Thursday, 28 February 2019

,

Remotewise – Remote resources for the future of work


Remotewise is a resource and learning platform for the future of remote work. We want to help you discover the worlds top remote companies, find your next remote role and learn from the leaders in the industry.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2ISW0RQ Read More Detail!
,

dashdash – Create an app using just your spreadsheet skills


dashdash is the spreadsheet with the best business data and API integrations. It's the easiest way to access online services and build automated applications using the spreadsheet skills you already have.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2IJsQV6 Read More Detail!

Facebook admits 18% of Research spyware users were teens, not

Facebook has changed its story after initially trying to downplay how it targeted teens with its Research program that a TechCrunch investigation revealed was paying them gift cards to monitor all their mobile app usage and browser traffic. “Less than 5 percent of the people who chose to participate in this market research program were teens” a Facebook spokesperson told TechCrunch and many other news outlets in a damage control effort 7 hours after we published our report on January 29th. At the time,  Facebook claimed that it had removed its Research app from iOS. The next morning we learned that wasn’t true, as Apple had already forcibly blocked the Facebook Research app for violating its Enterprise Certificate program that supposed to reserved for companies distributing internal apps to employees.

It turns out that wasn’t the only time Facebook deceived the public in its response regarding the Research VPN scandal. TechCrunch has attained Facebook’s unpublished February 21st response to questions about the Research program in a letter from Senator Mark Warner, who wrote to CEO Mark Zuckerberg that “Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me.”

In the response from Facebook’s VP of US public policy Kevin Martin, the company admits that (emphasis ours) “At the time we ended the Facebook Research App on Apple’s iOS platform, less than 5 percent of the people sharing data with us through this program were teens. Analysis shows that number is about 18 percent when you look at the complete lifetime of the program, and also add people who had become inactive and uninstalled the app.” So 18 percent of research testers were teens. It was only less than 5 percent when Facebook got caught. Given users age 13 to 35 were eligible for Facebook’s Research program, 13 to 18 year olds made of 22 percent of the age range. That means Facebook clearly wasn’t trying to minimize teen involvement, nor were they just a tiny fraction of users.

WASHINGTON, DC – APRIL 10: Facebook co-founder, Chairman and CEO Mark Zuckerberg testifies before a combined Senate Judiciary and Commerce committee hearing in the Hart Senate Office Building on Capitol Hill April 10, 2018 in Washington, DC. Zuckerberg, 33, was called to testify after it was reported that 87 million Facebook users had their personal information harvested by Cambridge Analytica, a British political consulting firm linked to the Trump campaign. (Photo by Chip Somodevilla/Getty Images)

Warner asked Facebook “Do you think any use reasonable understood Facebook was using this data for commercial purposes includingto track competitors?” Facebook response indicates it never told Research users anything about tracking “competitors”, and instead dances around the question. Facebook says the registration process told users the data would help the company “understand how people use mobile apps,” “improve . . . services,” and “introduce new features for millions of people around the world.”

Facebook had also told reporters on January 29th regarding teens’ participation, “All of them with signed parental consent forms.” Yet in its response to Senator Warner, Facebook admitted that “Potential participants were required to confirm that they were over 18 or provide other evidence of parental consent, though the vendors did not require a signed parental consent form for teen users.” In some cases, underage users merely had to check a box to claim they had parental consent, and there was no verification of users’ ages or that their parents actually approved.

So to quickly recap:

Facebook targeted teens with ads on Instagram and Snapchat to join the Research program without revealing its involvement

The contradictions between Facebook’s initial response to reporters and what it told Warner, who has the power to pursue regulation of the the tech giant, shows Facebook willingness to move fast and play loose with the truth when it’s less accountable. It’s no wonder the company never shared the response with TechCrunch or posted a blog post or press release about it.

Facebook’s attempt to minimize the issue in the wake of backlash exemplifies the trend of of the social network’s “reactionary” PR strategy that employees described to BuzzFeed’s Ryan Mac. The company often views its scandals as communications errors rather than actual product screwups or as signals of deep-seeded problems with Facebook’s respect for privacy. Facebook needs to learn to take its lumps, change course, and do better rather than constantly trying to challenge details of negative press about it, especially before it has all the necessary information. Until then, the never-ending news cycle of Facebook’s self-made disasters will continue.

Below is Facebook’s full response to Senator Warner’s inquiry, followed by Warner’s original letter to Mark Zuckerberg..



from Social – TechCrunch https://ift.tt/2UkSpgg Read More Detail!

A new ‘Hide Tweet’ button has been spotted in Twitter’s code

Twitter confirmed it has in development a new “Hide Tweet” option, but has yet to provide more detail about its plans for the feature. The new option, spotted in Twitter’s code, is available from a list of moderation choices that appear when you click the “Share” button on a tweet – a button whose icon has also been given a refresh, it seems. Like it sounds, “Hide Tweet” appears to function as an alternative to muting or blocking a user, while still offering some control over a conversation.

Related to this, an option to “View Hidden Tweets” was also found to be in the works. This appears to allow a user to unhide those tweets that were previously hidden.

The “Hide Tweet” feature was first discovered by Jane Manchun Wong, who tweeted about her findings on Thursday.

Wong says she found the feature within the code of the Twitter Android application. That means it’s not necessarily something Twitter will release publicly, but has at least thought about seriously enough to develop.

Reached for comment earlier today, Twitter told us some employees would soon tweet out more context about the feature. As of the time of writing, those explanations had not gone live.

Immediately, there were concerns an option like this would allow users to silence their critics – not just for themselves, as is possible today with muting and blocking – but for anyone reading through a stream of Twitter Replies. Imagine, for example, if a controversial politician began to hide tweets they didn’t like or those that contradicted an outrageous claim with a fact check, people said.

On the flip side, putting the original poster back in control of which Replies are visible may allow people to feel more comfortable with sharing on Twitter, which could impact user growth – a number Twitter struggles with today.

But as of now, it’s not clear that the “Hide Tweet” button is something that would hide the tweet from everyone’s view, or just the from the person who clicked the button.

It’s also unclear what stage of development the feature is in, or if it will be part of a larger change to moderation controls.

If Twitter chooses to comment, we’ll update with those answers.

The feature’s discovery comes at a time when Twitter has been under increased pressure to improve the conversational health on its platform.

In a recent interview, Twitter CEO Jack Dorsey admitted that it puts most of the burden on the victims of abuse, which has been “a huge fail.” He said Twitter was looking into new way to proactively enforce and promote health, so blocking and reporting were last resorts.

A “Hide Tweet” button doesn’t seem to fit into that plan, as it requires users’ direct involvement with the moderation process.

It’s worth also noting that Twitter already has a “hidden tweets” feature of sorts.

In 2018, the company introduced a new filtering strategy to hide disruptive tweets, which takes into consideration various behavioral signals – like whether the account had verified its email, is frequently blocked, or tweets often at accounts that don’t follow it back, for example. If Twitter determined the tweet should be downranked, it moved it to its own secluded part of the Reply thread, under a “Show more replies” button.

Twitter tests a number of things that never see the light of day in a public product. More recently, the company said it was weighing the idea of a “clarifying function” for explaining old tweets. It’s also launching a prototype app that will experiment with new ideas around conversation threads.

 



from Social – TechCrunch https://ift.tt/2GQlugD Read More Detail!

Daily Crunch: TikTok faces children’s privacy fine

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. FTC ruling sees Musical.ly (TikTok) fined $5.7M for violating children’s privacy law, app updated with age gate

In an app update released yesterday, all users will need to verify their age, and the under 13-year-olds will then be directed to a separate, more restricted in-app experience that protects their personal information and prevents them from publishing videos to TikTok.

And if you’re confused about Musical.ly versus TikTok: The Federal Trade Commission had begun looking into TikTok back when it was known as Musical.ly, and the ruling itself is a settlement with Musical.ly.

2. How Disney built Star Wars, in real life

Over the course of the past five years, Walt Disney Imagineering has been hard at work making the world of Star Wars a reality on Earth. Matthew Panzarino has all the details, with plenty of tantalizing images.

3. Amazon Prime members can choose a weekly delivery date with launch of ‘Amazon Day’

The option lets shoppers pick a day of the week to take delivery of their recent orders. The boxes will then arrive together on the selected Amazon Day, in fewer boxes.

4. ZÅ«m, a ridesharing service for kids, raises $40M

ZÅ«m is a mobile app that enables parents to schedule rides for their kids from fully vetted drivers. It also partners with school districts to support their transportation needs.

5. Dow Jones’ watchlist of 2.4 million high-risk individuals has leaked

The data, since secured, is the financial giant’s Watchlist database, which companies use as part of their risk and compliance efforts.

6. SoftBank’s Vision Fund invests $1.5B in Chinese second-hand car startup Chehaoduo

The Beijing-based company operates two main sites — peer-to-peer online marketplace Guazi for used vehicles, and Maodou, which retails new sedans through direct sales and financial leasing.

7. Netflix may be losing $192M per month from piracy, cord cutting study claims

As many as one in five people today are mooching off of someone else’s account when streaming video from Netflix, Hulu or Amazon Video, according to a new study from CordCutting.com. Of these, Netflix tends to be pirated for the longest period.



from Social – TechCrunch https://ift.tt/2H6aTh2 Read More Detail!

Privacy complaints received by tech giants’ favorite EU watchdog up more than 2x since GDPR

A report by the lead data watchdog for a large number of tech giants operating in Europe shows a significant increase in privacy complaints and data breach notifications since the region’s updated privacy framework came into force last May.

The Irish Data Protection Commission (DPC)’s annual report, published today, covers the period May 25, aka the day the EU’s General Data Protection Regulation (GDPR) came into force, to December 31 2018 and shows the DPC received more than double the amount of complaints post-GDPR vs the first portion of 2018 prior to the new regime coming in: With 2,864 and 1,249 complaints received respectively.

That makes a total of 4,113 complaints for full year 2018 (vs just 2,642 for 2017). Which is a year on year increase of 36 per cent.

But the increase pre- and post-GDPR is even greater — 56 per cent — suggesting the regulation is working as intended by building momentum and support for individuals to exercise their fundamental rights.

“The phenomenon that is the [GDPR] has demonstrated one thing above all else: people’s interest in and appetite for understanding and controlling use of their personal data is anything but a reflection of apathy and fatalism,” writes Helen Dixon, Ireland’s commissioner for data protection.

She adds that the rise in the number of complaints and queries to DPAs across the EU since May 25 demonstrates “a new level of mobilisation to action on the part of individuals to tackle what they see as misuse or failure to adequately explain what is being done with their data”.

While Europe has had online privacy rules since 1995 a weak regime of enforcement essentially allowed them to be ignored for decades — and Internet companies to grab and exploit web users’ data without full regard and respect for European’s privacy rights.

But regulators hit the reset button last year. And Ireland’s data watchdog is an especially interesting agency to watch if you’re interested in assessing how GDPR is working, given how many tech giants have chosen to place their international data flows under the Irish DPC’s supervision.

More cross-border complaints

“The role places an important duty on the DPC to safeguard the data protection rights of hundreds of millions of individuals across the EU, a duty that the GDPR requires the DPC to fulfil in cooperation with other supervisory authorities,” the DPC writes in the report, discussing its role of supervisory authority for multiple tech multinationals and acknowledging both a “greatly expanded role under the GDPR” and a “significantly increased workload”.

A breakdown of GDPR vs Data Protection Act 1998 complaint types over the report period suggests complaints targeted at multinational entities have leapt up under the new DP regime.

For some complaint types the old rules resulted in just 2 per cent of complaints being targeted at multinationals vs close to a quarter (22 per cent) in the same categories under GDPR.

It’s the most marked difference between the old rules and the new — underlining the DPC’s expanded workload in acting as a hub (and often lead supervisory agency) for cross-border complaints under GDPR’s one-stop shop mechanism.

The category with the largest proportions of complaints under GDPR over the report period was access rights (30%) — with the DPC receiving a full 582 complaints related to people feeling they’re not getting their due data. Access rights was also most complained about under the prior data rules over this period.

Other prominent complaint types continue to be unfair processing of data (285 GDPR complaints vs 178 under the DPA); disclosure (217 vs 138); and electronic direct marketing (111 vs 36).

EU policymakers’ intent with GDPR is to redress the imbalance of weakly enforced rights — including by creating new opportunities for enforcement via a regime of supersized fines. (GDPR allows for penalties as high as up to 4 per cent of annual turnover, and in January the French data watchdog slapped Google with a $57M GDPR penalty related to transparency and consent — albeit still far off that theoretical maximum.)

Importantly, the regulation also introduced a collective redress option which has been adopted by some EU Member States.

This allows for third party organizations such as consumer rights groups to lodge data protection complaints on individuals’ behalf. The provision has led to a number of strategic complaints being filed by organized experts since last May (including in the case of the aforementioned Google fine) — spinning up momentum for collective consumer action to counter rights erosion. Again that’s important in a complex area that remains difficult for consumers to navigate without expert help.

For upheld complaints the GDPR ‘nuclear option’ is not fines though; it’s the ability for data protection agencies to order data controllers to stop processing data.

That remains the most significant tool in the regulatory toolbox. And depending on the outcome of various ongoing strategic GDPR complaints it could prove hugely significant in reshaping what data experts believe are systematic privacy incursions by adtech platform giants.

And while well-resourced tech giants may be able to factor in even very meaty financial penalties, as just a cost of doing a very lucrative business, data-focused business models could be far more precarious if processors can suddenly be slapped with an order to limit or even cease processing data. (As indeed Facebook’s business just has in Germany, where antitrust regulators have been liaising with privacy watchdogs.)

Data breach notifications also up

GDPR also shines a major spotlight on security — requiring privacy by design and default and introducing a universal requirement for swiftly reporting data breaches across the bloc, again with very stiff penalties for non-compliance.

On the data breach front, the Irish DPC says it received a total of 3,687 data breach notifications between May 25 and December 31 last year — finding just four per cent (145 cases) did not meet the definition of a personal-data breach set out in GDPR. That means it recorded a total of 3,542 valid data protection breaches over the report period — which it says represents an increase of 27 per cent on 2017 breach report figures.

“As in other years, the highest category of data breaches notified under the GDPR were classified as Unauthorised Disclosures and accounted for just under 85% of the total data-breach notifications received between 25 May and 31 December 2018,” it notes, adding: “The majority occurred in the private sector (2,070).”

More than 4,000 data breach notifications were recorded by the watchdog for full year 2018, the report also states.

The DPC further reveals that it was notified of 38 personal data breaches involving 11 multinational technology companies during the post-GDPR period of 2018. Which means breaches involving tech giants.

“A substantial number of these notifications involved the unauthorised disclosure of, and unauthorised access to, personal data as a result of bugs in software supplied by data processors engaged by the organisations,” it writes, saying it opened several investigations as a result (such as following the Facebook Token breach in September 2018).

Open probes of tech giants

As of 31 December 2018, the DPC says it had 15 investigations open in relation to multinational tech companies’ compliance with GDPR.

Below is the full list of the DPC’s currently open investigations of multinationals — including the tech giant under scrutiny; the origin of the inquiry; and the issues being examined:

  • Facebook Ireland Limited — Complaint-based inquiry: “Right of Access and Data Portability. Examining whether Facebook has discharged its GDPR obligations in respect of the right of access to personal data in the Facebook ‘Hive’ database and portability of “observed” personal data”
  • Facebook Ireland Limited — Complaint-based inquiry: “Lawful basis for processing in relation to Facebook’s Terms of Service and Data Policy. Examining whether Facebook has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data of individuals using the Facebook platform.”
  • Facebook Ireland Limited — Complaint-based inquiry: “Lawful basis for processing. Examining whether Facebook has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data in the context of behavioural analysis and targeted advertising on its platform.”
  • Facebook Ireland Limited — Own-volition inquiry: “Facebook September 2018 token breach. Examining whether Facebook Ireland has discharged its GDPR obligations to implement organisational and technical measures to secure and safeguard the personal data of its users.”
  • Facebook Ireland Limited — Own-volition inquiry: “Facebook September 2018 token breach. Examining Facebook’s compliance with the GDPR’s breach notification obligations.”
  • Facebook Inc. — Own-volition inquiry: “Facebook September 2018 token breach. Examining whether Facebook Inc. has discharged its GDPR obligations to implement organizational and technical measures to secure and safeguard the personal data of its users.”
  • Facebook Ireland Limited — Own-volition inquiry: “Commenced in response to large number of breaches notified to the DPC during the period since 25 May 2018 (separate to the token breach). Examining whether Facebook has discharged its GDPR obligations to implement organisational and technical measures to secure and safeguard the personal data of its users.”
  • Instagram (Facebook Ireland Limited) — Complaint-based inquiry: “Lawful basis for processing in relation to Instagram’s Terms of Use and Data Policy. Examining whether Instagram has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data of individuals using the Instagram platform.”
  • WhatsApp Ireland Limited — Complaint-based inquiry: “Lawful basis for processing in relation to WhatsApp’s Terms of Service and Privacy Policy. Examining whether WhatsApp has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data of individuals using the WhatsApp platform.”
  • WhatsApp Ireland Limited — Own-volition inquiry: “Transparency. Examining whether WhatsApp has discharged its GDPR transparency obligations with regard to the provision of information and the transparency of that information to both users and non-users of WhatsApp’s services, including information provided to data subjects about the processing of information between WhatsApp and other Facebook companies.”
  • Twitter International Company — Complaint-based inquiry: “Right of Access. Examining whether Twitter has discharged its obligations in respect of the right of access to links accessed on Twitter.”
  • Twitter International Company — Own-volition inquiry: “Commenced in response to the large number of breaches notified to the DPC during the period since 25 May 2018. Examining whether Twitter has discharged its GDPR obligations to implement organisational and technical measures to secure and safeguard the personal data of its users.”
  • LinkedIn Ireland Unlimited Company — Complaint-based inquiry: “Lawful basis for processing. Examining whether LinkedIn has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data in the context of behavioural analysis and targeted advertising on its platform.”
  • Apple Distribution International — Complaint-based inquiry: “Lawful basis for processing. Examining whether Apple has discharged its GDPR obligations in respect of the lawful basis on which it relies to process personal data in the context of behavioural analysis and targeted advertising on its platform.”
  • Apple Distribution International — Complaint-based inquiry: “Transparency. Examining whether Apple has discharged its GDPR transparency obligations in respect of the information contained in its privacy policy and online documents regarding the processing of personal data of users of its services.”

“The DPC’s role in supervising the data-processing operations of the numerous large data-rich multinational companies — including technology internet and social media companies — with EU headquarters located in Ireland changed immeasurably on 25 May 2018,” the watchdog acknowledges.

“For many, including Apple, Facebook, Microsoft, Twitter, Dropbox, Airbnb, LinkedIn, Oath [disclosure: TechCrunch is owned by Verizon Media Group; aka Oath/AOL], WhatsApp, MTCH Technology and Yelp, the DPC acts as lead supervisory authority under the GDPR OSS [one-stop shop] facility.”

The DPC notes in the report that between May 25 and December 31 2018 it received 136 cross-border processing complaints through the regulation’s OSS mechanism (i.e. which had been lodged by individuals with other EU data protection authorities).

A breakdown of these (likely) tech giant focused GDPR complaints shows a strong focus on consent, right of erasure, right of access and the lawfulness of data processing:

Breakdown of cross-border complaint types received by the DPC under GDPR’s OSS mechanism

While the Irish DPC acts as the lead supervisor for many high profile GDPR complaints which relate to how tech giants are handling people’s data, it’s worth emphasizing that the OSS mechanism does not mean Ireland is sitting in sole judgement on Silicon Valley’s giants’ rights incursions in Europe.

The mechanism allows for other DPAs to be involved in these cross-border complaints.

And the European Data Protection Board, the body that works with all the EU Member States’ DPAs to help ensure consistent application of the regulation, can trigger a dispute resolution process if a lead agency considers it cannot implement a concerned agency objection. The aim is to work against forum shopping.

In a section on “EU cooperation”, the DPC further writes:

Our fellow EU regulators, alongside whom we sit on the European Data Protection Board (EDPB), follow the activities and results of the Irish DPC closely, given that a significant number of people in every EU member state are potentially impacted by processing activities of the internet companies located in Ireland. EDPB activity is intense, with monthly plenary meetings and a new system of online data sharing in relation to cross-border processing cases rolled out between the authorities. The DPC has led on the development of EDPB guidance on arrangements for Codes of Conduct under the GDPR and these should be approved and published by the EDPB in Q1 of 2019. The DPC looks forward to industry embracing Codes of Conduct and raising the bar in individual sectors in terms of standards of data protection and transparency. Codes of Conduct are important because they will more comprehensively reflect the context and reality of data-processing activities in a given sector and provide clarity to those who sign up to the standards that need to be attained in addition to external monitoring by an independent body. It is clarity of standards that will drive real results.

Over the reported period the watchdog also reveals that it issued 23 formal requests seeking detailed information on compliance with various aspects of the GDPR from tech giants, noting too that since May 25 it has engaged with platforms on “a broad range of issues” — citing the following examples to give a flavor of these concerns:

  • Google on the processing of location data
  • Facebook on issues such as the transfer of personal data from third-party apps to Facebook and Facebook’s collaboration with external researchers
  • Microsoft on the processing of telemetry data collected by its Office product
  • WhatsApp on matters relating to the sharing of personal data with other Facebook companies

“Supervision engagement with these companies on the matters outlined is ongoing,” the DPC adds of these issues.

Adtech sector “must comply” with GDPR 

Talking of ongoing action, a GDPR complaint related to the security of personal data that’s systematically processed to power behavioral advertising is another open complaint on the DPC’s desk.

The strategic complaint was filed by a number of individuals in multiple EU countries (including Ireland) last fall. Since then the individuals behind the complaints have continued to submit and publish evidence they argue bolsters their case against the behavioral ad targeting industry (principally Google and the IAB which set the spec involved in the real-time bidding (RTB) system).

The Irish DPC makes reference to this RTB complaint in the annual report, giving the adtech industry what amounts to a written warning that while the advertising ecosystem is “complex”, with multiple parties involved in “high-speed, voluminous transactions” related to bidding for ad space and serving ad content “the protection of personal data is a prerequisite to the processing of any personal data within this ecosystem and ultimately the sector must comply with the standards set down by the GDPR”.

The watchdog also reports that it has engaged with “several stakeholders, including publishers and data brokers on one side, and privacy advocates and affected individuals on the other”, vis-a-vis the RTB complaint, and says it will continue prioritizing its scrutiny of the sector in 2019 — “in cooperation with its counterparts at EU level so as to ensure a consistent approach across all EU member states”.

It goes on to say that some of its 15 open investigations into tech giants will both conclude this year and “contribute to answering some of the questions relating to this complex area”. So, tl;dr, watch this space.

Responding to the DPC’s comments on the RTB complaint, Dr Johnny Ryan, chief policy and industrial relations officer of private browser Brave — and also one of the complainants — told us they expect the DPC to act “urgently”.

“We have brought our complaint before the DPC and other European regulators because there is a dire need to fix adtech so that it’s works safely,” he told TechCrunch. “The DPC itself recognizes that online advertising is a priority. The IAB and Google online ‘ad auction’ system enables companies to broadcast what every single person online reads, watches, and listens to online to countless parties. There is no control over what happens to these data. The evidence that we have submitted to the DPC shows that this occurs hundreds of billions of times a day.”

“In view of the upcoming European elections, it is particularly troubling that the IAB and Google’s systems permit voters to be profiled in this way,” he added. “Clearly, this infringes the security and integrity principles of the GDPR, and we expect the DPC to act urgently.”

The IAB has previously rejected the complaints as “false”, arguing any security risk is “theoretical”; while Google has said it has policies in place to prohibit advertisers from targeting sensitive categories of data. But the RTB complaint itself pivots on GDPR’s security requirements which demand that personal data be processed in a manner that “ensures appropriate security”, including “protection against unauthorised or unlawful processing and against accidental loss”.

So the security of the RTB system is the core issue which the Irish DPC, along with agencies in the UK and Poland, will have to grapple with as a priority this year.

The complainants have also said they intend to file additional complaints in more markets across Europe, so more DPAs are likely to join the scrutiny of RTB, as concerned supervisory agencies, which could increase pressure on the Irish DPC to act.

Schrems II vs Facebook 

The watchdog’s report also includes an update on long-running litigation filed by European privacy campaigner Max Schrems concerning a data transfer mechanism known as standard contractual clauses (SCCs) — and originally only targeted at Facebook’s use of the mechanism.

The DPC decided to refer Schrems’ original challenge to the Irish courts — which have since widened the action by referring a series of legal questions up to the EU’s top court with (now) potential implications for the legality of the EU’s ‘flagship’ Privacy Shield data transfer mechanism.

That was negotiated following the demise of its predecessor Safe Harbor, in 2015, also via a Schrems legal challenge, going on to launch in August 2016 — despite ongoing concerns from data experts. Privacy Shield is now used by close to 4,500 companies to authorize transfers of EU users’ personal data to the US.

So while Schrems’ complaint about SCCs (sometimes also called “model contract clauses”) was targeted at Facebook’s use of them the litigation could end up having major implications for very many more companies if Privacy Shield itself comes unstuck.

More recently Facebook has sought to block the Irish judges’ referral of legal questions to the Court of Justice of the EU (CJEU) — winning leave to appeal last summer (though judges did not stay the referral in the meanwhile).

In its report the DPC notes that the substantive hearing of Facebook’s appeal took place over January 21, 22 and 23 before a five judge Supreme Court panel.

“Oral arguments were made on behalf of Facebook, the DPC, the U.S. Government and Mr Schrems,” it writes. “Some of the central questions arising from the appeal include the following: can the Supreme Court revisit the facts found by the High Court relating to US law? (This arises from allegations by Facebook and the US Government that the High Court judgment, which underpins the reference made to the CJEU, contains various factual errors concerning US law).

“If the Supreme Court considers that it may do so, further questions will then arise for the Court as to whether there are in fact errors in the judgment and if so, whether and how these should be addressed.”

“At the time of going to print there is no indication as to when the Supreme Court judgment will be delivered,” it adds. “In the meantime, the High Court’s reference to the CJEU remains valid and is pending before the CJEU.”



from Social – TechCrunch https://ift.tt/2H3XYMy Read More Detail!
,

Vericate – The new standard in identity verification


Vericate is the best software platform for your KYC/AML onboarding needs. We handle identifications digitally for forward-thinking businesses around the world.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2IH4QSg Read More Detail!
,

MFY – Simple & Easy Facebook Messenger Campaigns for Makers


MFY is the easiest way for makers, bloggers, and online creators to create Facebook Messenger campaigns that engage, nurture and grow their subscribers. Many makers and bloggers are getting poor results from their email campaigns due to less than 10% of open rates of emails. On the other hand, in FB Messenger, open rates for messages are more than 88%.

With MFY, you can create capture FB subscribers from your website using multiple growth widgets, segment them using tags, create broadcasts and add them to sequences (drip campaigns). And you can be sure to get stellar open rates and click-through-rates for your messages. If you are on Wordpress, we have a custom Wordpress plugin to make all this super simple! If no, don't worry, copy-paste JS snippets are available for easy website integrations.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2UbGDVz Read More Detail!

ClassDojo, an app to help teachers and parents communicate better, raises $35M

Messaging apps have become the de facto way that many people today keep in regular contact with each other, and that trend has also found its way into the classroom. ClassDojo, a startup that has built a platform for teachers and parents to communicate small and big updates to each other, today is announcing that it has raised $35 million in funding.

The Series C — which is being jointly led by GSV (behind Spotify, Lyft, Dropbox) and SignalFire (which has backed Grammarly, Zume, Lime), and also includes General Catalyst and Uncork Capital — will be used in two ways. First, to fuel expansion of ClassDojo’s free communications app. And second, to drive its efforts to monetize its service by way of a new service called Beyond School, an optional subscription for families to complement in-school work with at-home tutorials around areas that are complementary to learning well, such as improving studying habits, mindfulness and so on.

(You could think of Beyond School as TedX meets Lynda for K-8, but co-founders Sam Chaudhary and Liam Don, respectively the CEO and CTO, said in an interview that they believe the content will be more than just that.)

ClassDojo has now raised $65 million, and while it is not talking valuation, I’ve been told by a good source that it is coming in at “$400ish” million. That is a huge leap on the $99 million the startup was valued at in 2015 (a figure quoted on PitchBook).

The boost in part is because of ClassDojo’s healthy growth. Since first starting out in 2011 as part of a Y Combinator cohort, the company has expanded to be used in more than 95 percent of all pre K to eighth grade schools in the US, with one in every six families with a child in primary school using the app daily.

The US is its biggest market, but ClassDojo is also now available in some 180 other countries, where it’s also starting to pick up some strong penetration. (In Singapore, Australia, Spain, Hong Kong, the UK, and the UAE, it’s used by some 25 percent of all primary school teachers, for example.) Impressively, all that growth has up to now been organic and word of mouth, one reason why the company has had to raise relatively little funding.

(It also only employs 40 people, another way of keeping costs massively down.)

One of the key things about ClassDojo is that the company has kept a very consistent focus when it comes to its mission: the idea has always been to try to identify the biggest communication problems that teachers might have in teaching kids, and trying to solve them.

Building an app that can bridge the sometimes large gaps between parent-teacher meetings, so that parents feel more engaged with what their children are learning, and teachers might have better feedback from those parents about what children are doing at home, was an obvious first step.

“Learning is so much about having strong relationships,” Chaudhary said. “It’s pretty cool to see the effect this can have not just with parents and teachers, but between parents and kids.”

Beyond School comes in the same vein and is a natural extension of that, and came not just out of what teachers said they wished they had more time to teach to students — but can’t because of the general emphasis in curriculums on academics — but from what parents wished they could work on with their children.

That, in essence, is the wider body of “learning” that you could loosely term emotional intelligence, and general techniques for coping and learning, beyond the academic work itself. “The learning experience in the classroom sparked a lot of ideas, and families were reaching out to us,” Dom said, “wondering if they could have a product to serve more unique needs at home.”

So far, the company does not have any numbers to share on how Beyond School has been taken up since launching at the end of 2018, except to say that it’s going well.

Longer term, it’s interesting to consider how ClassDojo fits into the wider trend of communication and messaging apps, and whether others might ever try to compete in the same space, or perhaps acquire ClassDojo as they extend into other verticals — a strategy that Microsoft, for example, has been following when it comes to acquiring other businesses as it works on tapping the $10 trillion market for education.

I asked Hemant Taneja, a partner at General Catalyst, if he ever thought the likes of Slack, for example, might ever try to compete with it. (No, is the short answer.)

“Slack is a work tool, and I can’t imagine there will be a synergy there,” he said, and nor would it possibly even work. “As a worker and parent, I think that there should be an education platform solely devoted to kids, where the stakeholders are family and teachers. I’ve always believed that from the beginning and I think that ClassDojo’s scale gives it that potential.”

 



from Social – TechCrunch https://ift.tt/2GTPpVg Read More Detail!

LinkedIn forced to ‘pause’ mentioned in the news feature in Europe after complaints about ID mix-ups

LinkedIn has been forced to ‘pause’ a feature in Europe in which the platform emails members’ connections when they’ve been ‘mentioned in the news’.

The regulatory action follows a number of data protection complaints after LinkedIn’s algorithms incorrect matched members to news articles — triggering a review of the feature and subsequent suspension order.

The feature appears as a case study in the ‘Technology Multinationals Supervision’ section of an annual report published today by the Irish Data Protection Commission (DPC). Although the report does not explicitly name LinkedIn — but we’ve confirmed it is the named professional social network.

The data watchdog’s report cites “two complaints about a feature on a professional networking platform” after LinkedIn incorrectly associated the members with media articles that were not actually about them.

“In one of the complaints, a media article that set out details of the private life and unsuccessful career of a person of the same name as the complainant was circulated to the complainant’s connections and followers by the data controller,” the DPC writes, noting the complainant initially complained to the company itself but did not receive a satisfactory response — hence taking up the matter with the regulator.

The complainant stated that the article had been detrimental to their professional standing and had resulted in the loss of contracts for their business,” it adds.

“The second complaint involved the circulation of an article that the complainant believed could be detrimental to future career prospects, which the data controller had not vetted correctly.”

LinkedIn appears to have been matching members to news articles by simple name matching — with obvious potential for identity mix-ups between people with shared names.

“It was clear from the complaints that matching by name only was insufficient, giving rise to data protection concerns, primarily the lawfulness, fairness and accuracy of the personal data processing utilised by the ‘Mentions in the news’ feature,” the DPC writes.

“As a result of these complaints and the intervention of the DPC, the data controller undertook a review of the feature. The result of this review was to suspend the feature for EU-based members, pending improvements to safeguard its members’ data.”

We reached out to LinkedIn with questions and it pointed us to this blog post where it confirms: “We are pausing our Mentioned in the News feature for our EU members while we reevaluate its effectiveness.”

LinkedIn adds that it is reviewing the accuracy of the feature, writing:

As referenced in the Irish Data Protection Commission’s report, we received useful feedback from our members about the feature and as a result are evaluating the accuracy and functionality of Mentioned in the News for all members.

The company’s blog post also points users to a page where they can find out more about the ‘mentioned in the news’ feature and get information on how to manage their LinkedIn email notification settings.

The Irish DPC’s action is not the first privacy strike against LinkedIn in Europe.

Late last year, in its early annual report, on the pre-GDPR portion of 2018, the watchdog revealed it had investigated complaints about LinkedIn related to it targeting non-users with adverts for its service.

The DPC found the company had obtained emails for 18 million people for whom it did not have consent to process their data. In that case LinkedIn agreed to cease processing the data entirely.

That complaint also led the DPC to audit LinkedIn. It then found a further privacy problem, discovering the company had been using its social graph algorithms to try to build suggested networks of compatible professional connections for non-members.

The regulator ordered LinkedIn to cease this “pre-compute processing” of non-members’ data and delete all personal data associated with it prior to GDPR coming into force.

LinkedIn said it had “voluntarily changed our practices as a result”.



from Social – TechCrunch https://ift.tt/2VtaJEl Read More Detail!
,

Spend Together – Share and manage group expenses


Spend Together is an app dedicated to help you and your friends manage joint expenses painlessly. It’s suitable for trips with friends, roommates, couples or any other IOUs. Get rid off paper bills and spend more time on things that matter, rather than arguing about who owes whom and how much.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2SwfWt5 Read More Detail!
,

Expensive Chat – Chatroom where you pay $0.01 per letter


Expensive Chat is a chatroom where you pay $0.01 per letter. It's a social experiment to see what happens when an online chat is not a free-for-all, but every message costs money.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2H7827s Read More Detail!

Wednesday, 27 February 2019

,

Socialradar.co – Monitor your brand on Twitter


Socialradar is a Twitter monitoring software that enables marketing managers to watch and protect their brand. Socialradar notifies its users when brand or keyword specific tweets have been published.

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2GQJxw2 Read More Detail!
,

PoolRequest – Slackbot for managing Github pull requests to review


PoolRequest is a Slackbot that helps developers to efficiently manage their Github pull requests to review right from Slack.

Invite PoolRequest into the channel you want and start to use keywords to add, list and review pull requests easily. 🚀

View startup



from BetaList - Discover tomorrow's startups, today https://ift.tt/2VsqFqy Read More Detail!