Year: 2020

Ireland’s Data Protection Commission (DPC) has issued Twitter with a fine of €450,000 (~$547k) for failing to promptly declare and properly document a data breach under Europe’s General Data Protection Regulation (GDPR).

The decision is noteworthy as it’s the first such cross-border GDPR decision by the Irish watchdog, which is the lead EU privacy supervisor for a number of tech giants — having a backlog of some 20+ ongoing cases at this point, including active probes of Facebook, WhatsApp, Google, Apple and LinkedIn, to name a few.

“The DPC’s investigation commenced in January, 2019 following receipt of a breach notification from Twitter and the DPC has found that Twitter infringed Article 33(1) and 33(5) of the GDPR in terms of a failure to notify the breach on time to the DPC and a failure to adequately document the breach. The DPC has imposed an administrative fine of €450,000 on Twitter as an effective, proportionate and dissuasive measure,” the regulator writes in a press release.

The GDPR requires most breaches of personal data to be notified to the relevant supervisory authority within 72 hours of the controller becoming aware of the breach.

The regulation also requires they document what data was involved and how they’ve responded to the security incident — in order that the relevant data supervisor can check against compliance.

In this case Twitter was found to have failed on both counts.

We’ve reached out to the social media company for comment, including asking whether it plans to accept the decision and pay up — or if it’s considering its legal options.

The DPC’s decision relates to a breach that Twitter publicly disclosed in January 2019 — when it said a bug in its ‘Protect your tweets’ feature could have meant some Android users who’d applied the setting to make their tweets non-public may have had their data exposed to the public Internet since as far back as 2014. (Though GPDR would only apply to data the bug exposed since May 2018.)

Since fessing up to the ‘Protect your tweets’ bug, Twitter has had plenty more egg on its face where security is concerned — including suffering a high profile account hijacking episode earlier this year, after crypto-scam-spreading hackers gained network access credentials using a social engineering technique.

Ireland’s DPC, meanwhile, continues to face criticism for the length of time it’s taking to reach decisions on major cross-border GDPR cases where impacts on individual rights can scale to hundreds of millions of European Internet users.

Last year commissioner Helen Dixon said its first major GDPR decisions would come “early” in 2020.

In the event the first cross-border decision has crossed the line days before the end of the year — underlining the challenges for the bloc in effectively enforcing its digital rulebook against tech giants. (GDPR technically begun being applied in May 2018, although platform giants have faced precious little enforcement to date.)

In this specific case, some half a year extra was added to the decision timeline after a draft outcome Ireland submitted to other EU DPAs for review, back in May, was not accepted by all of them — triggering a majority vote mechanism in the GDPR for settling disagreement between the bloc’s data supervisors.

The European Data Protection Board has published details of the Article 65 decision and the final decision on its website here.

The (now) final outcome on the Twitter case comes at a key time — with EU lawmakers due to set out their next major pieces of digital policy later today, as part of an ambitious push to accelerate regional digitization by rolling out a reassuring promise of European guardrails wrapping around all this tech.

Yet with GDPR enforcement proving such a tedious, friction-filled process that threatens to take the shine off the nascent Digital Services Act and Digital Markets Act many months (or even years) before they can become EU law — raising questions about how the whole strategy can be expected to function in the absence of effective (i.e. fair but fast) enforcement.

The wider risk here is European citizens losing faith in the rights-based framework they’re told they enjoy, under EU law and the bloc’s patchwork of regulatory frameworks, if the animal turns out to be such a plodding house-cat when people do try to obtain relief.

So the Commission’s strategy of claiming expanded digital rules will act as a public trust booster risks falling into a trough of disillusionment at the legislative proposal stage.

Simple put: You can’t allow your regulators to move so slowly and expect your rulebook to touch tech giants whose playbook is to move fast in order to disrupt the rule of law in their own business’ interests.

The DPC’s decision in the Twitter case is thus a measure of how sizeable a gap sits between the rhetoric EU policymakers ply around the bloc’s ‘powerful’ digital rules — and the messier and more faltering reality: Nearly two years since Twitter disclosed the breach and waiting for a hammer to drop in what should be a relatively straightforward case.

A data breach is not an investigation into the lawfulness of Facebook’s business model vs GDPR, after all, nor does it delve into the intricacies of Google’s adtech — both of which are still open case files on the DPC’s desk.

The penalty itself is also a fraction (~0.1%) of Twitter’s full-year 2019 revenue; a far cry from the up to 4% of global annual turnover maximum allowed for under the GDPR (or up to 2% for the specific infringements involved in the breach case). So this first cross-border GDPR decision looks more millstone than milestone for the Commission, at the fag end of 2020.

There’s not a lot for commissioners to celebrate here, even though they suggested in the summer that the best answer to GDPR enforcement concerns would be for Ireland to get a decision out. The problem now is the black marks against the bloc’s record on digital enforcement look stubbornly set in — just as the Commission is laying out a plan to go all in on platform regulation.

The questions over enforcement are going to keep coming.

We’re excited to announce that Extra Crunch memberships are now available in several Nordic countries: Norway, Sweden, Finland, and Denmark. For a full list of supported countries, head here.

Sign up for Extra Crunch membership here to join our growing community of founders, startup teams, and investors.

Use the code NORDICCRUNCH during checkout for an additional 25% off an annual or 2-year plan. The discount code expires on January 15, 2021, and it will only work for readers in Europe. 

Thanks to everyone who voted on where to expand. If you’d like to see Extra Crunch memberships available in your country, let us know.

Join Extra Crunch by heading here.

What is Extra Crunch?

Extra Crunch is a membership program from TechCrunch that helps you spot technology trends and opportunities, build better startups, and stay connected. It features thousands of articles, including weekly investor surveys, daily private market analysis, and expert interviews on fundraising, growth, monetization, and other work topics.

We’d love to have you join our growing community of founders, investors, and startup teams.

Committing to an annual and two-year plan will save you a few bucks on the membership price and unlock access to TechCrunch event discounts and Partner Perks. Extra Crunch annual membership gets you 20% off tickets to all TechCrunch 2021 virtual events. The Partner Perks program features discounts and savings on services from DocSend, Crunchbase, AWS and more.

You can sign up or learn more about Extra Crunch here.

Accessing and sharing data is a complicated issue for large businesses, and doing this in a secure, compliant way is a problem for many. eXate, a London-based data software firm is attacking this problem and has now raised a £2.3 million seed round led by Outward VC, with additional backing from ING Ventures and Triple Point Ventures.

eXate is competing with those that tend to do more specific types of data privacy such as Hazy, Privitar, and Very Good Security. By contrast, eXate says it aggregates multiple types of privacy into one solution, and provides central governance and control.

eXate was founded by Peter Lancos and Sonal Rattan, former digital business leaders at HSBC. Its clients include ING, its new investor.

Peter Lancos, CEO, eXate, said in a statement: “Organisations that store and process large volumes of data experience many challenges when it comes to data sharing. We see the biggest obstacles arise from the lack of joined-up thinking. The use of expensive multiple single-point solutions, coupled with monitoring complicated country-by-country policies adds time and budget to data initiatives.”

The funding will enable eXate to capitalize on DataSecOps demand by growing its team, accelerating platform development and expanding into new geographies and verticals.

Andi Kazeroonian, Investor at Outward VC, commented on the investment: “Ensuring the protection of sensitive data is a mission-critical challenge for companies that wish to utilise data to deliver value to its stakeholders. eXate’s unique platform provides companies with the tools it requires to ensure data privacy and protection by design.”

Taxdoo, a startup that has built what it calls an “automated platform for financial compliance” aimed at cross-border e-commerce companies, has raised $21 million in new funding.

Leading the Series A round is venture capital firm Accel, with participation from Visionaries Club, 20VC and existing investor HTGF. The funding will be invested in Taxdoo’s growth — including international expansion– increased hiring, R&D, sales, and customer support. Accel’s Harry Nelis has joined the Taxdoo board.

The inclusion of Harry Stebbings’ 20VC is noteworthy, as the podcaster-turned-VC originally said his micro fund was targeting U.S. startups across various stages, and therefore there wasn’t any perceived conflict with his role as a partner at European VC Stride. Taxdoo is based out of Hamburg, Germany. “20VC essentially invests largely in the U.S. but can also invest where Stride does not, anywhere in Europe outside of the U.K. and Paris,” clarified Stebbings in a WhatsApp message.

Founded in May 2016, after its three founders — Christian Koenigsheim, Matthias Allmendinger, and Roger Gothmann — finished their PhDs in finance at the University of Hamburg, Taxdoo wants to use automation to meet the tax and compliance burden faced by cross-border e-commerce companies that sell on various marketplaces and platforms such as Amazon, eBay, and Shopify. This sees those businesses facing increasing complexity around VAT, accounting and other compliance requirements, with data siloed across multiple online systems.

Taxdoo brings that data into a single place and then uses its own tech to automate transaction-level data ingestion, tax calculation and filings across Europe. Customers can also collaborate with their tax advisors through the platform and reduce other compliance burdens, including Intrastat filings.

“While it has become easier and easier to sell products across borders in Europe from a marketing and logistics standpoint, the resulting compliance obligations – like accounting or VAT – are a nightmare for sellers,” Taxdoo’s Christian Koenigsheim tells me.

“Handling these issues manually using spreadsheets is a recipe for disaster. To solve this problem, we’ve used our in-house expertise to automate the entire process – from the collection of data to the filing of VAT returns in different countries and the integration of transactions into the seller’s accounting system”.

Koenigsheim says a typical Taxdoo customer sells products on different marketplaces and their own shop, with annual revenues of around €5-10 million. “Our largest customers are global consumer brands with annual revenues of €150 million and above,” he says.

Examples include D2C brands like air up and YFood or e-commerce companies OmniDeal and sellvin. “Among others, we partner with tax professionals, ERP systems, and e-commerce agencies to help them handle these complex issues for their clients,” adds Koenigsheim.

“Our secret sauce is that we automate the entire workflow from end-to-end. This starts with the aggregation of data from different channels like marketplaces, shops, and ERP systems using our automated connectors. Our system [then] analyses data under all applicable regulations and prepares the required returns across the EU, which are filed by an international network of tax partners using a convenient software solution created by us”.

Taxdoo data can also be exported to a seller’s accounting system, enabling them to more easily collaborate with local tax advisors.

Meanwhile, the addressable market is growing fast, in part helped by accelerated digitisation during the pandemic and the growth of e-commerce. Taxdoo cites data showing that cross-border transactions now represents approximately 25% of total e-commerce transactions in Western Europe and Scandinavia, and is rising.

Cue statement from Accel’s Harry Nelis: “With a booming e-commerce landscape and companies of all sizes looking to sell their products and services internationally, we see an acute need for integrated financial and tax compliance. Taxdoo’s founders bring together unique experience at the intersection of tax, finance and software and we are excited to work with them to build Taxdoo into a category defining company”.

Deena Shakir joined Lux Capital as a partner last year after spending seven years with Google, the last of them with GV, Google’s venture unit.

While Shakir seems to fit right in with the firm — known for its wealth of PhDs and moonshot investments — venture wasn’t something she was focused on as a career, as she told us during a lengthy interview last week. An Iraqi-American who grew up in Silicon Valley after her parents immigrated to the region, Shakir put herself through both Harvard, then Georgetown’s School of Foreign Service through a mix of merit scholarships and work and thought she might become a doctor or nab a PhD in anthropology.

Instead, an internship with the BBC saw her cover an historic White House speech, which led her to spend more than two years at the State Department, working for then Secretary Clinton. When she later headed home to be with her family, she was aware that she wanted to make an impact; she didn’t foresee making it through her investments, yet that’s what’s now happening.

If you don’t know Shakir, it’s worth listening to our conversation here at some point; in the meantime, here are some lightly edited excerpts that shine a light on where she is placing her bets and why.

TC: Lux is known for investing in rocket companies and satellites, though its website actually lists 21 different industries in its portfolio. Did the firm’s deals arise from these industries that interest the firm or because of teams that interest the firm and that happen to operate in these industries? 

DS: I actually find some of this industry categorization as problematic because if you look through the portfolio, you’ll see we love healthcare, meats, robotics, AI, food production, industrial IoT, and data meets FinTech. It really is intersectional in terms of how we approach industries; that’s the nature of how we think about investing. But in terms of how we think about where we want to make investments, we certainly have areas where historically we’ve spent a lot of time that have given us insights into where there are white spaces [such as having worked on] autonomous vehicles and having insights through that experience into the types of software platforms that could power the next generation of autonomy. So there’s definitely a lot of generational and evolutionary investing.

TC: Last week, Lux participated in the seed round a startup called Varda that is centered around manufacturing in space. What is it trying to make in space and why?

DS: There are few companies that I think would be perceived as more of a Lux fit than Varda. We pride ourselves on companies that turns science fiction into fact [including in the] space space. We were in Relativity Space; we’re in a number of satellite companies — Orbital Insight and Planet and several others.

But this is not only a space that we’re interested in, but also the founding team is one that we’ve had the chance to get to know over time and felt very strongly about. It is not an intuitive company, which is probably part of the reason why you might be asking about it, like: what exactly do they do, right? At the end of the day, it’s quite early, but they’re working on two things that we really love — manufacturing and space — abd there are some really interesting innovations that we’re just at the very beginning of understanding their application in space [including around] physical processes and the supply chain. And this team is at the forefront of taking those on.

TC: Is it going to be manufacturing carbon nanotubes in space to take to the ISS? What’s the need it’s addressing?

DK: At the end of the day, the need is around cost and supply chain. It’s still extremely expensive to launch anything into orbit — we’re talking tens of millions of dollars if not more. That’s the key problem that they want to solve. Manufacturing in space is the hypothesis here. And they have some fascinating and confidential, at this point, hypotheses as to how they will be able to do that.

TC: Is there enough later-stage funding for companies that will need a lot of capital? Lux is now managing $2.5 billion in assets, after raising $1 billion last year. But some space investors say there is not [enough to go around] partly because there haven’t yet been enough liquidity events.

DK: That’s interesting, because we got excited about what we now call frontier tech before that was really a category — certainly before it had any venture-return profile. Now, it’s becoming increasingly clear that frontier tech is no longer at the frontier. It’s becoming a key part of many large enterprises. And we’re seeing huge companies producing rockets en masse. We’re seeing private companies launch rockets into space and collaborate with NASA. We’re also seeing venture-funded companies that previously sounded like science fiction that are approaching just phenomenal valuations. So it does seem like we’re at a turning point here. If you take a look at the cap tables [of] these types of companies, you’ll see players that may not necessarily have taken those types of bets earlier on.

TC: One of your bets is Shiru, which is leveraging computational design to create enhanced proteins to help feed the world. What does it say about your interests and process?

DS: I spent a lot of time, especially at GV, with some of the alternative protein companies in our portfolio. And a big part of what I’ve done since my days in government, and certainly throughout my time at Google, has been talking to commercial partners, Fortune 500 companies, and understanding what their needs are. A big part of my role at GV was helping to plug in these large, behemoth companies with up-and-coming tech companies and help them to meet the innovation demands that they have, and that’s a large part of where my thesis came from.

I genuinely believe that there is a huge opportunity in food that enables these Fortune 500 food companies to meet the increasing demands from consumers, environmental demands, and cost demands [related to] animal-based ingredients. Shiru’s approach is an interesting one because they are taking a business model that has worked quite well in pharma . . .in enabling the production of novel IP. In this case, [it’s] novel plant-based proteins, using machine learning and computational biology and actually licensing it to these food companies so they can go on to produce their own versions of the Impossible Burger or Beyond Meat or simply replace a costly animal-based ingredient in one of their products.

TC: Another of your deals is AllStripes, which aggregates and analyzes medical records, then sells the de identified data to pharma companies to help them develop medicines. So the common thread is machine learning?

DS: Yes, so for me, it’s about machine learning AI that’s streamlining a really analog industry, whether it’s education, whether it’s finance, whether it’s food, and certainly healthcare, where I spend the majority of my time.

TC: What are some of the areas you’re digging into?

DK: Within healthcare, specifically, I am spending a lot of time looking at women’s health and within women’s health. I am looking a lot at fertility tech, and I’ve seen everything from robotic cryo storage to embryo selection to consumerized clinics for IVF. And it’s definitely an interesting market and one that’s growing, especially if you look more broadly at demographic trends in terms of women having children later in life, as well as what we’re seeing in terms of IVF rates and other countries as well.

I’m a mother of two young kids and had some pretty scary medical experiences myself with with both of their births, and that definitely inspired a look into that space as a patient, but also one where I think there’s really been underinvestment. I get really frustrated when I hear anyone talk about women’s health as niche, there is nothing niche about it. From the pure numbers perspective, [women] represents obviously half the population. But women also account for over 80% of dollars spent in healthcare and so companies that are focused on women in the healthcare space are also excellent wedges into other areas.

So outside of those areas in women’s health, I’m looking at menopause and at aging in place for anyone across the gender spectrum. Mental health is a huge one, too. I come from a family of physicians. My father is a psychiatrist. In fact, that’s the reason I grew up in the Bay Area. He came to Stanford in the ’70s for his residency in psychiatry and I’ve had a lifelong fascination with mental health. In fact, like many children of immigrants, for a hot minute I thought I was going to be a doctor myself and and even interned with VA’s psychiatry department right before going to college.

Part of why I get excited about it is because it is one of the fields in medicine that’s still so untouched by tech — certainly on the data side in terms of being slow to adopt EHRs. On the diagnostic and therapeutic side, there have been some really interesting non-pharmacological interventions for mental health, like TMS (transcranial magnetic stimulation), but it has been elusive to attack and, of course, it’s top of mind for many folks right now with the mental health burden on everyone at the pandemic. So we’re seeing a lot of really interesting novel approaches emerge, as well as tailwinds propelling some companies that have been around for a while in a space.

TC: Lux actually formed a $345 million health-care focused SPAC, or special purpose acquisition company, in October. Is that one of many to come and also, is the idea to perhaps back a company that Lux has funded earlier in time or an outfit it has no association with whatsoever?

DS: We believe that SPACs are really powerful for companies that have an exciting big story to tell and whose value isn’t necessarily best evaluated by looking in the rearview mirror. And given the changing nature of health care, particularly given everything the pandemic has done, it’s a particularly salient and interesting opportunity for health care.

We’ve have gotten some really interesting inbound from some of the top companies in the healthcare space. As you can imagine, it’s just a very, very interesting time for healthcare. We’re not looking at our own portfolio companies. But a number of our companies are going down that path, and we’re encouraging them to [pursue it].

Zenoti, a 10-year-old startup that develops services for the spa and salon industry, is the latest entrant to the coveted unicorn list.

The Bellevue, Washington-headquartered SaaS startup said on Tuesday it has raised $160 million in its Series D financing round that valued it at “well past $1 billion,” said Sudheer Koneru, founder and chief executive of Zenoti, in an interview with TechCrunch earlier this week. The round was led by Advent International with participation from Tiger Global and Steadview Partners.

Zenoti, which started its journey in India, has built a cloud management solution for health and wellness industries. The startup’s platform allows customers to pay directly from a mobile app after their appointments. It also checks them in when they walk into the store and notifies the providers about the customer.

For their clients, Zenoti allows them to accept bookings, accept digital payments, handle payroll, manage backend inventory, and transfer the tip from customers to directly a staff’s bank account. The startup was founded in 2010, but it wasn’t until 2012 when it had built this complete stack and went to the market.

Zenoti’s platform combines both the ERP and CRM tools. And that’s what this industry, which had surprisingly been underserved prior to Zenoti’s entry, needed, explained Shekhar Kirani, partner at Accel, in an interview with TechCrunch.

Accel was the first investor to back Zenoti. Unlike offerings from companies such as Microsoft or Notion, that have built “horizontal” services that people across the industries use, the spa and salon industry needed a “vertical” player that just looked at solving the issues that they were facing, he explained. Zenoti did just that.

It became very clear early on that Zenoti could pursue customers beyond India. That early bet has proven right for the startup, for which the U.S. now accounts for 60% of the revenue, followed by the UK. Kirani described the success of Zenoti as a SaaS movement in India, which has produced scores of startups such as Freshworks, Zoho, MindTickle, and Crazybee that started in the world’s second largest internet market but now have most of their customers outside of the country.

More to follow…

Back in 2018, Tencent pledged to put more focus on enterprises as traditional industries in China increasingly tapped technology to boost productivity. The firm’s industrial projects range from using AI to screen medical images to building customer management tools for retailers on its WeChat messenger.

Most recently, Tencent invested in FJ Dynamics, a Chinese startup selling agricultural automation solutions such as smart tractors and rice transplanters as well as unmanned vehicles for ports and factories to clients around the world. The funding from Tencent and other undisclosed investors amounted to “hundreds of millions of yuan” ($1= 6.55 yuan), Tencent said in an announcement on Tuesday. 

Founded 2017, FJ Dynamics has links to several big-name corporations in China. Among its shareholders are drone maker DJI and Dongfeng Asset Management, a Chinese state-owned automaker, according to the firm’s business registration filing. There are clues in its name, too: FJ is short for “Feng” and “Jiang” in Chinese, which are taken from the Chinese spelling of Dongfeng and DJI respectively. Its founder and chief executive officer Wu Di also hailed from DJI, where he worked as the chief scientist and led research and development in chips.

Interestingly, DJI has also been making a strong push into agricultural drones itself in recent times.

“Our society is turning to improve productivity, which ushers in growth opportunities for enterprise services,” said Jeffrey Li, managing partner of Tencent’s investment unit, at a speech in April. “In the U.S., a considerable amount of venture capital and private equity fundings go towards enterprise-focused companies; but in China, enterprised-focused businesses take up only a small share of deals compared to consumer-facing companies. The pivot to industries takes time.”

Registered in China, FJ Dynamics claims to have R&D centers in China, Sweden, and the Netherlands.

Dott is better known for its electric scooter service that is available in a few cities across Europe. But the company is working on electric bikes and wants to launch a bike-sharing service in London and Paris in March 2021.

Dott currently doesn’t operate in London. So it looks like it’ll be the company’s 16th city with this launch.

As for the bike, it has been designed by Dott and it is going to be assembled in Portugal. It is built around a colorful frame made from a single piece of aluminum — there’s no welding. The company also opted for puncture-resistant tyres thanks to foam tyre inserts.

As you can see on the photo, there’s no visible chain as it’s integrated in the frame. The battery can be swapped by Dott without having to bring the entire bike to the charging station. There’s also an integrated geolocation system.

“This European-made bike has been designed inline with our mission: to make mobility accessible to all. Our multimodal (e-bike and e-scooter) service will include the same level of operational excellence: removable batteries, secure charging, operations performed by experienced professionals, systematic repairs and recycling,” co-founder and COO Maxim Romain said in the release.

Dott will compete with Lime, which acquired Jump back in May as part of a deal with Uber. Bolt has also been operating bike-sharing services in some cities.

And, of course, Dott will compete with pay-as-you-go docked bike rental schemes, such as Santander Cycles in London and Vélib’ in Paris. In Paris alone, Vélib’ now has 400,000 subscribers. As it is a subsidized service, it’s going to be hard to compete on price.

Only about a third of the yields Indian farmers produce reaches the big markets. Those whose produce makes it there today are able to leverage post-harvest services. Everyone else is missing out.

A Noida-based startup is working with all the stakeholders — farmers, food processors, traders and financial institutions — to bridge this post-harvest services gap — and it just secured new funds to continue its journey.

Seven-year-old Arya said on Tuesday it has raised $21 million in its Series B financing round. The round was led by Quona Capital, a venture firm that focuses on fintech in emerging markets. Existing investors LGT Lightstone Aspada and Omnivore also participated in the round, while multiple unnamed lenders are providing additional debt financing to the startup, Arya said.

Nearly all post-harvest interventions that exist in India today are focused largely toward major agriculture centres such as Kota in the northern Indian state of Rajasthan and Azadpur Mandi in capital New Delhi, explained Prasanna Rao, co-founder and chief executive of Arya, in an interview with TechCrunch.

This uneven concentration has deprived millions of farmers in the country of reasonable options to efficiently store and sell their produce and of financing options to maintain their cash flow, he said.

“Our belief is that we should cater to the two-thirds of the market that are currently underserved. The Kota mandi (market), for instance, has 35 bank branches in a kilometre of radius. But if you travel 70 to 80 kilometres away from Kota, this really declines,” said Rao, who previously worked at a bank.

Arya is solving all the aforementioned challenges: It operates a network of more than 1,500 warehouses in 20 Indian states where it stores over $1 billion worth of commodities. This network allows farmers to store their produce at a centre that is much nearer to their farms, avoiding any spillage and exorbitant real estate costs of the big markets. On the credit side, Arya has disbursed over $36.5 million to farmers and its banking partners have disbursed more than $95 million.

“Arya is addressing a vastly underserved market of farmers in India, half of whom previously had little access to post-harvest finance,” said Ganesh Rengaswamy, co-founder and partner at Quona Capital, in a statement. “We believe Arya’s unique approach, providing a full-service digital platform with embedded finance and differentiated efficiencies for small farmholders, will drive the future of farming in India.”

The startup’s offerings have proven even more useful during the coronavirus pandemic, which saw New Delhi enforce one of the world’s strictest lockdowns earlier this year. The lockdown broke the supply chain network, and prices of agricultural commodities dropped by over 20%.

To navigate this, Arya connected farmer produce organizers, or FPOs, with buyers through its own digital marketplace a2zgodaam.com. “The need for immediate liquidity saw demand increase for credit against these warehouse receipts. Arya’s credit portfolio saw a 3x jump year-on-year,” wrote Prashanth Prakash, a founding partner at Accel in India, and Mark Kahn, managing partner at Omnivore in an industry report last week.

Rao said Arya will deploy the fresh capital to scale its fintech platform in a “big way” as the startup broadens its network of warehouses across the country. Additionally, the startup plans to fuel the growth of a2zgodaam.com, which also aggregates unorganized warehouses, and supercharge them with their own set of financiers and insurers and ways to allow farmers to sell directly through these warehouses if they need.

The UK is moving ahead with a populist but controversial plan to regulate a wide range of illegal and/or harmful content almost anywhere online such stuff might pose a risk to children. The government has set out its final response to the consultation it kicked off back in April 2019 — committing to introduce an Online Safety Bill next year.

“Tech platforms will need to do far more to protect children from being exposed to harmful content or activity such as grooming, bullying and pornography. This will help make sure future generations enjoy the full benefits of the internet with better protections in place to reduce the risk of harm,” it said today.

In an earlier partial response to the consultation on its Online Harms white paper ministers confirmed the UK’s media regulator, Ofcom, as its pick for enforcing the forthcoming rules.

Under the plans announced today, the government said Ofcom will be able to levy fines of up to 10% of a company’s annual global turnover (or £18M, whichever is higher) on those that are deemed to have failed in their duty of care to protect impression eyeballs from being exposed to illegal material — such as child sexual abuse, terrorist material or suicide promoting content.

Ofcom will also have the power to block non-compliant services from being accessed in the UK — although it’s not clear how exactly that will be achieved (or whether the legislation will seek to prevent VPNs being used by Brits to access blocked Internet services).

The regulator’s running costs will be paid by companies that fall under the scope of the law, above a threshold based on global annual revenue, per the government, although it’s not yet clear where that pay-bar will kick in (nor how much tech giants and others will have to stump up for the cost of the oversight).

The online safety ‘duty of care’ rules are intended to cover not just social media giants like Facebook but a very wide range of Internet services — from dating apps and search engines to online marketplaces, video sharing platforms and instant messaging tools, as well as consumer cloud storage and even video games that allow relevant user interaction.

P2P services, online forums and pornography websites will also fall under the scope of the laws, as will quasi-private messaging services, according to a government press release.

That raises troubling questions about whether the legal requirements could put pressure on companies not to use end-to-end encryption (i.e. if they face being penalized for not being able to monitor robustly encrypted content for illegal material).

“The new regulations will apply to any company in the world hosting user-generated content online accessible by people in the UK or enabling them to privately or publicly interact with others online,” the government writes in a press release.

The rules will include different categories of responsibility for content and activity — with a top tier (category 1) only applying to companies with “the largest online presences and high-risk features” which the government said is likely to include Facebook, TikTok, Instagram and Twitter.

“These companies will need to assess the risk of legal content or activity on their services with ‘a reasonably foreseeable risk of causing significant physical or psychological harm to adults’. They will then need to make clear what type of ‘legal but harmful’ content is acceptable on their platforms in their terms and conditions and enforce this transparently and consistently,” it said.

Category 1 companies will also have a legal requirement to publish transparency reports about the steps they are taking to tackle online harms, per the government’s PR.

While all companies that fall under the scope of the law will be required to have mechanisms so people can easily report harmful content or activity while also being able to appeal the takedown of content, it added.

The government believes that less than three per cent of UK businesses will fall within the scope of the legislation — adding that “the vast majority” will be Category 2 services.

Protections for free speech are also slated as being baked in — with the government saying the laws will not affect articles and comments sections on news websites, for example. 

The legislation will contain provisions to impose criminal sanctions on senior managers (introduced by parliament via secondary legislation). On this the government added that it will not hesitate to use the power if companies fail to take the new rules seriously (such as by not responding “fully, accurately and in a timely manner” to information requests from Ofcom).

Commenting on the plans in a statement, digital secretary Oliver Dowden said: “I’m unashamedly pro tech but that can’t mean a tech free for all. Today Britain is setting the global standard for safety online with the most comprehensive approach yet to online regulation. We are entering a new age of accountability for tech to protect children and vulnerable users, to restore trust in this industry, and to enshrine in law safeguards for free speech.

“This proportionate new framework will ensure we don’t put unnecessary burdens on small businesses but give large digital businesses robust rules of the road to follow so we can seize the brilliance of modern technology to improve our lives.”

In another supporting statement, home secretary Priti Patel added: “Tech companies must put public safety first or face the consequences.”

Also commenting, Ofcom CEO, Dame Melanie Dawes, welcomed its new broader oversight remit, adding in a statement that: “Being online brings huge benefits, but four in five people have concerns about it. That shows the need for sensible, balanced rules that protect users from serious harm, but also recognise the great things about online, including free expression. We’re gearing up for the task by acquiring new technology and data skills, and we’ll work with Parliament as it finalises the plans.”

The government has said it will publish Interim Codes of Practice today to provide guidance for companies on tackling terrorist activity and online child sexual exploitation prior to the introduction of legislation — which is unlikely to make it into law before late 2021 at the earliest to allow adequate time for parliamentary debate and scrutiny.

And while a noisy political push to ‘protect kids’ online can expect to enjoy plenty of tabloid-level support, the wide-ranging application of the duty of care rules the government is envisaging — with large swathes of the UK’s tech sector set to be impacted — means ministers can expect to attract plenty of homegrown criticism too, from business groups, entrepreneurs and investors and legal and policy experts, including over specific concerns about knock-on impacts on privacy and security.

Its plan to push ahead with an Online Safety Bill that will impact scores of smaller digital businesses, instead of zeroing in on the handful of platform giants that are responsible for generating high volumes of harms, has already attracted criticism from the tech sector.

Coadec, a digital policy group that advocates for startups and the UK tech sector, branded the plan “a confusing minefield” for entrepreneurs — arguing it will do the opposite of fostering digital competition, counteracting other measures recently announced by the government in response to concerns about market concentration in the digital advertising sphere.

“Last week the Government announced a new unit within the CMA [Competition and Markets Authority] to promote greater competition within digital markets. Days later they have announced regulatory measures that risk having the opposite effect,” said Dom Hallas, Coadec’s executive director in a statement. “86% of UK investors say that regulation aiming to tackle big tech could lead to poor outcomes that damage tech startups and limit competition — these plans risk being a confusing minefield that will have a disproportionate impact on competitors and benefit big companies with the resources to comply.”

“British startups want a safer internet. But it’s not clear how these proposals, which still cover a huge range of services that are nowhere near social media from ecommerce to the sharing economy, are better targeted than the last time government published proposals nearly a year and a half ago,” he added. “Until the Government starts to work collaboratively instead of consistently threatening startup founders with jail time it’s not clear how we’re going to deliver proposals that work.”

One gap in the government’s proposal is financial harms — with issues such as fraud and the sale of unsafe goods explicitly excluded from the framework (as it says it wants the regulations to be “clear and manageable” for businesses and to avoid the risk of duplicating existing rules).

Some “lower-risk” services may also be exempt from the duty of care requirement, per the government, to avoid the law being overly. burdensome.

Email services will also not be in scope, it confirmed.

And while it says some types of advertising will be in scope (such as influencer ads posted on social media) ads placed on an in-scope service via a direct contract between an advertiser and an advertising service (such as Facebook or Google Ads) will be exempt because “this is covered by existing regulation” — which looks set to let the adtech duopoly off the harmful ads hook without good clear reason.

After all, existing UK regulations do not seem to have done much to stem the tide of crypto scam ads running on Facebook (or served via Google’s ad tools) in recent years — which led to a campaign by a consumer advice personality to get Facebook and other companies to clean up their act, for example.

Consumer group Which? has criticized the lack of government attention to financial scams in the Online Safety Bill. In a response statement, Rocio Concha, its director of policy and advocacy, said: “It’s positive that the government is recognising the responsibility of online platforms to protect users, but it would be a big missed opportunity if online scams were not dealt with through the upcoming bill. Our research has shown the financial and emotional toll of scams and that social media firms such as Facebook and search engines like Google need to do much more to protect users.

“We look forward to the detail and hope to see a clear plan to give online platforms greater responsibility for fraudulent content on their sites, including having in place better controls to prevent fake adverts from appearing, so that all users can be confident that they will truly be safe online.”

European Union lawmakers are due to unveil their own pan-EU policy package to regulate illegal and harmful content later today — but the Digital Services Act will tackle the sale of illegal goods online as well as proposing to harmonize rules for reporting troublesome content on online services.