Archiv der Kategorie: Innovation

Is it time to leave WhatsApp – and is Signal the answer!

 

The Facebook-owned messaging service has been hit by a global backlash over privacy. Many users are migrating to Signal or Telegram. Should you join them?

Whatsapp, Signal and Telegram app icons  on a smartphone screen
WhatsApp, Signal and Telegram: three leading choices for messaging services. Photograph: Rafael Henrique/Sopa Images/RexShutterstock
 

Earlier this month, WhatsApp issued a new privacy policy along with an ultimatum: accept these new terms, or delete WhatsApp from your smartphone. But the new privacy policy wasn’t particularly clear, and it was widely misinterpreted to mean WhatsApp would be sharing more sensitive personal data with its parent company Facebook. Unsurprisingly, it prompted a fierce backlash, with many users threatening to stop using the service.

WhatsApp soon issued a clarification, explaining that the new policy only affects the way users’ accounts interact with businesses (ie not with their friends) and does not mandate any new data collection. The messaging app also delayed the introduction of the policy by three months. Crucially, WhatsApp said, the new policy doesn’t affect the content of your chats, which remain protected by end-to-end encryption – the “gold standard” of security that means no one can view the content of messages, even WhatsApp, Facebook, or the authorities.

 

But the damage had already been done. The bungled communication attempts have raised awareness that WhatsApp does collect a lot of data, and some of this could be shared with Facebook. The BBC reported that Signal was downloaded 246,000 times worldwide in the week before WhatsApp announced the change on 4 January, and 8.8m times the week after.

WhatsApp does share some data with Facebook, including phone numbers and profile name, but this has been happening for years. WhatsApp has stated that in the UK and EU the update does not share further data with Facebook – because of strict privacy regulation, known as the general update to data protection regulation (GDPR). The messaging app doesn’t gather the content of your chats, but it does collect the metadata attached to them – such as the sender, the time a message was sent and who it was sent to. This can be shared with “Facebook companies”.

Facebook’s highly criticised data collection ethos has eroded trust in the social network. Its practices can put vulnerable people at risk, says Emily Overton, a data protection expert and managing director of RMGirl. She cites the example of Facebook’s “people you may know” algorithm exposing sex workers’ real names to their clients – despite both parties taking care to set up fake identities. “The more data they profile, the more they put people in vulnerable positions at risk.”

And the social network isn’t known for keeping promises. When Facebook bought WhatsApp in 2014, it pledged to keep the two services separate. Yet only a few years later, Facebook announced aims to integrate the messaging systems of Facebook, Instagram and WhatsApp. This appears to have stalled owing to technical and regulatory difficulties around encryption, but it’s still the long-term plan.


Why are people choosing Signal over Telegram?

Signal, a secure messaging app recommended by authorities such as the Electronic Frontier Foundation and Edward Snowden, has been the main beneficiary of the WhatsApp exodus. Another messaging app, Telegram, has also experienced an uptick in downloads, but Signal has been topping the charts on the Apple and Android app stores.

Signal benefits from being the most similar to WhatsApp in terms of features, while Telegram has had problems as a secure and private messaging app, with its live location feature recently coming under fire for privacy infringements. Crucially, Telegram is not end-to-end encrypted by default, instead storing your data in the cloud. Signal is end-to-end encrypted, collects less data than Telegram and stores messages on your device rather than in the cloud.


Does Signal have all the features I am used to and why is it more private?

Yes, Signal has most of the features you are used to on WhatsApp, such as stickers and emojis. You can set up and name groups, and it’s easy to send a message: just bring up the pen sign in the right-hand corner.

Signal has a desktop app, and you can voice and video chat with up to eight people. Like WhatsApp, Signal uses your phone number as your identity, something that has concerned some privacy and security advocates. However, the company has introduced pin codes in the hope of moving to a more secure and private way of identifying users in the future.

As well as being end-to-end encrypted, both WhatsApp and Signal have a “disappearing messages” feature for additional privacy. The major difference is how each app is funded. WhatsApp is owned by Facebook, whose business model is based on advertising. Signal is privacy focused and has no desire to analyse, share or profit from users’ private information, says Jake Moore, cybersecurity specialist at ESET.

Signal is supported by the non-profit Signal Foundation, set up in 2018 by WhatsApp founder Brian Acton and security researcher (and Signal Messenger CEO) Moxie Marlinspike, who created an encryption protocol that is used by several messaging services, including WhatsApp and Skype as well as Signal itself. Acton, who left Facebook in 2017 after expressing concerns over how the company operated, donated an initial $50m to Signal, and the open-source app is now funded by the community. Essentially that means developers across the world will continually work on it and fix security issues as part of a collaborative effort, making the app arguably more secure.

But there are concerns over whether Signal can maintain this free model as its user base increases to the tens, or potentially in the future, hundreds of millions. Signal is adamant it can continue to offer its service for free. “As a non-profit, we simply need to break even,” says Aruna Harder, the app’s COO.

Signal is exclusively supported by grants and donations, says Acton. “We believe that millions of people value privacy enough to sustain it, and we’re here to demonstrate that there is an alternative to the ad-based business models that exploit user privacy.”


I want to move to Signal. How do you persuade WhatsApp groups to switch?

The momentum away from WhatsApp does appear to be building, and you may find more of your friends have switched to Signal already. But persuading a larger contact group can be more challenging.

Overton has been using Signal for several years and says all her regular contacts use the app. “Even when dating online, I ask the person I want to go on a date with to download Signal, or they don’t get my number.”

Some Signal advocates have already begun to migrate their groups over from WhatsApp. Jim Creese, a security expert, is moving a neighbourhood text group of 100 people to Signal. He is starting with a smaller sub-group of 20, some of whom struggle with technology. Creese says most are ambivalent about switching “as long as the new method isn’t more difficult”.

He advises anyone who’s moving groups across apps to focus on the “why” first. “Explain the reasons for the change, how it is likely to affect them, and the benefits. Don’t rush the process. While WhatsApp might not be where you want to be today, there’s no emergency requiring an immediate move.”

Moore thinks the shift away from WhatsApp will continue to gain momentum, but he says it will take time to move everyone across. Until then, it’s likely you will need to keep both WhatsApp and Signal on your phone.

Moore is in the process of moving a family chat to Signal, for the second time. “When I originally tried, one family member didn’t understand my concerns and thought I was being overcautious.

“However, the recent news has helped him understand the potential issues and why moving isn’t such a bad idea. The next hurdle will be getting my mother to download a new app and use it for the first time without me physically assisting her.”

Source: https://www.theguardian.com/technology/2021/jan/24/is-it-time-to-leave-whatsapp-and-is-signal-the-answer

Signal Is Finally Bringing Its Secure Messaging to the Masses

Signal Is Finally Bringing Its Secure Messaging to the Masses

The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream.
Moxie Marlinspike
Signal creator Moxie Marlinspike is ready for his encrypted messaging app to go mainstream.Photograph: Michelle Groskopf

Last month, the cryptographer and coder known as Moxie Marlinspike was getting settled on an airplane when his seatmate, a Midwestern-looking man in his sixties, asked for help. He couldn’t figure out how to enable airplane mode on his aging Android phone. But when Marlinspike saw the screen, he wondered for a moment if he was being trolled: Among just a handful of apps installed on the phone was Signal.

Marlinspike launched Signal, widely considered the world’s most secure end-to-end encrypted messaging app, nearly five years ago, and today heads the nonprofit Signal Foundation that maintains it. But the man on the plane didn’t know any of that. He was not, in fact, trolling Marlinspike, who politely showed him how to enable airplane mode and handed the phone back.

„I try to remember moments like that in building Signal,“ Marlinspike told WIRED in an interview over a Signal-enabled phone call the day after that flight. „The choices we’re making, the app we’re trying to create, it needs to be for people who don’t know how to enable airplane mode on their phone,“ Marlinspike says.

 

Marlinspike has always talked about making encrypted communications easy enough for anyone to use. The difference, today, is that Signal is finally reaching that mass audience it was always been intended for—not just the privacy diehards, activists, and cybersecurity nerds that formed its core user base for years—thanks in part to a concerted effort to make the app more accessible and appealing to the mainstream.

That new phase in Signal’s evolution began two years ago this month. That’s when WhatsApp cofounder Brian Acton, a few months removed from leaving the app he built amid post-acquisition clashes with Facebook management, injected $50 million into Marlinspike’s end-to-end encrypted messaging project. Acton also joined the newly created Signal Foundation as executive chairman. The pairing up made sense; WhatsApp had used Signal’s open source protocol to encrypt all WhatsApp communications end-to-end by default, and Acton had grown disaffected with what he saw as Facebook’s attempts to erode WhatsApp’s privacy.

 

Since then, Marlinspike’s nonprofit has put Acton’s millions—and his experience building an app with billions of users—to work. After years of scraping by with just three overworked full-time staffers, the Signal Foundation now has 20 employees. For years a bare-bones texting and calling app, Signal has increasingly become a fully featured, mainstream communications platform. With its new coding muscle, it has rolled out features at a breakneck speed: In just the last three months, Signal has added support for iPad, ephemeral images and video designed to disappear after a single viewing, downloadable customizable „stickers,“ and emoji reactions. More significantly, it announced plans to roll out a new system for group messaging, and an experimental method for storing encrypted contacts in the cloud.

Moxie Marlinspike
Photograph: Michelle Groskopf

 

„The major transition Signal has undergone is from a three-person small effort to something that is now a serious project with the capacity to do what is required to build software in the world today,“ Marlinspike says.

Many of those features might sound trivial. They certainly aren’t the sort that appealed to Signal’s earliest core users. Instead, they’re what Acton calls „enrichment features.“ They’re designed to attract normal people who want a messaging app as multifunctional as WhatsApp, iMessage, or Facebook Messenger but still value Signal’s widely trusted security and the fact that it collects virtually no user data. „This is not just for hyperparanoid security researchers, but for the masses,“ says Acton. „This is something for everyone in the world.“

Even before those crowdpleaser features, Signal was growing at a rate most startups would envy. When WIRED profiled Marlinspike in 2016, he would confirm only that Signal had at least two million users. Today, he remains tightlipped about Signal’s total user base, but it’s had more than 10 million downloads on Android alone according to the Google Play Store’s count. Acton adds that another 40 percent of the app’s users are on iOS.

Its adoption has spread from Black Lives Matters and pro-choice activists in Latin America to politicians and political aides—even noted technically incompetent ones like Rudy Giuliani—to NBA and NFL players. In 2017, it appeared in the hacker show Mr. Robot and political thriller House of Cards. Last year, in a sign of its changing audience, it showed up in the teen drama Euphoria.

Identifying the features mass audiences want isn’t so hard. But building even simple-sounding enhancements within Signal’s privacy constraints—including a lack of metadata that even WhatsApp doesn’t promise–can require significant feats of security engineering, and in some cases actual new research in cryptography.

Take stickers, one of the simpler recent Signal upgrades. On a less secure platform, that sort of integration is fairly straightforward. For Signal, it required designing a system where every sticker „pack“ is encrypted with a „pack key.“ That key is itself encrypted and shared from one user to another when someone wants to install new stickers on their phone, so that Signal’s server can never see decrypted stickers or even identify the Signal user who created or sent them.

Signal’s new group messaging, which will allow administrators to add and remove people from groups without a Signal server ever being aware of that group’s members, required going further still. Signal partnered with Microsoft Research to invent a novel form of „anonymous credentials“ that let a server gatekeep who belongs in a group, but without ever learning the members‘ identities. „It required coming up with some innovations in the world of cryptography,“ Marlinspike says. „And in the end, it’s just invisible. It’s just groups, and it works like we expect groups to work.“

 

Signal is rethinking how it keeps track of its users‘ social graphs, too. Another new feature it’s testing, called „secure value recovery,“ would let you create an address book of your Signal contacts and store them on a Signal server, rather than simply depend on the contact list from your phone. That server-stored contact list would be preserved even when you switch to a new phone. To prevent Signal’s servers from seeing those contacts, it would encrypt them with a key stored in the SGX secure enclave that’s meant to hide certain data even from the rest of the server’s operating system.

That feature might someday even allow Signal to ditch its current system of identifying users based on their phone numbers—a feature that many privacy advocates have criticized, since it forces anyone who wants to be contacted via Signal to hand out a cell phone number, often to strangers. Instead, it could store persistent identities for users securely on its servers. „I’ll just say, this is something we’re thinking about,“ says Marlinspike. Secure value recovery, he says, „would be the first step in resolving that.“

 

With new features comes additional complexity, which may add more chances for security vulnerabilities to slip into Signal’s engineering, warns Matthew Green, a cryptographer at Johns Hopkins University. Depending on Intel’s SGX feature, for instance, could let hackers steal secrets the next time security researchers expose a vulnerability in Intel hardware. For that reason, he says that some of Signal’s new features should ideally come with an opt-out switch. „I hope this isn’t all or nothing, that Moxie gives me the option to not use this,“ Green says.

But overall, Green says he’s impressed with the engineering that Signal has put into its evolution. And making Signal friendlier to normal people only becomes more important as Silicon Valley companies come under increasing pressure from governments to create encryption backdoors for law enforcement, and as Facebook hints that its own ambitious end-to-end encryption plans are still years away from coming to fruition.

„Signal is thinking hard about how to give people the functionality they want without compromising privacy too much, and that’s really important,“ Green adds. „If you see Signal as important for secure communication in the future—and possibly you don’t see Facebook or WhatsApp as being reliable—then you definitely need Signal to be usable by a larger group of people. That means having these features.“

Brian Acton doesn’t hide his ambition that Signal could, in fact, grow into a WhatsApp-sized service. After all, Acton not only founded WhatsApp and helped it grow to billions of users, but before that joined Yahoo in its early, explosive growth days of the mid-1990s. He thinks he can do it again. „I’d like for Signal to reach billions of users. I know what it takes to do that. I did that,“ says Acton. „I’d love to have it happen in the next five years or less.“

That wild ambition, to get Signal installed onto a significant fraction of all the phones on the planet, represents a shift—if not for Acton, then for Marlinspike. Just three years ago, Signal’s creator mused in an interview with WIRED that he hoped Signal could someday „fade away,“ ideally after its encryption had been widely implemented in other billion-user networks like WhatsApp. Now, it seems, Signal hopes to not merely influence tech’s behemoths, but to become one.

But Marlinspike argues that Signal’s fundamental aims haven’t changed, only its strategy—and its resources. „This has always been the goal: to create something that people can use for everything,“ Marlinspike says. „I said we wanted to make private communication simple, and end-to-end encryption ubiquitous, and push the envelope of privacy-preserving technology. This is what I meant.“

Source: https://www.wired.com/story/signal-encrypted-messaging-features-mainstream/

A Brief History of Grunge: The Seattle Sound

Kurt Cobain of Nirvana in 1993
Kurt Cobain of Nirvana in 1993 | Photo By Stephen Sweet/REX/Shutterstock

The word grunge, which means grime or dirt, came to describe a music genre, fashion style and lifestyle exclusively attached to the Pacific Northwest and, specifically, Seattle. With the effects of this movement still relevant some 30 years later, it’s worth exploring how it all began – and how grunge entered the mainstream.

It all started with the Melvins. Formed in 1983 in Washington State, the band were part of a generation of musicians influenced by the likes of KISS, Black Sabbath, Led Zeppelin and AC/DC. Taking inspiration from the bands they loved, the Melvins were one of the first rock groups to mix elements of metal and punk in their sound.The city of Seattle at that time was just shedding its hippie image but still holding on to the hippie values of counterculture and nonconformity. In 1984, Seattle-based bands Green River and Soundgarden formed, followed by the Screaming Trees in 1985. The following year brought the founding of Sub Pop Records and saw Seattle-based record label C/Z Records’ first release, Deep Six. This compilation, credited as the first distribution of grunge, included the Melvins, Green River, Soundgarden, Malfunkshun, Skin Yard and The U-Men. Metal band Alice in Chains joined this faction of Seattle bands when they formed in 1987.

Editorial use only. Consent for book publication must be agreed with Rex by Shutterstock before use. Mandatory Credit: Photo by Andre Csillag/REX/Shutterstock (499068go) THE SCREAMING TREES PERFORMING ON THE ‚LATER WITH JOOLS‘ SHOW, BBC TV, LONDON, BRITAIN – NOV 1996 VARIOUS | Photo by Andre Csillag/REX/Shutterstock
Mandatory Credit: Photo by Malluk/Mediapunch/REX/Shutterstock (8627708a) Alice in Chains with Layne Staley Special Fees May 1991 Chains_em8 | Photo by Malluk/Mediapunch/REX/Shutterstock

Between 1988 and 1990, the tight-knit group of Seattle bands went through many transformations. Green River split into two groups: the members who wanted to stay “underground” formed Mudhoney, while those who wanted to become famous rock stars formed Mother Love Bone (picking up the lead singer from Malfunkshun, Andrew Wood). Representing another shift in those values of nonconformity, Soundgarden signed in 1988 with a mainstream label, A&M Records, to the dismay of many of their fans.

Mandatory Credit: Photo by Mediapunch/REX/Shutterstock (8824657d) Soundgarden – Chris Cornell Soundgarden In Concert at Hollywood Live, Los Angeles, USA – 23 Sep 1989 | Photo by Mediapunch/REX/Shutterstock

At the start of the new decade, Mother Love Bone was set to become the rock stars they intended to be when Wood unexpectedly died of a heroin overdose. Wood’s roommate, Chris Cornell of Soundgarden, wrote a tribute to his late friend. A few songs played with the surviving Mother Love Bone members turned into an entire album, Temple of the Dog. When Cornell decided that one of the songs would be better as a duet, he invited a backup vocalist, Eddie Vedder, to join him for the singing of ‘Hunger Strike.’ The same year, Vedder joined the remaining Mother Love Bone members in creating a new band, first named Mookie Blaylock and eventually renamed Pearl Jam.

In 1990, Nirvana consisted only of singer-guitarist Kurt Cobain and bassist Krist Novoselic, and were yet to find a full-time drummer. They were eventually introduced to Dave Grohl through their friends the Melvins, becoming another staple grunge band of the ’90s made possible through collaboration.

Mandatory Credit: Photo by Stephen Sweet/REX/Shutterstock (261411g) Nirvana – Dave Grohl, Kurt Cobain and Chris Novoselic Nirvana – 1993 | Photo by Stephen Sweet/REX/Shutterstock

The bands became regulars at music venues across the city, performing at locations still open today such as The Crocodile and The Showbox. Before any of the bands really left Seattle, they described themselves in self-deprecating ways, referring to themselves and their music style as dirt, scum and – you guessed it – grunge. In 1991, when Nirvana reached number one on Billboard’s Alternative Songs chart, with Pearl Jam following closely behind, “grunge” turned from a joke into an actual descriptor of the rock music subgenre characterized by guitar distortion, feedback and heartfelt, anguished lyrics. That same year, Mudhoney and the Screaming Trees achieved indie success. Soundgarden didn’t catch up with the commercial success of Nirvana and Pearl Jam until 1994.

Mandatory Credit: Photo by Andre Csillag/REX/Shutterstock (497745ka) Pearl Jam – Eddie Vedder performing at Brixton Academy, London, Britain – Jul 1993 Various | Photo by Andre Csillag/REX/Shutterstock

As these bands developed a need for marketing, “grunge” changed from descriptor to ultimate promoter, especially in fashion. That industry, from Macy’s to Marc Jacobs, started creating items that mimicked the style of these bands and their Seattle audiences, namely flannel shirts, combat boots and wool ski hats, often worn with unwashed hair.

Mandatory Credit: Photo by Bei/REX/Shutterstock (5137575b) Eddie Vedder Singles Premiere 09/10/92 – Los Angeles, CA. Eddie Vedder (cast) of Pearl Jam wearing helmet Warner Bros.‘ premiere of ‚Singles‘ in Los Angeles, CA. Photo®Berliner Studio/BEImages.net September 10, 1992 | Photo by Bei/REX/Shutterstock

While the muses for these fashion statements may have started out too poor and cold to buy anything else, and didn’t care to look after or style their hair, the popularity of grunge inspired the style of the rich. The combat boots that were practical for traction in Seattle’s rain began hitting the catwalks. For the first time, instead of going from boutiques to last season’s department to Goodwill, clothes purchased from Goodwill were inspiring what got brought into the shops. Punks were anti-fashion: their outfits made a statement against it. Grunge rockers were fashion-indifferent: they made no statement at all. And yet grunge became a fashion statement in and of itself.

Mandatory Credit: Photo by Photofusion/REX/Shutterstock (2253864a) Teenage boys wearing grunge gear, UK Youth | Photofusion/REX/Shutterstock

As the concept of grunge was increasingly used in the mainstream, it became increasingly rejected in anti-conformist Seattle. Grunge became a blanket term for Northwest bands of the ’80s and ’90s, even if they had completely different styles and sounds.Today, though, the term has been reclaimed. Seattleites still hold the same values that began the grunge movement and have learned to embrace the subgenre that, in a lot of ways, put their city on the map.

Source: https://theculturetrip.com/north-america/usa/washington/articles/a-brief-history-of-grunge-the-seattle-sound/

The Batteries of the Future Are Weightless and Invisible

There’s a renaissance underway in structural battery research, which aims to build energy storage into the very devices and vehicles they power.

A car flies over the ocean with clouds instead of a frame.

ELON MUSK MADE a lot of promises during Tesla’s Battery Day last September. Soon, he said, the company would have a car that runs on batteries with pure silicon anodes to boost their performance and reduced cobalt in the cathodes to lower their price. Its battery pack will be integrated into the chassis so that it provides mechanical support in addition to energy, a design that Musk claimed will reduce the car’s weight by 10 percent and improve its mileage by even more. He hailed Tesla’s structural battery as a “revolution” in engineering—but for some battery researchers, Musk’s future looked a lot like the past.

“He’s essentially doing something that we did 10 years ago,” says Emile Greenhalgh, a materials scientist at Imperial College London and the engineering chair in emerging technologies at the Royal Academy. He’s one of the world’s leading experts on structural batteries, an approach to energy storage that erases the boundary between the battery and the object it powers. “What we’re doing is going beyond what Elon Musk has been talking about,” Greenhalgh says. “There are no embedded batteries. The material itself is the energy storage device.”

Today, batteries account for a substantial portion of the size and weight of most electronics. A smartphone is mostly a lithium-ion cell with some processors stuffed around it. Drones are limited in size by the batteries they can carry. And about a third of the weight of an electric vehicle is its battery pack. One way to address this issue is by building conventional batteries into the structure of the car itself, as Tesla plans to do. Rather than using the floor of the car to support the battery pack, the battery pack becomes the floor.

But for Greenhalgh and his collaborators, the more promising approach is to scrap the battery pack and use the vehicle’s body for energy storage instead. Unlike a conventional battery pack embedded in the chassis, these structural batteries are invisible. The electrical storage happens in the thin layers of composite materials that make up the car’s frame. In a sense, they’re weightless because the car is the battery. “It’s making the material do two things simultaneously,” says Greenhalgh. This new way of thinking about EV design can provide huge performance gains and improve safety because there won’t be thousands of energy-dense, flammable cells packed into the car.

A lithium-ion battery inside a phone or EV battery pack has four main components: the cathode, anode, electrolyte, and the separator. When a battery is discharged, lithium-ions flow through the electrolyte from the negative anode to the positive cathode, which are partitioned by a permeable separator to prevent a short circuit. In a conventional battery, these elements are either stacked like a wedding cake or wound around each other like a jelly roll to pack as much energy as possible into a small volume. But in a structural battery, they have to be reconfigured so the cell can be molded into irregular shapes and withstand physical stress. A structural battery doesn’t look like a cube or a cylinder; it looks like an airplane wing, car body, or phone case.

The first structural batteries developed by the US military in the mid-2000s used carbon fiber for the cell’s electrodes. Carbon fiber is a lightweight, ultrastrong material that is frequently used to form the bodies of aircraft and high-performance cars. It’s also great at storing lithium ions, which makes it a good substitute for other carbon-based materials like graphite that are used as anodes in typical Li-ion batteries. But in a structural battery, carbon fiber infused with reactive materials like iron phosphate is also used for the cathode because it needs to provide support. A thin sheet of woven glass separates the two electrodes, and these layers are suspended in an electrolyte like fruit in an electrochemical jello. The entire ensemble is only a few millionths of a meter thick and can be cut into any desired shape.

Leif Asp, a materials scientist at the Chalmers University of Technology in Sweden, has been at the forefront of structural battery research for the past decade. In 2010, Asp, Greenhalgh, and a team of European scientists collaborated on Storage, a project that aimed to build structural batteries and integrate them into a prototype hybrid Volvo. “At that time, I didn’t think it would have much impact on society, but as we moved along it struck me that this could be a very useful idea,” says Asp, who characterizes the conventional battery as a “structural parasite.” He says the main benefit of structural batteries is that they reduce the amount of energy an EV needs to drive the same distance—or it can increase its range. “We need to focus on energy efficiency,” says Asp. In a world where most electricity is still produced with fossil fuels, every electron counts in the fight against climate change.

During the three-year project, the Storage team successfully integrated commercial lithium-ion batteries into a plenum cover, a passive component that regulates air intake into the engine. It wasn’t the car’s main battery, but a smaller secondary pack that supplied electricity to the air-conditioning, stereo, and lights when the engine temporarily turned off at a stop light. This was the first proof of concept for a structural battery that was integrated into the body of a working car and was essentially a small-scale version of what Tesla is trying to achieve.

But sandwiching a bunch of conventional Li-ion cells into the body of a car isn’t as efficient as making the car’s body serve as its own battery. During the Storage collaboration, Asp and Greenhalgh also developed a structural supercapacitor that was used as a trunk lid. A supercapacitor is similar to a battery but stores energy as electrostatic charge, rather than a chemical reaction. The one made for the Volvo trunk consisted of two layers of carbon fiber infused with iron oxide and magnesium oxide, separated by an insulating layer. The whole stack was wrapped in laminate and molded into the shape of the trunk.

Supercapacitors don’t hold nearly as much energy as a battery, but they’re great at rapidly delivering small amounts of electric charge. Greenhalgh says that they’re also easier to work with and were a necessary stepping stone toward accomplishing the same thing with a battery. The Volvo was a proof of concept that structural energy storage was viable in an EV, and the success of the Storage project generated a lot of hype about structural batteries. But despite that enthusiasm, it took a few years to procure more funding from the European Commission to push the technology to the next level. “This is a very challenging technology and something that’s not going to be solved with a few million pounds thrown at it,” says Greenhalgh of the financing difficulties. “We got a lot more funding, and now it’s really starting to snowball.”

This summer, Asp, Greenhalgh, and a team of European researchers wrapped up a three-year research project called Sorcerer that had the goal of developing structural lithium-ion batteries for use in commercial aircraft. Aviation is arguably the killer app for structural energy storage. Commercial aircraft produce a lot of emissions, but electrifying passenger jets is a major challenge because they require so much energy. Jet fuel is terrible for the environment, but it’s about 30 times more energy-dense than state-of-the-art commercial lithium-ion cells. In a typical 150-passenger aircraft, that means you’d need about 1 ton of batteries per person. If you tried to electrify this jet with existing cells, the plane would never get off the ground.

Established aerospace companies like Airbus and startups like Zunum have been working on electrifying passenger aircraft for years. But even if they’re successful, packing a plane full of conventional cells has some major safety risks. A short circuit in a large battery pack could cause a disastrous fire or explosion. “The aerospace sector is very conservative, and they’re nervous about packing aircraft with these really high-powered batteries,” says Greenhalgh. Emerging battery chemistries, including solid electrolytes, could lower the risk, but meeting the massive energy requirements of a passenger jet is still a major challenge that could be solved with structural batteries.

As part of the Sorcerer project, Asp and his colleagues created structural batteries made from thin layers of carbon fiber that could conceivably be used to build parts of an airplane’s cabin or wings. The experimental batteries the Sorcerer team developed have significantly improved mechanical properties and energy densities compared to the batteries they produced during the Storage initiative a decade earlier. “Now we can make materials that have at least 20 to 30 percent of both energy storage capacity and the mechanical capacity of the systems we want to replace,” says Asp. “It’s a huge progression.”

But technical challenges are only half the battle when it comes to getting structural batteries out of the lab and into the real world. Both the automotive and aviation industries are heavily regulated, and manufacturers often run on thin margins. That means introducing new materials into cars and planes requires demonstrating their safety to regulators and their superior performance to manufacturers.

As a structural battery is charged and discharged, lithium ions are shuttling in and out of the carbon-fiber cathodes, which changes their shape and mechanical properties. It’s important for manufacturers and regulators to be able to predict precisely how these structural batteries will react when they’re being used and how that affects the performance of the vehicles they power. To that end, Greenhalgh and Asp are building mathematical models that will show exactly how the structure of vehicles built from these batteries changes during use. Asp says it will probably be more than a decade before structural batteries are deployed in vehicles because of their significant power demands and regulatory challenges. Before that happens, he predicts, they will become commonplace in consumer electronics.

Jie Xiao, the chief scientist and manager of the Batteries & Materials System group at Pacific Northwest National Laboratory, agrees. She thinks a particularly promising and often overlooked area of application is in microelectronics. These are devices that could comfortably fit on your fingertip and are particularly useful for medical implants. But first, there needs to be a way to power them.

“Structural batteries are extremely helpful for microelectronics, because the volume is very restricted,” says Xiao. While it is possible to scale down conventional batteries to the size of a grain of rice, these cells still take up valuable space in microelectronics. But structural batteries don’t take up more space than the device itself. At PNNL, Xiao and her colleagues have studied some of the fundamental issues with the design of microbatteries, like how to maintain alignment between electrodes when a structural battery is bent or twisted. “From a design point of view, it’s very important that your positive and negative electrodes face each other,” says Xiao. “So even if we can take advantage of void spaces, if those electrodes are unaligned they are not participating in the chemical reaction. So this limits the designs of irregular-shaped structural batteries.”

Xiao and her team have worked on several niche scientific applications for micro structural batteries, like injectable tracking tags for salmon and bats. But she says it’s still going to be a while before they find mainstream application with emerging technologies like electronic skin for prosthetics. In the meantime, however, structural batteries could be a boon for energy-hungry robots. In a laboratory on the Ann Arbor campus at the University of Michigan, chemist and chemical engineer Nicholas Kotov oversees a menagerie of small biomimetic robots he developed with his graduate students. “Organisms distribute energy storage throughout the body so that they serve double or triple functions,” says Kotov. “Fat is a great example. It has lots of energy storage. The question is: How do we replicate it?”

The team’s goal is to create machines that mimic animals, and so they require a power source that can integrate with their robotic skeletons, much like fat and muscle hem to ours. Some of their latest creations include robotic scorpions, spiders, ants and caterpillars that skitter around the floor. All of them are powered by a unique structural battery integrated with their moving parts. The battery sits on the back of the robot like a silver shell, and it both energizes and protects the robot’s mechanical guts. It’s taking a cue from nature to improve the unnatural.

Unlike the carbon-fiber and lithium-ion sheets being developed by Asp and Greenhalgh, Kotov and his students created a zinc-air structural battery for their automatons. This cell chemistry is able to store much more energy than conventional Li-ion cells. It consists of a zinc anode, a carbon cloth cathode, and a semi-rigid electrolyte made from polymer-based nanofibers that is nanoengineered to mimic cartilage. The energy carriers in this type of battery are hydroxide ions that are produced when oxygen from the air interacts with the zinc.

While structural batteries for vehicles are highly rigid, the cell developed by Kotov’s team is meant to be pliable to cope with the movements of the robots. They’re also incredibly energy-dense. As Kotov and his team detailed in a paper published earlier this year, their structural batteries have 72 times the energy capacity of a conventional lithium-ion cell of the same volume. For now, their batteries are being used to power robotic toys and small drones as a proof of concept. But Kotov says he expects they’ll be used in midsize robots as well as larger hobby drones in the not-so-distant future. “Drones and medium-size robots need to have new solutions for energy storage,” Kotov says. “I can guarantee you that structural batteries will be a part of that.”

The battery has always been an addendum, a limiting factor, and a parasite. Today it’s vanishing before our eyes, melting into the fabric of our electrified world. In the future, everything will be a battery, and stand-alone energy storage will seem as quaint as landline telephones and portable CD players. It’s a disappearing act worthy of a great magician: Now you see it—and soon you won’t.

https://www.wired.com/story/the-batteries-of-the-future-are-weightless-and-invisible/

Bill Gates orders £500m hydrogen-powered superyacht

Microsoft billionaire’s innovative and eco-fuelled 112m Aqua vessel to launch after 2024

The ‘Aqua’ superyacht powered by liquid hydrogen
The ‘Aqua’ superyacht powered by liquid hydrogen – a snip at £500m. It can travel 3,750 miles before it needs to refuel. Photograph: Sinot/Cover Images

Bill Gates has ordered the world’s first hydrogen-powered superyacht, worth an estimated £500m ($644m) and featuring an infinity pool, helipad, spa and gym.

The billionaire co-founder of Microsoft has commissioned the Aqua ship – a 112-metre (370ft) luxury vessel completely powered by liquid hydrogen – which was publicised last year at the Monaco yacht show by the Dutch design firm Sinot.

Speaking about the project last year, the marine designer Sander Sinot said: “For the development of Aqua we took inspiration from the lifestyle of a discerning, forward-looking owner, the fluid versatility of water and cutting-edge technology, to combine this in a superyacht with truly innovative features.”

The boat has five decks and space to accommodate 14 guests and 31 crew members. In a further environmentally friendly feature, gel-fuelled fire bowls allow guests to stay warm outside without having to burn wood or coals.

But its most cutting-edge feature is tucked away below decks – two 28-tonne vacuum-sealed tanks that are cooled to -423F (-253C) and filled with liquid hydrogen, which powers the ship. The fuel will generate power for the two one-megawatt motors and propellors via on-board fuel cells, which combine hydrogen with oxygen to produce electricity. Water is a byproduct.

The vessel is unlikely to take to the seas before 2024, according to the Sunday Telegraph, which reported the Gates commission. When it does, it has the potential to reach speeds of 17 knots (about 20mph) and travel 3,750 miles (or roughly London to New York) before it needs to refuel. The Sunday Telegraph said the boat would have a “diesel back-up” due to the scarcity of hydrogen refuelling stations.

Gates, 64, who is currently ranked as the world’s second-richest man with a $118bn (£92bn) fortune, is a regular superyacht holidaymaker who has not previously owned his own vessel. Typically renting yachts for his own use, in the past he has holidayed off the coast of Sardinia onboard the $330m yacht Serene, which is owned by the Stolichnaya vodka magnate, Yuri Scheffler.

The investment underlines Gates’s long-standing interest in alternative fuels, and his enthusiasm for new technology that could tackle emissions from industry and transport that together make up 75% of the world’s carbon footprint.

He is an investor in Heliogen, a Californian startup that aims to turn sunlight into a source of heat exceeding 1,000C that could help replace fossil fuels. It is the first company in the world to concentrate sunlight to reach temperatures that are high enough to power heavy industry without carbon emissions.

Gates has also pledged to give most of his estimated $118bn fortune to good causes via The Bill and Melinda Gates Foundation. This week he donated $100m to help tackle the coronavirus.

Source: https://www.theguardian.com/technology/2020/feb/09/bill-gates-orders-500m-hydrogen-powered-superyacht

In this room 50 years ago, the internet was born

On October 29, 1969, in this room at UCLA, a student programmer sent the first message using ARPANET, a precursor to the modern internet. The message didn’t go well. The programmer, Charley Kline, got halfway through the word login before the program crashed. It wasn’t a great start.

 

It would take a few more decades until the internet started entering our homes, but its impact is almost incalculable. It’s transformed nearly every facet of life, and whole human generations identify around its existence.

Source: https://www.popularmechanics.com/technology/a29608415/welcome-to-internet-week/

Save Your LifeTime by 3 Simple & Effective Steps

Source: https://www.inc.com/geoffrey-james/the-average-worker-spends-51-of-each-workday-on-these-3-unnecessary-tasks.html

There are thousands of books on time management, and thousands more on work/life balance, but almost all of them either nibble around the edge of the problems or pretend they don’t exist. So, here’s the straight skinny: The reason most people are stressed for time is that they are wasting more than half of each working day on time-wasting tasks.

Here are the culprits and some simple solutions to get recapture the time that you’re otherwise destined to waste.

1. Unnecessary Commuting (13 percent)

As of 2018 (the last year measured), the average one-way commute to work is 27 minutes, nearly six minutes more than in 1980, according to the U.S. Census Bureau. And that’s just the average, which means that some of us are spending a lot more than that. (I’ve known people with three-hour commutes–one way.)

Let’s suppose that you have a commute that’s only of average length. By the time you retire, you’ll have spent approximately 5.6 years behind the wheel, which is roughly 13 percent of the time that you’ve committed to work.

While some jobs (like equipment maintenance) require an employee to be on site, almost all office jobs can be conducted from a home office. Therefore, in almost all cases, time spent commuting to an office job is wasted.

2. Unnecessary Meetings (16 percent)

According to a study at MIT that I described in a previous post, the average worker spends approximately 22 years of their 45-year career in meetings. An estimated third of that time is spent in meetings where there’s no value added.

By the time the average worker retires, they’ll have spent at least 7 years in useless meetings, which comes out to about 16 percent of the time you’ll spend at work during your lifetime.

3. Unnecessary Emails (23 percent)

According to research cited in Forbes, the average office worker spends 2.5 hours a day reading and responding to an average of 200 emails, of which approximately 144 (mostly CCs and BCCs) aren’t relevant to their job.

Since the average office worker spends 2.5 hours a day doing email, that’s around 1.8 hours spent on those irrelevant emails, which comes out to a whopping 10 years spent on useless emails, which would be 23 percent of a 45-year career.

Add up those three huge time-wasters and it comes out to roughly 51 percent of your working life. Think about that for second. How much more could you accomplish if you were twice as productive? How much better your life would become if you always had plenty of time?

Fortunately, these three huge time-management challenges have some fairly straightforward solutions:

1. Implement company-wide work-from-home.

While some jobs (like equipment maintenance) must be performed on-site, most office jobs can be accomplished remotely. Indeed, several studies have shown that remote office workers are much productive than on-site workers, without even counting the time they waste commuting.

Of course, implementing company-wide work-from home would mean that management would need to be nimbler. It also means top management must admit to themselves that their brand-new open plan office was a dumb idea. However, smart bosses don’t throw good money after bad, so it’s time to bite the proverbial bullet on this one.

2. Create an efficient-meeting culture.

Some of this gets solved simply by implementing work-from-home because remote workers have fewer meetings. Beyond this, there are specific policies that reduce or eliminate unproductive meetings:

  1. No meeting without an agenda.
  2. No „status updates“ during which you „go around the room.“
  3. No meeting longer than 30 minutes.
  4. Leave a meeting the moment you realize you’re not adding value.
  5. Replace PowerPoints with a group reading of a briefing document.

3. Throttle your email system.

Here’s are some approaches I’ve seen over the years:

  1. Turn off email during peak working hours.
  2. Limit the number of emails an employee can send each day.
  3. Discourage CC, BCC, and Reply All emails.
  4. Discourage Sisyphus-like behaviors like trying to achieve „zero Inbox.“

Here’s an idea: Customize the company-wide email client so that it’s impossible to close any internal email until you’ve rated its usefulness to you and your job.

Track those ratings and it will quickly become clear who’s wasting everyone else’s time with unnecessary email. Then adjust their compensation accordingly (all the way to $0 when appropriate).

 

Apple will be around for a long time. But the next Apple just isn’t Apple.

Apple, the iPhone, and the Innovator’s Dilemma

David Paul Morris/Bloomberg/Getty Images

If you re-read the first few chapters of The Innovator’s Dilemma and you insert “Apple” every time Clayton Christensen mentions “a company,” a certain picture emerges: Apple is a company on the verge of being disrupted, and the next great idea in tech and consumer electronics will not materialize from within the walls of its Cupertino spaceship.

The Innovator’s Dilemma, of course, is about the trap that successful companies fall into time and time again. They’re well managed, they’re responsive to their customers, and they’re market leaders. And yet, despite doing everything right, they fail to see the next wave of innovation coming, they get disrupted, and they ultimately fail.

In the case of Apple, the company is trapped by its success, and that success is spelled “iPhone.”

Take, for example, Christensen’s description of the principles of good management that inevitably lead to the downfall of successful companies: “that you should always listen to and respond to the needs of your best customers, and that you should focus investments on those innovations that promise the highest returns.”

Molly Wood (@mollywood) is an Ideas contributor at WIRED and the host and senior editor of Marketplace Tech, a daily national radio broadcast covering the business of technology. She has covered the tech industry at CNET, The New York Times, and in various print, television, digital and audio formats for nearly 20 years. (Ouch.)

Then think about the iPhone, which, despite some consumer-unfriendly advances like the lost headphone jack and ever-changing charging ports, has also been adjusted and tweaked and frozen by what customers want: bigger screens, great cameras, ease of use, and a consistent interface. And the bulk of Apple’s investment since 2007, when the iPhone came out, has been about maintaining, developing, and selling this one device.

In the last quarter of 2018, the iPhone accounted for $51 billion of Apple’s $84 billion in revenue. Its success, the economic halo around it, and its seeming invincibility since its launch have propelled Apple to heights few companies have ever imagined. But the device will also be its undoing.

Here’s what happens when you have a product that successful: You get comfortable. More accurately, you get protective. You don’t want to try anything new. The new things you do try have to be justified in the context of that precious jewel—the “core product.”

So even something like Apple’s Services segment—the brightest non-iPhone spot in its earnings lately—mostly consists of services that benefit the iPhone. It’s Apple Music, iTunes, iCloud—and although Apple doesn’t break out its numbers, the best estimate is that a third or more of its Services revenue is driven by the 30 percent cut it takes from … yep, apps downloaded from the App Store.

The other bright spot in the company’s latest earnings report is its Wearables, Home, and Accessories category. Here again, Apple doesn’t break out the numbers, but the wearables part of that segment is where all the growth is, and that means Apple Watches. And you know what’s still tied nice and tight to the iPhone? Apple Watches.

Even Apple’s best-selling accessories are most likely AirPods, which had a meme-tastic holiday season and are, safe to say, used mostly in conjunction with iPhones. (I’d bet the rest of the accessories dollars are coming from dongles and hubs, since there’s nary a port to be found on any of its new MacBooks.) As for stand-alones, its smart speakers are reportedly great, but they’re not putting a dent in Amazon or Google, by latest count. Apple TV, sure. Fine. But Roku shouldn’t have been embedded in a TV before Apple was.

And none of these efforts count as a serious attempt at diversification.

You may be tempted to argue that Apple is, in fact, working on other projects. The Apple acquisition rumors never cease; nor do the confident statements that the company definitely, absolutely, certainly has a magical innovation in the works that will spring full grown like Athena from the forehead of Zeus any day now. I’m here to say, I don’t think there’s a nascent warrior goddess hiding in there.

Witness Apple’s tottering half-steps into new markets that are unrelated to the iPhone: It was early with a voice assistant but has stalled behind Amazon and even Google Assistant. It wasn’t until last year that the company hired a bona fide machine-learning expert in John Giannandrea, former head of search and AI at Google—and he didn’t get put on the executive team until December 2018. That’s late.

There’s its half-hearted dabble in self-driving technology that was going to be a car, then became software, then became 200 people laid off. Its quailing decade-long attempt to build a streaming service would be sort of comical if there weren’t clearly so much money being thrown around, and so tentatively at that. Rumors of its launch go back as far as 2015, although now it’s supposed to launch in April—this time they mean it.

But even if the streaming service actually arrives, can it really compete against YouTube, PlayStation, Sling, DirecTV, Hulu, and just plain old Netflix? Apple’s original programming is also apparently “not coming as soon as you think.” Analysts are, at this point, outright begging Apple to buy a studio or other original content provider, just to have something to show against Netflix and Amazon originals.

Of course, lots of companies innovate through acquisition, and everyone loves to speculate about what companies Apple might buy. Rumors have ranged from GoPro to BlackBerry to Tesla to the chipmaker ARM. Maybe Netflix. Maybe Tesla. Maybe Disney. Maybe Wired. (Apple News is a hugely successful product … mostly on iPhones, of course.) But at every turn, Apple has declined to move, other than its $3 billion Beats buy in 2014 (which it appears to be abandoning, or cannibalizing, these days).

Now, let me be clear, once again. None of this is to suggest that Apple is doing anything wrong. Indeed, according to Christensen, one of the hallmarks of the innovator’s dilemma is the company’s success, smooth operations, great products, and happy customers. That’s one of the things that makes it a dilemma: A company doesn’t realize anything’s wrong, because, well, nothing is. Smartphone sales may be slowing, but Apple is still a beloved brand, its products are excellent, its history and cachet are unmatched. But that doesn’t mean it has a plan to survive the ongoing decline in global smartphones sales.

The Innovator’s Dilemma does say an entrenched company can sometimes pull out of the quicksand by setting up a small, autonomous spinoff that has the power to move fast, pursue markets that are too small to move the needle for a company making $84 billion a quarter, and innovate before someone else gets there first.

Well, Apple has no autonomous innovation divisions that I know of, and the guys in charge are the same guys who have been in charge for decades: Tim Cook, Eddy Cue, Phil Schiller, Craig Federighi, Jony Ive—all have been associated with Apple since the late ’80s or ’90s. (I mean, has there ever really been a time without Jony Ive?)

You see what I’m saying here: brilliant team with a long record of execution and unparalleled success. Possibly not a lot of fresh ideas.

And then there’s the final option for innovation, one that Apple has availed itself of many times in the past. As Steve Jobs often said, quoting Picasso: “Good artists copy; great artists steal.” The iPod was born of existing MP3 players; the iPhone improved on clunky, ugly smartphones already on the market. The MacOS and the computer mouse were developed to maturity (yes, with permission) after being invented at Xerox PARC.

So maybe Apple will find the hottest thing in tech that’s still slightly unknown and come out with a better version. But is there such a thing as a way-sexier cloud computing business?

I guess it’s possible that the rumored virtual- and augmented-reality headset that Apple is supposed to release in 2020 will take the world by storm and popularize VR in a way that no one imagined, and like AirPods, will take a look that’s painfully dorky on the surface and turn it into a not-quite-ironic must-have statement of affluence and cool. It’s happened before. But this time, I think the company will get beaten to that punch—or whatever punch is next. Apple will be around for a long time. But the next Apple just isn’t Apple.

Source: https://www.wired.com/story/ideas-molly-wood-apple/

June 2018 Tech News & Trends to Watch

1. Companies Worldwide Strive for GDPR Compliance

By now, everyone with an email address has seen a slew of emails announcing privacy policy updates. You have Europe’s GDPR legislation to thank for your overcrowded inbox. GDPR creates rules around how much data companies are allowed to collect, how they’re able to use that data, and how clear they have to be with consumers about it all.

Companies around the world are scrambling to get their business and its practices into compliance – a significant task for many of them. While technically, the deadline to get everything in order passed on May 25, for many companies the process will continue well into June and possibly beyond. Some companies are even shutting down in Europe for good, or for as long as it takes them to get in compliance.

Even with the deadline behind us, the GDPR continues to be a top story for the tech world and may remain so for some time to come.

 

2. Amazon Provides Facial Recognition Tech to Law Enforcement

Amazon can’t seem to go a whole month without showing up in a tech news roundup. This month it’s for a controversial story: selling use of Rekognition, their facial recognition software, to law enforcement agencies on the cheap.

Civil rights groups have called for the company to stop allowing law enforcement access to the tech out of concerns that increased government surveillance can pose a threat to vulnerable communities in the country. In spite of the public criticism, Amazon hasn’t backed off on providing the tech to authorities, at least as of this time.

 

3. Apple Looks Into Self-Driving Employee Shuttles

Of the many problems facing our world, the frustrating work commute is one that many of the brightest minds in tech deal with just like the rest of us. Which makes it a problem the biggest tech companies have a strong incentive to try to solve.

Apple is one of many companies that’s invested in developing self-driving cars as a possible solution, but while that goal is still (probably) years away, they’ve narrowed their focus to teaming up with VW to create self-driving shuttles just for their employees.  Even that project is moving slower than the company had hoped, but they’re aiming to have some shuttles ready by the end of the year.

 

4. Court Weighs in on President’s Tendency to Block Critics on Twitter

Three years ago no one would have imagined that Twitter would be a president’s go-to source for making announcements, but today it’s used to that effect more frequently than official press conferences or briefings.

In a court battle that may sound surreal to many of us, a judge just found that the president can no longer legally block other users on Twitter.  The court asserted that blocking users on a public forum like Twitter amounts to a violation of their First Amendment rights. The judgment does still allow for the president and other public officials to mute users they don’t agree with, though.

 

5. YouTube Launches Music Streaming Service

YouTube joined the ranks of Spotify, Pandora, and Amazon this past month with their own streaming music service. Consumers can use a free version of the service that includes ads, or can pay $9.99 for the ad-free version.

youtube music service

With so many similar services already on the market, people weren’t exactly clamoring for another music streaming option. But since YouTube is likely to remain the reigning source for videos, it doesn’t necessarily need to unseat Spotify to still be okay. And with access to Google’s extensive user data, it may be able to provide more useful recommendations than its main competitors in the space, which is one way the service could differentiate itself.

 

6. Facebook Institutes Political Ad Rules

Facebook hasn’t yet left behind the controversies of the last election. The company is still working to proactively respond to criticism of its role in the spread of political propaganda many believe influenced election results. One of the solutions they’re trying is a new set of rules for any political ads run on the platform.

Any campaign that intends to run Facebook ads is now required to verify their identity with a card Facebook mails to their address that has a verification code. While Facebook has been promoting these new rules for a few weeks to politicians active on the platform, some felt blindsided when they realized, right before their primaries no less, that they could no longer place ads without waiting 12 to 15 days for a verification code to come in the mail. Politicians in this position blame the company for making a change that could affect their chances in the upcoming election.

Even in their efforts to avoid swaying elections, Facebook has found themselves criticized for doing just that. They’re probably feeling at this point like they just can’t win.

 

7. Another Big Month for Tech IPOs

This year has seen one tech IPO after another and this month is no different. Chinese smartphone company Xiaomi has a particularly large IPO in the works. The company seeks to join the Hong Kong stock exchange on June 7 with an initial public offering that experts anticipate could reach $10 billion.

The online lending platform Greensky started trading on the New York Stock Exchange on May 23 and sold 38 million shares in its first day, 4 million more than expected. This month continues 2018’s trend of tech companies going public, largely to great success.

 

8. StumbleUpon Shuts Down

In the internet’s ongoing evolution, there will always be tech companies that win and those that fall by the wayside. StumbleUpon, a content discovery platform that had its heyday in the early aughts, is officially shutting down on June 30.

Since its 2002 launch, the service has helped over 40 million users “stumble upon” 60 billion new websites and pieces of content. The company behind StumbleUpon plans to create a new platform that serves a similar purpose that may be more useful to former StumbleUpon users called Mix.

 

9. Uber and Lyft Invest in Driver Benefits

In spite of their ongoing success, the popular ridesharing platforms Uber and Lyft have faced their share of criticism since they came onto the scene. One of the common complaints critics have made is that the companies don’t provide proper benefits to their drivers. And in fact, the companies have fought to keep drivers classified legally as contractors so they’re off the hook for covering the cost of employee taxes and benefits.

Recently both companies have taken steps to make driving for them a little more attractive. Uber has begun offering Partner Protection to its drivers in Europe, which includes health insurance, sick pay, and parental leave ­ ­– so far nothing similar in the U.S. though. For its part, Lyft is investing $100 million in building driver support centers where their drivers can stop to get discounted car maintenance, tax help, and customer support help in person from Lyft staff. It’s not the same as getting full employee benefits (in the U.S. at least), but it’s something.

Source: https://www.hostgator.com/blog/june-tech-trends-to-watch/

What is GDPR – General Data Protection Regulation

Source Techcrunch.com

European Union lawmakers proposed a comprehensive update to the bloc’s data protection and privacy rules in 2012.

Their aim: To take account of seismic shifts in the handling of information wrought by the rise of the digital economy in the years since the prior regime was penned — all the way back in 1995 when Yahoo was the cutting edge of online cool and cookies were still just tasty biscuits.

Here’s the EU’s executive body, the Commission, summing up the goal:

The objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business. The data protection reform is a key enabler of the Digital Single Market which the Commission has prioritised. The reform will allow European citizens and businesses to fully benefit from the digital economy.

For an even shorter the EC’s theory is that consumer trust is essential to fostering growth in the digital economy. And it thinks trust can be won by giving users of digital services more information and greater control over how their data is used. Which is — frankly speaking — a pretty refreshing idea when you consider the clandestine data brokering that pervades the tech industry. Mass surveillance isn’t just something governments do.

The General Data Protection Regulation (aka GDPR) was agreed after more than three years of negotiations between the EU’s various institutions.

It’s set to apply across the 28-Member State bloc as of May 25, 2018. That means EU countries are busy transposing it into national law via their own legislative updates (such as the UK’s new Data Protection Bill — yes, despite the fact the country is currently in the process of (br)exiting the EU, the government has nonetheless committed to implementing the regulation because it needs to keep EU-UK data flowing freely in the post-brexit future. Which gives an early indication of the pulling power of GDPR.

Meanwhile businesses operating in the EU are being bombarded with ads from a freshly energized cottage industry of ‘privacy consultants’ offering to help them get ready for the new regs — in exchange for a service fee. It’s definitely a good time to be a law firm specializing in data protection.

GDPR is a significant piece of legislation whose full impact will clearly take some time to shake out. In the meanwhile, here’s our guide to the major changes incoming and some potential impacts.

Data protection + teeth

A major point of note right off the bat is that GDPR does not merely apply to EU businesses; any entities processing the personal data of EU citizens need to comply. Facebook, for example — a US company that handles massive amounts of Europeans’ personal data — is going to have to rework multiple business processes to comply with the new rules. Indeed, it’s been working on this for a long time already.

Last year the company told us it had assembled “the largest cross functional team” in the history of its family of companies to support GDPR compliance — specifying this included “senior executives from all product teams, designers and user experience/testing executives, policy executives, legal executives and executives from each of the Facebook family of companies”.

“Dozens of people at Facebook Ireland are working full time on this effort,” it said, noting too that the data protection team at its European HQ (in Dublin, Ireland) would be growing by 250% in 2017. It also said it was in the process of hiring a “top quality data protection officer” — a position the company appears to still be taking applications for.

The new EU rules require organizations to appoint a data protection officer if they process sensitive data on a large scale (which Facebook very clearly does). Or are collecting info on many consumers — such as by performing online behavioral tracking. But, really, which online businesses aren’t doing that these days?

The extra-territorial scope of GDPR casts the European Union as a global pioneer in data protection — and some legal experts suggest the regulation will force privacy standards to rise outside the EU too.

Sure, some US companies might prefer to swallow the hassle and expense of fragmenting their data handling processes, and treating personal data obtained from different geographies differently, i.e. rather than streamlining everything under a GDPR compliant process. But doing so means managing multiple data regimes. And at very least runs the risk of bad PR if you’re outed as deliberately offering a lower privacy standard to your home users vs customers abroad.

Ultimately, it may be easier (and less risky) for businesses to treat GDPR as the new ‘gold standard’ for how they handle all personal data, regardless of where it comes from.

And while not every company harvests Facebook levels of personal data, almost every company harvests some personal data. So for those with customers in the EU GDPR cannot be ignored. At very least businesses will need to carry out a data audit to understand their risks and liabilities.

Privacy experts suggest that the really big change here is around enforcement. Because while the EU has had long established data protection standards and rules — and treats privacy as a fundamental right — its regulators have lacked the teeth to command compliance.

But now, under GDPR, financial penalties for data protection violations step up massively.

The maximum fine that organizations can be hit with for the most serious infringements of the regulation is 4% of their global annual turnover (or €20M, whichever is greater). Though data protection agencies will of course be able to impose smaller fines too. And, indeed, there’s a tiered system of fines — with a lower level of penalties of up to 2% of global turnover (or €10M).

This really is a massive change. Because while data protection agencies (DPAs) in different EU Member States can impose financial penalties for breaches of existing data laws these fines are relatively small — especially set against the revenues of the private sector entities that are getting sanctioned.

In the UK, for example, the Information Commissioner’s Office (ICO) can currently impose a maximum fine of just £500,000. Compare that to the annual revenue of tech giant Google (~$90BN) and you can see why a much larger stick is needed to police data processors.

It’s not necessarily the case that individual EU Member States are getting stronger privacy laws as a consequence of GDPR (in some instances countries have arguably had higher standards in their domestic law). But the beefing up of enforcement that’s baked into the new regime means there’s a better opportunity for DPAs to start to bark and bite like proper watchdogs.

GDPR inflating the financial risks around handling personal data should naturally drive up standards — because privacy laws are suddenly a whole lot more costly to ignore.

More types of personal data that are hot to handle

So what is personal data under GDPR? It’s any information relating to an identified or identifiable person (in regulatorspeak people are known as ‘data subjects’).

While ‘processing’ can mean any operation performed on personal data — from storing it to structuring it to feeding it to your AI models. (GDPR also includes some provisions specifically related to decisions generated as a result of automated data processing but more on that below).

A new provision concerns children’s personal data — with the regulation setting a 16-year-old age limit on kids’ ability to consent to their data being processed. However individual Member States can choose (and some have) to derogate from this by writing a lower age limit into their laws.

GDPR sets a hard cap at 13-years-old — making that the defacto standard for children to be able to sign up to digital services. So the impact on teens’ social media habits seems likely to be relatively limited.

The new rules generally expand the definition of personal data — so it can include information such as location data, online identifiers (such as IP addresses) and other metadata. So again, this means businesses really need to conduct an audit to identify all the types of personal data they hold. Ignorance is not compliance.

GDPR also encourages the use of pseudonymization — such as, for example, encrypting personal data and storing the encryption key separately and securely — as a pro-privacy, pro-security technique that can help minimize the risks of processing personal data. Although pseudonymized data is likely to still be considered personal data; certainly where a risk of reidentification remains. So it does not get a general pass from requirements under the regulation.

Data has to be rendered truly anonymous to be outside the scope of the regulation. (And given how often ‘anonymized’ data-sets have been shown to be re-identifiable, relying on any anonymizing process to be robust enough to have zero risk of re-identification seems, well, risky.)

To be clear, given GDPR’s running emphasis on data protection via data security it is implicitly encouraging the use of encryption above and beyond a risk reduction technique — i.e. as a way for data controllers to fulfill its wider requirements to use “appropriate technical and organisational measures” vs the risk of the personal data they are processing.

The incoming data protection rules apply to both data controllers (i.e. entities that determine the purpose and means of processing personal data) and data processors (entities that are responsible for processing data on behalf of a data controller — aka subcontractors).

Indeed, data processors have some direct compliance obligations under GDPR, and can also be held equally responsible for data violations, with individuals able to bring compensation claims directly against them, and DPAs able to hand them fines or other sanctions.

So the intent for the regulation is there be no diminishing in responsibility down the chain of data handling subcontractors. GDPR aims to have every link in the processing chain be a robust one.

For companies that rely on a lot of subcontractors to handle data operations on their behalf there’s clearly a lot of risk assessment work to be done.

As noted above, there is a degree of leeway for EU Member States in how they implement some parts of the regulation (such as with the age of data consent for kids).

Consumer protection groups are calling for the UK government to include an optional GDPR provision on collective data redress to its DP bill, for example — a call the government has so far rebuffed.

But the wider aim is for the regulation to harmonize as much as possible data protection rules across all Member States to reduce the regulatory burden on digital businesses trading around the bloc.

On data redress, European privacy campaigner Max Schrems — most famous for his legal challenge to US government mass surveillance practices that resulted in a 15-year-old data transfer arrangement between the EU and US being struck down in 2015 — is currently running a crowdfunding campaign to set up a not-for-profit privacy enforcement organization to take advantage of the new rules and pursue strategic litigation on commercial privacy issues.

Schrems argues it’s simply not viable for individuals to take big tech giants to court to try to enforce their privacy rights, so thinks there’s a gap in the regulatory landscape for an expert organization to work on EU citizen’s behalf. Not just pursuing strategic litigation in the public interest but also promoting industry best practice.

The proposed data redress body — called noyb; short for: ‘none of your business’ — is being made possible because GDPR allows for collective enforcement of individuals’ data rights. And that provision could be crucial in spinning up a centre of enforcement gravity around the law. Because despite the position and role of DPAs being strengthened by GDPR, these bodies will still inevitably have limited resources vs the scope of the oversight task at hand.

Some may also lack the appetite to take on a fully fanged watchdog role. So campaigning consumer and privacy groups could certainly help pick up any slack.

Privacy by design and privacy by default

Another major change incoming via GDPR is ‘privacy by design’ no longer being just a nice idea; privacy by design and privacy by default become firm legal requirements.

This means there’s a requirement on data controllers to minimize processing of personal data — limiting activity to only what’s necessary for a specific purpose, carrying out privacy impact assessments and maintaining up-to-date records to prove out their compliance.

Consent requirements for processing personal data are also considerably strengthened under GDPR — meaning lengthy, inscrutable, pre-ticked T&Cs are likely to be unworkable. (And we’ve sure seen a whole lot of those hellish things in tech.) The core idea is that consent should be an ongoing, actively managed process; not a one-off rights grab.

As the UK’s ICO tells it, consent under GDPR for processing personal data means offering individuals “genuine choice and control” (for sensitive personal data the law requires a higher standard still — of explicit consent).

There are other legal bases for processing personal data under GDPR — such as contractual necessity; or compliance with a legal obligation under EU or Member State law; or for tasks carried out in the public interest — so it is not necessary to obtain consent in order to process someone’s personal data. But there must always be an appropriate legal basis for each processing.

Transparency is another major obligation under GDPR, which expands the notion that personal data must be lawfully and fairly processed to include a third principle of accountability. Hence the emphasis on data controllers needing to clearly communicate with data subjects — such as by informing them of the specific purpose of the data processing.

The obligation on data handlers to maintain scrupulous records of what information they hold, what they are doing with it, and how they are legally processing it, is also about being able to demonstrate compliance with GDPR’s data processing principles.

But — on the plus side for data controllers — GDPR removes the requirement to submit notifications to local DPAs about data processing activities. Instead, organizations must maintain detailed internal records — which a supervisory authority can always ask to see.

It’s also worth noting that companies processing data across borders in the EU may face scrutiny from DPAs in different Member States if they have users there (and are processing their personal data).

Although the GDPR sets out a so-called ‘one-stop-shop’ principle — that there should be a “lead” DPA to co-ordinate supervision between any “concerned” DPAs — this does not mean that, once it applies, a cross-EU-border operator like Facebook is only going to be answerable to the concerns of the Irish DPA.

Indeed, Facebook’s tactic of only claiming to be under the jurisdiction of a single EU DPA looks to be on borrowed time. And the one-stop-shop provision in the GDPR seems more about creating a co-operation mechanism to allow multiple DPAs to work together in instances where they have joint concerns, rather than offering a way for multinationals to go ‘forum shopping’ — which the regulation does not permit (per WP29 guidance).

Another change: Privacy policies that contain vague phrases like ‘We may use your personal data to develop new services’ or ‘We may use your personal data for research purposes’ will not pass muster under the new regime. So a wholesale rewriting of vague and/or confusingly worded T&Cs is something Europeans can look forward to this year.

Add to that, any changes to privacy policies must be clearly communicated to the user on an ongoing basis. Which means no more stale references in the privacy statement telling users to ‘regularly check for changes or updates’ — that just won’t be workable.

The onus is firmly on the data controller to keep the data subject fully informed of what is being done with their information. (Which almost implies that good data protection practice could end up tasting a bit like spam, from a user PoV.)

The overall intent behind GDPR is to inculcate an industry-wide shift in perspective regarding who ‘owns’ user data — disabusing companies of the notion that other people’s personal information belongs to them just because it happens to be sitting on their servers.

“Organizations should acknowledge they don’t exist to process personal data but they process personal data to do business,” is how analyst Gartner research director Bart Willemsen sums this up. “Where there is a reason to process the data, there is no problem. Where the reason ends, the processing should, too.”

The data protection officer (DPO) role that GDPR brings in as a requirement for many data handlers is intended to help them ensure compliance.

This officer, who must report to the highest level of management, is intended to operate independently within the organization, with warnings to avoid an internal appointment that could generate a conflict of interests.

Which types of organizations face the greatest liability risks under GDPR? “Those who deliberately seem to think privacy protection rights is inferior to business interest,” says Willemsen, adding: “A recent example would be Uber, regulated by the FTC and sanctioned to undergo 20 years of auditing. That may hurt perhaps similar, or even more, than a one-time financial sanction.”

“Eventually, the GDPR is like a speed limit: There not to make money off of those who speed, but to prevent people from speeding excessively as that prevents (privacy) accidents from happening,” he adds.

Another right to be forgotten

Under GDPR, people who have consented to their personal data being processed also have a suite of associated rights — including the right to access data held about them (a copy of the data must be provided to them free of charge, typically within a month of a request); the right to request rectification of incomplete or inaccurate personal data; the right to have their data deleted (another so-called ‘right to be forgotten’ — with some exemptions, such as for exercising freedom of expression and freedom of information); the right to restrict processing; the right to data portability (where relevant, a data subject’s personal data must be provided free of charge and in a structured, commonly used and machine readable form).

All these rights make it essential for organizations that process personal data to have systems in place which enable them to identify, access, edit and delete individual user data — and be able to perform these operations quickly, with a general 30 day time-limit for responding to individual rights requests.

GDPR also gives people who have consented to their data being processed the right to withdraw consent at any time. Let that one sink in.

Data controllers are also required to inform users about this right — and offer easy ways for them to withdraw consent. So no, you can’t bury a ‘revoke consent’ option in tiny lettering, five sub-menus deep. Nor can WhatsApp offer any more time-limit opt-outs for sharing user data with its parent multinational, Facebook. Users will have the right to change their mind whenever they like.

The EU lawmakers’ hope is that this suite of rights for consenting consumers will encourage respectful use of their data — given that, well, if you annoy consumers they can just tell you to sling yer hook and ask for a copy of their data to plug into your rival service to boot. So we’re back to that fostering trust idea.

Add in the ability for third party organizations to use GDPR’s provision for collective enforcement of individual data rights and there’s potential for bad actors and bad practice to become the target for some creative PR stunts that harness the power of collective action — like, say, a sudden flood of requests for a company to delete user data.

Data rights and privacy issues are certainly going to be in the news a whole lot more.

Getting serious about data breaches

But wait, there’s more! Another major change under GDPR relates to security incidents — aka data breaches (something else we’ve seen an awful, awful lot of in recent years) — with the regulation doing what the US still hasn’t been able to: Bringing in a universal standard for data breach disclosures.

GDPR requires that data controllers report any security incidents where personal data has been lost, stolen or otherwise accessed by unauthorized third parties to their DPA within 72 hours of them becoming aware of it. Yes, 72 hours. Not the best part of a year, like er Uber.

If a data breach is likely to result in a “high risk of adversely affecting individuals’ rights and freedoms” the regulation also implies you should ‘fess up even sooner than that — without “undue delay”.

Only in instances where a data controller assesses that a breach is unlikely to result in a risk to the rights and freedoms of “natural persons” are they exempt from the breach disclosure requirement (though they still need to document the incident internally, and record their reason for not informing a DPA in a document that DPAs can always ask to see).

“You should ensure you have robust breach detection, investigation and internal reporting procedures in place,” is the ICO’s guidance on this. “This will facilitate decision-making about whether or not you need to notify the relevant supervisory authority and the affected individuals.”

The new rules generally put strong emphasis on data security and on the need for data controllers to ensure that personal data is only processed in a manner that ensures it is safeguarded.

Here again, GDPR’s requirements are backed up by the risk of supersized fines. So suddenly sloppy security could cost your business big — not only in reputation terms, as now, but on the bottom line too. So it really must be a C-suite concern going forward.

Nor is subcontracting a way to shirk your data security obligations. Quite the opposite. Having a written contract in place between a data controller and a data processor was a requirement before GDPR but contract requirements are wider now and there are some specific terms that must be included in the contract, as a minimum.

Breach reporting requirements must also be set out in the contract between processor and controller. If a data controller is using a data processor and it’s the processor that suffers a breach, they’re required to inform the controller as soon as they become aware. The controller then has the same disclosure obligations as per usual.

Essentially, data controllers remain liable for their own compliance with GDPR. And the ICO warns they must only appoint processors who can provide “sufficient guarantees” that the regulatory requirements will be met and the rights of data subjects protected.

tl;dr, be careful who and how you subcontract.

Right to human review for some AI decisions

Article 22 of GDPR places certain restrictions on entirely automated decisions based on profiling individuals — but only in instances where these human-less acts have a legal or similarly significant effect on the people involved.

There are also some exemptions to the restrictions — where automated processing is necessary for entering into (or performance of) a contract between an organization and the individual; or where it’s authorized by law (e.g. for the purposes of detecting fraud or tax evasion); or where an individual has explicitly consented to the processing.

In its guidance, the ICO specifies that the restriction only applies where the decision has a “serious negative impact on an individual”.

Suggested examples of the types of AI-only decisions that will face restrictions are automatic refusal of an online credit application or an e-recruiting practices without human intervention.

Having a provision on automated decisions is not a new right, having been brought over from the 1995 data protection directive. But it has attracted fresh attention — given the rampant rise of machine learning technology — as a potential route for GDPR to place a check on the power of AI blackboxes to determine the trajectory of humankind.

The real-world impact will probably be rather more prosaic, though. And experts suggest it does not seem likely that the regulation, as drafted, equates to a right for people to be given detailed explanations of how algorithms work.

Though as AI proliferates and touches more and more decisions, and as its impacts on people and society become ever more evident, pressure may well grow for proper regulatory oversight of algorithmic blackboxes.

In the meanwhile, what GDPR does in instances where restrictions apply to automated decisions is require data controllers to provide some information to individuals about the logic of an automated decision.

They are also obliged to take steps to prevent errors, bias and discrimination. So there’s a whiff of algorithmic accountability. Though it may well take court and regulatory judgements to determine how stiff those steps need to be in practice.

Individuals do also have a right to challenge and request a (human) review of an automated decision in the restricted class.

Here again the intention is to help people understand how their data is being used. And to offer a degree of protection (in the form of a manual review) if a person feels unfairly and harmfully judged by an AI process.

The regulation also places some restrictions on the practice of using data to profile individuals if the data itself is sensitive data — e.g. health data, political belief, religious affiliation etc — requiring explicit consent for doing so. Or else that the processing is necessary for substantial public interest reasons (and lies within EU or Member State law).

While profiling based on other types of personal data does not require obtaining consent from the individuals concerned, it still needs a legal basis and there is still a transparency requirement — which means service providers will need to inform users they are being profiled, and explain what it means for them.

And people also always have the right to object to profiling activity based on their personal data.

 

Source: https://techcrunch.com/2018/01/20/wtf-is-gdpr/