Year: 2018

A Russian court has ordered a block on access to the Telegram messaging app — with the block coming into force immediately, according to the BBC.

The messaging platform has been under pressure to hand over encryption keys to Russian authorities so they can access user data — which they claim is needed for counterterrorism purposes — but has so far refused.

However late last month Telegram lost a bid before the Supreme Court to block security services from getting access to users’ data, though it said it planned to appeal.

The court gave it 15 days to hand over the encryption keys. Again it refused. So last week Russia’s state communication watchdog filed a lawsuit to limit access to the service — and a court in Moscow has now granted the block.

In a tweet responding to the news, founder Pavel Durov wrote: “Privacy is not for sale, and human rights should not be compromised out of fear or greed.”

Durov is himself Russian but has lived in exile since 2014 after claiming he’d been forced to hand control of his former social networking company, vk, to allies of Russian president Vladimir Putin — also as a result of refusing to hand user data to authorities.

In a longer post on his Telegram channel today, Durov adds: “The power that local governments have over IT corporations is based on money. At any given moment, a government can crash their stocks by threatening to block revenue streams from its markets and thus force these companies to do strange things (remember how last year Apple moved iCloud servers to China).

“At Telegram, we have the luxury of not caring about revenue streams or ad sales. Privacy is not for sale, and human rights should not be compromised out of fear or greed.”

Telegram’s service has faced temporary blocks in Iran — over content being spread on the platform that the regime dislikes. Last summer the Indonesian government also used blocks to wring content-related concessions out of Telegram.

But it remains to be seen whether the company will agree to any concessions to get the Russian block removed. Durov’s first response suggests it has no intention of backing down over encryption.

Telegram’s lawyer, Pavel Chikov, has also described the move by the Russian authorities as “unconstitutional” — and claimed it “cannot be fulfilled technically and legally”.

Meanwhile, the messaging platform announced last month it now has more than 200 million monthly active users globally.

And while Durov claims not to care about money he is in the midst of a billion dollar ICO, raising money via a token sale to develop a crypto currency and blockchain platform.

Reuters suggests some Russians will seek to circumvent the block via the use of VPN technology.

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast where we unpack the numbers behind the headlines.

This week was a damn corker. Instacart is fighting back! Zuora went public and it went well! There were other IPOs! Uber loves bikes! And what is #AllRaise? We happily had a good crew on hand to sift through the mix, including Katie Roof, myself, and Kara Nortman, a general partner at Upfront Ventures.

Up top we dug into the massive new Instacart round, the completion of its Series E. The new $150 million brings Instacart’s valuation to a staggering $4.35 billion, up from $4.2 billion when it closed the first $200 million of its latest round of capital. It’s an incredible bet from the private markets, and we dug into it as a possible anti-Amazon bet.

Moving along, it was an IPO run for the ages:

• Zuora went public, and it went super well for the subscription billing firm. I had a few questions about why it went so well, but, at a minimum, the company had an amazingly good run: it raised its range, priced above that range, and then popped miles higher. Not bad.
• Carbon Black is bringing more security equity to the public markets with its new S-1, which we spent a few minutes poking into. Sadly, who actually understands what security companies do? I don’t.
• And finally, Pivotal Software is going public. We unpack its revenue mix and try to figure out why it thinks that it is worth what it does. Mysteries all abound!

Moving along, we wandered back into the hottest region of Silicon Valley conversation: bikes scooters. The JUMP-Uber deal finally wrapped — as expected — and we discussed the finer points of what a scooter is and how they fit into our lives.

We wrapped on #AllRaise and the fact that Kara may or may not have been on the cover of a magazine.

Hit play and we’ll see you all next week!

While companies’ operations become increasingly fragmented into a wide variety of different spots — especially if they exist somewhere in a group of different cloud tools — making sure those operations are still healthy has become more and more critical.

And for companies whose lifeblood is directly keeping that software online longer, it’s even more important. Uptime maps directly to revenue, and that’s why Caleb Hailey — who previously worked on this as a consultancy — decided to start Sensu to try to piece together the monitoring operations into a single spot where a company can keep an eye on the health of their operations. The company said it has raised $10 million in a new financing round led by by Battery Ventures, with existing investor Foundry Group participating. Battery’s General Partner Dharmesh Thakker is joining the company’s board of directors.

“Big enterprises are hesitant to work on startups, they’re risk adverse, and it reduces the risk exposure to double down on an open source stack,” Hailey said. ” But this open source technology, it’s used in the largest institutions in the world, and we have found that by delivering cost savings in a competitive market we have already established a rapidly growing developer stream.”

While all those different tools may have their own way of monitoring the health of a system, Sensu tries to get all this into one place to make things a little easier than checking things one-by-one. The aim is to be more proactive and try to flag problems before they are even noticed by the people using Sensu, plugging directly into services like Slack or sending emails to flag potential issues before they end up becoming larger problems. Like others like Cloudera, Sensu builds its business around helping companies deploy this otherwise open source technology efficiently.

Sensu’s backstory starts as a consultancy for Hailey, which was focused on infrastructure and automation — especially as more and more companies moved to a hybrid cloud model that existed partially in some box somewhere on Azure or AWS. Starting off as an open source project is one way that he hopes to convince larger enterprises that might already be using similar tools to adopt a known entity rather than just giving some random startup the keys to maintaining their operations.

The monitoring space is still a competitive — and crowded — one. There are tools like AppDynamics or New Relic, but Hailey argues that Sensu can be competitive with those as they are very bundled while his startup helps companies piece together a more complete solution. For example, a company might need higher granularity in their reports, and Sensu aims to try to provide a robust toolkit for companies that have many disparate operations they need to keep online and running smoothly.

The Irish High Court has referred for a second time a legal challenge to Facebook’s EU-US data transfers to Europe’s top court, seeking a preliminary ruling on a series of fundamental questions pertaining to the clash between US mass surveillance law and EU citizens’ fundamental privacy rights.

The sustainability of the EU-US Privacy Shield mechanism — which thousands of companies rely on to expedite transfers of personal data across the Atlantic — looks to be at stake.

The case is based on a 2013 complaint by lawyer and privacy campaigner Max Schrems against Facebook (and other tech giants) related to US surveillance law. Schrems drew on information about US intelligence agency practices and systems for sucking up data that had been revealed by NSA whistleblower, Edward Snowden.

In 2015, a landmark ECJ judgement overturned a long-standing EU-US data transfer mechanism, called Safe Harbor, as a result of his legal action.

Schrems then updated his complaint, this time focusing exclusively on Facebook and addressing a secondary EU-US data transfer mechanism that’s still being used, called Standard Contractual Contracts (SCCs).

SCCs are used by Facebook to transfer data between its European entity, Facebook Ireland, and Facebook USA — essentially via a contract in which Facebook USA pledges to follow EU privacy principles.

The Irish High Court court issued an underlying judgement on the updated complaint last October, deciding to refer legal questions over this EU-US data transfer mechanism to Europe’s top court, as it had with Schrems’ original complaint.

The court has backed the view that US government surveillance practices involve a mass processing of personal data.

It’s a finding that clashes with fundamental European privacy rights. And this core legal clash is the Gordian knot that US tech giants — including Facebook — are now bound up with as a consequence of domestic surveillance law granting their government swingeing rights to suck up personal data from “electronic communication service providers”.

Incompatibility between two separate and distinct legal regimes and data priorities (in simple terms, EU vs US law on data boils down to protection for privacy vs retention for security) was the reason for the 2015 strike down of the 15-year-old Safe Harbor arrangement, following Schrems’ original complaint.

It’s also why the replacement EU-US Privacy Shield mechanism, which only started operating in August 2016, remains precariously placed — with the Trump administration doing nothing to enhance privacy protections as EU lawmakers want.

On the contrary; earlier this year president Trump signed into law another six years of the controversial warrantless surveillance law — aka Section 702 of the Foreign Intelligence Surveillance Act (FISA).

Yet last fall year EU lawmakers were still lobbying publicly for a sympathetic reform of FISA 702 — i.e. which would include privacy provisions for foreigners’ data.

In the event US lawmakers failed to reform surveillance law even where domestic targets are concerned, renewing a controversial legal loophole that provides U.S. intelligence agencies with a means for the warrantless surveillance of American citizens.

Privacy reforms that consider the rights of foreigners don’t even appear to register as a debate-worthy concept on the floor of the US Senate and House — which spells big trouble for the sustainability of EU-US transatlantic data flows. And means this issue will inexorably continue to be brought before EU judges — as has happened again here.

The court that invalidated Safe Harbor will now have to consider how its follow up meshes with several similar points of law vis-a-vis US mass surveillance practices. And whether a targeted application of EU law might be possible.

It’s even possible the entire Privacy Shield mechanism could come unstuck — if so it would be years sooner than its predecessor, given it’s not even reached its second birthday yet.

In all the Irish court has referred 11 questions to the ECJ for a judgement — seeking guidance on a range of fine-grained points around whether rights afforded to EU citizens are being adequately protected by the current data transfer mechanisms and regimes, including Privacy Shield and SCCs; how to determine which rules and regulations take precedence across borders and/or where legal priorities clash and overlap; and whether, in cases of rights violations caused by surveillance law, data protection authorities have to suspend data flows or whether they can use discretion to not do so.

Schrems’ original hope with the 2015 complaint was that the Irish Data Protection Commissioner would suspend only Facebook’s use of SCCs. And he continues to advocate for targeted suspension of data flows if a company falls under US mass surveillance laws — i.e. rather than a blanket strike down of underlying mechanisms.

However the DPC took the unusual move of deciding to go to court — raising concerns about the validity of the entire SCCs mechanism.

Here are the last three points the court has referred to the ECJ, including where it references Privacy Shield:

9.      (1) For the purposes of Article 25(6) of the Directive, does Decision (EU) 2016/1250 (“the Privacy Shield Decision”) constitute a finding of general application binding on data protection authorities and the courts of the member states to the effect that the US ensures an adequate level of protection within the meaning of Article 25(2) of the Directive by reason of its domestic law or of the international commitments it has entered into?

(2) If it does not, what relevance, if any, does the Privacy Shield Decision have in the assessment conducted into the adequacy of the safeguards provided to data transferred to the United States which is transferred pursuant to the SCC Decision?

10. Given the findings of the High Court in relation to US law, does the provision of the Privacy Shield ombudsperson under Annex A to Annex III of the Privacy Shield Decision when taken in conjunction with the existing regime in the United States ensure that the US provides a remedy to data subjects whose personal data is transferred to the US under the SCC Decision that is compatible with Article 47 of the Charter?

11. Does the SCC Decision violate Articles 7, 8, and/or 47 of the Charter?

In a statement on the court’s reference to the ECJ, Schrems said: “While I was of the view that the Irish Data Protection Authority could have decided over this case itself… I welcome that the issue will hopefully be dealt with once and forever by the Court of Justice. What is remarkable, is that the High Court also included questions on the ‘Privacy Shield’, which has the potential for a full review of all EU-US data transfer instruments in this case.”

Without a legal solution to the clash, Schrems suggests it might be required for US companies to entirely split their US and global services and ensure no data is passed.

An incoming update to the EU’s data protection rules, called GDPR, steps up privacy enforcement potential significantly — with far higher fines possible for data violations when it comes into force on May 25.

“In the long run the only reasonable solution is to cut back on mass surveillance laws,” he said. “If there is no such political solution between the EU and the US, Facebook would have to split global and US services in two systems and keep European data outside of reach for US authorities, or face billions in penalties under the upcoming EU data protection regulation. Previously such a technical solution was done for financial data in the SWIFT case, where European data is now solely stored in Europe.”

“Given the case law, the question in this case does not seem to be if Facebook can win it, but to what extent the Court of Justice will prohibit Facebook’s EU-US data transfers and which approach they will take to remedy the conflict of EU privacy protections and US surveillance,” Schrems added.

A Facebook spokeswoman told us the company has nothing to add to its prior statement on the Irish High Court judgement from October, when it said:

Standard Contract Clauses provide critical safeguards to ensure that Europeans’ data is protected once transferred to companies that operate in the US or elsewhere around the globe, and are used by thousands of companies to do business. They are essential to companies of all sizes, and upholding them is critical to ensuring the economy can continue to grow without disruption.

This ruling will have no immediate impact on the people or businesses who use our services. However it is essential that the CJEU now considers the extensive evidence demonstrating the robust protections in place under Standard Contractual Clauses and US law, before it makes any decision that may endanger the transfer of data across the Atlantic and around the globe.

How long the ECJ will take to deliver its preliminary judgement on the referral remains to be seen — and it’s possible the process could take multiple years — but in the case of the original Schrems complaint the judges only took a little over a year to return their landmark verdict striking down Safe Harbor. So they have shown they are willing to move quickly to defend EU privacy rights against the threat of mass surveillance.

Backpage .com, for years the primary online platform for the sex trade, has pleaded guilty as a company to charges of sex trafficking in Texas, the state’s attorney general announced today. Its CEO, Carl Ferrer, pleaded guilty to money laundering, for which he may be sentenced to up to 5 years in prison.

The site was seized last week and a 93-count indictment issued days later.

Ferrer was arrested back in 2016, and will be sentenced “once he’s fulfilled the terms of his plea agreement.”

The Texas AG’s office does not elaborate beyond the charges mentioned in the press release, except to say that Ferrer’s cooperation could lead to new ones. Considering the site was an international and popular platform for all kinds of sex-related commerce — allegedly including child trafficking — it seems likely there’s far more yet to come, including pleas for similar crimes in different jurisdictions.

The execution of this strike against Backpage, the culmination of an 18-month investigation (beginning around the arrest of Ferrer), is coincident but not directly related to the passage and signing of FOSTA. The bill, just this week signed into law, effectively removes the “safe harbor” enjoyed by internet companies protecting them from having liability for the actions of their users. Under FOSTA, a company like Craigslist would be responsible if, for example, a prostitute listed their services on the site.

Unsurprisingly Craigslist and other sites have removed listings or services that may put them at risk under FOSTA, prompting criticism from the more legitimate sides of the sex industry that relied on them.

It was hard to avoid seeing the video posted last week showing local news stations reciting a “must-run” script about fake news from their parent company, Sinclair broadcasting, in eerie synchrony. It creeped out a dozen Senators so much that they asked the FCC to look into it — and Chairman Ajit Pai has responded, saying that’s not going to happen.

The Senators’ letter, which you can read here, expresses concern that Sinclair is clearly using its power over local news stations to advance a political agenda at a national level:

Sinclair may have violated the FCC’s longstanding policy against broadcast licensees deliberately distorting news by staging, slanting, or falsifying information…Multiple news outlets report that Sinclair has been forcing local news anchors to read Sinclair-mandated scripts warning of the dangers of “one-sided news stories plaguing our country,” over the protests from local news teams.

The Federal Communications Commission (FCC) is responsible for ensuring that broadcast licensees use the public airwaves to serve the public interest. We call on the FCC to investigate whether Sinclair’s production of distorted news reports fails the public interest test.

There’s a clear irony in what amounts to fake news warning viewers of itself, but the concerns of these Senators are more straightforward. Note that they don’t simply dislike the message; the message is only mentioned by the by. The real issue is that if Sinclair is systematically distorting the news that appears on its stations, that should be investigated as a potential violation of its FCC-issued broadcast license.

And as icing on the cake, they bring up the fact that Sinclair ought to be under extra scrutiny since it is in the middle of a merger that would give it unprecedented reach in broadcast, and the FCC is also accused by many of favoring Sinclair in particular with some of its deregulatory policies.

Chairman Pai responded today with a letter essentially answering a straw man version of the problems presented above:

In light of my commitment to protecting the First Amendment and freedom of the press, I must respectfully decline.

I have repeatedly made clear that the FCC does not have the authority to revoke a license of a broadcast station based on the content of a particular newscast.

I understand that you disliked or disagreed with the content of particular broadcasts, but I can hardly think of an action more chilling of free speech than the federal government investigating a broadcast station because of disagreement with its news coverage or promotion of that coverage.

Pai completely mischaracterizes the issues brought up by the Senators, and responds as if they had asked him to shut down a local news station because of a report they “disliked or disagreed with.”

In no way does the Senators’ letter reference “a particular newscast” or the “content of particular broadcasts.” The problem is specifically described throughout as the parent company, Sinclair, blatantly forcing its local news broadcasters to air politically slanted segments word for word, some against their will.

Funnily enough, what he pretends the Senators are asking him is what Trump actually did propose — that the FCC revoke the license of “NBC and the Networks” because of “all the Fake News coming out of” them. It took Pai a week to make his inability to do so clear that time, though Commissioner Rosenworcel did so within an hour.

As of this writing, there’s a single, solitary review for Button Tooter. It’s three stars and three sentences, and it’s a bit of an emotional rollercoaster. “They clearly ran out of ideas!” the reviewer writes. “It’s kind of fun! How about a game where you can make music. [sic]” Is Amazon’s creation of a fart app a true indication of creativity bankruptcy?

Or is it the sign of a company that’s finally discovered the killer app for its new hardware platform. It’s true that, in the past, fart apps have become a bit of a shorthand for useless mobile software. And for a brief, but glorious moment several years back, fart apps topped the various mobile charts, only to pass like, well, to quote the Oscar-nominated film, “a fart in the wind.”

But Buttons have always been a curiosity among the Echo family, some employee’s side project that somehow made it into production. Amazon’s formed a couple of partnerships with game makers, but the company has clearly spent much more time focusing on the rest of its smart home devices.

I never had any desire to have an Echo Button in my life — and the Button Tooter arrived. Now all I can think about is how much I want a remote button that can make my Echo Spot fart. And $20 seems like a small price to pay for the five or so minutes of pure childlike joy it will bring to my life. When’s the last time you could say that about a gadget.

Because we may have gotten old in the blink of an eye, and technology may have made us callous and uncaring husks of our former selves. The world may be full of hate, and this precise moment in time may feel as though we’re closer to the brink of global destruction by our hands.

But there’s one truth I know, that has always and will always hold in the face of an ever-changing world: farts are funny. So go forth and press, friends.

You’ll soon be able to draw on the world around you and shoot back-and-forth Instagram Boomerang GIFs with the Facebook Camera. Bringing additional creative tools to the Facebook Camera could make it a more popular place to shoot content and help the company compete with Snapchat.

“We wanted to give people an easy way to create with augmented reality and draw in the world around them” says John Barnett, a Facebook Camera Product Manager about the feature it calls “3D drawing”. It’s rolling out to users over the coming weeks.

With AR drawing, you can scribble on the world around you, then move your camera and see the markings stay in place. It’s a fun way to add graffiti that only exists inside your screen. You can add the drawings before or while you’re recording, and Facebook will add more brushes beyond this rainbow one in the future. Facebook tells me the technology understands the corners and objects in the room to create a 3D spec. Facebook could that use that to detect surfaces like walls and tables to wrap the drawing onto them, and it can do that when it’s confident about the object recognition now.. Matt Navarra first spotted the features, and provided a copy of the video at the bottom of this post.

Since drawing is a universal language, the feature could make AR easy to use for younger users and Internet novices. Facebook launched its AR effects at F8 last April, and has recently added AR tracker target experiences that are triggered by real-world posters or QR codes. It all started with the company acquiring fledgling AR masks startup MSQRD in 2016.

Facebook added looping GIF creation to the Facebook Camera a year ago, but those can feel a bit jarring since they start back at the beginning once they end. Some users no longer have that GIF option, so it’s potentially being replaced by Boomerang’s established brand and more silky back-and-forth animated video clips. Facebook confirms that this feature is now rolling out to the Facebook Camera.

As we reported last week, Facebook is determined to make Stories work. Despite the criticism of it being a rip-off of Snapchat and redundant given Instagram Stories, Facebook is trying new ways to make Stories more popular an accessible. That includes tests of making Stories the default destinations for content shot with the Facebook Camera, showing bigger tiles with previews of Stories atop the News Feed, and showing a camera and camera roll preview window when you open the status composer. Those, combined with these new features, could give Facebook Stories a boost in utility and visibility.

Facebook believes social media is on an inevitable journey from text to photos to videos to Stories equipped with augmented reality. Since Snapchat refused its acquisition offers, Facebook is now on a quest to evolve into an AR company rather than having to buy a big one.

Matthias Müller is out as Volkswagen CEO, amid a diesel emissions scandal that shook the world’s largest car maker. The company confirmed the move today, naming Brand Chief Herbert Diess to the top job in his stead.

Müller had only been in the top role for three years, and while the chief executive was never charged in the scandal, many in the industry believe that he didn’t impose changes quickly enough after information came to light.

This time last year, the company was hit with a $2.8 billion penalty in the U.S., bringing its costs for the scandal up to around $30 billion, according to NBC. Volkswagen was one of a number of automakers caught adjusting emissions during laboratory testing, in order to meet environmental standards.

Earlier this week, the company announced that it was considering replacing its CEO. Today the company issued a statement thanking Müller for his time during what it referred to as “the greatest challenge in its history.”

Board member Hans Dieter Pötsch adds, effusively, “Together with his team, he also fundamentally realigned the Group’s strategy, initiated cultural change and, with great personal commitment, made sure that the Volkswagen Group not just stayed on track but is now more robust than ever before. For that, he is due the thanks of the entire Company.”

VW’s new CEO, Herbert Diess, joined the company in 2015 after spending time at BMW. As The BBC notes, Diess has already proven a divisive character for the company due to battles with the unions and attempts to cut costs at the company.

Subscription biller Zuora was well-received by stock market investors on Thursday, following its public debut. After pricing its IPO at $14, the company closed at $20, valuing the company around $2 billion.

It was also much higher than expected. The company said in its filings that it planned to price its shares between $9 and $11, before it raised that range to $11 to $13.

Founder and CEO Tien Tzuo told TechCrunch that he believes “a bet on us is really a bet on an entire shift to a new business model, to a subscription economy.” He is optimistic that subscriptions are the “business model of the future.”

Zuora sees itself as an early pioneer in a growing category. The company believes that more businesses will shift their business models to subscriptions, across sectors like media and entertainment, transportation, publishing, industrial goods and retail.

It helps its 950 customers manage subscriptions, including billing and revenue recognition. Zuora touts that it has 15 of the Fortune 100 businesses as clients.

Zuora’s revenue for its fiscal 2018 year was $167.9 million. This was up from $113 million in 2017 and $92.2 million the year before. Losses remained constant in this timeframe, from $48.2 million in 2016 to $47.2 million in 2018.

“We have a history of net losses, anticipate increasing our operating expenses in the future, and may not achieve or sustain profitability,” warned the requisite risk factors section of the filing.

It also acknowledged a competitive landscape. Oracle and SAP are amongst the companies offering software in the ERP (enterprise resource planning) category. It also competes with other startups like Chargebee.

The largest shareholders are Benchmark, which owned 11.1% prior to the IPO . Founder and CEO Tien Tzuo owned 10.2%. Others with a significant stake included Wellington Management, Shasta Ventures, Tenaya Capital and Redpoint.

The San Mateo, California-based company previously raised over $240 million, dating back to 2007.

Zuora listed on the New York Stock Exchange, under the ticker “ZUO.” Goldman Sachs and Morgan Stanley worked as lead underwriters on the deal. Fenwick & West and Wilson Sonsini served as counsel.

After a slow start to the year for tech IPOs, there has been a flurry of activity in recent weeks. Dropbox and Spotify were amongst the recent public debuts. We also have DocuSign, Pivotal and Smartsheet on the horizon.