Connect with us

Technology

The EU’s strict new rules for online content

Voice Of EU

Published

on

The Digital Services Act is another landmark piece of legislation from the EU which demands tech companies take control of content moderation.

An agreement was reached on the EU’s Digital Services Act after more than 16 hours of negotiations that began on Friday (22 April).

The core principle of the Digital Services Act is that what is illegal offline will be illegal online. “Not as a slogan, as reality,” tweeted European commissioner Margrethe Vestager.

Future Human

European Commission president Ursula von der Leyen tweeted that the “historic” agreement on these rules “will protect users online, ensure freedom of expression and opportunities for businesses”.

Amnesty International agreed this was a landmark moment for tech regulation, but legal and policy adviser Claudia Prettner flagged a “missed opportunity” to “phase out all invasive surveillance-based advertising practices”.

What is the Digital Services Act?

The EU has billed the Digital Services Act (DSA) as “a world first in the field of digital regulation”. It sets out to make the internet safer with new rules for all digital services, from social media platforms to search engines to online marketplaces and more.

It was first proposed in December 2020 along with the Digital Markets Act, and follows in the footsteps of the General Data Protection Regulation (GDPR), another watershed piece of EU legislation.

Where GDPR focuses on data protection and privacy and the Digital Markets Act takes aim the market dominance of Big Tech, the focus of the Digital Services Act is illegal content and the protection of users’ rights.

“Citizens will have better control over how their data are used by online platforms and Big Tech companies,” said rapporteur Christel Schaldemose. “These new rules also guarantee more choice for users and new obligations for platforms on targeted ads, including bans to target minors and restricting data harvesting for profiling.”

How will this impact Big Tech?

The measures set out in the Digital Services Act are proportionate to the scale of platforms.

“Very large” platforms are defined as those with more than 45m monthly active users in the EU, and these will face more stringent requirements. This figure will continue to be adjusted to represent 10pc of the EU population.

All major tech platforms such as Facebook, Instagram, WhatsApp, YouTube, TikTok and Amazon will qualify as very large platforms.

These platforms will be required to stay on top of content moderation and expect annual audits of these practices.

The act also calls for simple measures for users to flag content and for swift action to be taken on such reports.

Platforms with fewer than 45m monthly active users as well as businesses that qualify as micro or small enterprises will be exempt from some obligations of the DSA.

What counts as illegal content?

The illegal content targeted under the Digital Services Act is broad and sweeping. It includes hate speech, child sexual abuse material, scams, non-consensual sharing of private images, promotion of terrorism, the sale of counterfeit or unsafe products and copyright infringement.

For marketplaces, the onus is on them to vet third-party traders and ensure products and services sold there are genuine and safe. This means adopting Know Your Business Customer principles à la the practices used to vet financial services users. The act also expects marketplaces to conduct randomised checks for illegal content.

Is there more to it than illegal content?

Yes, much more.

Very large platforms need to be able to monitor and manage any harmful content, which includes disinformation.

Platforms are also going to have to ensure their interfaces don’t intentionally mislead users using what the European Parliament calls “dark patterns”.

These tricks of UI include manipulative ‘nudge tactics’ such as giving more prominence to certain buttons or links that will lead users to opt in to something, while obscuring the steps to opt out. According to the Digital Services Act, cancelling a subscription should be as easy as subscribing.

What about targeted content?

Remarkably, the EU is also demanding access to platforms’ recommendations engines to ensure algorithmic accountability and transparency. The algorithms that recommend content to users are very much the secret sauce of online platforms and not something they will be keen to expose. (Though advocates for ‘explainable AI’ argue that this makes systems more trustworthy and could drive innovation.)

On the users’ side, platforms will have to offer the option to swich off any profiling used for recommendations.

Ad targeting also takes a hit under these rules. Users are to be given more control over the advertising they are exposed to while targeting users based on sensitive information such as religion, ethnicity or sexual orientation is now prohibited.

And when it comes to children, all ad targeting is effectively banned. In fact, where platforms are aware of users that are minors, they will be required to have special protection measures in place.

Is that it?

The Digital Services Act also includes provisions for a crisis response mechanism. These measures make sense in light of recent crises such as the coronavirus pandemic and Russia’s invasion of Ukraine, where disinformation campaigns have been used to manipulate users and cause harm.

In times of crisis, the EU will decide proportionate measures to mitigate the impact of such content manipulation, limited to a three-month time frame.

What happens if the rules are broken?

Users will have the right to seek redress for any damages or losses incurred due to infringements of the DSA.

Regulators who find businesses to be non-compliant will be able to issue fines of up to 6pc of global turnover. For a multi-platform giant such as Meta, this would amount to about $7bn.

It’s a higher threshold than GDPR fines, which go up to 4pc of global turnover, and lower than the Digital Markets Act, which can penalise for up to 10pc, or 20p in the case of repeated infringements.

Repeat violators of the Digital Services Act, however, could face an outright ban across the EU.

Who will enforce these rules?

When it comes to the Big Tech players, the EU will be directly involved with supervision, in cooperation with member states. Other entities and requirements covered by the DSA will be supervised by regulators in the country of origin.

Speaking on RTÉ Radio 1, Dr Johnny Ryan from the Irish Council for Civil Liberties dubbed this a “missed opportunity” for Ireland to be a “super regulator” under the DSA, seeing as so many of the major tech players are based here.

In the December 2020 proposal for the Digital Services Act, the European Commission estimated it would be actively monitoring 20 to 25 very large platforms, requiring a team of about 50 to be in place by 2025.

This work will reportedly be supported by the companies that are the subject of the act, through a supervisory fee of up to 0.1pc of annual global net income. This is could accrue €20m to €30m per year, according to Reuters.

By comparison, the Irish Data Protection Commission, which is charged with investigating the GDPR compliance of many tech giants in the EU, currently has a budget of €23.2m for 2022.

What happens next?

The text of the Digital Services Act is still being finalised by the EU’s legal language experts. Once this has been prepared, the act needs to be formally approved. It will then come into force 20 days after publication.

Companies will then have 15 months to comply before the rules come into force. It is expected this will bring enforcement of the Digital Services Act into 2024.

Next month, European Parliament representatives will visit the US headquarters of major tech companies such as Meta, Google and Apple, to hear their position on this and other digital legislation in the pipeline.

This legislation could also have a knock-on effect across the Atlantic, as happened with the implementation of GDPR. There are legislators in the US who have been calling for tighter regulation of online platforms, and other prominent figures who support such measures.

Earlier this week, former US president Barack Obama spoke of the need for regulation to tackle disinformation while former presidential candidate Hillary Clinton was cheering the DSA over the line.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Margrethe Vestager pictured at the European Parliament. Image: © European Union 2019. Source: EP (CC-BY-4.0)



Source link

Technology

Meditation app Calm sacks one-fifth of staff | Meditation

Voice Of EU

Published

on

The US-based meditation app Calm has laid off 20% of its workforce, becoming the latest US tech startup to announce job cuts.

The firm’s boss, David Ko, said the company, which has now axed about 90 people from its 400-person staff, was “not immune” to the economic climate. “In building out our strategic and financial plan, we revisited the investment thesis behind every project and it became clear that we need to make changes,” he said in a memo to staff.

“I can assure you that this was not an easy decision, but it is especially difficult for a company like ours whose mission is focused on workplace mental health and wellness.”

The Calm app, founded in 2012, offers guided meditation and bedtime stories for people of all ages. It received a surge of downloads triggered by the 2020 Covid lockdowns. By the end of that year, the software company said the app had been downloaded more than 100 million times globally and had amassed over 4 million paying subscribers.

Investors valued the firm, which said it had been profitable since 2016, at $2bn.

In the memo, Ko went on: “We did not come to this decision lightly, but are confident that these changes will help us prioritize the future, focus on growth and become a more efficient organization.”

More than 500 startups have laid off staff this year, according to layoffs.fyi, a website that tracks such announcements.

Source link

Continue Reading

Technology

Let there be ambient light sensing, without data theft • The Register

Voice Of EU

Published

on

Six years after web security and privacy concerns surfaced about ambient light sensors in mobile phones and notebooks, browser boffins have finally implemented defenses.

The W3C, everyone’s favorite web standards body, began formulating an Ambient Light Events API specification back in 2012 to define how web browsers should handle data and events from ambient light sensors (ALS). Section 4 of the draft spec, “Security and privacy considerations,” was blank. It was a more carefree time.

Come 2015, the spec evolved to include acknowledgement of the possibility that ALS might allow data correlation and device fingerprinting, to the detriment of people’s privacy. And it suggested that browser makers might consider event rate limiting as a potential mitigation.

By 2016, it became clear that allowing web code to interact with device light sensors entailed privacy and security risks beyond fingerprinting. Dr Lukasz Olejnik, an independent privacy researcher and consultant, explored the possibilities in a 2016 blog post.

Olejnik cited a number of ways in which ambient light sensor readings might be abused, including data leakage, profiling, behavioral analysis, and various forms of cross-device communication.

He described a few proof-of-concept attacks, devised with the help of security researcher Artur Janc, in a 2017 post and delved into more detail in a 2020 paper [PDF].

“The attack we devised was a side-channel leak, conceptually very simple, taking advantage of the optical properties of human skin and its reflective properties,” Olejnik explained in his paper.

“Skin reflectance only accounts for the 4-7 percent emitted light but modern display screens emit light with significant luminance. We exploited these facts of nature to craft an attack that reasoned about the website content via information encoded in the light level and conveyed via the user skin, back to the browsing context tracking the light sensor readings.”

It was this technique that enabled the proof-of-concept attacks like stealing web history through inferences made from CSS changes and stealing cross origin resources, such as images or the contents of iframes.

Snail-like speed

Browser vendors responded in various ways. In May 2018, with the release of Firefox 60, Mozilla moved access to the W3C proximity and ambient light APIs behind flags, and applied further limitations in subsequent Firefox releases.

Apple simply declined to implement the API in WebKit, along with a number of other capabilities. Both Apple and Mozilla currently oppose a proposal for a generic sensor API.

Google took what Olejnik described his paper as a “more nuanced” approach, limiting the precision of sensor data.

But those working on the W3C specification and on the browsers implementing the spec recognized that such privacy protections should be formalized, to increase the likelihood the API will be widely adopted and used.

So they voted to make the imprecision of ALS data normative (standard for browsers) and to require the camera access permission as part of the ALS spec.

Those changes finally landed in the ALS spec this week. As a result, Google and perhaps other browser makers may choose to make the ALS API available by default rather than hiding it behind a flag or ignoring it entirely. ®



Source link

Continue Reading

Technology

4 supports that can help employees outside of work

Voice Of EU

Published

on

Everyone has different situations to deal with outside of the workplace. But that doesn’t mean the workplace can’t be a source of support.

Employers and governments alike are often striving to make workplaces better for everyone, whether it’s workplace wellbeing programmes or gender pay gap reporting.

However, life is about more than just the hours that are spent in work, and how an employer supports those other life challenges can be a major help.

Family-friendly benefits

Several companies have been launching new benefits and policies that help families and those trying to have children.

Job site Indeed announced a new ‘family forming’ benefit package earlier this year, which is designed to provide employees with family planning and fertility-related assistance.

The programme includes access to virtual care and a network of providers who can guide employees through their family-forming journey.

Vodafone Ireland introduced a new fertility and pregnancy policy in February 2022 that includes extended leave for pregnancy loss, fertility treatment and surrogacy.

And as of the beginning of 2022, Pinterest employees around the world started receiving a host of new parental benefits, including a minimum of 20 weeks’ parental leave, monetary assistance of up to $10,000 or local equivalent for adoptive parents, and four weeks of paid leave to employees who experience a loss through miscarriage at any point in a pregnancy.

Helping those experiencing domestic abuse

There are also ways to support employees going through a difficult time. Bank of Ireland introduced a domestic abuse leave policy earlier this year, which provides a range of supports to colleagues who may be experiencing domestic abuse.

Under the policy, the bank will provide both financial and non-financial support to colleagues, such as paid leave and flexibility with the work environment or schedule.

In emergency situations where an employee needs to immediately leave an abusive partner, the bank will help through paid emergency hotel accommodation or a salary advance.

In partnership with Women’s Aid, the company is also rolling out training to colleagues to help recognise the symptoms of abuse and provide guidance on how to take appropriate action.

Commenting on the policy, Women’s Aid CEO Sarah Benson said employers who implement policies and procedures for employees subjected to domestic abuse can help reduce the risk of survivors giving up work and increase “feelings of solidarity and support at a time when they may feel completely isolated and alone”.

A menopause policy

In 2021, Vodafone created a policy to support workers after a survey it commissioned revealed that nearly two-thirds of women who experienced menopause symptoms said it impacted them at work. A third of those who had symptoms also said they hid this at work. Half of those surveyed felt there is a stigma around talking about menopause, which is something Vodafone is seeking to combat through education for all staff.

Speaking to SiliconRepublic.com last year, Vodafone Ireland CEO Anne O’Leary said the company would roll out a training and awareness programme to all employees globally, including a toolkit to improve their understanding of menopause and provide guidance on how to support employees, colleagues and family members.

In Ireland, Vodafone employees are able to avail of leave for sickness and medical treatment, flexible working hours and additional care through the company’s employee assistance programme when going through the menopause.

Support hub for migrants

There are also initiatives to help people get their foot on the employment ladder.

Earlier this year, Tánaiste Leo Varadkar, TD launched a new service with education and employment supports for refugees, asylum-seekers and migrants.

The Pathways to Progress platform is part of the Open Doors Initiative supporting marginalised groups to access further education, employment and entrepreneurship in Ireland.

As part of the initiative, member company Siro offered a paid 12-week internship programme for six people who are refugees. The internships include job preparation, interview skills and access to the company’s online learning portals.

Open Doors Initiative CEO Jeanne McDonagh said the chance to land a meaningful job or establish a new business is key to people’s integration into Ireland, no matter what route they took to get here.

“Some are refugees, some are living in direct provision, some will have their status newly regularised, and others will come directly for work,” she said. “Our new service aims to support all migrants in finding a decent job as they prepare to enter the Irish workforce, and to support employers as they seek to build an inclusive culture in their workplaces.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!