Archiv der Kategorie: Web Development

Forget Facebook

Forget Facebook

Photo Credits: oe24.at – Copyrights of oe24.at reserved

Source: Techcrunch.com

Cambridge Analytica may have used Facebook’s data to influence your political opinions. But why does least-liked tech company Facebook have all this data about its users in the first place?

Let’s put aside Instagram, WhatsApp and other Facebook products for a minute. Facebook has built the world’s biggest social network. But that’s not what they sell. You’ve probably heard the internet saying “if a product is free, it means that you are the product.”

And it’s particularly true in this case because Facebook is the world’s second biggest advertising company in the world behind Google. During the last quarter of 2017, Facebook reported $12.97 billion in revenue, including $12.78 billion from ads.

That’s 98.5 percent of Facebook’s revenue coming from ads.

Ads aren’t necessarily a bad thing. But Facebook has reached ad saturation in the newsfeed. So the company has two options — creating new products and ad formats, or optimizing those sponsored posts.

Facebook has reached ad saturation in the newsfeed

This isn’t a zero-sum game — Facebook has been doing both at the same time. That’s why you’re seeing more ads on Instagram and Messenger. And that’s also why ads on Facebook seem more relevant than ever.

If Facebook can show you relevant ads and you end up clicking more often on those ads, then advertisers will pay Facebook more money.

So Facebook has been collecting as much personal data about you as possible — it’s all about showing you the best ad. The company knows your interests, what you buy, where you go and who you’re sleeping with.

You can’t hide from Facebook

Facebook’s terms and conditions are a giant lie. They are purposely misleading, too long and too broad. So you can’t just read the company’s terms of service and understand what it knows about you.

That’s why some people have been downloading their Facebook data. You can do it too, it’s quite easy. Just head over to your Facebook settings and click the tiny link that says “Download a copy of your Facebook data.”

In that archive file, you’ll find your photos, your posts, your events, etc. But if you keep digging, you’ll also find your private messages on Messenger (by default, nothing is encrypted).

And if you keep digging a bit more, chances are you’ll also find your entire address book and even metadata about your SMS messages and phone calls.

All of this is by design and you agreed to it. Facebook has unified terms of service and share user data across all its apps and services (except WhatsApp data in Europe for now). So if you follow a clothing brand on Instagram, you could see an ad from this brand on Facebook.com.

Messaging apps are privacy traps

But Facebook has also been using this trick quite a lot with Messenger. You might not remember, but the on-boarding experience on Messenger is really aggressive.

On iOS, the app shows you a fake permission popup to access your address book that says “Ok” or “Learn More”. The company is using a fake popup because you can’t ask for permission twice.

There’s a blinking arrow below the OK button.

If you click on “Learn More”, you get a giant blue button that says “Turn On”. Everything about this screen is misleading and Messenger tries to manipulate your emotions.

“Messenger only works when you have people to talk to,” it says. Nobody wants to be lonely, that’s why Facebook implies that turning on this option will give you friends.

Even worse, it says “if you skip this step, you’ll need to add each contact one-by-one to message them.” This is simply a lie as you can automatically talk to your Facebook friends using Messenger without adding them one-by-one.

The next time you pay for a burrito with your credit card, Facebook will learn about this transaction and match this credit card number with the one you added in Messenger

If you tap on “Not Now”, Messenger will show you a fake notification every now and then to push you to enable contact syncing. If you tap on yes and disable it later, Facebook still keeps all your contacts on its servers.

On Android, you can let Messenger manage your SMS messages. Of course, you guessed it, Facebook uploads all your metadata. Facebook knows who you’re texting, when, how often.

Even if you disable it later, Facebook will keep this data for later reference.

But Facebook doesn’t stop there. The company knows a lot more about you than what you can find in your downloaded archive. The company asks you to share your location with your friends. The company tracks your web history on nearly every website on earth using embedded JavaScript.

But my favorite thing is probably peer-to-peer payments. In some countries, you can pay back your friends using Messenger. It’s free! You just have to add your card to the app.

It turns out that Facebook also buys data about your offline purchases. The next time you pay for a burrito with your credit card, Facebook will learn about this transaction and match this credit card number with the one you added in Messenger.

In other words, Messenger is a great Trojan horse designed to learn everything about you.

And the next time an app asks you to share your address book, there’s a 99-percent chance that this app is going to mine your address book to get new users, spam your friends, improve ad targeting and sell email addresses to marketing companies.

I could say the same thing about all the other permission popups on your phone. Be careful when you install an app from the Play Store or open an app for the first time on iOS. It’s easier to enable something if a feature doesn’t work without it than to find out that Facebook knows everything about you.

GDPR to the rescue

There’s one last hope. And that hope is GDPR. I encourage you to read TechCrunch’s Natasha Lomas excellent explanation of GDPR to understand what the European regulation is all about.

Many of the misleading things that are currently happening at Facebook will have to change. You can’t force people to opt in like in Messenger. Data collection should be minimized to essential features. And Facebook will have to explain why it needs all this data to its users.

If Facebook doesn’t comply, the company will have to pay up to 4 percent of its global annual turnover. But that doesn’t stop you from actively reclaiming your online privacy right now.

You can’t be invisible on the internet, but you have to be conscious about what’s happening behind your back. Every time a company asks you to tap OK, think about what’s behind this popup. You can’t say that nobody told you.

Source: Techcrunch.com

Advertisements

What is GDPR – General Data Protection Regulation

Source Techcrunch.com

European Union lawmakers proposed a comprehensive update to the bloc’s data protection and privacy rules in 2012.

Their aim: To take account of seismic shifts in the handling of information wrought by the rise of the digital economy in the years since the prior regime was penned — all the way back in 1995 when Yahoo was the cutting edge of online cool and cookies were still just tasty biscuits.

Here’s the EU’s executive body, the Commission, summing up the goal:

The objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business. The data protection reform is a key enabler of the Digital Single Market which the Commission has prioritised. The reform will allow European citizens and businesses to fully benefit from the digital economy.

For an even shorter the EC’s theory is that consumer trust is essential to fostering growth in the digital economy. And it thinks trust can be won by giving users of digital services more information and greater control over how their data is used. Which is — frankly speaking — a pretty refreshing idea when you consider the clandestine data brokering that pervades the tech industry. Mass surveillance isn’t just something governments do.

The General Data Protection Regulation (aka GDPR) was agreed after more than three years of negotiations between the EU’s various institutions.

It’s set to apply across the 28-Member State bloc as of May 25, 2018. That means EU countries are busy transposing it into national law via their own legislative updates (such as the UK’s new Data Protection Bill — yes, despite the fact the country is currently in the process of (br)exiting the EU, the government has nonetheless committed to implementing the regulation because it needs to keep EU-UK data flowing freely in the post-brexit future. Which gives an early indication of the pulling power of GDPR.

Meanwhile businesses operating in the EU are being bombarded with ads from a freshly energized cottage industry of ‘privacy consultants’ offering to help them get ready for the new regs — in exchange for a service fee. It’s definitely a good time to be a law firm specializing in data protection.

GDPR is a significant piece of legislation whose full impact will clearly take some time to shake out. In the meanwhile, here’s our guide to the major changes incoming and some potential impacts.

Data protection + teeth

A major point of note right off the bat is that GDPR does not merely apply to EU businesses; any entities processing the personal data of EU citizens need to comply. Facebook, for example — a US company that handles massive amounts of Europeans’ personal data — is going to have to rework multiple business processes to comply with the new rules. Indeed, it’s been working on this for a long time already.

Last year the company told us it had assembled “the largest cross functional team” in the history of its family of companies to support GDPR compliance — specifying this included “senior executives from all product teams, designers and user experience/testing executives, policy executives, legal executives and executives from each of the Facebook family of companies”.

“Dozens of people at Facebook Ireland are working full time on this effort,” it said, noting too that the data protection team at its European HQ (in Dublin, Ireland) would be growing by 250% in 2017. It also said it was in the process of hiring a “top quality data protection officer” — a position the company appears to still be taking applications for.

The new EU rules require organizations to appoint a data protection officer if they process sensitive data on a large scale (which Facebook very clearly does). Or are collecting info on many consumers — such as by performing online behavioral tracking. But, really, which online businesses aren’t doing that these days?

The extra-territorial scope of GDPR casts the European Union as a global pioneer in data protection — and some legal experts suggest the regulation will force privacy standards to rise outside the EU too.

Sure, some US companies might prefer to swallow the hassle and expense of fragmenting their data handling processes, and treating personal data obtained from different geographies differently, i.e. rather than streamlining everything under a GDPR compliant process. But doing so means managing multiple data regimes. And at very least runs the risk of bad PR if you’re outed as deliberately offering a lower privacy standard to your home users vs customers abroad.

Ultimately, it may be easier (and less risky) for businesses to treat GDPR as the new ‘gold standard’ for how they handle all personal data, regardless of where it comes from.

And while not every company harvests Facebook levels of personal data, almost every company harvests some personal data. So for those with customers in the EU GDPR cannot be ignored. At very least businesses will need to carry out a data audit to understand their risks and liabilities.

Privacy experts suggest that the really big change here is around enforcement. Because while the EU has had long established data protection standards and rules — and treats privacy as a fundamental right — its regulators have lacked the teeth to command compliance.

But now, under GDPR, financial penalties for data protection violations step up massively.

The maximum fine that organizations can be hit with for the most serious infringements of the regulation is 4% of their global annual turnover (or €20M, whichever is greater). Though data protection agencies will of course be able to impose smaller fines too. And, indeed, there’s a tiered system of fines — with a lower level of penalties of up to 2% of global turnover (or €10M).

This really is a massive change. Because while data protection agencies (DPAs) in different EU Member States can impose financial penalties for breaches of existing data laws these fines are relatively small — especially set against the revenues of the private sector entities that are getting sanctioned.

In the UK, for example, the Information Commissioner’s Office (ICO) can currently impose a maximum fine of just £500,000. Compare that to the annual revenue of tech giant Google (~$90BN) and you can see why a much larger stick is needed to police data processors.

It’s not necessarily the case that individual EU Member States are getting stronger privacy laws as a consequence of GDPR (in some instances countries have arguably had higher standards in their domestic law). But the beefing up of enforcement that’s baked into the new regime means there’s a better opportunity for DPAs to start to bark and bite like proper watchdogs.

GDPR inflating the financial risks around handling personal data should naturally drive up standards — because privacy laws are suddenly a whole lot more costly to ignore.

More types of personal data that are hot to handle

So what is personal data under GDPR? It’s any information relating to an identified or identifiable person (in regulatorspeak people are known as ‘data subjects’).

While ‘processing’ can mean any operation performed on personal data — from storing it to structuring it to feeding it to your AI models. (GDPR also includes some provisions specifically related to decisions generated as a result of automated data processing but more on that below).

A new provision concerns children’s personal data — with the regulation setting a 16-year-old age limit on kids’ ability to consent to their data being processed. However individual Member States can choose (and some have) to derogate from this by writing a lower age limit into their laws.

GDPR sets a hard cap at 13-years-old — making that the defacto standard for children to be able to sign up to digital services. So the impact on teens’ social media habits seems likely to be relatively limited.

The new rules generally expand the definition of personal data — so it can include information such as location data, online identifiers (such as IP addresses) and other metadata. So again, this means businesses really need to conduct an audit to identify all the types of personal data they hold. Ignorance is not compliance.

GDPR also encourages the use of pseudonymization — such as, for example, encrypting personal data and storing the encryption key separately and securely — as a pro-privacy, pro-security technique that can help minimize the risks of processing personal data. Although pseudonymized data is likely to still be considered personal data; certainly where a risk of reidentification remains. So it does not get a general pass from requirements under the regulation.

Data has to be rendered truly anonymous to be outside the scope of the regulation. (And given how often ‘anonymized’ data-sets have been shown to be re-identifiable, relying on any anonymizing process to be robust enough to have zero risk of re-identification seems, well, risky.)

To be clear, given GDPR’s running emphasis on data protection via data security it is implicitly encouraging the use of encryption above and beyond a risk reduction technique — i.e. as a way for data controllers to fulfill its wider requirements to use “appropriate technical and organisational measures” vs the risk of the personal data they are processing.

The incoming data protection rules apply to both data controllers (i.e. entities that determine the purpose and means of processing personal data) and data processors (entities that are responsible for processing data on behalf of a data controller — aka subcontractors).

Indeed, data processors have some direct compliance obligations under GDPR, and can also be held equally responsible for data violations, with individuals able to bring compensation claims directly against them, and DPAs able to hand them fines or other sanctions.

So the intent for the regulation is there be no diminishing in responsibility down the chain of data handling subcontractors. GDPR aims to have every link in the processing chain be a robust one.

For companies that rely on a lot of subcontractors to handle data operations on their behalf there’s clearly a lot of risk assessment work to be done.

As noted above, there is a degree of leeway for EU Member States in how they implement some parts of the regulation (such as with the age of data consent for kids).

Consumer protection groups are calling for the UK government to include an optional GDPR provision on collective data redress to its DP bill, for example — a call the government has so far rebuffed.

But the wider aim is for the regulation to harmonize as much as possible data protection rules across all Member States to reduce the regulatory burden on digital businesses trading around the bloc.

On data redress, European privacy campaigner Max Schrems — most famous for his legal challenge to US government mass surveillance practices that resulted in a 15-year-old data transfer arrangement between the EU and US being struck down in 2015 — is currently running a crowdfunding campaign to set up a not-for-profit privacy enforcement organization to take advantage of the new rules and pursue strategic litigation on commercial privacy issues.

Schrems argues it’s simply not viable for individuals to take big tech giants to court to try to enforce their privacy rights, so thinks there’s a gap in the regulatory landscape for an expert organization to work on EU citizen’s behalf. Not just pursuing strategic litigation in the public interest but also promoting industry best practice.

The proposed data redress body — called noyb; short for: ‘none of your business’ — is being made possible because GDPR allows for collective enforcement of individuals’ data rights. And that provision could be crucial in spinning up a centre of enforcement gravity around the law. Because despite the position and role of DPAs being strengthened by GDPR, these bodies will still inevitably have limited resources vs the scope of the oversight task at hand.

Some may also lack the appetite to take on a fully fanged watchdog role. So campaigning consumer and privacy groups could certainly help pick up any slack.

Privacy by design and privacy by default

Another major change incoming via GDPR is ‘privacy by design’ no longer being just a nice idea; privacy by design and privacy by default become firm legal requirements.

This means there’s a requirement on data controllers to minimize processing of personal data — limiting activity to only what’s necessary for a specific purpose, carrying out privacy impact assessments and maintaining up-to-date records to prove out their compliance.

Consent requirements for processing personal data are also considerably strengthened under GDPR — meaning lengthy, inscrutable, pre-ticked T&Cs are likely to be unworkable. (And we’ve sure seen a whole lot of those hellish things in tech.) The core idea is that consent should be an ongoing, actively managed process; not a one-off rights grab.

As the UK’s ICO tells it, consent under GDPR for processing personal data means offering individuals “genuine choice and control” (for sensitive personal data the law requires a higher standard still — of explicit consent).

There are other legal bases for processing personal data under GDPR — such as contractual necessity; or compliance with a legal obligation under EU or Member State law; or for tasks carried out in the public interest — so it is not necessary to obtain consent in order to process someone’s personal data. But there must always be an appropriate legal basis for each processing.

Transparency is another major obligation under GDPR, which expands the notion that personal data must be lawfully and fairly processed to include a third principle of accountability. Hence the emphasis on data controllers needing to clearly communicate with data subjects — such as by informing them of the specific purpose of the data processing.

The obligation on data handlers to maintain scrupulous records of what information they hold, what they are doing with it, and how they are legally processing it, is also about being able to demonstrate compliance with GDPR’s data processing principles.

But — on the plus side for data controllers — GDPR removes the requirement to submit notifications to local DPAs about data processing activities. Instead, organizations must maintain detailed internal records — which a supervisory authority can always ask to see.

It’s also worth noting that companies processing data across borders in the EU may face scrutiny from DPAs in different Member States if they have users there (and are processing their personal data).

Although the GDPR sets out a so-called ‘one-stop-shop’ principle — that there should be a “lead” DPA to co-ordinate supervision between any “concerned” DPAs — this does not mean that, once it applies, a cross-EU-border operator like Facebook is only going to be answerable to the concerns of the Irish DPA.

Indeed, Facebook’s tactic of only claiming to be under the jurisdiction of a single EU DPA looks to be on borrowed time. And the one-stop-shop provision in the GDPR seems more about creating a co-operation mechanism to allow multiple DPAs to work together in instances where they have joint concerns, rather than offering a way for multinationals to go ‘forum shopping’ — which the regulation does not permit (per WP29 guidance).

Another change: Privacy policies that contain vague phrases like ‘We may use your personal data to develop new services’ or ‘We may use your personal data for research purposes’ will not pass muster under the new regime. So a wholesale rewriting of vague and/or confusingly worded T&Cs is something Europeans can look forward to this year.

Add to that, any changes to privacy policies must be clearly communicated to the user on an ongoing basis. Which means no more stale references in the privacy statement telling users to ‘regularly check for changes or updates’ — that just won’t be workable.

The onus is firmly on the data controller to keep the data subject fully informed of what is being done with their information. (Which almost implies that good data protection practice could end up tasting a bit like spam, from a user PoV.)

The overall intent behind GDPR is to inculcate an industry-wide shift in perspective regarding who ‘owns’ user data — disabusing companies of the notion that other people’s personal information belongs to them just because it happens to be sitting on their servers.

“Organizations should acknowledge they don’t exist to process personal data but they process personal data to do business,” is how analyst Gartner research director Bart Willemsen sums this up. “Where there is a reason to process the data, there is no problem. Where the reason ends, the processing should, too.”

The data protection officer (DPO) role that GDPR brings in as a requirement for many data handlers is intended to help them ensure compliance.

This officer, who must report to the highest level of management, is intended to operate independently within the organization, with warnings to avoid an internal appointment that could generate a conflict of interests.

Which types of organizations face the greatest liability risks under GDPR? “Those who deliberately seem to think privacy protection rights is inferior to business interest,” says Willemsen, adding: “A recent example would be Uber, regulated by the FTC and sanctioned to undergo 20 years of auditing. That may hurt perhaps similar, or even more, than a one-time financial sanction.”

“Eventually, the GDPR is like a speed limit: There not to make money off of those who speed, but to prevent people from speeding excessively as that prevents (privacy) accidents from happening,” he adds.

Another right to be forgotten

Under GDPR, people who have consented to their personal data being processed also have a suite of associated rights — including the right to access data held about them (a copy of the data must be provided to them free of charge, typically within a month of a request); the right to request rectification of incomplete or inaccurate personal data; the right to have their data deleted (another so-called ‘right to be forgotten’ — with some exemptions, such as for exercising freedom of expression and freedom of information); the right to restrict processing; the right to data portability (where relevant, a data subject’s personal data must be provided free of charge and in a structured, commonly used and machine readable form).

All these rights make it essential for organizations that process personal data to have systems in place which enable them to identify, access, edit and delete individual user data — and be able to perform these operations quickly, with a general 30 day time-limit for responding to individual rights requests.

GDPR also gives people who have consented to their data being processed the right to withdraw consent at any time. Let that one sink in.

Data controllers are also required to inform users about this right — and offer easy ways for them to withdraw consent. So no, you can’t bury a ‘revoke consent’ option in tiny lettering, five sub-menus deep. Nor can WhatsApp offer any more time-limit opt-outs for sharing user data with its parent multinational, Facebook. Users will have the right to change their mind whenever they like.

The EU lawmakers’ hope is that this suite of rights for consenting consumers will encourage respectful use of their data — given that, well, if you annoy consumers they can just tell you to sling yer hook and ask for a copy of their data to plug into your rival service to boot. So we’re back to that fostering trust idea.

Add in the ability for third party organizations to use GDPR’s provision for collective enforcement of individual data rights and there’s potential for bad actors and bad practice to become the target for some creative PR stunts that harness the power of collective action — like, say, a sudden flood of requests for a company to delete user data.

Data rights and privacy issues are certainly going to be in the news a whole lot more.

Getting serious about data breaches

But wait, there’s more! Another major change under GDPR relates to security incidents — aka data breaches (something else we’ve seen an awful, awful lot of in recent years) — with the regulation doing what the US still hasn’t been able to: Bringing in a universal standard for data breach disclosures.

GDPR requires that data controllers report any security incidents where personal data has been lost, stolen or otherwise accessed by unauthorized third parties to their DPA within 72 hours of them becoming aware of it. Yes, 72 hours. Not the best part of a year, like er Uber.

If a data breach is likely to result in a “high risk of adversely affecting individuals’ rights and freedoms” the regulation also implies you should ‘fess up even sooner than that — without “undue delay”.

Only in instances where a data controller assesses that a breach is unlikely to result in a risk to the rights and freedoms of “natural persons” are they exempt from the breach disclosure requirement (though they still need to document the incident internally, and record their reason for not informing a DPA in a document that DPAs can always ask to see).

“You should ensure you have robust breach detection, investigation and internal reporting procedures in place,” is the ICO’s guidance on this. “This will facilitate decision-making about whether or not you need to notify the relevant supervisory authority and the affected individuals.”

The new rules generally put strong emphasis on data security and on the need for data controllers to ensure that personal data is only processed in a manner that ensures it is safeguarded.

Here again, GDPR’s requirements are backed up by the risk of supersized fines. So suddenly sloppy security could cost your business big — not only in reputation terms, as now, but on the bottom line too. So it really must be a C-suite concern going forward.

Nor is subcontracting a way to shirk your data security obligations. Quite the opposite. Having a written contract in place between a data controller and a data processor was a requirement before GDPR but contract requirements are wider now and there are some specific terms that must be included in the contract, as a minimum.

Breach reporting requirements must also be set out in the contract between processor and controller. If a data controller is using a data processor and it’s the processor that suffers a breach, they’re required to inform the controller as soon as they become aware. The controller then has the same disclosure obligations as per usual.

Essentially, data controllers remain liable for their own compliance with GDPR. And the ICO warns they must only appoint processors who can provide “sufficient guarantees” that the regulatory requirements will be met and the rights of data subjects protected.

tl;dr, be careful who and how you subcontract.

Right to human review for some AI decisions

Article 22 of GDPR places certain restrictions on entirely automated decisions based on profiling individuals — but only in instances where these human-less acts have a legal or similarly significant effect on the people involved.

There are also some exemptions to the restrictions — where automated processing is necessary for entering into (or performance of) a contract between an organization and the individual; or where it’s authorized by law (e.g. for the purposes of detecting fraud or tax evasion); or where an individual has explicitly consented to the processing.

In its guidance, the ICO specifies that the restriction only applies where the decision has a “serious negative impact on an individual”.

Suggested examples of the types of AI-only decisions that will face restrictions are automatic refusal of an online credit application or an e-recruiting practices without human intervention.

Having a provision on automated decisions is not a new right, having been brought over from the 1995 data protection directive. But it has attracted fresh attention — given the rampant rise of machine learning technology — as a potential route for GDPR to place a check on the power of AI blackboxes to determine the trajectory of humankind.

The real-world impact will probably be rather more prosaic, though. And experts suggest it does not seem likely that the regulation, as drafted, equates to a right for people to be given detailed explanations of how algorithms work.

Though as AI proliferates and touches more and more decisions, and as its impacts on people and society become ever more evident, pressure may well grow for proper regulatory oversight of algorithmic blackboxes.

In the meanwhile, what GDPR does in instances where restrictions apply to automated decisions is require data controllers to provide some information to individuals about the logic of an automated decision.

They are also obliged to take steps to prevent errors, bias and discrimination. So there’s a whiff of algorithmic accountability. Though it may well take court and regulatory judgements to determine how stiff those steps need to be in practice.

Individuals do also have a right to challenge and request a (human) review of an automated decision in the restricted class.

Here again the intention is to help people understand how their data is being used. And to offer a degree of protection (in the form of a manual review) if a person feels unfairly and harmfully judged by an AI process.

The regulation also places some restrictions on the practice of using data to profile individuals if the data itself is sensitive data — e.g. health data, political belief, religious affiliation etc — requiring explicit consent for doing so. Or else that the processing is necessary for substantial public interest reasons (and lies within EU or Member State law).

While profiling based on other types of personal data does not require obtaining consent from the individuals concerned, it still needs a legal basis and there is still a transparency requirement — which means service providers will need to inform users they are being profiled, and explain what it means for them.

And people also always have the right to object to profiling activity based on their personal data.

 

Source: https://techcrunch.com/2018/01/20/wtf-is-gdpr/

Google introduces an ad blocker to Chrome – Filtering – Censorship?

Photo by David Ramos/Getty Images

Google will introduce an ad blocker to Chrome early next year and is telling publishers to get ready.

The warning is meant to let websites assess their ads and strip any particularly disruptive ones from their pages. That’s because Chrome’s ad blocker won’t block all ads from the web. Instead, it’ll only block ads on pages that are determined to have too many annoying or intrusive advertisements, like videos that autoplay with sound or interstitials that take up the entire screen.

Sridhar Ramaswamy, the executive in charge of Google’s ads, writes in a blog post that even ads “owned or served by Google” will be blocked on pages that don’t meet Chrome’s guidelines.

Instead of an ad “blocker,” Google is referring to the feature as an ad “filter,” according toThe Wall Street Journal, since it will still allow ads to be displayed on pages that meet the right requirements. The blocker will work on both desktop and mobile.

Google is providing a tool that publishers can run to find out if their sites’ ads are in violation and will be blocked in Chrome. Unacceptable ads are being determined by a group called the Coalition for Better Ads, which includes Google, Facebook, News Corp, and The Washington Post as members.

Google shows publishers which of their ads are considered disruptive.

The feature is certain to be controversial. On one hand, there are huge benefits for both consumers and publishers. But on the other, it gives Google immense power over what the web looks like, partly in the name of protecting its own revenue.

First, the benefits: bad ads slow down the web, make the web hard and annoying to browse, and have ultimately driven consumers to install ad blockers that remove all advertisements no matter what. A world where that continues and most users block all ads looks almost apocalyptic for publishers, since nearly all of your favorite websites rely on ads to stay afloat. (The Verge, as you have likely noticed, included.)

By implementing a limited blocking tool, Google can limit the spread of wholesale ad blocking, which ultimately benefits everyone. Users get a better web experience. And publishers get to continue using the ad model that’s served the web well for decades — though they may lose some valuable ad units in the process.

There’s also a good argument to be made that stripping out irritating ads is no different than blocking pop ups, which web browsers have done for years, as a way to improve the experience for consumers.

But there are drawbacks to building an ad blocker into Chrome: most notably, the amount of power it gives Google. Ultimately, it means Google gets to decide what qualifies as an acceptable ad (though it’s basing this on standards set collectively by the Coalition for Better Ads). That’s a good thing if you trust Google to remain benign and act in everyone’s interests. But keep in mind that Google is, at its core, an ad company. Nearly 89 percent of its revenue comes from displaying ads.

The Chrome ad blocker doesn’t just help publishers, it also helps Google maintain its dominance. And it advantages Google’s own ad units, which, it’s safe to say, will not be in violation of the bad ad rules.

This leaves publishers with fewer options to monetize their sites. And given that Chrome represents more than half of all web browsing on desktop and mobile, publishers will be hard pressed not to comply.

Google will also include an option for visitors to pay websites that they’re blocking ads on, through a program it’s calling Funding Choices. Publishers will have to enable support for this feature individually. But Google already tested a similar feature for more than two years, and it never really caught on. So it’s hard to imagine publishers seeing what’s essentially a voluntary tipping model as a viable alternative to ads.

Ramaswamy says that the goal of Chrome’s ad blocker is to make online ads better. “We believe these changes will ensure all content creators, big and small, can continue to have a sustainable way to fund their work with online advertising,” he writes.

And what Ramaswamy says is probably true: Chrome’s ad blocker likely will clean up the web and result in a better browsing experience. It just does that by giving a single advertising juggernaut a whole lot of say over what’s good and bad.

https://www.theverge.com/2017/6/1/15726778/chrome-ad-blocker-early-2018-announced-google

Amazon will continue to invest heavily in India

Amazon.com     Inc.     will     continue      investing  heavily  in  India,  the  chief   of its local operations said, dispelling  concerns of slower spending by the  US  e-commerce  company  after  its   chief financial officer Brian Olsavsky  said that while the India investments  were  starting  to  show  results,  they   had   hit   margins,   contributing   to    lower-than-expected  results  in  the   third quarter. “Not   at   all,”   Amazon’s   India   chief    Amit  Agarwal  said  in  an  interview   on   Monday   when   asked   whether    Amazon       would       slow       down        investments     in     India.     Amazon,      which  initially  said  it  would  invest   $2  billion  in  India,  had  said  in  June   that it would invest an additional $3  billion in the country. That investment is on track, Agarwal  said,  adding  that  the  company  is   “excited  about  the  momentum  that   we see in India”. “India is very early in its e-commerce  trajectory. Amazon is very early in its  e-commerce  trajectory  in  India.  To   transform how India buys is going  to take a long time; it will take a lot  of investment and… for many years.  This is just the beginning.” Amazon is betting big on its Prime  service in India and expects the  loyalty programme to dominate  sales in the coming months. “Prime continued to be the top seller  in all of October, not just for wave  one (of the Great Indian Festival).  Prime membership continues to  be a top seller and it is going to be  so going forward every month. My  belief is that Prime membership will  be the top seller every month based  on the trends that we are seeing,”  said Agarwal. On Monday, Amazon also said that  it witnessed record numbers during  its month-long Diwali sale event,  the Great Indian Festival, with sales  jumping 2.7 times from last year. This year’s Diwali sale has proven  to be the biggest showdown in the  history of Indian e-commerce, with  Amazon India and rival Flipkart  going all out to woo shoppers. While Flipkart claimed to outsell  Amazon India during the first leg of  the sale season, Amazon claims it  came back strongly during the latter  half of the sale season, with bigger  discounts in key categories such as  smartphones and large appliances. “October this year for us was 2.7  times of last year’s October—which  is incredible because last year was  4 times the October before,” said  Agarwal, adding that this growth  came even as “conversations”  suggested growth in India’s  e-commerce business was going to  be flat. Agarwal said that October could be  an inflection point for e-commerce  in India. “We had categories from  phones to Amazon Fashion to  appliances growing three to 11  times; even newer categories such  as luxury and beauty grew 46 times;  grocery and everyday consumables,  7.1 times; furniture, 11.8 times; gold  jewellery, eight times—so a lot of  these categories are showing robust  growth.” Agarwal said that 70% of the  company’s new customers in  October came from tier-II and tier-III  cities, adding that it was confident  of carrying the momentum from its  Diwali sale well into November and  December. Mint couldn’t independently verify  the numbers, but, in general,  all e-commerce marketplaces  (including Snapdeal, Amazon and  Flipkart’s smaller rival) did well in  October, carrying forward their  momentum from their annual sales. “When I look at the gaps between  the waves, our growth rates in those  gaps continued to the same extent.  We’re growing at 150% year-over- year. At peacetime, the growth rate  is still what I’m telling you. And as  we exit out of wave three (the third  sale event in October), we don’t see  a slowdown,” Agarwal said. “The broader e-commerce story is  not just a Flipkart-Amazon battle. Of  course, both Flipkart and Amazon  are trying to get a fair share of the pie  in key categories such as electronics,  fashion and large appliances. And  despite drags on margins, nobody is  going to reduce investments in India.  What you will see, however, is that  they will focus on innovation. For  example, during the festive season,  smartphone sales shot up and a lot  of the sales jumped due to things  like product exchanges. Another  new innovation was something like  Amazon Prime. So, you’ll see a lot of  that going forward,” said Sreedhar  Prasad, partner-e-commerce at  KPMG

The tyranny of messaging and notifications

Welcome to Mossberg, a weekly commentary and reviews column on The Verge and Recode by veteran tech journalist Walt Mossberg, now an Executive Editor at The Verge and Editor at Large of Recode.

Up until just a few years ago, I got around 350 emails a day, which presented me with an exhausting, time-consuming daily task that I grumbled about plenty. Now, because of social media and messaging services, that number has been cut by more than half. But things are actually worse.

These days, messages come at me from so many directions that it’s incredibly distracting and even harder to deal with. Friends, co-workers, business acquaintances and strangers contact me on multiple siloed services, which can signal subtle shades of immediacy or weight. And when I have to reach someone with something important and time-sensitive, I often wind up resorting to two or more similar but independent pathways, because I’m never sure which one will be likelier to work, since he or she is under a similar assault.

And then there are the notifications, ever-present on every operating system on every device. Sure, you can fine tune or even silence them with some work (more on that later), but most people don’t, or don’t know how, or feel they don’t dare. Notifications are supposed to save you time, but often they wind up doing the opposite.

Many mornings, it’s common for the lock screen of my iPhone and the right-hand side of my Mac’s screen to be jammed with notifications about „news“ I don’t care about, messages whose relevance has come and gone overnight, tips on birthdays of people I’m not close to, reminders of meetings I’m not attending, and warnings of traffic tie-ups on roads I don’t use. The signal-to-noise ratio is very poor, and gets only marginally better during the work day.

The confusion will only grow

And this weird, mixed-up communications structure is about to get more complex, because U.S. tech companies — following a strong trend in Asia — are turning messaging from a service into a platform, with supposedly intelligent bots and assistants and apps built into them. Apple is beefing up iMessage. Facebook is beefing up Messenger. Google, which has been behind in messaging, is launching two new platforms: Allo for text and images and emojis, and Duo for videos.

Maybe these bots and assistants and apps will be a means to controlling and focusing your messaging and communications, but that would be a hard, tricky job. More likely, I fear, they will just spew more messages and notifications they think — wrongly — you care about.

Alongside the race for consumer loyalty among these giants, there’s a parallel race to become the new-style internal messaging system for companies. In the lead so far is Slack, an unthreaded, sometimes chaotic series of chat rooms which my employer, Vox Media, uses, and which claims to be the fastest-growing business application on the market. Microsoft and others are trying to catch up. Slack is just another thing you have to keep up with.

I don’t know about you, but I expect to be pretty cautious about committing to Google’s new Allo service, once I’ve tried it out. Other new services inspire similar caution. All due respect to the smart folks at Google, but I’m just not sure I can handle yet another messaging service in my life.

Stop! Attention thief!

Sometimes, I yearn for the old days of email dominance (I can’t believe I typed those words). Why? Because despite the spam, you could be pretty sure you were good if you just checked it a few times a day, since most people used it as their primary means of written communication and they usually didn’t expect an immediate response.

A text, or short internet message, on the other hand, seems to demand instant attention, and may even lead to a whole thread of conversation. This can sometimes be delightful or enlightening, but it takes you away from the moment — from your thinking, reading, working. It steals your attention at a time of the sender’s choosing.

Even social network posts can act like this. You might be succeeding — for a while at least — in staying away from Facebook or Twitter while you work on a project or think through a problem. But then somebody acts on one of your posts, or even on a post you merely commented on, and boom! There’s a notification nagging at you. This happened to me as I was writing this column, because I forgot to kill notifications for awhile.

And, of course, a tweet or Facebook post can spawn a whole, sometimes heated, conversation that’s hard to ignore, even if you’re not browsing your whole feed for news or amusing GIFs.

The rabbit holes are everywhere, and it’s too easy to fall down them.

Dumb and dumber

One reason for the messaging overload, especially when it comes to notifications, is that too many apps just have no idea what’s relevant to you, or don’t care. For instance, I signed up for a local text alert service to get notified of things like dangerous storms on the way or bad road conditions, But I’m on the verge of shutting it off because it floods me with texts about anything worse than a fender bender on roads I never travel. It knows nothing about my driving habits and offers no way to teach it. Then, it compounds the distraction by texting me again when the irrelevant traffic tie-up is cleared.

Starbucks notifies me when I’m near one of its branches where I buy a lot of coffee. But the notification remains on my Apple Watch long after I’ve left the vicinity of that store. CVS notifies me of sales, when I really don’t care and I only wanted to know if my prescription is ready.

And to make some of these apps smarter, I might have to give up more of my personal information, which is a dangerous balance — especially when dozens of these apps start asking for it.

The big solution?

It would be nice if, like most email services, these major and forthcoming messaging services could somehow interoperate in the same client of your choice, so they could all somehow learn your preferences and you could use a single scheme of settings and preferences to control their behavior (maybe you could „snooze“ them) and their notifications. But that seems highly unlikely.  Palm’s webOS operating system had a feature something like this called Synergy, but it’s defunct.

So the big fix to this is probably up to the makers of the operating system platforms. They permit and control the notifications, at the least. They could create more and better user tailoring and learning that could be shared by all messaging services. But the problem, of course, is that the two big mobile OS makers, Apple and Google, are also deeply enmeshed in the messaging wars.

The small, available solution

So, what can you do? Well, you can be like me and vow to stick with one or two messaging services, turn off all notifications when need be, and, at times, when it really matters, put your mobile devices into airplane mode for an hour here and there, even on the ground.

Or, you could carefully tweak your notifications on iOS and Android. For instance, if you have an iPhone, you could open your Notification settings and go through the long list of apps you own, decide if you want notifications from each, and then, if so, what types of notification (sounds? lock screen snippets? A badge? one of two types of banners?)

And then, you could dive into the preferences on Facebook and Twitter, and quiet the notifications that stem from threads in which you are involved.

This might do the trick, but, if you’re a power user, it’s a daunting task. It’s like that vow you make, but never keep, to devote a bunch of time to paring down your list of Facebook friends.

A shorter, simpler list of steps outlined here should help.

But none of the excitement and energy around messaging as a new platform will go anywhere if managing the flow of messages is more trouble than they’re actually worth.

http://www.theverge.com/2016/7/6/12102874/walt-mossberg-messaging-notifications

You can make the walled garden very very sweet, but the jungle outside is always more appealing in the long term.

Transformers  event

As fragile as paper is, written documents and records have long provided historians with a wealth of insight about that past that often helps shape the present. And they don’t need any special technology to read them. Cerf himself points to historian Doris Kearns Goodwin’s 2005 bestseller Team of Rivals, which she based on the diary entries and letters of Abraham Lincoln and his cabinet members. The book influenced how President Obama shaped his own cabinet and became the basis for the Steven Spielberg film Lincoln. In short, old records are important. But as Cerf’s own email obsolescence shows, digital communications quickly become unreadable.

Don’t believe it? What would you do right now if you wanted to read something stored on a floppy disk? On a Zip drive? In the same way, the web browsers of the future might not be able to open today’s webpages and images–if future historians are lucky enough to have copies of today’s websites at all. Says Cerf, “I’m concerned about a coming digital dark ages.”

That’s why he and some of his fellow inventors of the Internet are joining with a new generation of hackers, archivists, and activists to radically reinvent core technologies that underpin the web. Yes, they want to make the web more secure. They want to make it less vulnerable to censorship. But they also want to make it more resilient to the sands of time.

The Permanent Web

Today, much of the responsibility for preserving the web’s history rests on The Internet Archive. The non-profit’s Wayback Machine crawls the web perpetually, taking snapshots that let you, say, go back and see how WIRED looked in 1997. But the Wayback Machine has to know about a site before it can index it, and it only grabs sites periodically. Based on the Internet Archive’s own findings, the average webpage only lasts about 100 days. In order to preserve a site, the Wayback Machine has to spot it in that brief window before it disappears.

What’s more, the Wayback Machine is a centralized silo of information—an irony that’s not lost on the inventors of the Internet. If it runs out of money, it could go dark. And because the archives originate from just one web address, it’s relatively easy for censors, such as those in China, to block users from accessing the site entirely. The Archive Team–an unrelated organization–is leading an effort to create a more decentralized backup on the Internet Archive. But if Internet Archive founder Brewster Kahle, Cerf, and their allies who recently came together at what they called the Decentralized Web Summit have their way, the world will one day have a web that archives itself and backs itself up automatically.

Some pieces of this new web already exist. Interplanetary File System, or IPFS, is an open source project that taps into ideas pioneered by the decentralized digital currency Bitcoin and the peer-to-peer file sharing system BitTorrent. Sites opt in to IPFS, and the protocol distributes files among participating users. If the original web server goes down, the site will live on thanks to the backups running on other people’s computers. What’s more, these distributed archives will let people browse previous versions of the site, much the way you can browse old edits in Wikipedia or old versions of websites in the Wayback Machine.

“We are giving digital information print-like quality,” says IPFS founder Juan Benet. “If I print a piece of paper and physically hand it to you, you have it, you can physically archive it and use it in the future.” And you can share that copy with someone else.

What would you do right now if you wanted to read something stored on a floppy disk? On a Zip drive?

Right now IPFS is still just a tool the most committed: you need to have IPFS’s software installed on your computer to take part. But Benet says the team has already built a version of the software in JavaScript that can run in your browser without the need to install any new software at all. If it winds up on everyone’s browsers, the idea goes, then everyone can help back up the web.

Unlike the early web, the web of today isn’t just a collection of static HTML files. It’s a rich network of interconnected applications like Facebook and Twitter and Slack that are constantly changing. A truly decentralized web will need ways not just to back up pages but applications and data as well. That’s where things get really tricky–just ask the team behind the decentralized crowdfunding system DAO which was just hacked to the tune of $50 million last week.

The IPFS team is already hard at work on a feature that would allow a web app to keep trucking along even if the original server disappears, and it’s already built a chat app to demonstrate the concept. Meanwhile, several other projects– such as Ethereum, ZeroNet and the SAFE Network—aspire to create ways to build websites and applications that don’t depend on a single server or company to keep running. And now, thanks in large part to the Summit, many of them are working to make their systems cross-compatible.

Why Bother?

Even if the web winds up in a new, better of digital archive, plenty of problems still remain. Today’s web isn’t just a collection of static HTML files; it’s dynamic apps like Facebook, Twitter, and Slack. The operating systems and hardware of the future might not be able to read or run any of those. The same holds true for videos, photos, maybe even text.

Many efforts are afoot to right those weaknesses. But why bother?

‚We are giving digital information print-like quality.‘

After all, if anyone really cares about a specific file or site, can’t they just transfer the files to newer media and convert the most important files to newer formats? The problem with that line of thinking, Cerf says, is that people often don’t always know what’s important right away. For example, sailors have kept meticulous records of weather and temperatures in locations all over the world for centuries. That sort of information probably seemed useless, the sort of thing geeks of old preserved out of a vague sense of historical purpose. But guess what: climate scientists may find all that weather data very valuable. (The Old Weather project is now hard at work digitizing those old ship logs.)

Still: some websites just shouldn’t last forever. Does anyone in the future really need to see old drunken college photos or inadvisable Facebook rants? Meanwhile, activists and law enforcement are trying to stop web publishers from posting nude photos of people without their consent–a practice known as “revenge porn.” These same preservation tools that could make it harder for governments to censor the web could make it harder for people to scrub content from the web that shouldn’t be there anyway. People like Snapchat for a reason.

‚The walled garden is very sweet. But the jungle outside is always more appealing.‘

Cerf suggests possible technical workarounds to this problem. Web publishers, for example, could specify whether other people can automatically archive their sites. Bennet says the IPFS team has been considering a feature that would enable the original publisher of a page to un-publish it by sending a beacon to all other servers hosting a page asking for its removal. The IPFS servers could also host blacklists to remove copyrighted material. Still, those blacklists themselves become a reminder of the things we’re trying to forget.

But the biggest problem facing the decentralized web is probably neither technical or legal. And that’s getting people to care in the first place. At a time when people spend most of their time in closed-off platforms like Facebook and Snapchat, so much of what humans digitally produce stays locked up anyway. Bringing people back to the open web is going to mean creating user experiences that are fun enough and easy enough to persuade people to venture out of the confines of today’s app-centric
Internet.

But Tim Berners-Lee, the creator of the original web, isn’t worried. After all, the open web already beat out walled gardens with names like America Online, Compuserve, and Prodigy. “You can make the walled garden very very sweet,” Berners-Lee said at the summit. “But the jungle outside is always more appealing in the long term.”

The Inventors of the Internet Are Trying to Build a Truly Permanent Web

Diane Greene, the woman Google acqui-hired in November to transform its fragmented cloud business

The first thing to understand about Diane Greene, the woman Google acqui-hired in November to transform its fragmented cloud business, is that she has the mind of an engineer.

Cool technology, elegantly designed and built, lights her up. Even her jokes tend to be geek oriented.

A lifelong competitive sailor, she was a mechanical engineer who built boats and windsurfers before she became an iconic Silicon Valley computer scientist.

The second thing to understand about her is that she hates the limelight.

While she’s fine with standing on stage talking about all the cool things Google is building for their new target customer, big companies, she prefers not to talk about herself.

In fact, she’s so ego-free, her office at Google’s Mountain View, California, headquarters is just a tiny windowless room, big enough to hold an ordinary desk and two chairs.

Diane GreeneBusiness InsiderDiane Greene.

Before she took the job, Google had been building products and pursuing business customers in a sort of hodgepodge way. Its Google for Work unit had Google Apps, Chromebooks, and an assortment of other products like videoconferencing.

It had poached Amit Singh from Oracle a few years back to help turn Google Apps into a more professional business unit, capable of taking on Microsoft Office. He had hired salespeople and created a support organization. (He’s since moved on to work for Google’s young virtual-reality unit.)

But Google for Work wasn’t working very closely with Google’s nascent cloud-computing business, running under Urs Hölzle.

That unit included a huge cadre of people running Google’s data centers (600 computer-security experts alone, for instance), but only a small separate sales force.

In the seven months since Greene came in that’s changed. She:

  • hired experienced enterprise sales and support personnel.
  • created the office of the CTO, which handles the technical questions, design, or customization of large customer needs.
  • created units that focus on specific industries, because an agriculture firm has different needs than a retailer.
  • created programs for getting more „reseller“ partners on board, the small consultants who will sell and support Google’s cloud to smaller customers, offering niche services.
  • created a Global Alliance program for working with big global partners.

„So these are all new,“ Greene tells us.

Now all the teams are working together. „We all get together once a week, we share and discuss and debate,” she says. „It wasn’t possible before I came because sales and marketing were in a different division than cloud. And cloud was in a different division than Apps. I feel like the structure is in place now and we’re hiring very aggressively.”

Hölzle wooed her to the job

Greene made her name as cofounder of VMware, with her famous Stanford professor husband, Mendel Rosenblum. VMware has gone on to become a giant tech company. She left the VMware CEO role about eight years ago, after EMC bought it.

Google Urs HolzleGoogle+Urs Hölzle.

Until taking this Google job, she was quietly doing her own thing, raising her kids, advising and angel investing in startups (many of which did spectacularly well), and serving on a few boards, including Google’s board since 2012. She was under the radar but still highly and widely respected, the queen of enterprise computing.

She was also working on a new startup, Bebop Technologies, until Google bought it for $380 million when it hired her. Greene’s take was $149 million, and she and her husband dedicated that money to charity.

Hölzle, the engineer who famously built Google’s data centers and runs the technical side of the cloud business, is Greene’s partner.

He believes that within a few years, Google’s cloud business can be bigger than its ad business. That’s a big goal: Google currently makes the vast majority of its $75 billion in annual revenue from ads.

Hölzle is the one who talked Greene into taking this job as they hung out walking their dogs together.

„Through being on the board, I got to know Urs and started working with him informally,“ Greene says.

„We knew we needed an overall business leader. He’s a brilliant person and fun to work with. He really wanted to me to do it. I just realized, wow, partnering with Urs, we can really do this, with the backdrop of Google which is just this amazing company,“ she says.

A new phenom

Google has placed itself at the center of one of the biggest, newest trends happening in the enterprise market. Some people call this trend digital transformation. But it’s more than just automating manual processes or turning paper forms into iPad apps.

cowsFlickr/Amanda Parsons

More and more, the IT departments at large companies have started treating their tech vendors as partners that help them cocreate the tech they need.

“This is new for me. I’ve never been in the enterprise where your customers are your partners. It was always, you had customers and you had partners. But almost every customer of a certain size is a partner. It’s going both ways now,“ Greene says.

She points to one customer, Land O’Lakes, as an example.

Land O’Lakes is probably best known for its butter and dairy products. It took crop and weather data from Google and worked with Google to build an app hosted on Google’s cloud. The app helps its farm and dairy co-op members improve their crop yields.

“It’s fun for us to help them do that,” she says. Unlike the old days, where an IT company would be the one to build the app and sell it to agriculture companies, “we don’t have to do it ourselves.”

‚More and more‘

This idea of partnering with customers is the key to her strategy.

google photos california mountainsTim Stenovec/Business InsiderGoogle Photos understand the image in the photo.

„For me, this is such a revolution,“ she says. „Everything is changing now that we are in the cloud in terms of sharing our data, understanding our data using new techniques like machine learning.“

Google’s competitive strength, Greene believes, is the breadth of the tech it can offer an enterprise.

Enterprise-app developers can tap into things like Maps, Google’s computer-vision engine (the tech that powers Google Photos), weather data, and language/translation/speech recognition. They can build apps on top of Google’s Calendar, documents, spreadsheet and presentation apps.

And, under Greene’s new integrated organization, they can even tap into the tech that powers Google’s ads or YouTube, search, or its many other services.

„And we’re going to have more and more,“ she says.

When a company can take its own data and combine it with all of Google’s technology and Google’s data, „there’s just huge possibilities,“ she says.

google chromebook play store android appsGoogle

Greene will tell you, „We’re the only public cloud company with all of that.“

When pointing out that Microsoft also offers a computer vision API, translation services, and APIs for Office 365, and that IBM also offers weather data and language services, and so on, Greene’s got a comeback ready.

“We have Chromebooks.”

Well, Microsoft has Surface.

“But Chromebooks can run all the Android apps, are totally secure, they have administration … and they have a nice keyboard,“ she laughs.

In fact, Greene says, “I only use a Chromebook now. I never thought I could do that but I love it.”

She’s watching Amazon

In truth, she’s not laser-focused on overtaking Microsoft, widely considered the No. 2 cloud player, with Google trailing behind.

google cloud napkinGoogle

She, like all the cloud vendors, are looking at market leader Amazon Web Services, which is raking in the enterprise-cloud customers.

AWS is even convincing a growing number of them to shut down all of their data centers and just rent everything from AWS. This includes Intuit, the other company where Greene is a board member.

AWS is so successful it’s currently on track to do $10 billion in revenue this fiscal year, and it’s also Amazon’s most profitable business unit.

And it blows all the competition out of the water in the sheer number of features on its cloud, as well as its partner ecosystem.

So how is she going to beat Amazon? By offering better tech, she says.

“I’m a little biased but I really do think, on the hard stuff, we’re the world’s best cloud,” she says.

Diane GreeneGoogleDiane Greene

“I agree we have more features to do, although we have the basics for enterprise that you need. We have more partners to bring on, but we’re doing that very quickly. But the hard stuff, I do think we’re the world’s best.”

While Greene would not share the cloud unit’s growth numbers, she says that “growth is really good and we’re doing great stuff with some really big customers.“

She adds: „We’ve been moving customers to our cloud both from Amazon and on-prem.“

„On-prem“ means getting companies to move the apps they have running in their own computers on their own premises into Google’s cloud.

Google has even been engaging Amazon with its price-cut war, according to Greene. “They’ve been following our price cuts. We’ve been initiating them,” she says.

She jokes, „We should make a T-shirt: ‚the highest quality, lowest-cost cloud.'“

http://www.businessinsider.de/how-diane-greene-transformed-googles-cloud-2016-6