Connect with us

Technology

Google herds FLoC back to the lab for undisclosed ad tech modifications • The Register

Voice Of EU

Published

on

Google has decided to let the initial test of its FLoC ad technology conclude in a few days to work on improvements but isn’t inclined to share feedback from test participants.

Privacy advocates would prefer if the online ad giant provided more insight into the test results, since Google’s ongoing ad infrastructure rewrite affects every internet business and internet user, not to mention the digital ad industry generating $350bn annually.

FLoC stands for Federated Learning of Cohorts and promises a way to divide browser users into interest groups so they can be presented with interest-based ads without revealing personal information to advertisers. It’s one proposal among many, collectively referred to as the Privacy Sandbox, intended to repackage targeted advertising technology so it can continue amid tighter privacy laws and technical limitations like the eventual discontinuation of third-party cookies.

Google last month bought itself another year-and-a-half or so to develop and deploy its Privacy Sandbox systems by pushing back the date when it will drop support for third-party cookies – a current mechanism by which ads get targeted that has fallen out of favor. And it now appears the search ad giant intends to take advantage of the extra time to make its Privacy Sandbox less of a sieve.

Google’s FLoC “Origin Trial,” which began in March, is set to conclude on July 13. During that period, things have not gone well. Privacy advocates have spotted potential concerns and rival browser makers have declared their disinterest in the technology.

While those participating in the trial – web publishers, ad tech companies, and the like – have expressed interest in extending the test, Google opted to retreat and regroup.

“We’ve decided not to extend this initial Origin Trial,” said senior software engineer Josh Karlin in a forum post last week. “Instead, we’re hard at work on improving FLoC to incorporate the feedback we’ve heard from the community before advancing to further ecosystem testing.”

F-words all round

Then on Wednesday, in a Web Commerce Interest Group (WCIG) meeting on a related Privacy Sandbox proposal called First Locally-Executed Decision over Groups Experiment (FLEDGE), Google mathematician Michael Kleber said while comments about FLoC made through public channels exist, the company doesn’t intend to disclose private feedback from those testing the technology.

“The main summary of that feedback will be the next version, and you can surmise based on what features (and the reasoning for these changes) are available in the next version,” Kleber explained, according to the meeting transcript.

Via Twitter, Dr Lukasz Olejnik, independent privacy researcher and consultant, questioned that approach, asking whether the public is just supposed to guess what was said by interpreting technical changes.

Kleber responded, “We write extensively about all the design aspects of our proposals! And we get lots of feedback, which is often public. But when people give us private feedback, we don’t publish it.”

In an email to The Register, Olejnik said the frontal critique of FLoC has clearly made a strong impression and that he expects Google’s design and development teams will take advantage of the extra time to revise the technology.

“FloC greatly suffered due to an apparent lack of coherent PR/communications, or ideas for the privacy lines to adopt,” he said. “It may also seem as if some strategic mistakes happened here as well. [Whether that’s] because of the initial desire to move at an impressively rapid pace is anyone’s guess.”

Olejnik said he wondered whether it makes sense to not describe the nature of changes made to the Privacy Sandbox in response to feedback. “I would consider that such explanations would be helpful, and leaving analysts to decipher the rationale from the design decisions is pretty non-transparent,” he said.

‘Tone deaf and too clever by half’

In a phone interview with The Register, Ashkan Soltani, a privacy researcher and former Federal Trade Commission technologist, said Google’s approach to FLoC was typical for the company, “tone deaf and too clever by half in that it tries to engineer a solution to a human problem and misses the mark.”

The issue people have is not with cookies per se, he said, “the thing people take issue with is the passive collection and inference of their preferences. FLoC does that by default and broadcasts those to more sites because it’s based on a first-party context. It further perpetuates a business model that people have problems with.”

The challenge Google faces to have people accept its Privacy Sandbox vision is that the regulatory and competitive environment is a lot more complicated now than it was when the web was being invented and technical decisions could be made by fiat.

Soltani pointed to how the decision of a single Netscape engineer to allow third-party cookies to be set by default laid the groundwork for the ad industry.

“For better or worse, the negative externalities and problems the industry created with privacy and divisive content, all those things weren’t pondered at the time,” he explained. “Now those decisions need to be more careful. Where you draw that line and how you draw that line affects billions of dollars.”

Further complicating the situation is pushback from existing ad tech companies that profit from the status quo. Soltani pointed to the efforts of James Roswell, CEO of data service biz 51degrees, to shape web standards in a way that suits marketers.

“His group is responsible for the lawsuit [against Google] by the UK Competition and Markets Authority (CMA),” said Soltani. “He has been incredibly successful and problematic in the W3C process in terms of finding ways to disrupt and undermine the standards making process.”

Soltani also pointed out that the W3C leadership has been trying to expand its dues paying membership, which has brought more ad tech firms into the standards-making process.

That’s made the voices of the few organizations advocating for internet users harder to hear. And one of those organizations, Mozilla, has become less vigorous in its defense of privacy.

“Mozilla has been slow to adapt and has not engaged,” Soltani said, attributing the shift in part to layoffs that affected its policy team. “It’s been playing a wait-and-see strategy. The one saving grace [in terms of user-focused advocacy in the standards process] has been Apple and folks like [WebKit engineer] John Wilander.”

“You can’t be blind to the fact that who can participate [in the standards process] and how much time they have will dictate outcomes,” he said. “At the end of the day, I do think while standards are important, as they bleed into policy debates, there’s a question to the transparency and legitimacy of the standards making process if it’s skewed to [W3C] members.”

In other words, if there are concerns about FLoC, perhaps they should be disclosed to the public and addressed in the open. ®



Source link

Technology

UK competition watchdog unveils advice for antivirus firms • The Register

Voice Of EU

Published

on

The UK’s Competition and Markets Authority (CMA) has unveiled compliance principles to curb locally some of the sharper auto-renewal practices of antivirus software firms.

The move follows the watchdog baring its teeth at McAfee and Norton over the issue of automatically renewing contracts.

The CMA took exception to auto-renewal contracts for antivirus software that customers in the UK signed up for and found difficult to cancel. Refunds and clearer pricing information (including making sure consumers were aware that year two could well end up considerably costlier than the first) were the order of the day.

Today’s principles build on that work, and are aimed at helping antivirus companies toe the line where UK consumer law is concerned. They are a bit more detailed than a simple “stop being horrid.”

The focus remains on auto-renewing contracts, where a customer signs up for a fixed period, then is charged again for subsequent periods. The CMA acknowledges that such arrangements are convenient, but they risk the consumer being locked into an agreement they no longer want or that they get stung with higher fees at renewal time.

While the principles are intended to be helpful, lurking in the background is consumer law and the threat of a potential trip to court for vendors stepping out of line.

First up comes a requirement to make sure customers are informed about auto-renewal, rather than hiding the detail in an End User Licence Agreement (EULA) or burying it in hard-to-read text through which a user must scroll.

Price claims must be “accurate” and “not mislead your customers” – so only show discounts against the normal price. It must also be possible to turn off the auto-renew easily, keep auto-renew turned off once it is off and, if on, make sure customers are reminded in good time that an auto-renew will happen.

Getting a refund must be easier and customers should be able to change their mind when auto-renewal happens. If the customer has stopped using the product, safeguards are needed around auto-renewal.

The last principle could pose a few challenges – how does a vendor become aware that a customer is not using its product? The suggestion from the CMA is to check if software updates are being received rather than simply charging users year after year.

The Register contacted McAfee and Norton for their thoughts on the principles, and will update should the companies respond. ®

Source link

Continue Reading

Technology

Grocery start-up Gorillas raises nearly $1bn in round led by Delivery Hero

Voice Of EU

Published

on

Just a few months after hitting unicorn status, Gorillas has raised another major round of funding from big-name investors.

German start-up Gorillas has raised nearly $1bn to expand its on-demand grocery delivery business.

The Series C funding round was led by Delivery Hero, the German food and grocery delivery giant that recently took a stake in Deliveroo.

Gorillas also received backing from existing investors including Coatue Management, DST Global and Tencent, as well as new investors G Squared, Alanda Capital, Macquarie Capital, MSA Capital and Thrive Capital.

The fresh funding comes just a few months after the company’s $290m Series B, which brought its valuation to more than $1bn.

Gorillas was founded in Berlin in 2020 by Kağan Sümer and Jörg Kattner, promising grocery deliveries in as little as 10 minutes.

It now operates more than 180 warehouses and has expanded to more than 55 cities in nine countries, including Amsterdam, London, Paris, Madrid, New York and Munich.

The company plans to use the latest funding for its next phase of development. This includes reinforcing its footprint in existing markets and investing in operations, technology and marketing.

“The size of today’s funding round by an extraordinary investment consortium underscores the tremendous market potential that lies ahead of us,” said Sümer, who is CEO of the start-up.

“With Delivery Hero, we have chosen a strong strategic support that is deeply rooted in the global delivery market, and is renowned for having unique experience in sustainably scaling a German company internationally.”

On-demand grocery delivery is a growing area in Europe that’s attracting investor attention.

Swedish start-up Kavall raised $5.8m in August, Czech player Rohlik hit unicorn status after its €100m Series C round in July, and Spain’s Glovo secured a €450m Series F round in April to expand in the grocery market.

Gorillas differentiates itself from other players in the market, such as Deliveroo, by employing its delivery drivers rather than relying on gig workers.

However, as the start-up has scaled rapidly over the past year, it has seen delivery workers protest over working conditions and pay, and been put under the spotlight for its treatment of employees.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

ICO to step in after schools use facial recognition to speed up lunch queue | Facial recognition

Voice Of EU

Published

on

The Information Commissioner’s Office is to intervene over concerns about the use of facial recognition technology on pupils queueing for lunch in school canteens in the UK.

Nine schools in North Ayrshire began taking payments for school lunches this week by scanning the faces of their pupils, according to a report in the Financial Times. More schools are expected to follow.

The ICO, an independent body set up to uphold information rights in the UK, said it would be contacting North Ayrshire council about the move and urged a “less intrusive” approach where possible.

An ICO spokesperson said organisations using facial recognition technology must comply with data protection law before, during and after its use, adding: “Data protection law provides additional protections for children, and organisations need to carefully consider the necessity and proportionality of collecting biometric data before they do so.

“Organisations should consider using a different approach if the same goal can be achieved in a less intrusive manner. We are aware of the introduction, and will be making inquiries with North Ayrshire council.”

The company supplying the technology claimed it was more Covid-secure than other systems, as it was cashless and contactless, and sped up the lunch queue, cutting the time spent on each transaction to five seconds.

Other types of biometric systems, principally fingerprint scanners, have been used in schools in the UK for years, but campaigners say the use of facial recognition technology is unnecessary.

Silkie Carlo, the director of Big Brother Watch, told the Guardian the campaign group had written to schools using facial recognition systems, setting out their concerns and urging them to stop immediately.

“No child should have to go through border-style identity checks just to get a school meal,” she said. “We are supposed to live in a democracy, not a security state.

“This is highly sensitive, personal data that children should be taught to protect, not to give away on a whim. This biometrics company has refused to disclose who else children’s personal information could be shared with and there are some red flags here for us.”

The technology is being installed in schools in the UK by a company called CRB Cunninghams. David Swanston, its managing director, told the FT: “It’s the fastest way of recognising someone at the till. In a secondary school you have around about a 25-minute period to serve potentially 1,000 pupils. So we need fast throughput at the point of sale.”

Live facial recognition, technology that scans crowds to identify faces, has been challenged by civil rights campaigners because of concerns about consent. CRB Cunninghams said the system being installed in UK schools was different – parents had to give explicit consent and cameras check against encrypted faceprint templates stored on school servers.

A spokesperson for North Ayrshire council said its catering system contracts were coming to a natural end, allowing the introduction of new IT “which makes our service more efficient and enhances the pupil experience using innovative technology”.

They added: “Given the ongoing risks associated with Covid-19, the council is keen to have contactless identification as this provides a safer environment for both pupils and staff. Facial recognition has been assessed as the optimal solution that will meet all our requirements.”

The council said 97% of children or their parents had given consent for the new system.

A Scottish government spokesperson said that local authorities, as data controllers, had a duty to comply with general data protection regulations and that schools must by law adhere to strict guidelines on how they collect, store, record and share personal data.

Hayley Dunn, a business leadership specialist at the Association of School and College Leaders, said: “There would need to be strict privacy and data protection controls on any companies offering this technology.

“Leaders would also have legitimate concerns about the potential for cyber ransomware attacks and the importance of storing information securely, which they would need reassurances around before implementing any new technology.”

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!