A letter to MEPs signed by 30 different civil rights and privacy advocacy groups claim that the rules have been watered down.
A group of civil society organisations, including Amnesty International, have called on MEPs to tighten up new privacy rules on web tracking and messaging services.
The ePrivacy Regulation seeks to update the rules that govern online messaging services, cookies and user tracking. The scope of the law includes requirements for detecting and removing child abuse content.
It will bring the likes of WhatsApp and Skype under its remit and subject them to rules similar to those for the telecoms industry.
First proposed in 2017, the regulation has been subject to much debate and tweaks. Member states are due to enter negotiations with the European Parliament and European Commission to finalise the rules.
In a letter to MEPs, several civil society and digital rights groups, such as Privacy International and Access Now, said that the rules had been weakened by the European Council on matters like user tracking and monitoring, which flies in the face of the position adopted by the European Parliament nearly four years ago.
The groups have taken issue with the removal of a provision that would protect users from tracking by cookies or other similar technologies and the removal of rules against so-called ‘cookie walls’ that coerce users into consenting to data collection in order to access a service. They are seeking the reinstatement of these provisions.
“Since the Parliament agreed its position in October 2017, public trust in data collection has been damaged by the Cambridge Analytica scandal,” the letter reads. “The ePrivacy regulation must send a clear message that the future belongs to business models which unify fundamental rights and innovation, rather than those who operate a personal data dragnet.”
The European Data Protection Board and the European Data Protection Supervisor have published opinions that back up their proposals, the letter said.
The letter added that the new regulation has the opportunity to plug a number of privacy issues that are not fully addressed by the GDPR.
It said that the ePrivacy regulation can update the rules “by closing loopholes and grey areas that have been widely abused by the tracking industry”.
Small and medium-sized managed service providers (MSPs) could find themselves subject to the Network and Information Systems Regulations under government plans to tighten cybersecurity laws – and have got three months to object to the tax hikes that will follow.
NIS is the main law controlling security practices in the UK today. Currently a straight copy of the EU NIS Directive, one of the benefits of Brexit leapt upon by the Department for Digital, Culture, Media and Sport (DCMS) is the new ability to amend NIS’s reporting thresholds.
Bringing MSPs under NIS “would provide a baseline for expected cybersecurity provision and better protect the UK economy and critical national infrastructure from cyber security threats,” as UK.gov said in a consultation document issued on Wednesday. Its plans are for MSPs, currently not subject to NIS, to be brought into the fold. This includes defining what an MSP does, legally, and possibly ending NIS’ existing exemption on SMEs.
“The government recognises the strong need to minimise regulatory burden on small and micro-businesses particularly in a rapidly evolving industry such as this. However, recent incidents have highlighted the scale of risk that can be associated with managed service providers – regardless of their size,” said the consultation document.
In essence, if an “operator of essential services” or a critical national infrastructure business outsources something to your MSP, prepare for NIS compliance.
And the flip side: money
Enforcement of NIS is carried out by the ICO, which is getting a funding bonus if Parliament nods through the NIS amendments. Initially coming from general taxation, in time DCMS wants to “extend the existing cost recovery provisions to allow regulators (for example, Ofcom, Ofgem, and the ICO) to recover the entirety of reasonable implementation costs from the companies that they regulate.”
SMEs across the whole British economy are already familiar with this kind of “cost recovery” activity through stealth taxes such as the ICO’s data protection registration fee.
Andy Kays, chief exec of a managed detection and response firm in London called Socura, agreed that “further market intervention is required to help raise the bar to protect the UK economy.”
“However,” he added, “I do believe that interventions like Cyber Essentials, GDPR and NIS have raised the profile of cyber and data security in the UK, and have improved understanding and investment where they are applicable among businesses.”
Jake Moore, global cybersecurity advisor with Slovakian infosec firm ESET, also agreed, saying in a statement: “Essential services are desperately in need of better protection so these new laws will help direct businesses into a more secure offering with the help and direction required. Laws often may seem like they do not go far enough but digital crime is fast paced and the goal posts constantly move making such plans difficult to project or even become out of date by the time they land.”
The consultation closes on 22 April. As well as questions about money, DCMS is also asking about whether the regs should be extended to SMEs and how detailed they ought to be. Have your say via theses 66 pre-formatted questions. ®
The first cohort of the NDRC accelerator by Dogpatch Labs has four female co-founded start-ups and two international ones.
After taking over the NDRC accelerator from the Government in 2020, Dogpatch Labs gave it a makeover and launched its first cohort of 11 early-stage start-ups last year.
This year, they are running two accelerators with two separate cohorts and increasing the total number of participating start-ups from 11 to 14. The first cohort, H1, has a total of seven start-ups – four of which have female co-founders.
Announced yesterday (19 January), the first cohort also has two regional start-ups and two international start-ups co-founded by Irish CEOs who graduated from top international talent accelerators Antler and Entrepreneur First.
Here we list NDRC’s first cohort of seven early-stage start-ups in 2022 representing the next generation of Ireland’s start-up ecosystem who are gearing up for Demo Day on 7 April.
Image: Dogpatch Labs
This start-up helps patients with breathing difficulties such as asthma or chronic obstructive pulmonary disease (COPD) to monitor their health. A device called Filter can be used by patients in conjunction with an AI-powered digital health coach called Kos to track their respiratory health and get alerts when something’s wrong.
Filter was founded in 2020 by Andrew Gallagher and Stephen Keenan, both University College Dublin alums. Gallagher, who is the chief technology officer, is an engineer by profession, while Keenan has a background in both law and computer science.
GreyScout offers a business tool for companies that want to protect their brand against intellectual property (IP) infringements and counterfeits. The start-up’s product scans across online domains including marketplaces, search engines, websites, social media channels and web forums to identify and remove policy violations and unauthorised content, alerting clients in real time.
On a mission to ‘democratise IP protection’, GreyScout was founded in 2019 by chief executive John Killian and chief technology officer Chris McCauley.
This start-up has built a novel social platform for sports fans to discuss live matches with friends and make predictions on the outcome. In a game-like interface, users have to compete against each other in guessing next moves of sports payers and the winning side – enriching the virtual live entertainment experience.
Herd was co-founded by Jack Cantillon, who is the chief executive, and Robert Minford, who is the chief technology officer. A qualified lawyer in New York, Ireland and the UK, Cantillon was featured in Sports for Business 30 Under 30 in 2020.
Jama is a start-up that uses natural language processing to help B2B sales reps with communication intelligence and analytics. The platform is a one-stop-shop for all the messaging channels used by sales reps, such as WhatsApp, WeChat and Line, to make customer relationship management simpler and win more deals.
It was co-founded by Kerry-based Aisling Hayes, who is the chief executive of Jama with prior experience in founding and running start-ups in Ireland. Jama graduated from the global accelerator by Antler, an early-stage VC firm based in Singapore.
This Dublin-founded start-up connects people who need childcare with those who are looking to provide it. Childcare providers called Minders who can be booked to offer a wide range of services including online tutoring, baby-sitting and maternity nursing.
With changes in the nature of work for many parents because of remote and hybrid work, Öogo hopes to act as a Tinder for childcare, making it simple. It was founded in 2019 by Kate Clark, who worked in sales in New York for five years before starting the business.
Squid aims to promote customer loyalty towards businesses by incentivising buy from them through loyalty cards. By partnering with Squid, brands can ask their customers to download the Squid app and get rewards for purchases. And additional business portal helps brands get customer insights and track customer loyalty.
The start-up also helps businesses get discovered on their app through a marketplace where they can advertise special offer and sell vouchers to their community. Squid was co-founded by Katie Farrell and Matthew Coffey
This online platform helps the HR and learning & development teams of businesses to connect with soft skills trainers and professional coaches. It aims to make the process of finding trainers simpler through its online portal that has all details, including pricing, listed upfront. Trainers with Upskill go through a selection process before listing, and user reviews help businesses determine who to book.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
If the world of Call of Duty seems fraught enough when you are playing it, try being in it. That could be the consequence of Microsoft’s proposed $68.7bn (£50.4bn) acquisition of Activision Blizzard, the video games maker behind the shoot ’em up franchise. Announcing the deal, Satya Nadella, Microsoft’s chief executive, said that gaming would “play a key role in the development of metaverse platforms”.
The metaverse is a catch-all term for an immersive experience that blends the physical and digital worlds through a mixture of virtual and augmented reality. This concept is years away from being fully realised, but it is envisaged that participants – using digital representations of themselves, or avatars – will access it through a virtual reality headset, or augmented reality (AR) glasses that put a digital layer over what they see in the real world. In the metaverse they can socialise with friends, carry out their job – or take part in a video game.
John Egan, chief executive of market intelligence firm L’Atelier BNP Paribas, says that with the Activision deal Microsoft has made it “very clear” that gaming will be at the centre of how metaverse concepts work. And it is not just using the games, but also deploying the creative and technical talent behind them to build virtual worlds.
“Imagine Call of Duty. You’d be dropped into a Battle Royale-like environment, on to a planet like the way Fortnite is now, though bigger by a factor of several thousand. You’ve got an entire planet, so your experience can go on for weeks at a time.”
Egan adds that Call of Duty would work in what he calls a “digi-physical” environment, where AR comes in to play and the game is superimposed on participants’ glasses, or even contact lenses.
“Microsoft could create virtual layers over existing urban infrastructure, within which people can use mixed reality lenses, like glasses or contact lenses, to interact with each other. So imagine something like a skateboard park that becomes a Call of Duty arena. And people use their phones as a gun, and they’ve got their glassware on as the mixed reality infrastructure to do that interaction.”
Of course, not every metaverse world will be like Call of Duty – and not everyone would want to go anywhere near it. Egan says Activision games such as Crash Bandicoot, featuring the antics of an anthropomorphic marsupial, offer a more family-friendly alternative.
Analysts have also pointed to the fact that Activision will immediately bolster Microsoft’s gaming business – it owns the Xbox platform and the Minecraft and Halo franchises – regardless of its metaverse plans. The Bill Gates-founded company will gain access to 390 million monthly users, adding to its Game Pass subscription service, which already has 25 million users.
Dan Ives, a managing director at the US investment firm Wedbush Securities, describes Microsoft’s metaverse vision for the deal as “the cherry on top of the sundae”.
“We believe for Microsoft this was the right deal at the right time to boost its gaming strategy and streaming ambitions. Nadella recognised Microsoft’s consumer business needed a shot in the arm,” he says.
The agreed deal would also need to get past US regulators, who served notice on Tuesday that the tech industry would face a tougher regime. Lina Khan, chair of the Federal Trade Commission, the US competition watchdog, and Jonathan Kanter, head of antitrust at the department of justice, announced a review of merger guidelines – with tech among their areas of concern. Kanter said: “We need to understand why so many industries have too few competitors.”
It could be argued that this is a “vertical” deal between two businesses that do not compete directly: Microsoft’s Xbox platform and Activision’s games. But regulators are likely to look at whether Microsoft could shut off Activision titles from rival platforms such as PlayStation. Microsoft said on Tuesday it did not intend to “pull communities away” from PlayStation.
Rebecca Allensworth, professor of law at Vanderbilt University in Nashville, Tennessee, says Khan and Kanter’s review signals a toughening of the environment for tech.
“Generally, there is a lot of muscle right now behind antitrust enforcement in tech,” she says. “Changing the merger guidelines to be harsher against tech mergers is a part of that. The comments on Tuesday highlighted the idea that the guidelines need to be able to recognise competitive harm from mergers that are vertical or mixed vertical. That’s the merger between Activision and Microsoft.” Nonetheless, she says that it is “still very hard to challenge vertical mergers” and the deal may go through.
However, L’Atelier’s Egan added that even if the deal got past the FTC and justice department, there was also the question of integration. On Monday Activision said it had fired or pushed out more than three dozen employees and disciplined another 40 since July, to address allegations of sexual harassment and other misconduct at the company, which has nearly 10,000 employees to Microsoft’s 190,000.
“Microsoft has an extraordinarily high level of employee satisfaction,” says Egan. “It’s a really good company. You wonder if one of the biggest threats of this is Microsoft kind of letting the wolf in the door. How are Microsoft going to assimilate an organisation with a culture that is beset by issues to do with misogyny, diversity and harassment over the last number of years which they have failed utterly to remedy? How are Microsoft going to resolve that?”
Should the deal go through, Microsoft will have real-world concerns too.