Connect with us

Technology

‘It’s a complex, challenging role’

Voice Of EU

Published

on

TikTok’s Caroline Goulding discusses navigating the evolving privacy landscape, how the tech sector needs to lead on cybersecurity, and the importance of ‘peeling back the layers’ at work.

Caroline Goulding is TikTok’s data protection officer, based at the social media company’s growing hub in Dublin.

She was previously LinkedIn’s first data protection officer and prior to that held a variety of trust and safety roles at LinkedIn and eBay.

‘Privacy and compliance is an ever-evolving challenge’
– CAROLINE GOULDING

What does your role involve?

I joined TikTok in early 2020 as the first in-house data protection officer. As well as being a member of the senior leadership team in Ireland, I also worked with colleagues to establish the office of the data protection officer for TikTok.

It is a complex and challenging role, but I am excited to be guiding our efforts in this space. Part of the responsibility of my role is supporting the company to navigate the ever-evolving privacy and compliance landscape.

How do you prioritise and organise your working life?

I apply ruthless prioritisation when it comes to my working life. Ultimately, I am hyper aware that every single day something unpredictable can crop up, so at the start of each day I sit down and outline my top three essential priorities for that day.

Like so many, my schedule can be quite demanding. But every day I make sure that I get away from my desk for a few minutes and I pick one meeting to do over the phone while I am walking. This is typically a one-to-one call, so as well as getting away from the desk and reenergising with some fresh air, it also means the person I am speaking to has my full attention and I am not distracted by any other screens or incoming emails and messages.

What are the biggest challenges facing your sector and how are you tackling them?

TikTok, like so many others in the tech sector, is always looking to attract the best talent. There is intense competition in the data protection arena as well as in many other areas of our business, such as online safety, which will see a raft of new laws come into effect, including the Online Safety and Media Regulation Bill.

Cybersecurity, of course, remains a challenge for all sectors, evidenced by the ransomware attack on the HSE here in Ireland in the middle of a pandemic. The tech sector has an important role to lead out in this area and TikTok takes that very seriously.

We are mindful that over a billion people come to TikTok every month to express themselves creatively and to be entertained. Keeping our community safe and allowing them to enjoy this in a welcome environment is our overarching priority. In order to ensure we do this to the best possible standard, our dedicated Fusion Centres, located in the US and Ireland, allow us to detect and respond to critical incidents in real time.

Privacy and compliance is an ever-evolving challenge and something which is of the utmost importance to TikTok. To me, education is key to ensure we tackle this issue appropriately.

What are the key sector opportunities you’re capitalising on?

Our global community continues to grow every day, and we feel privileged to provide such a diverse platform for Irish creators, NGOs and businesses to interact and engage in a meaningful way with new and existing audiences.

Recognising the vital role that community organisations, their workers and volunteers play in Irish creativity, TikTok recently announced details of the St Patrick’s Festival x TikTok Creative Fund, which has seen €100,000 allocated to 10 groups around the country for a creative project.

We also launched a SMB Hub for Irish small businesses, which is something I’m particularly proud of being Irish and given the important role SMBs play at the heart of the Irish economy. It has been specifically designed to enable businesses of all sizes in Ireland to start activating on the platform at scale. Irish SMBs have the opportunity to use TikTok Ads Manager, joining thousands of small businesses in Europe reaching engaged audiences, growing their sales on TikTok and potentially even going viral!

What set you on the road to where you are now?

My journey started in risk and fraud and has evolved towards privacy and compliance, so I’ve worn multiple hats and have been privileged to see it from a variety of angles.

Prior to joining TikTok, I spent nine years at LinkedIn and before that I worked at eBay. I had a variety of roles – from leading global teams handling a wide array of member and customer legal privacy and intellectual property issues, to sitting on the trust and safety leadership team with exposure to a range of security matters including risk, fraud and content issues.

The mix of legal-related knowledge, ability to operationalise at scale and experience in interfacing with both users and regulators has put me in a unique position. Looking back, I’m able to connect the dots, even though the path was much less clear at the time.

What was your biggest mistake and what did you learn from it?

Not showing up authentically. In the past I used to think one had to act, speak, dress and ultimately manage things in a certain way. But I learned that this meant connecting with people on a surface level. Through learning to peel back the layers and be more vulnerable on a daily basis, it has led to a much more enriching work life with deep relationships and a much stronger foundation from which to achieve work objectives together.

Working during the global pandemic definitely helped solidify this and was a learning curve for me. Everyone was impacted in some shape or form. I learned that by being honest if I was having a bad day meant it was more likely someone else would open up and tell me when they were too, and work priorities could be shifted around to accommodate and support each other.

How do you get the best out of your team?

I have always admired the astute advice of Simon Sinek and in particular his wisdom on the role of the leader to serve those around them. He said: “The responsibility of a company is to serve the customer. The responsibility of leadership is to serve their people so that their people may better serve the customer.” I take those words to heart in all of my different roles.

Trust and empathy are also vitally important to me. I invest a lot of time in getting to know my team and colleagues on a personal level. To me, empathy can also mean not shying away from uncomfortable or awkward conversations and instead having the courage to engage on the meatier topics ,which ultimately benefits the individual and the team as a whole.

Have you noticed a diversity problem in your sector?

I am passionate about diversity and inclusion in the workplace, and continually look for opportunities to progress this important and defining topic whenever I can. I founded the Women at TikTok Europe Committee to work alongside our business’s D&I leadership. As part of this role, I helped drive and promote the company’s International Women’s Day efforts.

However, I am acutely conscious that on International Women’s Day in March each year, a host of stats are released and it can be disheartening to read that it will still take X number of years to achieve equity in the boardroom or at the C-suite level. Even worse is that the 2021 Women in the Workplace report found that the pandemic has disproportionately affected women leaders who took on more mission-critical, though often ‘invisible’, work in addition to their day-to-day roles.

Diversity encompasses a lot of different areas beyond gender, from race to sexuality, age and nationality. When it comes to the latter, this is an area where Ireland’s tech companies are thriving with an incredible array of international talent.

What books have you read that you would recommend?

I consider The Culture Map by Erin Meyer essential reading for everyone working in a multinational environment where progress and success is highly dependent on the skills to navigate through cultural differences.

How to Own the Room by Viv Groskop is my go-to for whenever I need a lift before an important speaking engagement.

Contagious You by Anese Cavanaugh crystallises how a leader’s intentions, energy and presence sets the tone and regardless of where we are in our careers, how we show up matters.

What are the essential tools and resources that get you through the working week?

I start every morning listening to the business news on Newstalk. Having recently had the opportunity for business travel after a long pandemic hiatus, it reminded me how indispensable noise-cancelling headphones are.

Now that the days are so much darker and the work-from-home video calls are here for the foreseeable future, I have joined the ring light fan club. And of course, TikTok provides me with some light entertainment as I end the working day.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Technology

Brace for a shock: cost-of-living crisis drives up price of electric car charging | Electric, hybrid and low-emission cars

Voice Of EU

Published

on

While petrol price rises may have made the headlines, the energy crisis has also been hitting owners of electric cars in the pocket. The cost of charging at home has risen by 43% for some drivers, while the already higher cost of on-the-road recharges has gone up 25%.

As energy prices are forced up due to rising costs for suppliers, specialist charging deals for drivers have become more scarce. And now there are suggestions that people may put off the purchase of an electric car as the cost-of-living crisis takes hold.

Although demand for vehicles is high, a new report to be released this week from Volkswagen Financial Services suggests that fewer people might commit to buying electric vehicles (EVs) as belts tighten and the cost of energy increases.

“The cost-of-living squeeze will probably mean some potential EV purchasers may not commit to a switch this year, particularly as such vehicles are perceived to be more expensive in relative terms when compared to combustion engine alternatives,” says the report.

Home charging

Electric car owners who are charging their vehicle at home will usually find the most cost-efficient option is one of the specialist tariffs on offer. “Two-rate” tariffs offer one price for electricity used during the day and another for night-time use. When prices are much lower you can top up your battery cheaply.

For example, comparison site Love My EV lists the rates for EDF’s GoElectric 35 as 44.69p per kilowatt hour (p/kWh) during the day and 4.5p/kWh at night. The Octopus Go tariff costs 35.04p/kWh during the day and 7.5p/kWh at night. Both figures are based on supplying a home in south Wales.

Three electric cars charging at a roadside station with an attractive yellow zig-zag canopy sheltering the chargers
A public charging station in Sunderland: many electric vehicle owners cannot charge at home and must pay on-the-road rates. Photograph: Christopher Thomond/The Guardian

Since energy prices have increased, the number of specialist deals on the market has dropped, says Laura Thomson, co-founder of Love My EV. While they are usually the best deals for drivers who charge overnight, the day rate and standing charge can be expensive, which consumers need to take into account when working out what is best for their situation.

“For most people who have an EV to charge at home, it does make sense, but there is a high standing charge and a high day rate to factor in,” says Thomson. If you use a lot of electricity during the day, this may not be your best option.

The site has a comparison tool for tariffs. Beware of promises of “free miles” within tariffs as these savings may be outweighed by higher charges, it says.

The rising price of EV tariffs means drivers now face paying 43% more than a year ago. This amounts to a rise of about £75 a year for an average vehicle such as a Nissan Leaf or a Renault Zoe, says Ben Nelmes of transport research company New AutoMotive.

In 2021, the cost of recharging an EV that covered 7,400 miles a year – the average mileage – and was recharged mostly at night was £174. This was based on an overnight rate of 4p/kWh and a day rate of 18p/kWh. By last month, this same charging practice cost £249 a year, based on the best prices then available – 5p/kWh at night and 28p/kWh during the day.

“Someone driving a bigger EV, such as a Kia e-Niro or Tesla, will find that this underestimates what they’ll be paying. Similarly, someone in a Smart car will find they spend a bit less than this,” says Nelmes.

On the road

Rising costs have also become apparent at public chargers. Instavolt, which operates a charging network across Britain, has increased its prices twice so far this year, first from 45p/kWh to 50p/kWh and then to 57p/kWh. Ubitricity, one of London’s largest charging networks, increased prices from 24p/kWh to 32p/kWh last month.

Data company Zap Map, which maps public charge points, found that, on average, charging costs increased from 24p/kWh in December to 30p/kWh in February for slow and fast chargers, and from 35p/kWh to 44p/kWh for rapid and ultra-rapid chargers.

“The price of charging your EV on the public network, or at home, has risen substantially over the past few months with the general increase in electricity prices,” says Melanie Shufflebotham from Zap Map.

There are 460,000 EVs currently in the UK, according to the Volkswagen Financial Service report, and just 300,000 home charger points installed. Those who don’t have a home charger end up paying more, according to Keith Brown of Paythru, a payments technology company. “One of the big inequities of the emerging EV charging market is the price ‘premium’ electric vehicle drivers pay if they don’t or can’t have a home charge point,” he says. “Domestic supply is taxed at a VAT rate of 5% whereas public charge-point supply is taxed at a VAT rate of 20%.”

Shufflebotham has called for the rates to be made equal. “Equalising the VAT rate for both public and home charging would be a great example of levelling up, and encourage more people to make the transition to electric vehicles,” she says.

The advantages

Despite increasing prices, EV drivers still face much lower bills than those with petrol or diesel cars, using figures based on the same annual mileage for all types of vehicle.

Nelmes says that while the rises in the costs of EV charging at home are high, they are dwarfed by the costs of filling a car with fuel.

“We estimate the average UK motorist would spend £1,028 per year on petrol and £987 per year on diesel. That’s up from £796 a year on petrol and £747 a year on diesel a year ago,” he says. “That means that the fuel cost savings available to petrol and diesel drivers who switch to EVs this year are £779 for petrol drivers and £738 for diesel drivers.”

Case study: positives and negatives

Having bought a Nissan Leaf in the last few weeks, Philip Ingram looks back at the deals that were available last year with some annoyance.

He currently pays a flat rate throughout the day of 28.45p/kWh with British Gas, the best tariff available to him at home in Bordon, Hampshire. Last year, he could have taken advantage of deals of 5p/kWh overnight, he says. While there are deals with good night-time rates, now their high day rates mean they do not suit the family budget.

The annoyance is tempered by the savings from moving from a diesel VW Golf to an EV.

Ingram, who runs a cotton company called LittleLeaf Organic, used to pay nearly £90 to fill up with diesel but gets the same mileage for £20 of charging. This has to be balanced against the cost of the car: £24,000. “I wish we had done it a long time ago,” he says, “but the reason that we have been slower is … capital costs. Several times I have said to [my wife] Lisa the running costs are unbelievable, but then you look at the cost of buying this car, [which] is enormous.”

Source link

Continue Reading

Technology

Web ad firms scrape email addresses before you know it • The Register

Voice Of EU

Published

on

Tracking, marketing, and analytics firms have been exfiltrating the email addresses of internet users from web forms prior to submission and without user consent, according to security researchers.

Some of these firms are said to have also inadvertently grabbed passwords from these forms.

In a research paper scheduled to appear at the Usenix ’22 security conference later this year, authors Asuman Senol (imec-COSIC, KU Leuven), Gunes Acar (Radboud University), Mathias Humbert (University of Lausanne) and Frederik Zuiderveen Borgesius, (Radboud University) describe how they measured data handling in web forms on the top 100,000 websites, as ranked by research site Tranco.

The boffins created their own software to measure email and password data gathering from web forms – structured web input boxes through which site visitors can enter data and submit it to a local or remote application.

Providing information through a web form by pressing the submit button generally indicates the user has consented to provide that information for a specific purpose. But web pages, because they run JavaScript code, can be programmed to respond to events prior to a user pressing a form’s submit button.

And many companies involved in data gathering and advertising appear to believe that they’re entitled to grab the information website visitors enter into forms with scripts before the submit button has been pressed.

“Our analyses show that users’ email addresses are exfiltrated to tracking, marketing and analytics domains before form submission and without giving consent on 1,844 websites in the EU crawl and 2,950 websites in the US crawl,” the researchers state in their paper, noting that the addresses may be unencoded, encoded, compressed, or hashed depending on the vendor involved.

Most of the email addresses grabbed were sent to known tracking domains, though the boffins say they identified 41 tracking domains that are not found on any of the popular blocklists.

“Furthermore, we find incidental password collection on 52 websites by third-party session replay scripts,” the researchers say.

Replay scripts are designed to record keystrokes, mouse movements, scrolling behavior, other forms of interaction, and webpage contents in order to send that data to marketing firms for analysis. In an adversarial context, they’d be called keyloggers or malware; but in the context of advertising, somehow it’s just session-replay scripts.

Gunes Acar, one of the report co-authors, was also the co-author of a similar research project in 2017 that looked at data gathering by session-replay companies Yandex, FullStory, Hotjar, UserReplay, Smartlook, Clicktale, and SessionCam.

Evidently, not much has changed since then, except perhaps that email addresses have become more desirable as unique identifiers now that privacy-oriented browsers like Brave, Firefox, and Safari are taking more steps to block cookies and tracking scripts.

Email addresses, the researchers observe, represent a cookie replacement because they’re unique, persistent, and can be used to track people across applications, platforms, and even offline interactions that may be tied to an email address like loyalty card transactions.

The website categories with the most leaking forms include: Fashion/Beauty (11.1 per cent, EU; 19 per cent US); Online Shopping (9.4 per cent EU; 15.1 per cent US); and General News (6.6 per cent EU; 10.2 per cent US).

Websites categorized as Pornography had the best privacy when it comes to surreptitious form data harvesting.

“A somehow surprising result was the following: despite filling email fields on hundreds of websites categorized as Pornography, we have not a single email leak,” the researchers say, noting that previous studies of adult-oriented websites have relatively fewer third-party trackers than similarly popular general interest websites.

Those pesky regulations

The report authors say that EU websites practicing email exfiltration may be in violation of at least three GDPR requirements: transparency, purpose limitation, and prior consent. Firms found to be violating these rules can be fined up to $20m euros or 4 per cent of annual revenue, per Article 83(5).

The US doesn’t have a federal data privacy law, though it’s conceivable one of the handful of US states with applicable privacy rules could take action against pre-submission form harvesting. But given the toothlessness of US privacy regulation over the past decade, don’t expect much.

The authors say they attempted to contact 58 first-parties and 28 third-parties with GDPR requests. They report receiving 30 responses from the first-parties, which varied from surprise and remediation to justifications of one sort or another.

“fivethirtyeight.com (via Walt Disney’s DPO), trello.com (Atlassian), lever.co, branch.io and cision.com were among the websites that said they had not been aware of the email collection prior to form submission on their websites and removed the behavior,” the report says.

Marriott, meanwhile, said the information collected by digital analytics firm Glassbox helps with customer care, technical support, and fraud prevention.

Third-parties Taboola, Zoominfo, and ActiveProspect defended their data collection practices.

Facebook, aka Meta, is among the third-parties involved in this. The researchers say that email addresses or their hashes were spotted being sent to facebook.com from 21 different websites in the EU.

“On 17 of these, Facebook Pixel’s Automatic Advanced Matching feature was responsible for sending the SHA-256 of the email address in a SubscribedButtonClick event, despite not clicking any submit button,” the report says.

Advanced Matching – called out recently for harvesting student loan data – is designed to collect hashed customer data, such as email addresses, phone numbers, and names from checkout, sign-in, and registration forms. The researchers speculate that on these sites, Facebook’s script treats clicks on non-submit buttons as a click event for the submit button.

Facebook did not respond to a request for comment.

The report concludes that browser vendors, regulators, and privacy tool makers need to deal with this issue because it isn’t going away. “Based on our findings, users should assume that the personal information they enter into web forms may be collected by trackers – even if the form is never submitted,” the report concludes. ®

Source link

Continue Reading

Technology

VC funding in Ireland rose in Q1, but not for deals under €10m

Voice Of EU

Published

on

A William Fry-commissioned report has found that funding deals under €10m have taken a big hit in the first three months of 2022.

Venture capital funding into Irish tech businesses was up by more than 50pc in the first quarter of this year, but there’s an unfortunate and potentially troubling caveat to that.

The Irish Venture Capital Association (IVCA) has published today (15 May) its latest report on VC funding into tech start-ups and SMEs in Ireland, which found that the investments increased by 52pc to €379.7m in the first three months of 2022, compared to the same period last year.

Future Human

But the report, commissioned by Dublin law firm William Fry, also found that VC funding in deals valued less than €10m have taken a hit.

IVCA chair Nicola McClafferty said that the headline figure of a funding boost conceals a “potentially worrying fall” of 30 to 50pc across all categories of deals under €10m – including seed funding.

“All the growth came from eight deals worth over €10m each, including three over €30m. While the momentum carried over from last year has continued for more established companies raising large rounds, some of that impetus seems to have stalled for earlier stage companies.”

Even the total number of deals overall fell by almost a third to 50 from 74 in the same period last year.

McClafferty said that this could be related to international trends affecting the business world right now, such as Russia’s invasion of Ukraine.

“While challenging market conditions may continue, we also know that many great companies are started and built in times of downturn, so we await with interest the data in the coming quarters,” she added.

Deals in the €5m to €10m range fell in value by more than half, while those in the €1m to €5m range also halved from €70.3m last year to €34.5m in Q1 2022. The value of deals below €1m dropped by 31pc to €8.9m.

Seed funding also took a hit, falling by nearly 40pc to €22.3m from €36.5m last year.

Nearly four-fifths of all funding came from overseas sources, according to IVCA director-general Sarah-Jane Larkin.

“While this is to be welcomed and emphasises the quality of Irish tech firms and their appeal to international investors, we have expressed concern before about where any shortfall would be made up if the global economy contracts,” she said.

Wayflyer, Ireland’s latest tech unicorn, led the way in terms of total value of funding received with a $150m in Series B funding valuing the start-up at $1.6bn. Flipdish, another Irish tech start-up that became a unicorn this year, raised $100m reaching a $1.25bn valuation.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!