Year: 2020

The coronavirus pandemic has all but halted a lot of business activity, but today comes news of a deal that underscores how M&A is still happening in some sectors despite (not because of) everything else going on. One.com — the big hosting provider in Europe with around 1.5 million customers, itself acquired just over a year ago by PE firm Cinven — has acquired Hostnet, a smaller Netherlands-based competitor with about 210,000 customers.

Financial terms of the deal are not being disclosed but a spokesperson for One.com said that it includes all of Hostnet’s existing business — which includes management of 810,000 domain names and 85,000 websites; domain registration, web hosting and SaaS applications services; and managed and virtual private services — and its existing employees.

The spokesperson added that the deal has been in the works for several weeks and closed in the last couple of weeks, with the teams “working through the coronavirus pandemic” to finalise it.

“We are pleased to announce the acquisition of Hostnet given its focus on operational excellence and high brand awareness,” said Stephan Wolfram, Group CEO of One.com, in a statement. “As a result of this transaction, we are now a leading operator in the Dutch hosting market that is core to the development of our business strategy. We look forward to working with the team at Hostnet and significantly enhancing our European presence and product range for our customers.”

You might wonder if Hostnet and One.com are being impacted by the pandemic — specifically, whether the fact that both count small businesses, which have been some of the hardest-hit in terms of operations, as a primary customer base, and whether that is impacting their own bottom line or leading to payment delinquency. The spokesperson said that this was not a factor in this deal or in the financial terms.

There is some data to support that: the consolidation of multiple smaller hosting providers has been a theme for a while now, with companies looking for more economies of scale.

“Hostnet is a highly regarded player in the hosting market with capabilities, awareness and products that will contribute to further accelerate the development of one.com’s business,” Harold Douwes, founder and CEO of Hostnet, said in a statement. “Within the consolidating hosting market, it was important for Hostnet to connect with a strong partner. We found it in one.com, an ambitious party with a lot of knowledge and experience. This offers plenty of possibilities and opportunities for the future.”

As we have pointed out before, web hosting and related services represent a significant, if not wildly evolving, part of the tech landscape. So, for as long as businesses and consumers continue to use the web — and, as everyone is staying at home, we have had even more web traffic of late than ever — there will be a need for companies who sell and host domain names and provide various cloud services around that.

But since there  is a lot of competition in this space, that means prices are competitive to customers, and that, in turn, also means that margins, particularly in the resale of SaaS tools, are low. In other words, we’re likely to see more consolidation in this area over time.

Now backed by Cinven, One.com itself has been pursuing that strategy over the last year. Its other acquisitions have included other regional leaders such as SYSE and Digital Garden in the nordics.

Online learning looks likely to be a key beneficiary of the social distancing and quarantine measures that are being applied around the world as countries grapple with the COVID-19 pandemic.

In turn, this looks set to buoy some relative veterans of the space. To wit: Preply, a 2013-founded tutoring marketplace, is today announcing a $10 million Series A. It said the funding will be used to scale the business and beef up its focus on the US market, where it plans to open an office by the end of the year.

The Series A is led by London-based Hoxton Ventures, with European VC funds Point Nine Capital, All Iron Ventures, The Family, EduCapital, and Diligent Capital also participating.

Preply’s press release also notes a number of individual angel investors jumped aboard this round: Arthur Kosten of Booking.com; Gary Swart, former CEO of Upwork; David Helgason, founder of Unity Technologies; and Daniel Hoffer, founder of Couchsurfing.

The startup said it has seen a record number of daily hours booked on its platform this week. It also reports a spike in the number of tutors registering in markets including the U.S., U.K., Germany, France, Italy and Spain — which are among the regions where schools have been closed as a coronavirus response measure.

Also this week Preply said some countries have seen the number of tutor registrations triple vs the same period in February, while it also reports a doubling of the number of hours students are booking on the platform in some markets.

The former TechStars Berlin alum closed a $1.3M seed back in 2016 to expand its marketplace in Europe, when it said it had 25,000 “registered” tutors — and was generating revenue from more than 130 countries.

The new funding will be used to help scale mainly in North America, France, Germany, Spain, Italy and the UK, it said today.

Another core intent for the funding is to grow Preply’s current network of 10,000 “verified” tutors, who it says are teaching 50 languages to students in 190 countries around the world. So tackling the level of tutor churn it has evidently experienced over the years — by getting more of those who sign up to stick around teaching for a longer haul — looks to be one of the priorities now it’s flush with Series A cash.

It also plans to spend on building additional data-driven tools — including for assessments and homework.

The aim is to increase the platform’s utility by adding more features for tutors to track students’ progress and better support them to hit learning goals. “Preply wants to engage and enable tutors to develop alongside the platform, giving them the opportunity to explore training and lessons plans so they can streamline their income and maximize their classes,” it said in a press release.

Another area of focus on the product dev front is mobile. Here, Preply said it will be spending to boost the efficiency and improve the UX of its Android and iOS apps.

​“The new funding allows us to bring a more in-depth, immersive and convenient experience to both tutors and learners all over the world. Today, we are laser focused on language learning, but ultimately, I envision a future where anyone can learn anything using Preply,” said Kirill Bigai, CEO of Preply, in a statement.

“Getting to know Kirill and the team at Preply we were most impressed with their tremendous growth already in the US market as well as the size of the global market in online language tutoring. We believe the team has vast opportunity ahead of it, especially in the English-learning segment of the market where Preply already demonstrates market leadership,” added Hoxton Ventures’ Rob Kniaz in another supporting statement.

To date, Preply says some two million classes have been taken with teachers of 160 nationalities, via its marketplace. The platform maintains a strong focused on language learning, although topic-based lessons are also offered — such as maths and physics.

The business model entails taking a lead generation fee — in the form of the entire fee for the first lesson — after which it takes a revenue share of any lessons booked thereafter. The average price of a lesson on the platform is $15 to $20 per hour, per Preply, with tutors having leeway to set prices (within some fixed bounds, such as a minimum per lesson price).

The company currently employs 125 staff, based out of Kyiv (Ukraine) and Barcelona (Spain) and says its revenues have grown tenfold in the last three years.

A core tech component of the marketplace is a machine-learning matching system which it uses to increase the efficiency of pairing tutors with learners — touting this as a way to make “smarter connections” that “crack the code of effective language learning”.

In plainer language, it’s using automated decision-making to help users find a relevant teacher without having to do lots of search legwork themselves, while the platform can use AI-matching to drive bookings by managing the experience of tutor discovery in a way that also avoids students being overwhelmed by too much choice.

Air Doctor, the health tech startup that connects travellers with local doctors, has raised $7.8 million in Series A funding. The round is led by Kamet Ventures (the AXA-backed venture builder), and The Phoenix Insurance Company.

Founded in 2016, Air Doctor aims to empower travellers who get sick when abroad and need non-emergency advice or treatment. It has created a network of local private physicians that travellers can access, typically via travel insurance or perks. The platform is available across 42 countries in 5 continents, and lets you search by location, language, specialty, and cost.

“Air Doctor was born out of the founding team’s own travelling experiences, out of that terrible feeling you get when you fall ill in a foreign country and don’t know who to turn to or how to get the fast response you need,” says Jenny Cohen Derfler, CEO and co-founder of Air Doctor.

“Yam [Derfler, Head of Product Innovation] came up with the idea after eight months of travelling around South America, in which both he and his friends at different times felt completely helpless when they got sick and, more often than not, couldn’t find English-speaking doctors”.

Derfler says Air Doctor’s initial focus was that of the travelling patient, but the team quickly realised that this is a problem that affects an entire ecosystem around medical care for travellers.

“Local doctors have no reliable way of accessing a whole new group of private customers, insurance companies waste huge amounts of money on tedious and questionable medical services, and also want to improve the customer experience of being connected to healthcare, and travel agents want a reliable service to bundle up as part of their packages. It became clear we needed to build a platform that would benefits all parties,” she says.

By combining a global network of medical professionals with a digital platform, Air Doctor is able to lower costs for insurance companies, and offer value-added solutions for credit card companies and mobile operators. On the supply end, it also claims to increase physicians’ income and digital presence, while providing “the highest level of healthcare” for international travellers in their native languages.

“Our aim is to provide every traveler in the world access to experienced local doctors and specialists when they need it, and by doing so to help them avoid having to go to hospitals or tourist clinics,” adds Derfler.

The that end, Air Doctor’s first customer was The Phoenix, one of Israel’s leading insurance companies, which has subsequently invested as part of this Series A round. By offering Air Doctor to its customers, The Phoenix was able to reduce its loss ratio by reducing claim costs, reorienting patients to outpatient clinics rather than emergency services, and streamlining payments.

“Our big selling point for the travellers themselves is control,” underlines the Air Doctor CEO. “When you’re sick while away from home, you want to feel like you are in control of your situation. Our online platform helps patients find immediate solutions, by providing them with a wealth of information about a wider range of local practitioners so they can choose the most appropriate doctor for their needs and preferences. Most importantly, we help them access medical care in their native language, which is one of the biggest things when it comes to feeling in control of your situation”.

Meanwhile, this latest round follows Air Doctor’s seed round of $3.1 million in July 2018. The new investment will be used to bolster Air Doctor’s medical network and R&D capabilities and for international expansion across the insurance, telecom, and credit card industries.

Hello folks, welcome back (or hi for the first time) to The Station, a weekly newsletter dedicated to the all the ways people and packages move around this world. I’m your host, Kirsten Korosec, senior transportation reporter at TechCrunch.

I also have started to publish a shorter version of the newsletter on TechCrunch . That’s what you’re reading now. For the whole enchilada — which comes out every Saturday — you can subscribe to the newsletter by heading over here, and clicking “The Station.” It’s free!

Before I get into the thick of things, how is everyone doing? This isn’t a rhetorical question; I’m being earnest. I want to hear from you (note my email below). Maybe you’re a startup founder, a safety driver at an autonomous vehicle developer, a venture capitalist, engineer or gig economy worker. I’m interested in how you are doing, what you’re doing to cope and how you’re getting around in your respective cities.

Please reach out and email me at kirsten.korosec@techcrunch.com to share thoughts, opinions or tips or send a direct message to @kirstenkorosec.

Micromobbin’

It was a rough week for micromobility amid the COVID-19 pandemic. Bird laid off about 30% of its employees due to the uncertainty caused by the coronavirus.

In a memo obtained by TechCrunch, Bird CEO Travis VanderZanden said:

The unprecedented COVID-19 crisis has forced our leadership team and the board of directors to make many extremely difficult and painful decisions relating to some of your teammates. As you know, we’ve had to pause many markets around the world and drastically cut spending. Due to the financial and operational impact of the ongoing COVID-19 crisis, we are saying goodbye to about 30% of our team.

The fallout from COVID-19 isn’t limited to Bird. Lime is also reportedly considering laying off up to 70 people in the San Francisco Bay Area.

Meanwhile, Wheels deployed e-bikes with self-cleaning handlebars and brake levers to help reduce the risk of spreading the virus. NanoSeptic’s technology, which is powered by light, uses mineral nano-crystals to create an oxidation reaction that is stronger than bleach, according to the company’s website. NanoSeptic then implements that technology into skins and mats to turn anything from a mousepad to door handles to handlebars into self-cleaning surfaces.

The upshot to all of this: COVID-19 is turning shared mobility on its head. That means lay offs will continue. It also means companies like Wheels will try to innovate or pivot in hopes of staying alive.

While some companies pulled scooters off city streets, others changed how they marketed services. Some turned efforts to gig economy workers delivering food. Others, like shared electric moped service Revel, are focusing on healthcare workers.

Revel is now letting healthcare workers in New York rent its mopeds for free. To qualify, they just need to upload their employee ID. For now, the free rides for healthcare workers is limited to Brooklyn, Queens and a new service area from upper Manhattan down to 65th street. Revel expanded the area to include hospitals in one of the epicenters of the disease.

Revel is still renting its mopeds to the rest of us out there, although they encourage people to only use them for essential trips. As you might guess, ridership is down significantly. The company says it has stepped up efforts of disinfecting and cleaning the mopeds and helmets. Revel also operates in Austin, New York City, Oakland, and Washington. It has suspended service in Miami per local regulations.

— Megan Rose Dickey (with a cameo from Kirsten Korosec)

Deal of the week

Typically, I would highlight a large funding round for a startup in the “deal of the week” section. This week, I have broadened my definition.

On Friday, the House of Representatives passed a historic stimulus package known as the Coronavirus Aid, Relief, and Economic Security or “CARES” act. President Donald Trump signed it hours later. The CARES act contains an unprecedented $2.2 trillion in total financial relief for businesses, public institutions and individuals hit hard by the COVID-19 pandemic.

TechCrunch has just started what will be a multi-day dive into the 880-page document. And in the coming weeks, I will highlight anything related or relevant to the transportation industry or startups here.

I’ll focus today on three items: airlines, public transit and small business loans.

U.S. airlines are receiving $58 billion. It breaks down to about $25 billion in loans for commercial carriers, $25 billion in payroll grants to cover the 750,000 employees who work in the industry.  Cargo carriers will receive $4 billion in loans and $4 billion in grants. These loans come with some strings attached. Airlines will have to agree not to lay off workers through the end of September. The package forbids stock buybacks and issuing dividends to shareholders for a year after paying off one of the loans.

Public transit has been allocated $24.9 billion. The CARES Act provides almost three times the FY 2020 appropriations for this category, according to the American Public Transportation Association. The funds are distributed through a formula that puts $13.79 billion to urban, $2 billion to rural, $7.51 billion towards state of good repair and $1.71 billion for high-density state transit. APTA notes that these funds are for operating expenses to prevent, prepare for, and respond to COVID-19 beginning on January 20, 2020.

Amtrak received an additional $1 billion in grants, that directs $492 million of those funds towards the northeast corridor. The remaining goes to the national network.

Small business loans are a critical piece of the bill, and an area where many startups may be focused. There is a lot to unpack here, but in basic terms the act provides $350 billion in loans that will be administered by the Small Business Administration to businesses with 500 or fewer employees. These loans are meant to cover an eligible borrower’s payroll, rent, utilities expenses and mortgage interest for up to eight weeks. If the borrower maintains its workforce, some of the loan may be forgiven.

Venture-backed startups seeking relief may run into problems qualifying. It all comes down to how employees are counted. Normally, SBA looks at a company’s affiliates to determine if they qualify. So, a startup owned by a private equity firm is considered affiliated with the other companies in that firm’s portfolio, which could push employment numbers far beyond 500. That rule also seems to apply to venture-backed startups, in which more than 50% of voting stock is held by the VC.

The guidance on this is still spotty. But Fenwick & West, a Silicon Valley law firm, said in recent explainer that the rule has the “potential to be problematic for startups because the SBA affiliation rules are highly complex and could cause lenders to group together several otherwise unaffiliated portfolio companies of a single venture capital firm in determining whether a borrower has no more than 500 employees.”

One final note: The SBA has waived these affiliation rules for borrowers in the food services and food supply chain industry. It’s unclear what that might mean for those food automation startups or companies building autonomous vehicles for food delivery.

More deal$

COVID-19 has taken over, but deals are still happening. Here’s a rundown of some of partnerships, acquisitions and fundraising round that got our attention.

• Lilium, the Munich-based startup that is designing and building vertical take-off and landing (VTOL) aircraft and aspires to run in its own taxi fleet, has raised $240 million in a funding round led by Tencent. This is being couched as an inside round with only existing investors, a list that included participation from previous backers such as Atomico, Freigeist and LGT. The valuation is not being disclosed. But sources tell us that it’s between $750 million and $1 billion.
• Wunder Mobility acquired Australia-based car rental technology provider KEAZ. (Financial terms weren’t disclosed, but as part of the deal KEAZ founder and CTO Tim Bos is joining Wunder Mobility) KEAZ developed a mobile app and back-end management tool that lets rental agencies, car dealerships, and corporations provide shared access to vehicles.
• Cazoo, a startup that buys used cars and then sells them online and delivers to them your door, raised $116 million funding. The round was led by DMG Ventures with General Catalyst, CNP (Groupe Frère), Mubadala Capital, Octopus Ventures, Eight Roads Ventures and Stride.VC also participating.
• Helm.ai came out of stealth with an announcement that it has raised $13 million in a seed round that includes investment from A.Capital Ventures, Amplo, Binnacle Partners, Sound Ventures, Fontinalis Partners and SV Angel. Helm.ai says it developed software for autonomous vehicles that can skip traditional steps of simulation, on-road testing and annotated data set — all tools that are used to train and improve the so-called “brain” of the self-driving vehicle.
• RoadSync, a digital payment platform for the transportation industry, raised a $5.7 million in a Series A led by Base10 Partners with participation from repeat investor Hyde Park Venture Partners and Companyon Ventures. The company developed cloud-based software that lets businesses invoice and accept payments from truck drivers, carriers and brokers. Their platform is in use at over 400 locations nationwide with over 50,000 unique transactions monthly, according to RoadSync.
• Self-driving truck startup TuSimple is partnering with automotive supplier ZF to develop and produce autonomous vehicle technology, such as sensors, on a commercial scale. The partnership, slated to begin in April, will cover China, Europe and North America.

A final word

Remember, the weekly newsletter features even more mobility news and insights. I’ll leave ya’ll with this one chart from Inrix. The company has launched a U.S. traffic synopsis that it plans to publish every Monday. The chart shows traffic from the week of March 14 to March 20. The upshot: COVID-19 reduced traffic by 30% nationwide.

Lawmakers and security experts have long warned of security flaws in the underbelly of the world’s cell networks. Now a whistleblower says the Saudi government is exploiting those flaws to track its citizens across the U.S. as part of a “systematic” surveillance campaign.

It’s the latest tactic by the Saudi kingdom to spy on its citizens overseas. The kingdom has faced accusations of using powerful mobile spyware to hack into the phones of dissidents and activists to monitor their activities, including those close to Jamal Khashoggi, the Washington Post columnist who was murdered by agents of the Saudi regime. The kingdom also allegedly planted spies at Twitter to surveil critics of the regime.

The Guardian obtained a cache of data amounting to millions of locations on Saudi citizens over a four-month period beginning in November. The report says the location tracking requests were made by Saudi’s three largest cell carriers — believed to be at the behest of the Saudi government — by exploiting weaknesses in SS7.

SS7, or Signaling System 7, is a set of protocols — akin to a private network used by carriers around the world — to route and direct calls and messages between networks. It’s the reason why a T-Mobile customer can call an AT&T phone, or text a friend on Verizon — even when they’re in another country. But experts say that weaknesses in the system have allowed attackers with access to the carriers — almost always governments or the carriers themselves — to listen in to calls and read text messages. SS7 also allows carriers to track the location of devices to just a few hundred feet in densely populated cities by making a “provide subscriber information” (PSI) request. These PSI requests are typically to ensure that the cell user is being billed correctly, such as if they are roaming on a carrier in another country. Requests made in bulk and excess can indicate location tracking surveillance.

But despite years of warnings and numerous reports of attacks exploiting the system, the largest U.S. carriers have done little to ensure that foreign spies cannot abuse their networks for surveillance.

One Democratic lawmaker puts the blame squarely in the Federal Communication Commission’s court for failing to compel cell carriers to act.

“I’ve been raising the alarm about security flaws in U.S. phone networks for years, but FCC chairman Ajit Pai has made it clear he doesn’t want to regulate the carriers or force them to secure their networks from foreign government hackers,” said Sen. Ron Wyden, a member of the Senate Intelligence Committee, in a statement on Sunday. “Because of his inaction, if this report is true, an authoritarian government may be reaching into American wireless networks to track people inside our country,” he said.

A spokesperson for the FCC, the agency responsible for regulating the cell networks, did not respond to a request for comment.

A long history of feet-dragging

Wyden is not the only lawmaker to express concern. In 2016, Rep. Ted Lieu, then a freshman congressman, gave a security researcher permission to hack his phone by exploiting weaknesses in SS7 for an episode of CBS’ 60 Minutes.

Lieu accused the FCC of being “guilty of remaining silent on wireless network security issues.”

The same vulnerabilities were used a year later in 2017 to drain the bank accounts of unsuspecting victims by intercepting and stealing the two-factor authentication codes necessary to log in sent by text message. The breach was one of the reasons why the U.S. government’s standards and technology units, NIST, recommended moving away from using text messages to send two-factor codes.

Months later the FCC issued a public notice, prompted by a raft of media attention, “encouraging” but not mandating that carriers make efforts to bolster their individual SS7 systems. The notice asked carriers to monitor their networks and install firewalls to prevent malicious requests abuse.

It wasn’t enough. Wyden’s office reported in 2018 that one of the major cell carriers — which was not named — reported an SS7 breach involving customer data. Verizon and T-Mobile said in letters to Wyden’s office that they were implementing firewalls that would filter malicious SS7 requests. AT&T said in its letter that it was in the process of updating its firewalls, but also warned that “unstable and unfriendly nations” with access to a cell carrier’s SS7 systems could abuse the system. Only Sprint said at the time that it was not the source of the SS7 breach, according to a spokesperson’s email to TechCrunch.

T-Mobile did not respond to a request for comment. Verizon (which owns TechCrunch) also did not comment. AT&T said at the time it “continually works with industry associations and government agencies” to address SS7 issues.

Fixing SS7

Fixing the problems with SS7 is not an overnight job. But without a regulator pushing for change, the carriers aren’t inclined to budge.

Experts say those same firewalls put in place by the cell carriers can filter potentially malicious traffic and prevent some abuse. But an FCC working group tasked with understanding the risks posed by SS7 flaws in 2016 acknowledged that the vast majority of SS7 traffic is legitimate. “Carriers need to be measured as they implement solutions in order to avoid collateral network impacts,” the report says.

In other words, it’s not a feasible solution if it blocks real carrier requests.

Cell carriers have been less than forthcoming with their plans to fix their SS7 implementations. Only AT&T provided comment, telling The Guardian that it had “security controls to block location-tracking messages from roaming partners.” To what extent remains unclear, or if those measures will even help. Few experts have expressed faith in newer systems like Diameter, a similar routing protocol for 4G and 5G, given there have already been a raft of vulnerabilities found in the newer system.

End-to-end encrypted apps, like Signal and WhatsApp, have made it harder for spies to snoop on calls and messages. But it’s not a panacea. As long as SS7 remains a fixture underpinning the very core of every cell network, tracking location data will remain fair game.

Only a few days after saying that he would like to see the country “opened up and raring to go by Easter” and maybe relax rules for at least some parts of the U.S. sooner than later, President Trump today announced that he is extending the government’s social distancing guidelines through April 30.

“Nothing would be worse than declaring victory before the victory is won. That would be the greatest loss of all,” he said. “Therefore, the next two weeks and during this period it’s very important that everyone strongly follows the guidelines — have to follow the guidelines that our great vice president holds up a lot. He’s holding that up a lot. He believes in it so strongly. The better you do, the faster this whole nightmare will end. Therefore, we will be extending our guidelines to April 30 to slow the spread.”

He also noted that we can expect more data and information about the federal government’s strategy on Tuesday. “We’ll be having a very important statement made on Tuesday,” he stressed.

Earlier today, Dr. Anthony Fauci, the director for the National Institute of Allergy and Infectious Diseases said that we should expect between 100,000 and 200,000 deaths from COVID-19.

And while Trump has said that it wants to open up the country as fast as possible and get the economy back on track, it now looks that — at least for the time being — that timeline has been pushed back. The new date he mentioned today is June 1st. “We can expect that by June 1st we will be well on our way to recovery,” he said today. “We think by June 1st a lot of great things will be happening. I want every citizen in our country to take hear and confidence in the fact that we have the best medical minds in the world tackling this disease.”

Currently, Trump said, death rates are expected to peak in two weeks. The original “15 days to slow the spread” campaign launched just under two weeks ago, on March 15.

Microsoft is pulling out of an investment in an Israeli facial recognition technology developer as part of a broader policy shift to halt any minority investments in facial recognition startups, the company announced late last week.

The decision to withdraw its investment from AnyVision, an Israeli company developing facial recognition software, came as a result of an investigation into reports that AnyVision’s technology was being used by the Israeli government to surveil residents in the West Bank.

The investigation, conducted by former U.S. Attorney General Eric Holder and his team at Covington & Burling, confirmed that AnyVision’s technology was used to monitor border crossings between the West Bank and Israel, but did not “power a mass surveillance program in the West Bank.”

Microsoft’s venture capital arm, M12 Ventures, backed AnyVision as part of the company’s $74 million financing round which closed in June 2019. Investors who continue to back the company include DFJ Growth and OG Technology Partners, LightSpeed Venture Partners, Robert Bosch GmbH, Qualcomm Ventures, and Eldridge Industries.

Microsoft first staked out its position on how the company would approach facial recognition technologies in 2018, when President Brad Smith issued a statement calling on government to come up with clear regulations around facial recognition in the U.S.

Smith’s calls for more regulation and oversight became more strident by the end of the year, when Microsoft issued a statement on its approach to facial recognition.

Smith wrote:

We and other tech companies need to start creating safeguards to address facial recognition technology. We believe this technology can serve our customers in important and broad ways, and increasingly we’re not just encouraged, but inspired by many of the facial recognition applications our customers are deploying. But more than with many other technologies, this technology needs to be developed and used carefully. After substantial discussion and review, we have decided to adopt six principles to manage these issues at Microsoft. We are sharing these principles now, with a commitment and plans to implement them by the end of the first quarter in 2019.

The principles that Microsoft laid out included privileging: fairness, transparency, accountability, non-discrimination, notice and consent, and lawful surveillance.

Critics took the company to task for its investment in AnyVision, saying that the decision to back a company working with the Israeli government on wide-scale surveillance ran counter to the principles it had set out for itself.

Now, after determining that controlling how facial recognition technologies are deployed by its minority investments is too difficult, the company is suspending its outside investments in the technology.

“For Microsoft, the audit process reinforced the challenges of being a minority investor in a company that sells sensitive technology, since such investments do not generally allow for the level of oversight or control that Microsoft exercises over the use of its own technology,” the company wrote in a statement on its M12 Ventures website. “Microsoft’s focus has shifted to commercial relationships that afford Microsoft greater oversight and control over the use of sensitive technologies.”

 

 

On CNN’s State of the Union Sunday, the leading U.S. authority on the COVID-19 pandemic made some grim predictions about the course of the novel coronavirus as it rages through communities within the United States.

Dr. Anthony Fauci, the longtime director for the National Institute of Allergy and Infectious Diseases and emerging face of American leadership in the fight against the virus, estimated that the U.S. may see between 100,000 and 200,000 deaths from COVID-19, the deadly disease caused by the novel coronavirus. A deeply-respected authority on viral diseases, Fauci assisted in guiding the federal response to SARS, MERS, Ebola and now the novel coronavirus.

Fauci cautioned that these estimates are based on models and a model is only as accurate as the assumptions that go into building it. An extreme worst-case situation in which the coronavirus causes millions of American deaths remains “not impossible but very, very unlikely.”

“Whenever the models come in, they give a worst-case scenario and a best-case scenario,” Fauci told CNN’s Jake Tapper. “Generally, the reality is somewhere in the middle. I’ve never seen a model of the diseases that I’ve dealt with where the worst case actually came out. They always overshoot.”

Fauci believes that the U.S. is likely going to have “millions of cases” but broadly cautioned against relying on modeling estimates while still stressing the extreme risk the virus poses.

“I just don’t think that we really need to make a projection when it’s such a moving target that we could so easily be wrong and mislead people,” Fauci said. He added that outbreaks in New York, New Orleans and other areas with “serious problems” remain worrisome, indicating that the data at hand is plenty of cause for concern.

As of Sunday morning, 2,197 people in the U.S. have lost their lives fighting the virus, with 125,313 confirmed cases in the country to date according to data from Johns Hopkins University. The number of actual cases of the virus on the ground is likely substantially higher, as testing challenges continue to trouble some parts of the country and many mild or asymptomatic cases go untested.

Democratic senator Elizabeth Warren may have ended her 2020 presidential run, but the tech used to drive her campaign will live on.

Members of her staff announced they would make public the top apps and digital tools developed in Warren’s bid to become the Democratic nominee for president.

“In our work, we leaned heavily on open source technology — and want to contribute back to that community…[by] open-sourcing some of the most important projects of the Elizabeth Warren campaign for anyone to use,” the Warren for President Tech Team said.

In a Medium post, members of the team — including chief technology strategist Mike Conlow and chief technology officer Nikki Sutton — previewed what would be available and why.

“Our hope is that other Democratic candidates and progressive causes will use the ideas and code we developed to run stronger campaigns and help Democrats win,” the post said.

Warren’s tech team listed several of the tools they’ve turned over to the open source universe via GitHub.

One of those tools, Spoke, is a peer to peer texting app, originally developed by MoveOn, which offered the Warren Campaign high volume messaging at a fraction of the costs of other vendor options. The team used it to send four million SMS messages on Super Tuesday alone.

Pollaris is a location lookup tool with an API developed to interface directly with Warren’s official campaign website and quickly direct supporters to their correct polling stations.

Warren’s tech team will also open-source Switchboard (FE and BE) — which recruited and connected volunteers in primary states — and Caucus App, a delegate calculating and reporting tool.

The campaign’s Redhook tool took in web hook data in real time and experienced zero downtime.

“Our intention in open sourcing it is to demonstrate that some problems campaigns face do not require vendor tools and are solved…efficiently with a tiny bit of code,” said the Tech Team.

Elizabeth Warren ended her 2020 presidential bid on March 4 after failing to win a primary. Among her many policy proposals, the Massachusetts senator had proposed breaking up big tech companies, such as Google, Facebook and Amazon.

Her campaign will continue to share the tech tools they used on open source channels.

“We’ll have more to say in the coming weeks on all that we did with technology on our campaign,” the team said.

After the shutdown, the testing and tracing. “Trace, test and treat is the mantra … no lockdowns, no roadblocks and no restriction on movement” in South Korea. “To suppress and control the epidemic, countries must isolate, test, treat and trace,” say WHO.

But what does “tracing” look like exactly? In Singapore, they use a “TraceTogether” app, which uses Bluetooth to track nearby phones (without location tracking), keeps local logs of those contacts, and only uploads them to the Ministry of Health when the user chooses/consents, presumably after a diagnosis, so those contacts can be alerted. Singapore plans to open-source the app.

In South Korea, the government texts people to let them know if they were in the vicinity of a diagnosed individual. The information conveyed can include the person’s age, gender, and detailed location history. Subsequently, even more details may be made available:

In China, as you might expect, the surveillance is even more pervasive and draconian. Here, the pervasive apps Alipay and WeChat now include health codes – green, yellow, or red – set by the Chinese government, using opaque criteria. This health status is then used in hundreds of cities (and soon nationwide) to determine whether people are allowed to e.g. ride the subway, take a train, enter a building, or even exit a highway.

What about us, in the rich democratic world? Are we OK with the Chinese model? Of course not. The South Korean model? …Probably not. The Singaporean model? …Maybe. (I suspect it would fly in my homeland of Canada, for instance.) But the need to install a separate app, with TraceTogether or the directionally similar MIT project Safe Paths, is a problem. It works in a city-state like Singapore but will be much more problematic in a huge, politically divided nation like America. This will lead to inferior data blinded by both noncompliance and selection bias.

More generally, at what point does the urgent need for better data collide with the need to protect individual privacy and avoid enabling the tools for an aspiring, or existing, police state? And let’s not kid ourselves; the pandemic increases, rather than diminishes, the authoritarian threat.

Maybe, like the UK’s NHS, creators of new pandemic data infrastructures will promise “Once the public health emergency situation has ended, data will either be destroyed or returned” — but not all organizations instill the required level of trust in their populace. This tension has provoked heated discussion around whether we should create new surveillance systems to help mitigate and control the pandemic.

This surprises me greatly. Wherever you may be on that spectrum, there is no sense whatsoever in creating a new surveillance system — seeing as how multiple options already exist. We don’t like to think about it, much, but the cold fact is that two groups of entities already collectively have essentially unfettered access to all our proximity (and location) data, as and when they choose to do so.

I refer of course to the major cell providers, and to Apple & Google. This was vividly illustrated by data company Tectonix in a viral visualization of the spread of Spring Break partygoers:

Needless to say, Apple and Google, purveyors of the OSes on all those phones, have essentially the same capability as and when they choose to exercise it. An open letter from “technologists, epidemiologists & medical professionals” calls on “Apple, Google, and other mobile operating system vendors” (the notion that any other vendors are remotely relevant is adorable) “to provide an opt-in, privacy preserving OS feature to support contact tracing.”

They’re right. Android and iOS could, and should, add and roll out privacy-preserving, interoperable, TraceTogether-like functionality at the OS level (or Google Play Services level, to split fine technical hairs.) Granted, this means relying on corporate surveillance, which makes all of us feel uneasy. But at least it doesn’t mean creating a whole new surveillance infrastructure. Furthermore, Apple and Google, especially compared to cellular providers, have a strong institutional history and focus on protecting privacy and limiting the remit of their surveillance.

(Don’t believe me? Apple’s commitment to privacy has long been a competitive advantage. Google offers a thorough set of tools to let you control your data and privacy settings. I ask you: where is your cell service provider’s equivalent? Ah. Do you expect it to ever create one? I see. Would you also be interested in this fine, very lightly used Brooklyn Bridge I have on sale?)

Apple and Google are also much better suited to the task of preserving privacy by “anonymizing” data sets (I know, I know, but see below), or, better yet, preserving privacy via some form(s) of differential privacy and/or homomorphic encryption — or even some kind of zero-knowledge cryptography, he handwaved wildly. And, on a practical level, they’re more able than a third-party app developer to ensure a background service like that stays active.

Obviously this should all be well and firmly regulated. But at the same time, we should remain cognizant of the fact that not every nation believes in such regulation. Building privacy deep into a contact-tracing system, to the maximum extent consonant with its efficacy, is especially important when we consider its potential usage in authoritarian nations who might demand the raw data. “Anonymized” location datasets admittedly tend to be something of an oxymoron, but authoritarians may still be technically stymied by the difficulty of deanonymization; and if individual privacy can be preserved even more securely than that via some elegant encryption scheme, so much the better.

Compared to the other alternatives — government surveillance; the phone companies; or some new app, with all the concomitant friction and barriers to usage — Apple and Google are by some distance the least objectionable option. What’s more, in the face of this global pandemic they could roll out their part of the test-and-trace solution to three billion users relatively quickly. If we need a pervasive pandemic surveillance system, then let’s use one which (though we don’t like to talk about it) already exists, in the least dangerous, most privacy-preserving way.