constitute a clear abuse of dominance,” they argue in the letter to Vestager.

“Like no service before, Google has amassed data and content relevant for competition on such markets at the expense of others – us,” they go on. “Google did not achieve its position on any such market by competing on the merits. Rather, there is now global consensus that Google gained unjustified advantages through preferentially treating its own services within its general search results pages by displaying various forms of grouped specialised search results.”

A similar complaint about Google unfairly pushing its own services at the expense of rivals’ can be found in the US Department of Justice’s antitrust lawsuit against it, filed just last month — which is doubtless giving succour to Google complainants to redouble their efforts in Europe.

Back in 2017, the Commission found Google to be a dominant company in Internet search. Under EU law this means it has a responsibility not to apply the same types of infringing behavior identified in the Google Shopping case in any other business vertical, regardless of its marketshare.

Antitrust chief Margrethe Vestager has gained a reputation for taking on big tech during her first (and now second term) stint as the Commission’s competition chief — now combined with an EVP role shaping digital strategy for the bloc.

But while, on her watch, Google has faced enforcement over its Shopping search (2017), Android mobile OS (2018) and AdSense search ad brokering business (2019), antitrust complainants say the regulatory action has done nothing to dislodge the tech giant’s dominance and restore competition to those specific markets or elsewhere.

“The Commission’s Google Search (Shopping) decision of 27 June 2017 (was supposed to) set a precedent that Google is not permitted to promote its own services within the search results pages of its dominant general search service. However, as of today, the decision did not lead to Google changing anything meaningful,” the coalition argues in the letter dated November 12, 2020.

The Commission contends its Shopping decision has let to a significant increase in the rate of display of offers from competitors to Google in its Shopping units (up 73.5%), also pointing to a rate of near parity between Google offers on Shopping units getting clicks and rivals’ offers being clicked on. However, if Google is compensating for losing out on (some) marketshare in Shopping searches by dialling up its marketshare in other verticals (such as travel and jobs) that’s hardly going to sum to a balanced and effective antitrust remedy.

It’s also interesting to note that the signatures on the latest letter include the Foundem CEO: aka the original shopping comparison engine complainant in the Google Shopping case.

In further remarks today, the Commission spokesperson told us: “We continue to carefully monitor the market with a view to assessing the effectiveness of the remedies,” adding: “Shopping is just one of the specialised search services that Google offers. The decision we took in June 2017 gives us a framework to look also at other specialised search services, such as Google jobs and local search. Our preliminary investigation on this is ongoing.”

On the Commission’s forthcoming Digital Services Act and Digital Markets Act package, the coalition suggests a lack of action to rein in abusive behavior by Google now risks making it impossible for those future regulations to correct such practices.

“If, in the pending competition investigations, the Commission accepts Google’s current conduct as ‘equal treatment’, this creates the risk of pre-defining and hence devaluing the meaning of any future legislative ban on self-preferencing,” they warn, adding that: “Competition and innovation will continue to be stifled, simply because the necessary measures to counter the further anti-competitive expansion are not taken right now.”

Additionally, they argue that a legislative process is simply too slow to be used as an antitrust corrective measure — leaving their businesses at risk of not surviving Google in the meanwhile.

“While a targeted regulation of digital gatekeepers may help in the long run, the Commission should first use its existing tools to enforce the Shopping precedent and ensure equal treatment within Google’s general search results pages,” they urge, adding that they generally welcome the Commission plan to regulate “dominant general search engines” but emphasize speed is of the essence.

“We face the imminent risk of being disintermediated by Google. Many of us may not have the strength and resources to wait until such regulation really takes effect,” they add. “Action is required now. If Google were allowed to continue the anti-competitive favouring of its own specialised search services until any meaningful regulation takes effect, our services will continue to lack traffic, data and the opportunity to innovate on the merits. Until then, our businesses continue to be trapped in a vicious cycle – providing benefits to Google’s competing services while rendering our own services obsolete in the long run.”

Asked for its response to the group’s criticism of its business practices, a Google spokesperson send this statement: “People expect Google to give them the most relevant, high quality search results that they can trust. They do not expect us to preference specific companies or commercial rivals over others, or to stop launching helpful services which create more choice and competition for Europeans.”



Source: TechCrunch https://ift.tt/36rv3gA

Mobile security startup Oversecured launches after self-funding $1 million, thanks to bug bounty payouts

You might not have heard of Sergey Toshin, but you should know his work.

Toshin is a 24-year-old security researcher in Moscow who focuses largely on mobile app security. With his knowledge of what different mobile security flaws looked like, Toshin built a custom Android mobile app vulnerability scanner to quickly and automatically find vulnerabilities in an app’s code, he told TechCrunch.

The scanner works by decompiling the Android app and running through the source code line-by-line — just as a human would — and detecting possible flaws in code where a vulnerability could be triggered. It takes a set of rules, which effectively describes different kinds of vulnerabilities, and searches for vulnerable code that meets those conditions, Toshin said.

Once the scanner finishes, it spits out a report describing where the vulnerabilities are in the code.

It was using this scanner, which he developed over the course of the last two years, that he was able to speed up the process of finding bugs.

“To participate in a bug bounty, I would just download the app and copy the vulnerabilities identified in the vulnerability report,” he said.

In August, he revealed details of an Android vulnerability that allowed malicious apps to steal sensitive user data from other apps on the same device. Two weeks later, he dropped details of a bug in TikTok’s Android app that could have led to hijacking of user accounts.

These are just two out of hundreds of security bugs he has reported to companies through their bug bounty programs, a way for researchers to warn companies of potential issues while getting paid for their findings.

“It occurred to me to launch a startup and begin helping other companies find vulnerabilities in their mobile apps,” Toshin told TechCrunch.

One of the vulnerability scanner’s reports for an Android app. (Image: Oversecured)

And that’s how Oversecured was founded. But how Toshin funded his startup was somewhat unconventional.

What’s unusual about Oversecured is not that it’s self-funded, but it launched out of a product that effectively paid for itself. Toshin netted more than $1 million in bug bounties in a year using his scanner, in large part thanks to Google’s security rewards program, which pays security researchers far more for security bugs found in Android apps with over 100 million installs.

Oversecured is not yet profitable, but Toshin has also not taken any venture-backed funding to date. The company now has about five developers, as well as designers and translators as all efforts focus on building and improving the scanner.

The startup so far only supports scanning Android apps. Toshin said the scanner is open to bug hunters and security researchers, who can pay to scan each app — with five scans tossed in for free.

But Toshin is betting big on allowing enterprise customers to buy access to the scanner and integrate it with their development tools. Oversecured launched its B2B offering last week, allowing app makers to integrate the scanner directly into their existing app development processes to find bugs during coding.

Toshin said that enterprise customers will soon get support for scanning Swift source code for iOS apps.

Oversecured joins a number of other established app security companies in the space. But Toshin is confident that his technology stands among the crowd.

“It’s important to find everything,” he said.

Read more:



Source: TechCrunch https://ift.tt/3poBmKs

Walmart Has a Lenovo Android Tablet for $59 In an Early Holiday Deal

Lenovo Tab M8 | $59 | Walmart

Read more...



Source: Gizmodo https://ift.tt/3nuG0oz

Wednesday, November 11, 2020

India approves Google’s $4.5 billion deal with Reliance’s Jio Platforms

India’s antitrust watchdog has approved Google’s proposed investment of $4.5 billion in the nation’s largest telecom platform Jio Platforms, it said in a tweet on Wednesday.

Google announced in July that it would be investing $4.5 billion for a 7.73% stake in the top Indian telecom network. As part of the deal, Google and Jio Platforms plan to collaborate on developing a customized-version of Android mobile operating system to build low-cost, entry-level smartphones to serve the next hundreds of millions of users, the two companies said.

The Indian watchdog, Competition Commission of India (CCI), was said to be interested in reviewing the data sharing agreement between Google and Jio, Indian newspaper Economic Times reported last month, citing an unidentified source.

The announcement today comes days after the CCI announced it had directed an in-depth investigation into Google to verify the claims of whether the Android-maker promotes its payments service during the installation of an Android smartphone (and whether phone vendors have a choice to avoid this); and if Google Play Store’s billing system is designed “to the disadvantage of both i.e. apps facilitating payment through UPI, as well as users.”

The call for this in-depth investigation was prompted after the CCI concluded in its initial review that requiring Google Pay to be used buy apps or make in-app payments was an “imposition of unfair and discriminatory condition, denial of market access for competing apps of Google Pay and leveraging on the part of Google,” the watchdog said.

Jio Platforms, which has amassed over 400 million subscribers, has this year raised over $20 billion from 13 high-profile investors including Facebook, which alone invested $5.7 billion into the Indian firm. That deal has also been approved by the CCI. Jio Platforms is a subsidiary of Reliance Industries, India’s most valued firm. It is run by Mukesh Ambani, Asia’s richest man.



Source: TechCrunch https://ift.tt/2UkNo96

Tuesday, November 10, 2020

The Boox Poke 3 is my new favorite e-reader

There are plenty of e-readers to choose from out there, but never enough for me. I’m always questing for the one that will make me forget that there are others available, and in the Onyx Boox Poke 3, I think I have found it — at least for now. The Chinese e-paper device maker has nailed the size, the screen, and added a sprinkle of versatility that I didn’t know I was lacking.

The Poke 3 fits in the same “original flavor e-reader” category as the Kindle Paperwhite and Kobo Clara HD: 6 inches, 300 PPI or so (which makes for very clear text), and somewhere between $100 and $200.

These readers fit easily in a pocket, unlike the larger Oasis and even larger Forma; they tend to lack anything but a power button and are very focused on books and saved articles.

But the Kindle and Clara both have major flaws. The Kindle is tied to Amazon in all the ways I can’t stand, including on-device ads by default, and the Clara… well, beside the screen, the hardware is honestly just bad. Kobo made my previous favorite e-reading device, the compact and flush-front Aura, and I’ve finally found a worthy successor to that beloved gadget.

The Poke 3 is the latest device to come from Boox, the e-reader line from parent company Onyx. The company has mostly been a presence in Southeast Asia, particularly its home country of China, so don’t be surprised if you’ve never heard of it. Boox makes a wide variety of e-paper devices (which I will evaluate in a separate article), and the Poke 3 is the simplest and smallest of them.

A Boox Poke 3 e-reader in a hand.

Image Credits: Devin Coldewey / TechCrunch

I’ll highlight the device’s strengths first. Most importantly, it is a lovely piece of hardware. The flush front is a pleasure to read on, as there is no raised bezel to shade the text or collect grime. The power button is well located and clicky. There’s just enough border to hold onto without worrying about smudging or activating the screen, and a bit of extra space at the bottom enables plenty of comfortable grips.

It’s thinner than the competition and the build quality is excellent. The front is hardened glass from partner Asahi, which will hopefully prevent it from needing a cover.

A Boox Poke 3 e-reader side-on.

Image Credits: Devin Coldewey / TechCrunch

The finish is, to be honest, something of a fingerprint and oil magnet, and could be grippier. The Paperwhite has it beat on texture but I prefer the smooth back to the weird perforated one of the Clara.

At 150 grams it’s 16 lighter than the Clara and 32 lighter than the Paperwhite. That doesn’t sound like a lot, but when you’re holding a device for hours straight every little bit counts, and at this size it also helps with balance.

Its 6-inch screen is not meaningfully different from the Kindle or Kobo devices out there in terms of resolution or font rendering. I scrutinized the Poke 3 next to the Clara HD and Forma and found no differences that anyone would notice reading from 10-20 inches away.

Screen of a Boox Poke 3 e-reader

Image Credits: Devin Coldewey / TechCrunch

It does differ in its approach to illumination, though whether meaningfully so is a matter of opinion. Instead of having a brightness slider and a temperature slider, it has a warm and cool slider, and increasing or decreasing either one changes both the brightness and temperature. You can also turn either one off entirely or link them together so they are adjusted as one.

If it sounds more complicated… it is. I don’t see that it adds any real new capabilities, but once you get the feel for it, it isn’t that much harder to use, either. I do wish that when you linked the two sliders, they kept their positions relative to one another. The whole system seems a little baroque and I hope Boox streamlines it. That said, the quality of the light is equally good and once you dial it in, it looks great.

Type formatting is good, and has plenty of options for tweaking how any of the many (too many…) included fonts look, even weight and contrast adjustments to really fine tune them. Adding custom fonts is as easy as dragging and dropping them, just like documents.

The operating system of the Boox provides far more options than either Kobo or Kindle. Amazon keeps tight control over its ecosystem and outside of a handful of associated services the devices can’t do much. Kobo at least allows for more file formats to be loaded directly on, and now has excellent Pocket integration for saving articles from the web. Boox takes things two steps further with a custom Android launcher that you can download full apps onto.

A Boox Poke 3 e-reader

Image Credits: Devin Coldewey / TechCrunch

Now, there are really only so many apps that you actually might want on an e-reader like this one. And not everything works as well as I’d like. But for the first time I can actually get Simplenote on my e-reader.

It’s not as simple as it would be on an ordinary Android device, though. Because the Poke 3 comes from China, it doesn’t have access to Google services right off the bat. You can add it through settings, which isn’t hard, but there’s also a sideloading store built in with recent (if not quite brand new) install packages of popular, vetted apps for the device.

Let’s just admit right now that compared to the simplicity of Kindle and Kobo, this is already a bit out there. And whether you feel comfortable logging into a version of Evernote that you can’t (without a bit of work) verify the contents of… well, it’s not for everyone. But to be clear on this, Boox isn’t some fly-by-night operation — they may not be well known over here, but it’s hard to argue with the quality of the devices. The problem is simply that localizing an OS built for users in China has some fundamental challenges.

Image Credits: Devin Coldewey / TechCrunch

Fortunately for everyone, the basic capability to load books on there and read them is solid and it’s what you’d be doing most of the time. There may be a busy interface when you’re doing other stuff, but you can easily hide all indicators like progress and title while you’re reading, dedicating every square inch of the screen to actual reading.

It has 32 gigs of internal memory, making storage of audiobooks (it has Bluetooth for sound) and bulky documents easy, and connects quickly as a drive when you plug in its USB-C cord.

The Poke 3 will cost $189 when it ships next week, which is on the high end for this type of device. That’s $30 more than a Kindle Paperwhite and $70 more than a Clara HD. But I honestly think it is worth the premium. This is a better e-reader, period; despite the sometimes fussy interface, I enjoy using it, and appreciate that it provides capabilities that its competition doesn’t. If you need simple and don’t mind a cheap build, the Clara is a great cheaper option, but for a step up consider the Poke 3.



Source: TechCrunch https://ift.tt/3khfywr

Twitter could face its first GDPR penalty within days

European data protection regulators have inched toward an enforcement decision for a Twitter breach that the company publicly disclosed in 2019, after a majority of EU data supervisors agreed to back a draft settlement submitted earlier by Ireland’s Data Protection Commission (DPC).

Twitter disclosed the bug in its ‘Protect your tweets’ feature at the start of last year — saying at the time that some Android users who’d applied its setting to make their tweets non-public may have had their data exposed to the public Internet since as far back as 2014.

A new data protection regime, meanwhile, came into force in the European Union in May 2018 — meaning the 2014-2019 breach falls under the EU’s General Data Protection Regulation (GDPR).

Ireland’s DPC is the lead supervisor authority in the Twitter case but the cross-border nature of its business means all EU data protection agencies have an interest and the ability to make “relevant and reasoned” objections to the draft. Objections to the DPC’s draft decision were duly raised over the summer — triggering a dispute resolution process for cross-border cases set out in the GDPR.

The European Data Protection Board (EDPB), a body which helps coordinate pan-EU regulatory activity, said today it has adopted its first Article 65 decision — referring to the mechanism for settling disagreement between the EU’s patchwork of data supervisors. This means that at least a two-thirds majority of the EU DPAs have backed the settlement.

“On 9 November 2020, the EDPB adopted its binding decision and will shortly notify it formally to the Irish SA,” it wrote in a statement.

Ireland’s deputy commissioner, Graham Doyle, confirmed the EDPB has informed it of an Article 65 decision — but declined to comment further at this stage.

Ireland’s DPC now has up to a month to issue a final decision.

“The Irish SA [supervisory authority] shall adopt its final decision on the basis of the EDPB decision, which will be addressed to the controller, without undue delay and at the latest one month after the EDPB has notified its decision,” the EDPB statement adds.

Details of any penalties Twitter may face — such as a fine — have not yet been confirmed. But the end of the process is now in sight.

GDPR places a legal obligation on data controllers to adequately protect personal data. Financial penalties for violations of the framework can scale up to 4% of a company’s annual global turnover. (Although, in the case of big tech, the largest GDPR fine to date remains a $57M fine slapped on Google by France’s CNIL.)

Unlike that Google case — which CNIL pursued ahead of Google moving its EU legal base to Ireland — the Twitter case is cross-border and will be the first such big tech GDPR case to be concluded once a final decision is out.

The EU’s flagship data protection regulation continues to face criticism over how long it’s taking for cases and complaints to be investigated and decisions issued — especially those related to big tech.

Last year the Irish regulator said its first cross-border GDPR decisions would be coming “early” in 2020. In the event its first one will arrive before the end of 2020 — but that’s a pace that’s unlikely to silence critics who argue EU regulators are not equipped for the complex, resource-intensive task of overseeing how big tech handles people’s data.

The Twitter breach case is also likely to be considerably less complex than some of the complaint-based GDPR investigations ongoing into big tech platforms — which include probes around the legal bases for Facebook to process user data and how Google’s ad exchange is using Internet users’ data. Yet the EDPB still allowed for a full extra month to the Article 65 process (instead of the default one month) because of what it described as “the complexity of the subject matter”. That hardly bodes well for more contentious cases.

Still, going through dispute resolution over cross-border cases may lead to greater consistency and help DPAs pick up enforcement pace over time.

The UK’s ICO looks like a bit of a cautionary tale in this regard — having recently taken the clippers to massive preliminary fines it announced in a couple of (non-big tech GDPR) data breach cases, meaning enforcement ended up being both later and less stinging than it had first appeared.

Despite critics’ claims that GDPR enforcement continues to be lacking in places where it should be hard-hitting, the question of how to effectively regulate big tech is one that EU lawmakers aren’t backing away from.

On the contrary, the Commission is set to lay out a legislative proposal next month to apply ex ante rules to dominant Internet platforms as part of a planned Digital Markets Act. Under the plans, so-called ‘gatekeepers’ will to be subject to a list of ‘dos and don’ts’ that’s slated to include controls on how they can share data. It could also could see a push to create a pan-EU regulator to oversee major platforms. 

Such an approach could help to reduce the oversight burden facing a handful of EU DPAs with an outsized number of big tech giants on their books, such as the Irish DPC. But, again, there’s likely to be a long wait ahead before any new EU platform rules are in a position to be effectively enforced. 



Source: TechCrunch https://ift.tt/3ncmVqR

New forecast pegs TikTok to top 1.2B monthly active users in 2021

TikTok’s upward trajectory is expected to continue in 2021, according to a new forecast from mobile data and analytics firm App Annie, which estimates the short-form video app will surpass the 1 billion monthly active user mark next year. The expanded forecast also looked into future trends around mobile ad spending and the growth in “at-home” activities fueled by mobile, like e-commerce and online meetings, for example.

TikTok’s growth numbers, however, were the standout estimate from the new report. The video app has grown in popularity, having nearly tripled in size since 2018, App Annie noted. And, as of the third quarter this year, TikTok became the No. 2 non-gaming app by consumer spending, due to its use of a combination of revenue streams, including advertising and sales of virtual gifts used for tipping streamers.

In 2021, App Annie expects TikTok to not only join the 1 billion monthly active user (MAU) club alongside Facebook, Instagram, Messenger, WhatsApp, YouTube and WeChat — it predicts TikTok will actually sail past the 1 billion MAU milestone to reach 1.2 billion average monthly active users.

Image Credits: App Annie

This is remarkable growth, given that TikTok still remains banned in one of the world’s largest mobile markets, India.

And, of course, the fate of the social video app in the U.S. will have to do with how the incoming Biden administration handles the Trump TikTok ban. (And there are some signals his view doesn’t differ that much from Trump on this front.)

App Annie also predicted 2021 will see continued growth for “at-home” activities, fueled by mobile. Though there is promising news about a potential COVID vaccine, it’s not likely that everything will simply shift back to the way it was before the pandemic upon its release. The pandemic just accelerated trends that were already underway.

The report estimates that time spent in key “at-home” categories — like remote business and education apps, e-commerce, mobile finance apps and at-home fitness apps — will top 1.3 trillion hours on Android phones in 2021, for example.

Specifically, remote business apps (e.g Zoom) are expected to see a compound annual growth rate (CAGR) of 57% and remote learning apps will see 62% growth. Total time in mobile banking and finance apps will surpass 31 billion hours annually in 2021, representing a 4-year CAGR of 35%. Fitness and e-commerce will grow as well, at +23% and +40%, respectively.

Image Credits: App Annie

In addition, the firm predicts consumers will install up to 85% more video streaming apps in 2021 in the U.S., compared with pre-COVID levels.

And it expects mobile ad spend to reach $290 billion in 2021, in part thanks to strong mobile commerce growth and a further shift from offline advertising to digital.

“While the U.S. presidential election has helped fuel mobile ad spend in the latter part of 2020, App Annie expects ad dollars to continue to flow to smartphones in 2021,” the firm said. “Particularly given the consumer shift to mobile is not an isolated trend — COVID-19 catalysed the habits we were already forming,” the company added.

 



Source: TechCrunch https://ift.tt/3pbyArX