law enforcement
Auto Added by WPeMatico
Auto Added by WPeMatico
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.
The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 trillion minutes using apps on Android devices alone. And in the U.S., app usage surged ahead of the time spent watching live TV. Currently, the average American watches 3.7 hours of live TV per day, but now spends four hours per day on their mobile devices.
Apps aren’t just a way to pass idle hours — they’re also a big business. In 2019, mobile-first companies had a combined $544 billion valuation, 6.5x higher than those without a mobile focus. In 2020, investors poured $73 billion in capital into mobile companies — a figure that’s up 27% year-over-year.
Do you want This Week in Apps in your inbox every Saturday? Sign up here: techcrunch.com/newsletters
Apple announced a major initiative to scan devices for CSAM imagery. The company on Thursday announced a new set of features, arriving later this year, that will detect child sexual abuse material (CSAM) in its cloud and report it to law enforcement. Companies like Dropbox, Google and Microsoft already scan for CSAM in their cloud services, but Apple had allowed users to encrypt their data before it reached iCloud. Now, Apple’s new technology, NeuralHash, will run on users’ devices, tatformso detect when a users upload known CSAM imagery — without having to first decrypt the images. It even can detect the imagery if it’s been cropped or edited in an attempt to avoid detection.
Meanwhile, on iPhone and iPad, the company will roll out protections to Messages app users that will filter images and alert children and parents if sexually explicit photos are sent to or from a child’s account. Children will not be shown the images but will instead see a grayed-out image instead. If they try to view the image anyway through the link, they’ll be shown interruptive screens that explain why the material may be harmful and are warned that their parents will be notified.
Some privacy advocates pushed back at the idea of such a system, believing it could expand to end-to-end encrypted photos, lead to false positives, or set the stage for more on-device government surveillance in the future. But many cryptology experts believe the system Apple developed provides a good balance between privacy and utility, and have offered their endorsement of the technology. In addition, Apple said reports are manually reviewed before being sent to the National Center for Missing and Exploited Children (NCMEC).
The changes may also benefit iOS developers who deal in user photos and uploads, as predators will no longer store CSAM imagery on iOS devices in the first place, given the new risk of detection.
Image Credits: Apple
Though not yet publicly available to all users, those testing the new iOS 15 mobile operating system got their first glimpse of a new App Store discovery feature this week: “in-app events.” First announced at this year’s WWDC, the feature will allow developers and Apple editors alike to showcase directly on the App Store upcoming events taking place inside apps.
The events can appear on the App Store homepage, on the app’s product pages or can be discovered through personalized recommendations and search. In some cases, editors will curate events to feature on the App Store. But developers will also be provided tools to submit their own in-app events. TikTok’s “Summer Camp” for creators was one of the first in-app events to be featured, where it received a top spot on the iPadOS 15 App Store.
Apple expands support for student IDs on iPhone and Apple Watch ahead of the fall semester. Tens of thousands more U.S. and Canadian colleges will now support mobile student IDs in the Apple Wallet app, including Auburn University, Northern Arizona University, University of Maine, New Mexico State University and others.
Apple was accused of promoting scam apps in the App Store’s featured section. The company’s failure to properly police its store is one thing, but to curate an editorial list that actually includes the scams is quite another. One of the games rounded up under “Slime Relaxations,” an already iffy category to say the least, was a subscription-based slime simulator that locked users into a $13 AUD per week subscription for its slime simulator. One of the apps on the curated list didn’t even function, implying that Apple’s editors hadn’t even tested the apps they recommend.
Tax changes hit the App Store. Apple announced tax and price changes for apps and IAPs in South Africa, the U.K. and all territories using the Euro currency, all of which will see decreases. Increases will occur in Georgia and Tajikistan, due to new tax changes. Proceeds on the App Store in Italy will be increased to reflect a change to the Digital Services Tax effective rate.
Game Center changes, too. Apple said that on August 4, a new certificate for server-based Game Center verification will be available via the publicKeyUrl.
Robinhood stock jumped more than 24% to $46.80 on Tuesday after initially falling 8% on its first day of trading last week, after which it had continued to trade below its opening price of $38.
Square’s Cash app nearly doubled its gross profit to $546 million in Q2, but also reported a $45 million impairment loss on its bitcoin holdings.
Coinbase’s app now lets you buy your cryptocurrency using Apple Pay. The company previously made its Coinbase Card compatible with Apple Pay in June.
An anonymous app called Sendit, which relies on Snap Kit to function, is climbing the charts of the U.S. App Store after Snap suspended similar apps, YOLO and LMK. Snap was sued by the parent of child who was bullied through those apps, which led to his suicide. Sendit also allows for anonymity, and reviews compare it to YOLO. But some reviews also complained about bullying. This isn’t the first time Snap has been involved in a lawsuit related to a young person’s death related to its app. The company was also sued for its irresponsible “speed filter” that critics said encouraged unsafe driving. Three young men died using the filter, which captured them doing 123 mph.
TikTok is testing Stories. As Twitter’s own Stories integrations, Fleets, shuts down, TikTok confirmed it’s testing its own Stories product. The TikTok Stories appear in a left-hand sidebar and allow users to post ephemeral images or video that disappear in 24 hours. Users can also comment on Stories, which are public to their mutual friends and the creator. Stories on TikTok may make more sense than they did on Twitter, as TikTok is already known as a creative platform and it gives the app a more familiar place to integrate its effects toolset and, eventually, advertisements.
Facebook has again re-arranged its privacy settings. The company continually moves around where its privacy features are located, ostensibly to make them easier to find. But users then have to re-learn where to go to find the tools they need, after they had finally memorized the location. This time, the settings have been grouped into six top-level categories, but “privacy” settings have been unbundled from one location to be scattered among the other categories.
A VICE report details ban-as-a-service operations that allow anyone to harass or censor online creators on Instagram. Assuming you can find it, one operation charged $60 per ban, the listing says.
TikTok merged personal accounts with creator accounts. The change means now all non-business accounts on TikTok will have access to the creator tools under Settings, including Analytics, Creator Portal, Promote and Q&A. TikTok shared the news directly with subscribers of its TikTok Creators newsletter in August, and all users will get a push notification alerting them to the change, the company told us.
Discord now lets users customize their profile on its apps. The company added new features to its iOS and Android apps that let you add a description, links and emojis and select a profile color. Paid subscribers can also choose an image or GIF as their banner.
Twitter Spaces added a co-hosting option that allows up to two co-hosts to be added to the live audio chat rooms. Now Spaces can have one main host, two co-hosts and up to 10 speakers. Co-hosts have all the moderation abilities as hosts, but can’t add or remove others as co-hosts.
Tencent reopened new user sign-ups for its WeChat messaging app, after having suspended registrations last week for unspecified “technical upgrades.” The company, like many other Chinese tech giants, had to address new regulations from Beijing impacting the tech industry. New rules address how companies handle user data collection and storage, antitrust behavior and other checks on capitalist “excess.” The gaming industry is now worried it’s next to be impacted, with regulations that would restrict gaming for minors to fight addiction.
WhatsApp is adding a new feature that will allow users to send photos and videos that disappear after a single viewing. The Snapchat-inspired feature, however, doesn’t alert you if the other person takes a screenshot — as Snap’s app does. So it may not be ideal for sharing your most sensitive content.
Telegram’s update expands group video calls to support up to 1,000 viewers. It also announced video messages can be recorded in higher quality and can be expanded, regular videos can be watched at 0.5 or 2x speed, screen sharing with sound is available for all video calls, including 1-on-1 calls, and more.
American Airlines added free access to TikTok aboard its Viasat-equipped aircraft. Passengers will be able to watch the app’s videos for up to 30 minutes for free and can even download the app if it’s not already installed. After the free time, they can opt to pay for Wi-Fi to keep watching. Considering how easy it is to fall into multi-hour TikTok viewing sessions without knowing it, the addition of the addictive app could make long plane rides feel shorter. Or at least less painful.
Chinese TikTok rival Kuaishou saw stocks fall by more than 15% in Hong Kong, the most since its February IPO. The company is another victim of an ongoing market selloff triggered by increasing investor uncertainty related to China’s recent crackdown on tech companies. Beijing’s campaign to rein in tech has also impacted Tencent, Alibaba, Jack Ma’s Ant Group, food delivery company Meituan and ride-hailing company Didi. Also related, Kuaishou shut down its controversial app Zynn, which had been paying users to watch its short-form videos, including those stolen from other apps.
Twitch overtook YouTube in consumer spending per user in April 2021, and now sees $6.20 per download as of June compared with YouTube’s $5.60, Sensor Tower found.
Image Credits: Sensor Tower
Spotify confirmed tests of a new ad-supported tier called Spotify Plus, which is only $0.99 per month and offers unlimited skips (like free users get on the desktop) and the ability to play the songs you want, instead of only being forced to use shuffle mode.
The company also noted in a forum posting that it’s no longer working on AirPlay2 support, due to “audio driver compatibility” issues.
Mark Cuban-backed audio app Fireside asked its users to invest in the company via an email sent to creators which didn’t share deal terms. The app has yet to launch.
YouTube kicks off its $100 million Shorts Fund aimed at taking on TikTok by providing creators with cash incentives for top videos. Creators will get bonuses of $100 to $10,000 based on their videos’ performance.
Match Group announced during its Q2 earnings it plans to add to several of the company’s brands over the next 12 to 24 months audio and video chat, including group live video, and other livestreaming technologies. The developments will be powered by innovations from Hyperconnect, the social networking company that this year became Match’s biggest acquisition to date when it bought the Korean app maker for a sizable $1.73 billion. Since then, Match was spotted testing group live video on Tinder, but says that particular product is not launching in the near-term. At least two brands will see Hyperconnect-powered integrations in 2021.
The Photo & Video category on U.S. app stores saw strong growth in the first half of the year, a Sensor Tower report found. Consumer spend among the top 100 apps grew 34% YoY to $457 million in Q2 2021, with the majority of the revenue (83%) taking place on iOS.
Image Credits: Sensor Tower
Epic Games revealed the host of its in-app Rift Tour event is Ariana Grande, in the event that runs August 6-8.
Pokémon GO influencers threatened to boycott the game after Niantic removed the COVID safety measures that had allowed people to more easily play while social distancing. Niantic’s move seemed ill-timed, given the Delta variant is causing a new wave of COVID cases globally.
Apple kicked out an app called Unjected from the App Store. The new social app billed itself as a community for the unvaccinated, allowing like-minded users to connect for dating and friendships. Apple said the app violated its policies for COVID-19 content.
Google Pay expanded support for vaccine cards. In Australia, Google’s payments app now allows users to add their COVID-19 digital certification to their device for easy access. The option is available through Google’s newly updated Passes API which lets government agencies distribute digital versions of vaccine cards.
COVID Tech Connect, a U.S. nonprofit initially dedicated to collecting devices like phones and tablets for COVID ICU patients, has now launched its own app. The app, TeleHome, is a device-agnostic, HIPAA-compliant way for patients to place a video call for free at a time when the Delta variant is again filling ICU wards, this time with the unvaccinated — a condition that sometimes overlaps with being low-income. Some among the working poor have been hesitant to get the shot because they can’t miss a day of work, and are worried about side effects. Which is why the Biden administration offered a tax credit to SMBs who offered paid time off to staff to get vaccinated and recover.
Popular journaling app Day One, which was recently acquired by WordPress.com owner Automattic, rolled out a new “Concealed Journals” feature that lets users hide content from others’ viewing. By tapping the eye icon, the content can be easily concealed on a journal by journal basis, which can be useful for those who write to their journal in public, like coffee shops or public transportation.
Recently IPO’d language learning app Duolingo is developing a math app for kids. The company says it’s still “very early” in the development process, but will announce more details at its annual conference, Duocon, later this month.
Educational publisher Pearson launched an app that offers U.S. students access to its 1,500 titles for a monthly subscription of $14.99. the Pearson+ mobile app (ack, another +), also offers the option of paying $9.99 per month for access to a single textbook for a minimum of four months.
Quora jumps into the subscription economy. Still not profitable from ads alone, Quora announced two new products that allow its expert creators to monetize their content on its service. With Quora+ ($5/mo or $50/yr), subscribers can pay for any content that a creator paywalls. Creators can choose to enable a adaptive paywall that will use an algorithm to determine when to show the paywall. Another product, Spaces, lets creators write paywalled publications on Quora, similar to Substack. But only a 5% cut goes to Quora, instead of 10% on Substack.
Google Maps on iOS added a new live location-sharing feature for iMessage users, allowing them to more easily show your ETA with friends and even how much battery life you have left. The feature competes with iMessage’s built-in location-sharing feature, and offers location sharing of 1 hour up to 3 days. The app also gained a dark mode.
Controversial crime app Citizen launched a $20 per month “Protect” service that includes live agent support (who can refer calls to 911 if need be). The agents can gather your precise location, alert your designated emergency contacts, help you navigate to a safe location and monitor the situation until you feel safe. The system of live agent support is similar to in-car or in-home security and safety systems, like those from ADT or OnStar, but works with users out in the real world. The controversial part, however, is the company behind the product: Citizen has been making headlines for launching private security fleets outside law enforcement, and recently offered a reward in a manhunt for an innocent person based on unsubstantiated tips.
Square announced its acquisition of the “buy now, pay later” giant AfterPay in a $29 billion deal that values the Australian firm at more than 30% higher than the stock’s last closing price of AUS$96.66. AfterPay has served over 16 million customers and nearly 100,000 merchants globally, to date, and comes at a time when the BNPL space is heating up. Apple has also gotten into the market recently with an Affirm partnership in Canada.
Gaming giant Zynga acquired Chinese game developer StarLark, the team behind the mobile golf game Golf Rival, from Betta Games for $525 million in both cash and stock. Golf Rival is the second-largest mobile golf game behind Playdemic’s Golf Clash, and EA is in the process of buying that studio for $1.4 billion.
U.K.-based Humanity raised an additional $2.5 million for its app that claims to help slow down aging, bringing the total raise to date to $5 million. Backers include Calm’s co-founders, MyFitness Pal’s co-founder and others in the health space. The app works by benchmarking health advice against real-world data, to help users put better health practices into action.
YELA, a Cameo-like app for the Middle East and South Asia, raised $2 million led by U.S. investors that include Tinder co-founder Justin Mateen and Sean Rad, general partner of RAD Fund. The app is focusing on signing celebrities in the regions it serves, where smartphone penetration is high and over 6% of the population is under 35.
London-based health and wellness app maker Palta raised a $100 million Series B led by VNV Global. The company’s products include Flo.Health, Simple Fasting, Zing Fitness Coach and others, which reach a combined 2.4 million active, paid subscribers. The funds will be used to create more mobile subscription products.
Emoji database and Wikipedia-like site Emojipedia was acquired by Zedge, the makers of a phone personalization app offering wallpapers, ringtones and more to 35 million MAUs. Deal terms weren’t disclosed. Emojipedia says the deal provides it with more stability and the opportunity for future growth. For Zedge, the deal provides
….um, a popular web resource it thinks it can better monetize, we suspect.
Mental health app Revery raised $2 million led by Sequoia Capital India’s Surge program for its app that combines cognitive behavioral therapy for insomnia with mobile gaming concepts. The company will focus on other mental health issues in the future.
London-based Nigerian-operating fintech startup Kuda raised a $55 million Series B, valuing its mobile-first challenger bank at $500 million. The inside round was co-led by Valar Ventures and Target Global.
Vietnamese payments provider VNLife raised $250 million in a round led by U.S.-based General Atlantic and Dragoneer Investment Group. PayPal Ventures and others also participated. The round values the business at over $1 billion.

Fans of decentralized social media efforts now have a new app. The nonprofit behind the open source decentralized social network Mastodon released an official iPhone app, aimed at making the network more accessible to newcomers. The app allows you to find and follow people and topics; post text, images, GIFs, polls, and videos; and get notified of new replies and reblogs, much like Twitter.
Xingtu
@_666eveITS SO COOL FRFR do u guys want a tutorial? #fypシ #醒图 #醒图app♬ original sound – Ian Asher
TikTok users are teaching each other how to switch over to the Chinese App Store in order to get ahold of the Xingtu app for iOS. (An Android version is also available.) The app offers advanced editing tools that let users edit their face and body, like FaceTune, apply makeup, add filters and more. While image-editing apps can be controversial for how they can impact body acceptance, Xingtu offers a variety of artistic filters which is what’s primarily driving the demand. It’s interesting to see the lengths people will go to just to get a few new filters for their photos — perhaps making a case for Instagram to finally update its Post filters instead of pretending no one cares about their static photos anymore.
Facebook still dominating top charts, but not the No. 1 spot:
Not cool, Apple:
This user acquisition strategy:
Maybe Stories don’t work everywhere:
Powered by WPeMatico
Typically when we talk about tech and security, the mind naturally jumps to cybersecurity. But equally important, especially for global companies with large, multinational organizations, is physical security — a key function at most medium-to-large enterprises, and yet one that to date, hasn’t really done much to take advantage of recent advances in technology. Enter Base Operations, a startup founded by risk management professional Cory Siskind in 2018. Base Operations just closed their $2.2 million seed funding round and will use the money to capitalize on its recent launch of a street-level threat mapping platform for use in supporting enterprise security operations.
The funding, led by Good Growth Capital and including investors like Magma Partners, First In Capital, Gaingels and First Round Capital founder Howard Morgan, will be used primarily for hiring, as Base Operations looks to continue its team growth after doubling its employe base this past month. It’ll also be put to use extending and improving the company’s product and growing the startup’s global footprint. I talked to Siskind about her company’s plans on the heels of this round, as well as the wider opportunity and how her company is serving the market in a novel way.
“What we do at Base Operations is help companies keep their people in operation secure with ‘Micro Intelligence,’ which is street-level threat assessments that facilitate a variety of routine security tasks in the travel security, real estate and supply chain security buckets,” Siskind explained. “Anything that the chief security officer would be in charge of, but not cyber — so anything that intersects with the physical world.”
Siskind has firsthand experience about the complexity and challenges that enter into enterprise security since she began her career working for global strategic risk consultancy firm Control Risks in Mexico City. Because of her time in the industry, she’s keenly aware of just how far physical and political security operations lag behind their cybersecurity counterparts. It’s an often overlooked aspect of corporate risk management, particularly since in the past it’s been something that most employees at North American companies only ever encounter periodically when their roles involve frequent travel. The events of the past couple of years have changed that, however.
“This was the last bastion of a company that hadn’t been optimized by a SaaS platform, basically, so there was some resistance and some allegiance to legacy players,” Siskind told me. “However, the events of 2020 sort of turned everything on its head, and companies realized that the security department, and what happens in the physical world, is not just about compliance — it’s actually a strategic advantage to invest in those sort of services, because it helps you maintain business continuity.”
The COVID-19 pandemic, increased frequency and severity of natural disasters, and global political unrest all had significant impact on businesses worldwide in 2020, and Siskind says that this has proven a watershed moment in how enterprises consider physical security in their overall risk profile and strategic planning cycles.
“[Companies] have just realized that if you don’t invest [in] how to keep your operations running smoothly in the face of rising catastrophic events, you’re never going to achieve the profits that you need, because it’s too choppy, and you have all sorts of problems,” she said.
Base Operations addresses this problem by taking available data from a range of sources and pulling it together to inform threat profiles. Their technology is all about making sense of the myriad stream of information we encounter daily — taking the wash of news that we sometimes associate with “doom-scrolling” on social media, for instance, and combining it with other sources using machine learning to extrapolate actionable insights.
Those sources of information include “government statistics, social media, local news, data from partnerships, like NGOs and universities,” Siskind said. That data set powers their Micro Intelligence platform, and while the startup’s focus today is on helping enterprises keep people safe, while maintaining their operations, you can easily see how the same information could power everything from planning future geographical expansion, to tailoring product development to address specific markets.
Siskind saw there was a need for this kind of approach to an aspect of business that’s essential, but that has been relatively slow to adopt new technologies. From her vantage point two years ago, however, she couldn’t have anticipated just how urgent the need for better, more scalable enterprise security solutions would arise, and Base Operations now seems perfectly positioned to help with that need.
Powered by WPeMatico
One week to the U.S. presidential election and things are getting spicy.
It’s not just the rhetoric — hackers are actively working to disrupt the election, officials have said, and last week they came with a concrete example and an unusually quick pointing of blame.
On Wednesday night, Director of National Intelligence John Ratcliffe blamed Iran for an email operation designed to intimidate voters in Florida into voting for President Trump “or else.” Ratcliffe, who didn’t take any questions from reporters and has been accused of politicizing the typically impartial office, said Iran had used voter registration data — which is largely public in the U.S. — to send emails that looked like they came from the far-right group the Proud Boys. Google security researchers also linked the campaign to Iran, which denied claims of its involvement. It’s estimated about 2,500 emails went through in the end, with the rest getting caught in spam filters.
The announcement was lackluster in detail. But experts like John Hultquist, who heads intelligence analysis at FireEye-owned security firm Mandiant, said the incident is “clearly aimed at undermining voter confidence,” just as the Russians attempted during the 2016 election.
The hackers who broke into Twitter’s network used a fake VPN page to steal the credentials — and two-factor authentication code — of an employee, an investigation by New York’s Department of Financial Affairs found. The state tax division got involved after the hackers then hijacked user accounts using an internal “admin tool” to spread a cryptocurrency scam.
In a report published last week, the department said the hackers called several Twitter employees and used social engineering to trick one employee into entering their username and password on a site that looked like the company’s VPN portal, which most employees use to access the network from home during the pandemic.
Twitter Hack Update: We knew the attackers used the phone & pretended to be IT Support, but now we know the criminals specifically said they were calling about VPN issues, taking advantage of COVID-19 remote work strain. Sadly, these pretexts work often. https://t.co/kKe8XO3MCJ pic.twitter.com/fpE6Afcij1
— Rachel Tobac (@RachelTobac) October 20, 2020
“As the employee entered their credentials into the phishing website, the hackers would simultaneously enter the information into the real Twitter website. This false log-in generated a [two-factor authentication] notification requesting that the employees authenticate themselves, which some of the employees did,” wrote the report. Once onto the network using the employee’s VPN credentials, the hackers used that access to investigate how to access the company’s internal tools.
Twitter said in September that its employees would receive hardware security keys, which would make it far more difficult for a repeat phishing attack to be successful.
Powered by WPeMatico
This week saw protests spread across the world sparked by the murder of George Floyd, an unarmed Black man, killed by a white police officer in Minneapolis last month.
The U.S. hasn’t seen protests like this in a generation, with millions taking to the streets each day to lend their voice and support. But they were met with heavily armored police, drones watching from above, and “covert” surveillance by the federal government.
That’s exactly why cybersecurity and privacy is more important than ever, not least to protect law-abiding protesters demonstrating against police brutality and institutionalized, systemic racism. It’s also prompted those working in cybersecurity — many of which are former law enforcement themselves — to check their own privilege and confront the racism from within their ranks and lend their knowledge to their fellow citizens.
The Justice Department has granted the Drug Enforcement Administration, typically tasked with enforcing federal drug-related laws, the authority to conduct “covert surveillance” on protesters across the U.S., effectively turning the civilian law enforcement division into a domestic intelligence agency.
The DEA is one of the most tech-savvy government agencies in the federal government, with access to “stingray” cell site simulators to track and locate phones, a secret program that allows the agency access to billions of domestic phone records, and facial recognition technology.
Lawmakers decried the Justice Department’s move to allow the DEA to spy on protesters, calling on the government to “immediately rescind” the order, describing it as “antithetical” to Americans’ right to peacefully assembly.
Powered by WPeMatico
If only Facebook had been using the kind of technology that TechCrunch Startup Battlefield alumnus D-ID was pitching, it could have avoided exposing all of our faces to privacy destroying software services like Clearview AI.
At least, that’s the pitch that D-ID’s founder and chief executive, Gil Perry, makes when he’s talking about the significance of his startup’s technology.
D-ID, which stands for de-identification, is a pretty straightforward service that’s masking some highly involved and very advanced technology to blur digital images so they can’t be cross-referenced to determine someone’s identity.
It’s a technology whose moment has come as governments and private companies around the world ramp up their use of surveillance technologies as the world adjusts to a new reality in the wake of the COVID-19 epidemic.
“Governments around the world and organizations have used this new reality basically as an excuse for mass surveillance,” says Perry. His own government has used a track and trace system that monitors interactions between Israeli citizens using cell phone location data to determine whether anyone had been in contact with a person who had COVID-19.
While awareness of the issue may be increasing among consumers and regulators alike, the damage has, in many cases, already been done. Social media companies have already had their troves of images scraped by companies like Clearview AI, ClearView, HighQ and NTechLabs, and much of our personal information is already circulating online.
D-ID is undeterred. Founded by Perry and two other members of the Israeli army’s cybersecurity and offensive cyber unit, 8200, Sella Blondheim and Eliran Kuta, D-ID thinks the need for anonymizing technologies will continue to expand — thanks to new privacy legislation in Europe and certain states in the U.S.
Meanwhile, the company is also exploring other applications for its technology. The services that D-ID uses to mask and blur faces can also be used to create deepfakes of images and video.
The market for these types of digital manipulations are still in their earliest days, according to Perry. Still, the company’s pitch managed to intrigue new lead investor AXA Ventures, which joined backers including Pitango, Y Combinator, AI Alliance, Hyundai, Omron, Maverick (U.S.) and Mindset, to participate in the company’s $13.5 million round.
D-ID already sees demand coming from automakers who want to use the technology to anonymize their driving monitoring systems — enabling them to record drivers’ reactions, but not any public identifying information. Security technologies that monitor for threats are another potential customer, according to the company. While closed circuit television monitors a physical space, it doesn’t need to collect the identifying information of people entering and exiting buildings.
“The convergence of increased surveillance and individual privacy protection places enterprises in a position where they must either anonymize their stored footage or risk violating privacy laws and face costly penalties.” said Blondheim.
The technical wizardry that D-ID has mastered is impressive — and a necessary defensive tool to ensure privacy in the modern world, according to its founders. Consumers are demanding it, according to D-ID’s chief executive.
“Privacy awareness and the importance of privacy enhancing technologies have increased,” Perry said.
Powered by WPeMatico
Sixgill, an Israeli cyberthreat intelligence company that specializes in monitoring the deep and dark web, today announced that it has raised a $15 million funding round led by Sonae IM, a fund based in Portugal, and London-based REV Venture Partners. Crowdfunding platform OurCrowd also participated in the round, as did previous investors Elron and Terra Venture Partners.
According to Crunchbase, this brings the company’s total funding to $21 million to date.
Sixgill, which was founded in 2014, plans to use the new funding to expand its efforts in North America, EMEA and APAC. In addition to expanding its geographic focus, Sixgill plans to expand its product’s capabilities, including its Dynamic CVE Rating.

Its current customer base mostly includes large enterprises, law enforcement and other government agencies, as well as other security providers.
Given its focus, that client list doesn’t come as a surprise. The company uses its technology to automatically monitor dark web forums and marketplaces for potential threats and then find those that could affect its clients. Users can either access Sixgill through its SaaS platform or install it on-premises. For enterprises and agencies that don’t have their own staff to run the service, Sixgills also offers access to its internal analysts.
“Sixgill uses advanced automation and artificial intelligence technologies to provide accurate, contextual intelligence to customers. The solution integrates seamlessly into the platforms that security teams use to orchestrate, automate, and manage security events,” said Sharon Wagner, CEO of Sixgill. “The market has made it clear that Sixgill has built a powerful real-time engine for more effective handling of the rapidly expanding threat landscape; this investment will position us for significant growth and expansion in 2020.”
Powered by WPeMatico
Europe’s competition commissioner Margrethe Vestager, set for a dual role in the next Commission, faced three hours of questions from members of four committees in the European Parliament this afternoon, as MEPs got their chance to interrogate her priorities for a broader legislative role that will shape pan-EU digital strategy for the next five years.
As we reported last month, Vestager is headed for an expanded role in the incoming European Commission with president-elect Ursula von der Leyen picking her as an executive VP overseeing a new portfolio called “Europe fit for the digital age.”
She is also set to retain her current job as competition commissioner. And a question she faced more than once during today’s hearing in front of MEPs, who have a confirming vote on her appointment, was whether the combined portfolio wasn’t at risk of a conflict of interest?
Or whether she “recognized the tension between objective competition enforcement and industrial policy interests in your portfolio,” as one MEP put it, before asking whether she would “build Chinese walls” within it to avoid crossing the streams of enforcement and policymaking.
Vestager responded by saying it was the first question she’d asked herself on being offered the role — before laying out flat reasoning that “the independence in law enforcement is non-negotiable.”
“It has always been true that the commissioner for competition has been part of the College. And every decision we take also in competition is a collegial decision,” she said. “What justifies that is of course that every decision is subject to not one but 2x legal scrutiny if need be. And the latest confirmation of this set up was two judgments in 2011 — where it was looked into whether this set up… is in accordance with our human rights and that has been found to be so. So the set up, as such, is as it should be.”
The commissioner and commissioner-designate responded capably to a wide range of questions reflecting the broad span of her new responsibilities — fielding questions on areas including digital taxation; platform power and regulation; a green new deal; AI and data ethics; digital skills and research; and small business regulation and funding, as well as queries around specific pieces of legislation (such as ePrivacy and Copyright Reform).
Climate change and digital transformation were singled out in her opening remarks as two of Europe’s biggest challenges — ones she said will require both joint working and a focus on fairness.
“Europe is filled with highly skilled people, we have excellent infrastructure, fair and effective laws. Our Single Market gives European businesses the room to grow and innovate, and be the best in the world at what they do,” she said at the top of her pitch to MEPs. “So my pledge is not to make Europe more like China, or America. My pledge is to help make Europe more like herself. To build on our own strengths and values, so our society is both strong and fair. For all Europeans.”
In her opening remarks Vestager said that if confirmed she will work to build trust in digital services — suggesting regulation on how companies collect, use and share data might be necessary to ensure people’s data is used for public good, rather than to concentrate market power.
It’s a suggestion that won’t have gone unnoticed in Silicon Valley.
“I will work on a Digital Services Act that includes upgrading our liability and safety rules for digital platforms, services and products,” she pledged. “We may also need to regulate the way that companies collect and use and share data — so it benefits the whole of our society.”
“As global competition gets tougher we’ll need to work harder to preserve a level playing field,” she also warned.
But asked directly during the hearing whether Europe’s response to platform power might include breaking up overbearing tech giants, Vestager signaled caution — saying such an intrusive intervention should only be used as a last resort, and that she has an obligation to try less drastic measures first. (It’s a position she’s set out before in public.)
“You’re right to say fines are not doing the trick and fines are not enough,” she said in response to one questioner on the topic. Another MEP complained fines on tech giants are essentially just seen as an “operating expense.”
Vestager went on to cite the Google AdSense antitrust case as an example of enforcement that hasn’t succeeded because it has failed to restore competition. “Some of the things that we will of course look into is do we need even stronger remedies for competition to pick up in these markets,” she said. “They stopped their behavior. That’s now two years ago. The market hasn’t picked up. So what do we do in those kind of cases? We have to consider remedies that are much more far reaching.
“Also before we reach for the very, very far reaching remedy to break up a company — we have that tool in our toolbox but obviously it is very far reaching… My obligation is to ensure that we do the least intrusive thing in order to make competition come back. And in that respect, obviously, I am willing to explore what do we need more, in competition cases, for competition to come back.”
Competition law enforcers in Europe will have to consider how to make sure rules enforce fair competition in what Vestager described as a “new phenomenon” of “competition for a market, not just in a market” — meaning that whoever wins the competition becomes “the de facto rule setter in this market.”
Regulating platforms on transparency and fairness is something on which European legislators have already agreed — earlier this year. Though that platform to business regulation has yet to come into force. “But it will also be a question for us as competition law enforcers,” Vestager told MEPs.
Making use of existing antitrust laws but doing so with greater speed and agility, rather than a drastic change of competition approach, appeared to be her main message — with the commissioner noting she’d recently dusted off interim measures in an ongoing case against chipmaker Broadcom; the first time such an application has been made for 20 years.
“It’s a good reflection of the fact that we find it a very high priority to speed up what we do,” she said, adding: “There’s a limit as to how fast law enforcement can work, because we will never compromise on due process — on the other hand we should be able to work as fast as possible.”
Her responses to MEPs on platform power favored greater regulation of digital markets (potentially including data), markets which have become dominated by data-gobbling platforms — rather than an abrupt smashing of the platforms themselves. So not an Elizabeth Warren “existential” threat to big tech, then, but from a platform point of view Vestager’s preferred approach might just sum to death by a thousand legal cuts.
“One of course could consider what kind of tools do we need?,” she opined, talking about market reorganization as a means of regulating platform power. “[There are] different ways of trying to re-organize a marketplace if the competition authority finds that the way it’s working is not beneficial for fair competition. And those are tools that can be considered in order to sort of re-organize before harm is done. Then you don’t punish because no infringement is found but you can give very direct almost orders… as to how a market should be organized.”
On artificial intelligence — which the current Commission has been working on developing a framework for ethical design and application — Vestager’s opening remarks contained a pledge to publish proposals for this framework — to “make sure artificial intelligence is used ethically, to support human decisions and not undermine them” — and to do so within her first 100 days in office.
That led one MEP to question whether it wasn’t too ambitious and hasty to rush to control a still emerging technology. “It is very ambitious,” she responded. “And one of the things that I think about a lot is of course if we want to build trust then you have to listen.
“You cannot just say I have a brilliant idea, I make it happen all over. You have to listen to people to figure out what would be the right approach here. Also because there is a balance. Because if you’re developing something new then — exactly as you say — you should be very careful not to over-regulate.
“For me, to fulfill these ambitions, obviously we need the feedback from the many, many businesses who have taken upon them to use the assessment list and the principles [recommended by the Commission’s HLEG on AI] of how to create AI you can trust. But I also think, to some degree, we have to listen fast. Because we have to talk with a lot of different people in order to get it right. But it is a reflection of the fact that we are in hurry. We really need to get our AI strategy off the ground and these proposals will be part of that.”
Europe could differentiate itself — and be “a world leader” — by developing “AI with a purpose,” Vestager suggested, pointing to potential applications for the tech such as in healthcare, transportation and combating climate change, which she said would also work to further European values.
“I don’t think that we can be world leaders without ethical guidelines,” she said of AI. “I think we will lose it if we just say no let’s do as they do in the rest of the world — let’s pool all the data from everyone, no matter where it comes from, and let’s just invest all our money. I think we will lose out because the AI you create because you want to serve humans. That’s a different sort of AI. This is AI with a purpose.”
On digital taxation — where Vestager will play a strategic role, working with other commissioners — she said her intention is to work toward trying to achieve global agreement on reforming rules to take account of how data and profits flow across borders. But if that’s not possible she said Europe is prepared to act alone — and quickly — by the end of 2020.
“Surprising things can happen,” she said, discussing the challenge of achieving even an EU-wide consensus on tax reform, and noting how many pieces of tax legislation have already been passed in the European Council by unanimity. “So it’s not undoable. The problem is we have a couple of very important pieces of legislation that have not been passed.
“I’m still kind of hopeful in the working way that we can get a global agreement on digital taxation. If that is not the case, obviously we will table and push for a European solution. And I admire the Member States who’ve said we want a European or global solution, but if that isn’t to be we’re willing to do that by ourselves in order to be able to answer to all the businesses who pay their taxes.”
Vestager also signaled support for exploring the possibility of amending Article 116 of the Treaty on the Functioning of the EU, which relates to competition-based distortion of the internal market, in order to enable tax reform to be passed by a qualified majority, instead of unanimously — as a potential strategy for getting past the EU’s own current blocks to tax reform.
“I think definitely we should start exploring what would that entail,” she said in response to a follow-up question. “I don’t think it’s a given that it would be successful, but it’s important that we take the different tools that the treaty gives us and use these tools if need be.”
During the hearing she also advocated for a more strategic use of public procurement by the EU and Member States — to push for more funding to go into digital research and business innovation that benefits common interests and priorities.
“It means working together with Member States on important projects of common European interest. We will bring together entire value chains, from universities, suppliers, manufacturers all the way to those who recycle the raw material that is used in manufacturing,” she said.
“Public procurement in Europe is… a lot of money,” she added. “And if we also use that to ask for solutions well then we can have also maybe smaller businesses to say I can actually do that. So we can make an artificial intelligence strategy that will push in all different sectors of society.”
She also argued that Europe’s industrial strategy needs to reach beyond its own Single Market — signaling a tougher approach to market access to those outside the bloc.
And implying she might favor less of a free-for-all when it comes to access to publicly funded data — if the value it contains risks further entrenching already data-rich, market-dominating giants at the expense of smaller local players.
“As we get more and more interconnected, we are more dependent and affected by decisions made by others. Europe is the biggest trading partner of some 80 countries, including China and the U.S. So we are in a strong position to work for a level global playing field. This includes pursuing our proposal to reform the World Trade Organization. It includes giving ourselves the right tools to make sure that foreign state ownership and subsidies do not undermine fair competition in Europe,” she said.
“We have to figure out what constitutes market power,” she went on, discussing how capacity to collect data can influence market position, regardless of whether it’s directly linked to revenue. “We will expand our insights as to how this works. We have learned a lot from some of the merger cases that we have been doing to see how data can work as an asset for innovation but also as a barrier to entry. Because if you don’t have the right data it’s very difficult to produce the services that people are actually asking for. And that becomes increasingly critical when it comes to AI. Because once you have it then you can do even more.
“I think we have to discuss what we do with all the amazing publicly funded data that we make available. It’s not to be overly biblical but we shouldn’t end up in a situation where ‘those who have shall more be given.’ If you have a lot already then you also have the capabilities and the technical insight to make very good use of it. And we do have amazing data in Europe. Just think about what can be assessed in our supercomputers… they are world-class… And second when it comes to both [EU sat-nav] Galileo and [earth observation program] Copernicus. Also here data is available. Which is an excellent thing for the farmer doing precision farming and saving in pesticides and seeds and all of that. But are really happy that we also make it available for those who could actually pay for it themselves?
“I think that is a discussion that we will have to have — to make sure that not just the big ones keep taking for themselves but the smaller ones having a fair chance.”
During the hearing Vestager was also asked whether she supported the controversial EU copyright reform.
She said she supports the “compromise” achieved — arguing that the legislation is important to ensure artists are rewarded for the work they do — but stressed that it will be important for the incoming Commission to ensure Member States’ implementations are “coherent” and that fragmentation is avoided.
She also warned against the risk of the same “divisive” debates being reopened afresh, via other pieces of legislation.
“I think now that the copyright issue has been settled it shouldn’t be reopened in the area of the Digital Services Act,” she said. “I think it’s important to be very careful not to do that because then we would lose speed again when it comes to actually making sure there is remuneration for those who hold copyright.”
Asked in a follow-up question how, as the directive gets implemented by EU Member States, she will ensure freedom of speech is protected from upload filter technologies — which is what critics of the copyright reform argue the law effectively demands that platforms deploy — Vestager hedged, saying: “[It] will take a lot of discussions and back and forth between Member States and Commission, probably. Also this parliament will follow this very closely. To make sure that we get an implementation in Member States that are similar.”
“One has to be very careful,” she added. “Some of the discussions that we had during the adoption of the copyright directive will come back. Because these are crucial debates. Because it’s a debate between the freedom of speech and actually protecting people who have rights. Which is completely justified… Just as we have fundamental values we also have fundamental discussions because it’s always a balancing act how to get this right.”
The commissioner also voiced support for passing the ePrivacy Regulation. “It will be high priority to make sure that we’re able to pass that,” she told MEPs, dubbing the reform an important building block.
“One of the things I hope is that we don’t just always decentralize to the individual citizens,” she added. “Now you have rights, now you just go and force them. Because I know I have rights but one of my frustrations is how to enforce them? Because I am to read page after page after page and if I’m not tired and just forget about it then I sign up anyway. And that doesn’t really make sense. We still have to do more for people to feel empowered to protect themselves.”
She was also asked for her views on adtech-driven microtargeting — as a conduit for disinformation campaigns and political interference — and more broadly as so-called “surveillance capitalism.” “Are you willing to tackle adtech-driven business models as a whole?,” she was asked by one MEP. “Are you willing to take certain data exploitation practices like microtargeting completely off the table?”
Hesitating slightly before answering, Vestager said: “One of the things I have learned from surveillance capitalism and these ideas is it’s not you searching Google it is Google searching you. And that gives a very good idea about not only what you want to buy but also what you think. So we have indeed a lot to do. I am in complete agreement with what has been done so far — because we needed to do something fast. So the Code of Practice [on disinformation] is a very good start to make sure that we get things right… So I think we have a lot to build on.
“I don’t know yet what should be the details of the Digital Services Act. And I think it’s very important that we make the most of what we have since we’re in a hurry. Also to take stock of what I would call digital citizens’ rights — the GDPR [General Data Protection Regulation] — that we can have national authorities enforce that in full, and hopefully also to have a market response so that we have privacy by design and being able to choose that. Because I think it’s very important that we also get a market response to say, well, you can actually do things in a very different way than just to allow yourself to feel forced to sign up to whatever terms and conditions that are put in front of you.
“I myself find it very thought-provoking if you have the time just once in a while to read the T&Cs now when they are obliged, thanks to this parliament, to write in a way that you can actually understand that makes it even more scary. And very often it just makes me think, thanks but no thanks. And that of course is the other side of that coin. Yes, regulation. But also us as citizens to be much more aware of what kind of life we want to live and what kind of democracy we want to have. Because it cannot just be digital. Then I think we will lose it.”
In her own plea to MEPs, Vestager urged them to pass the budget so that the Commission can get on with all the pressing tasks in front of it. “We have proposed that we increase our investments quite a lot in order to be able to do all this kind of stuff,” she said.
“First things first, I’m sorry to say this, we need the money. We need funding. We need the programs. We need to be able to do something so that people can see that businesses can use funds to invest in innovation, so that researchers can make their networks work all over Europe. That they get the funding actually to get there. And in that respect I hope that you will help push for the multi-annual financial framework to be in place. I don’t think that Europeans have any patience for us when it comes to these different things that we would like to be real. That is now, that is here.”
Powered by WPeMatico
How do you keep your startup secure?
That’s the big question we explored at TC Sessions: Enterprise earlier this month. No matter the size, every startup is an enterprise. Every startup will grow in size as it builds out. But as a company expands, that rapid growth can lead to a distraction from the foundational principle of any modern company — keeping it secure.
Security isn’t just a buzzword. As some of the largest companies in Silicon Valley have shown, security can be difficult. From storing passwords in plaintext to data breaches galore, how can startups learn from some of the biggest security lapses in the tech industry’s history?
Our panel consisted of three of the brightest minds in enterprise security: Wendy Nather, head of advisory CISOs at Duo Security, is an enterprise security expert; Martin Casado, general partner at Andreessen Horowitz, is a security and enterprise startup investor; and Emily Heath, United’s chief information security officer, oversees the security operations of the largest U.S. airlines.
This is what advice they had.
Powered by WPeMatico
In 2017 — for the first time in over a decade — a computer worm ran rampage across the internet, threatening to disrupt businesses, industries, governments and national infrastructure across several continents.
The WannaCry ransomware attack became the biggest threat to the internet since the Mydoom worm in 2004. On May 12, 2017, the worm infected millions of computers, encrypting their files and holding them hostage to a bitcoin payment.
Train stations, government departments, and Fortune 500 companies were hit by the surprise attack. The U.K.’s National Health Service (NHS) was one of the biggest organizations hit, forcing doctors to turn patients away and emergency rooms to close.
Earlier this week we reported a deep-dive story into the 2017 cyberattack that’s never been told before.
British security researchers — Marcus Hutchins and Jamie Hankins — registered a domain name found in WannaCry’s code in order to track the infection. It took them three hours to realize they had inadvertently stopped the attack dead in its tracks. That domain became the now-infamous “kill switch” that instantly stopped the spread of the ransomware.
As long as the kill switch remains online, no computer infected with WannaCry would have its files encrypted.
But the attack was far from over.
In the days following, the researchers were attacked from an angry botnet operator pummeling the domain with junk traffic to try to knock it offline and two of their servers were seized by police in France thinking they were contributing to the spread of the ransomware.
Worse, their exhaustion and lack of sleep threatened to derail the operation. The kill switch was later moved to Cloudflare, which has the technical and infrastructure support to keep it alive.
Hankins described it as the “most stressful thing” he’s ever experienced. “The last thing you need is the idea of the entire NHS on fire,” he told TechCrunch.
Although the kill switch is in good hands, the internet is just one domain failure away from another massive WannaCry outbreak. Just last month two Cloudflare failures threatened to bring the kill switch domain offline. Thankfully, it stayed up without a hitch.
CISOs and CSOs take note: here’s what you need to know.
Powered by WPeMatico
Technology has been used to manage regulatory risk since the advent of the ledger book (or the Bloomberg terminal, depending on your reference point). However, the cost-consciousness internalized by banks during the 2008 financial crisis combined with more robust methods of analyzing large datasets has spurred innovation and increased efficiency by automating tasks that previously required manual reviews and other labor-intensive efforts.
So even if RegTech wasn’t born during the financial crisis, it was probably old enough to drive a car by 2008. The intervening 11 years have seen RegTech’s scope and influence grow.
RegTech startups targeting financial services, or FinServ for short, require very different growth strategies — even compared to other enterprise software companies. From a practical perspective, everything from the security requirements influencing software architecture and development to the sales process are substantially different for FinServ RegTechs.
The most successful RegTechs are those that draw on expertise from security-minded engineers, FinServ-savvy sales staff as well as legal and compliance professionals from the industry. FinServ RegTechs have emerged in a number of areas due to the increasing directives emanating from financial regulators.
This new crop of startups performs sophisticated background checks and transaction monitoring for anti-money laundering purposes pursuant to the Bank Secrecy Act, the Office of Foreign Asset Control (OFAC) and FINRA rules; tracks supervision requirements and retention for electronic communications under FINRA, SEC, and CFTC regulations; as well as monitors information security and privacy laws from the EU, SEC, and several US state regulators such as the New York Department of Financial Services (“NYDFS”).
In this article, we’ll examine RegTech startups in these three fields to determine how solutions have been structured to meet regulatory demand as well as some of the operational and regulatory challenges they face.
Powered by WPeMatico