Connect with us

Technology

Another huge data breach, another stony silence from Facebook | Facebook

Voice Of EU

Published

on

Half a billion Facebook users’ accounts stolen. Personal information compromised. Telephone numbers and birth dates drifting across the internet being used for God knows what. And for four days, from Facebook’s corporate headquarters, nothing but silence.

If this sounds familiar, it’s because it is. This week saw reports of a massive new Facebook breach and everything about it, from Facebook’s denials of the words “data” and “breach” to its repeated refusal to answer journalists’ questions, has been uncannily reminiscent of the Cambridge Analytica scandal.

Three years on, “Cambridge Analytica” is a byword for mass-data abuse, Facebook has been fined billions of dollars for failing to protect users’ data and… not a thing has changed. If ever there were a moment to understand how profoundly all systems of accountability have failed, and continued to fail, it is this.

Last week Nick Clegg, vice president of global affairs at Facebook, admitted on The Verge website that the Cambridge Analytica scandal had “rocked Facebook right down to its foundations”. And yet it has learned nothing. It has paid no real price (the record $5 billion fine it paid to the Federal Trade Commission (FTC) is literally no price at all to Facebook), suffered no real consequences, and failed to answer any questions over the involvement of its executives.

Nick Clegg, Facebook’s vice president of global affairs.
Nick Clegg, Facebook’s vice president of global affairs. Photograph: Hannah McKay/Reuters

That impunity was in full sight this week. The news of the latest breach, of 533 million people’s data, dropped over a holiday weekend; Facebook responded only by saying it was “old data” and the problem had been “found and fixed in August 2019” – an absurd statement given that the data had only just been dumped on the internet, and clearly that hadn’t been fixed at all.

These are the actions of a company that knows it can get away with it. And repeatedly does. On Tuesday morning I submitted a set of questions to its press office: when was the issue first discovered? Did Facebook inform the regulators (as it is required to under US, UK and EU law)? If so, when? Had it informed users? But Facebook didn’t respond. It still hasn’t responded. It uses silence to throttle reporting, a strategy that works. It passes “exclusive” scoops to favourite reporters, and stonewalls the rest. Not just me. At an impromptu event on the data breach, journalists from Wired, Politico and Business Insider revealed that it refused to answer their questions too.

Instead it published a blogpost, The Facts on News Reports About Facebook Data, saying it wasn’t hacked, the data was “scraped”. It later confirmed that it had no intention of informing users because it wasn’t “confident” who they were, users “could not fix the issue”, and anyway, “the data was publicly available”. What do you do when a trillion-dollar company with 2.8 billion users treats the public with brazen contempt? When it won’t answer basic journalistic inquiries? When it ignores even the regulator? Ireland’s Data Protection Commission – its lead regulator in Europe – released a pointed statement saying that it received “no proactive communication” from Facebook.

It’s this culture of impunity that makes Facebook such a dangerous company. Even where there are laws, it operates above them. There will be mass class actions that arise from this breach. But so what? It’ll take years and anyway, it’s only money. Money! As if Facebook cares. The Irish Data Protection Commission could act. But will it? Enforcements are hard, regulators respond to pressure, and in a news cycle that every day brings fresh new reports of Facebook enabling Nazis or driving teenagers to suicide, this story barely broke through.

The US Congress has finally woken up to the danger of disinformation, but the disinformation from Facebook about Facebook is toxic and continues unabated – from its shiny new Oversight Board, a $130m exercise in evading responsibility, to the estimated $7m a year it invests in its own pet Lord Haw Haw, aka Sir Nick Clegg.

War is not Peace. Love is not Hate. And the “facts” Facebook published this week about the data breach aren’t. They’re dangerous, irresponsible, at best half-truths designed to enable it to get away with it, as it does again and again.

Source link

Technology

UK competition watchdog unveils advice for antivirus firms • The Register

Voice Of EU

Published

on

The UK’s Competition and Markets Authority (CMA) has unveiled compliance principles to curb locally some of the sharper auto-renewal practices of antivirus software firms.

The move follows the watchdog baring its teeth at McAfee and Norton over the issue of automatically renewing contracts.

The CMA took exception to auto-renewal contracts for antivirus software that customers in the UK signed up for and found difficult to cancel. Refunds and clearer pricing information (including making sure consumers were aware that year two could well end up considerably costlier than the first) were the order of the day.

Today’s principles build on that work, and are aimed at helping antivirus companies toe the line where UK consumer law is concerned. They are a bit more detailed than a simple “stop being horrid.”

The focus remains on auto-renewing contracts, where a customer signs up for a fixed period, then is charged again for subsequent periods. The CMA acknowledges that such arrangements are convenient, but they risk the consumer being locked into an agreement they no longer want or that they get stung with higher fees at renewal time.

While the principles are intended to be helpful, lurking in the background is consumer law and the threat of a potential trip to court for vendors stepping out of line.

First up comes a requirement to make sure customers are informed about auto-renewal, rather than hiding the detail in an End User Licence Agreement (EULA) or burying it in hard-to-read text through which a user must scroll.

Price claims must be “accurate” and “not mislead your customers” – so only show discounts against the normal price. It must also be possible to turn off the auto-renew easily, keep auto-renew turned off once it is off and, if on, make sure customers are reminded in good time that an auto-renew will happen.

Getting a refund must be easier and customers should be able to change their mind when auto-renewal happens. If the customer has stopped using the product, safeguards are needed around auto-renewal.

The last principle could pose a few challenges – how does a vendor become aware that a customer is not using its product? The suggestion from the CMA is to check if software updates are being received rather than simply charging users year after year.

The Register contacted McAfee and Norton for their thoughts on the principles, and will update should the companies respond. ®

Source link

Continue Reading

Technology

Grocery start-up Gorillas raises nearly $1bn in round led by Delivery Hero

Voice Of EU

Published

on

Just a few months after hitting unicorn status, Gorillas has raised another major round of funding from big-name investors.

German start-up Gorillas has raised nearly $1bn to expand its on-demand grocery delivery business.

The Series C funding round was led by Delivery Hero, the German food and grocery delivery giant that recently took a stake in Deliveroo.

Gorillas also received backing from existing investors including Coatue Management, DST Global and Tencent, as well as new investors G Squared, Alanda Capital, Macquarie Capital, MSA Capital and Thrive Capital.

The fresh funding comes just a few months after the company’s $290m Series B, which brought its valuation to more than $1bn.

Gorillas was founded in Berlin in 2020 by Kağan Sümer and Jörg Kattner, promising grocery deliveries in as little as 10 minutes.

It now operates more than 180 warehouses and has expanded to more than 55 cities in nine countries, including Amsterdam, London, Paris, Madrid, New York and Munich.

The company plans to use the latest funding for its next phase of development. This includes reinforcing its footprint in existing markets and investing in operations, technology and marketing.

“The size of today’s funding round by an extraordinary investment consortium underscores the tremendous market potential that lies ahead of us,” said Sümer, who is CEO of the start-up.

“With Delivery Hero, we have chosen a strong strategic support that is deeply rooted in the global delivery market, and is renowned for having unique experience in sustainably scaling a German company internationally.”

On-demand grocery delivery is a growing area in Europe that’s attracting investor attention.

Swedish start-up Kavall raised $5.8m in August, Czech player Rohlik hit unicorn status after its €100m Series C round in July, and Spain’s Glovo secured a €450m Series F round in April to expand in the grocery market.

Gorillas differentiates itself from other players in the market, such as Deliveroo, by employing its delivery drivers rather than relying on gig workers.

However, as the start-up has scaled rapidly over the past year, it has seen delivery workers protest over working conditions and pay, and been put under the spotlight for its treatment of employees.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

ICO to step in after schools use facial recognition to speed up lunch queue | Facial recognition

Voice Of EU

Published

on

The Information Commissioner’s Office is to intervene over concerns about the use of facial recognition technology on pupils queueing for lunch in school canteens in the UK.

Nine schools in North Ayrshire began taking payments for school lunches this week by scanning the faces of their pupils, according to a report in the Financial Times. More schools are expected to follow.

The ICO, an independent body set up to uphold information rights in the UK, said it would be contacting North Ayrshire council about the move and urged a “less intrusive” approach where possible.

An ICO spokesperson said organisations using facial recognition technology must comply with data protection law before, during and after its use, adding: “Data protection law provides additional protections for children, and organisations need to carefully consider the necessity and proportionality of collecting biometric data before they do so.

“Organisations should consider using a different approach if the same goal can be achieved in a less intrusive manner. We are aware of the introduction, and will be making inquiries with North Ayrshire council.”

The company supplying the technology claimed it was more Covid-secure than other systems, as it was cashless and contactless, and sped up the lunch queue, cutting the time spent on each transaction to five seconds.

Other types of biometric systems, principally fingerprint scanners, have been used in schools in the UK for years, but campaigners say the use of facial recognition technology is unnecessary.

Silkie Carlo, the director of Big Brother Watch, told the Guardian the campaign group had written to schools using facial recognition systems, setting out their concerns and urging them to stop immediately.

“No child should have to go through border-style identity checks just to get a school meal,” she said. “We are supposed to live in a democracy, not a security state.

“This is highly sensitive, personal data that children should be taught to protect, not to give away on a whim. This biometrics company has refused to disclose who else children’s personal information could be shared with and there are some red flags here for us.”

The technology is being installed in schools in the UK by a company called CRB Cunninghams. David Swanston, its managing director, told the FT: “It’s the fastest way of recognising someone at the till. In a secondary school you have around about a 25-minute period to serve potentially 1,000 pupils. So we need fast throughput at the point of sale.”

Live facial recognition, technology that scans crowds to identify faces, has been challenged by civil rights campaigners because of concerns about consent. CRB Cunninghams said the system being installed in UK schools was different – parents had to give explicit consent and cameras check against encrypted faceprint templates stored on school servers.

A spokesperson for North Ayrshire council said its catering system contracts were coming to a natural end, allowing the introduction of new IT “which makes our service more efficient and enhances the pupil experience using innovative technology”.

They added: “Given the ongoing risks associated with Covid-19, the council is keen to have contactless identification as this provides a safer environment for both pupils and staff. Facial recognition has been assessed as the optimal solution that will meet all our requirements.”

The council said 97% of children or their parents had given consent for the new system.

A Scottish government spokesperson said that local authorities, as data controllers, had a duty to comply with general data protection regulations and that schools must by law adhere to strict guidelines on how they collect, store, record and share personal data.

Hayley Dunn, a business leadership specialist at the Association of School and College Leaders, said: “There would need to be strict privacy and data protection controls on any companies offering this technology.

“Leaders would also have legitimate concerns about the potential for cyber ransomware attacks and the importance of storing information securely, which they would need reassurances around before implementing any new technology.”

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!