Author: azeeadmin

Another batch of complaints has been filed with European Union data protection agencies urging enforcement action against the adtech industry’s abuse of Internet users’ information to target ads.

The complaints argue that behavioural ads are both harmful and unlawful.

Earlier complaints over the same Real-Time Bidding (RTB) programmatic advertising issue were filed across the EU in 2018 and 2019 but have yet to result in any substantive regulatory action.

Ireland did open a probe into Google’s ad exchange last year. While Belgium’s DPA has been progressing an investigation into a flagship industry tool that’s used for gathering consents to ad targeting — making a preliminary finding of non-compliance in October. But litigation to reach a final verdict on the IAB Europe’s ‘Transparency and Consent’ (TCF) framework won’t take place until next year.

(Related: The UK’s data protection agency is facing a legal challenge over its failure to act on RTB complaints, despite repeatedly expressing concern about the industry’s lawfulness problem.)

Both Google and the IAB continue to deny any problems with their adtech. Last year Google said authorised buyers that use its systems are subject to “stringent policies and standards”. While the IAB Europe rejected the Belgium DPA’s findings — saying its preliminary report “fundamental misunderstand[s]” the TCF tech.

The latest GDPR complaints target how the RTB component of programmatic advertising broadcasts Internet users’ personal data to scores of entities involved in these high speed eyeball auctions — arguing it runs counter to core security requirements in the General Data Protection Regulation (GDPR), as well as being horrible for people’s privacy.

A key principle of the GDPR is security by design and default — with the regulation placing legal requirements on personal data handlers to make sure people’s information is properly secured.

The complaints, which target Google and the IAB in their capacity as RTB standard setters, have been filed by civil society groups in six European countries — namely: Asociatia pentru Tehnologie si Internet (ApTi), Romania; D3 – Defesa dos Direitos Digitais, Portugal; GONG, Croatia; Global Human Dignity Foundation, Malta; Homo Digitalis, Greece; and the Institute of Information Cyprus.

They’re being coordinated by a consortium led by the Civil Liberties Union for Europe (Liberties), the ORG (Open Rights Group) and the Panoptykon Foundation. 

“Real-time bidding, which is the bedrock of the online advertising industry, is an abuse of people’s right to privacy,” said Dr Orsolya Reich, senior advocacy officer at Liberties, in a supporting statement. “The GDPR has been in place since 2018 and it is there precisely to give people a greater say about what happens to their data online.

“Today, more civil society groups are saying enough with this invasive advertising model and are asking data protection authorities to stand up against the harmful and unlawful practices they use.”

The consortium is asking for a joint investigation by their respective national DPAs — and for regulators to join with ongoing adtech investigations in Ireland (into Google’s adtech) and Belgium (into the IAB Europe’s TCF framework).

It’s not clear how far the Irish DPC’s investigation of Google has progressed — but it continues to face criticism for the lack of decisions on cross-border GDPR cases, some 2.5 years after the regulation technically begun being applied.

A mechanism in the GDPR means cross-border cases (basically anything related to mainstream consumer tech) get passed to a lead agency to investigate. However other agencies also remain involved, as interested parties, and must agree with any final decision made.

The system has led to a bottleneck of cases in certain EU locations, such as Ireland, where many tech giants base their European HQ. So the concern is this one-stop-shop mechanism is adding an unworkable level of friction to GDPR investigations — delaying decisions and enforcement action so much it risks the entire framework.

The Commission has acknowledged weakness in GDPR enforcement. Most obviously because it’s working on a massive package of new digital regulations. Though its strategy for fixing the enforcement problem is less clear as EU Member States look set to remain responsible for the bulk of this additional oversight, just as they’re responsible for resourcing their own DPAs now. (And yet more complaints have been filed this year accusing European governments of a GDPR resourcing failure.)

Ireland’s DPC is slated to issue its first cross-border GDPR decision in a case that relates to a Twitter security breach very shortly. But last year its commissioner, Helen Dixon, suggested it would come with its first such decisions early in 2020 — so the gap between GDPR expectation and reality is running almost 12 months late at this point.

 

The consortium filing the latest RTB complaints writes in a press release that while some of the earlier adtech complaints were referred to lead authorities it has no knowledge of “any meaningful cooperation or joint operations between national authorities and the lead authorities”.

“This suggests that cooperation and consistency mechanisms as envisioned in the GDPR are yet to be implemented fully,” the group adds, calling for a joint investigation into the RTB issue because the technology functions in the same way across borders — and “produces the same negative effects in all EU member states”, as they put it.

However it’s not clear how extra joint working — if indeed that’s really what’s being called for — would help to speed up GDPR enforcement. Nor how referring additional complaints to Ireland and Belgium would work to speed up their current investigations.

Most likely, the intent is to keep up pressure on the regulators to act.

Asked about the call for joint working, a Liberties spokesman told us: “The problem is that Google and IAB are big players, standard-setters in the market, and they affect all Internet users. Given the geographical scope of the issues raised in the complaints, we think it’s better for supervisory authorities to act in unison, not to be working alone in their corner.  This is why national partners are inviting their national DPAs to refer this complaint to the lead supervisory authorities who are already investigating Google’s and IAB’s compliance with the GDPR.”

Commenting in another supporting statement, Mariano delli Santi, legal and policy officer at the ORG, added: “These new complaints show that the GDPR is working. Individuals are increasingly aware of their rights, and they demand change. Now, it is up to the authorities to support this process, and make sure these laws are properly and consistently enforced against the widespread abuses of the adtech industry.”

At the time of writing, the only extant example of enforcement against a tech giant under the updated regulation was a January 2019 decision to fine Google $57M by France’s CNIL. That investigation was limited to having a national scope, though, rather than being treated as a cross-border case.

Since then Google has shifted its legal base in Europe to Ireland — so now falls under the lead jurisdiction of the DPC.

This arrangement appears to suit big tech, enabling it to avoid the risk of speedier investigations conducted by single Member State agencies acting faster alone. (So it’s very interesting to see TikTok ramping up its business infrastructure and headcount in Ireland — as it’s also now on CNIL’s radar… )

 

As noted earlier, EU lawmakers have conceded GDPR enforcement has been a weakness thus far.

In a review of the two year old regulation this summer the Commission highlighted a lack of universally vigorous enforcement.

Last week the values and transparency commissioner, Vera Jourouv, also raised the problem as she set out the bloc’s plan to bolster democratic values against a range of online risks, such as algorithmically amplified or microtargeted disinformation and election interference — acknowledging GDPR alone isn’t enough to fix myriad intersecting tech-fuelled problems.

“[After the Cambridge Analytica scandal] we said that we are relieved that after GDPR came into force we are protected against this kind of practice — that people have to give consent and be aware of that — but we see that it might be a weak measure only to rely on consent or leave it for the citizens to give consent,” she said.

“Enforcement of privacy rules is not sufficient — that’s why we are coming in the European Democracy Action Plan with the vision for the next year to come with the rules for political advertising, where we are seriously considering to limit the microtargeting as a method which is used for the promotion of political powers, political parties or political individuals.”

The European Commission is in the progress of drafting an ambitious and interlocking package of digital regulations, that it wants to fuel a regional data economy and set firm online rules to engender the necessary trust — and has said it wants this major digital policymaking effort to serve Europe for decades.

But without effective enforcement of its Internet rulebook it’s not clear how the bloc’s digital strategy will deliver as intended.

 

Another batch of complaints has been filed with European Union data protection agencies urging enforcement action against the adtech industry’s abuse of Internet users’ information to target ads.

The complaints argue that behavioural ads are both harmful and unlawful.

Earlier complaints over the same Real-Time Bidding (RTB) programmatic advertising issue were filed across the EU in 2018 and 2019 but have yet to result in any substantive regulatory action.

Ireland did open a probe into Google’s ad exchange last year. While Belgium’s DPA has been progressing an investigation into a flagship industry tool that’s used for gathering consents to ad targeting — making a preliminary finding of non-compliance in October. But litigation to reach a final verdict on the IAB Europe’s ‘Transparency and Consent’ (TCF) framework won’t take place until next year.

(Related: The UK’s data protection agency is facing a legal challenge over its failure to act on RTB complaints, despite repeatedly expressing concern about the industry’s lawfulness problem.)

Both Google and the IAB continue to deny any problems with their adtech. Last year Google said authorised buyers that use its systems are subject to “stringent policies and standards”. While the IAB Europe rejected the Belgium DPA’s findings — saying its preliminary report “fundamental misunderstand[s]” the TCF tech.

The latest GDPR complaints target how the RTB component of programmatic advertising broadcasts Internet users’ personal data to scores of entities involved in these high speed eyeball auctions — arguing it runs counter to core security requirements in the General Data Protection Regulation (GDPR), as well as being horrible for people’s privacy.

A key principle of the GDPR is security by design and default — with the regulation placing legal requirements on personal data handlers to make sure people’s information is properly secured.

The complaints, which target Google and the IAB in their capacity as RTB standard setters, have been filed by civil society groups in six European countries — namely: Asociatia pentru Tehnologie si Internet (ApTi), Romania; D3 – Defesa dos Direitos Digitais, Portugal; GONG, Croatia; Global Human Dignity Foundation, Malta; Homo Digitalis, Greece; and the Institute of Information Cyprus.

They’re being coordinated by a consortium led by the Civil Liberties Union for Europe (Liberties), the ORG (Open Rights Group) and the Panoptykon Foundation. 

“Real-time bidding, which is the bedrock of the online advertising industry, is an abuse of people’s right to privacy,” said Dr Orsolya Reich, senior advocacy officer at Liberties, in a supporting statement. “The GDPR has been in place since 2018 and it is there precisely to give people a greater say about what happens to their data online.

“Today, more civil society groups are saying enough with this invasive advertising model and are asking data protection authorities to stand up against the harmful and unlawful practices they use.”

The consortium is asking for a joint investigation by their respective national DPAs — and for regulators to join with ongoing adtech investigations in Ireland (into Google’s adtech) and Belgium (into the IAB Europe’s TCF framework).

It’s not clear how far the Irish DPC’s investigation of Google has progressed — but it continues to face criticism for the lack of decisions on cross-border GDPR cases, some 2.5 years after the regulation technically begun being applied.

A mechanism in the GDPR means cross-border cases (basically anything related to mainstream consumer tech) get passed to a lead agency to investigate. However other agencies also remain involved, as interested parties, and must agree with any final decision made.

The system has led to a bottleneck of cases in certain EU locations, such as Ireland, where many tech giants base their European HQ. So the concern is this one-stop-shop mechanism is adding an unworkable level of friction to GDPR investigations — delaying decisions and enforcement action so much it risks the entire framework.

The Commission has acknowledged weakness in GDPR enforcement. Most obviously because it’s working on a massive package of new digital regulations. Though its strategy for fixing the enforcement problem is less clear as EU Member States look set to remain responsible for the bulk of this additional oversight, just as they’re responsible for resourcing their own DPAs now. (And yet more complaints have been filed this year accusing European governments of a GDPR resourcing failure.)

Ireland’s DPC is slated to issue its first cross-border GDPR decision in a case that relates to a Twitter security breach very shortly. But last year its commissioner, Helen Dixon, suggested it would come with its first such decisions early in 2020 — so the gap between GDPR expectation and reality is running almost 12 months late at this point.

 

The consortium filing the latest RTB complaints writes in a press release that while some of the earlier adtech complaints were referred to lead authorities it has no knowledge of “any meaningful cooperation or joint operations between national authorities and the lead authorities”.

“This suggests that cooperation and consistency mechanisms as envisioned in the GDPR are yet to be implemented fully,” the group adds, calling for a joint investigation into the RTB issue because the technology functions in the same way across borders — and “produces the same negative effects in all EU member states”, as they put it.

However it’s not clear how extra joint working — if indeed that’s really what’s being called for — would help to speed up GDPR enforcement. Nor how referring additional complaints to Ireland and Belgium would work to speed up their current investigations.

Most likely, the intent is to keep up pressure on the regulators to act.

Asked about the call for joint working, a Liberties spokesman told us: “The problem is that Google and IAB are big players, standard-setters in the market, and they affect all Internet users. Given the geographical scope of the issues raised in the complaints, we think it’s better for supervisory authorities to act in unison, not to be working alone in their corner.  This is why national partners are inviting their national DPAs to refer this complaint to the lead supervisory authorities who are already investigating Google’s and IAB’s compliance with the GDPR.”

Commenting in another supporting statement, Mariano delli Santi, legal and policy officer at the ORG, added: “These new complaints show that the GDPR is working. Individuals are increasingly aware of their rights, and they demand change. Now, it is up to the authorities to support this process, and make sure these laws are properly and consistently enforced against the widespread abuses of the adtech industry.”

At the time of writing, the only extant example of enforcement against a tech giant under the updated regulation was a January 2019 decision to fine Google $57M by France’s CNIL. That investigation was limited to having a national scope, though, rather than being treated as a cross-border case.

Since then Google has shifted its legal base in Europe to Ireland — so now falls under the lead jurisdiction of the DPC.

This arrangement appears to suit big tech, enabling it to avoid the risk of speedier investigations conducted by single Member State agencies acting faster alone. (So it’s very interesting to see TikTok ramping up its business infrastructure and headcount in Ireland — as it’s also now on CNIL’s radar… )

 

As noted earlier, EU lawmakers have conceded GDPR enforcement has been a weakness thus far.

In a review of the two year old regulation this summer the Commission highlighted a lack of universally vigorous enforcement.

Last week the values and transparency commissioner, Vera Jourouv, also raised the problem as she set out the bloc’s plan to bolster democratic values against a range of online risks, such as algorithmically amplified or microtargeted disinformation and election interference — acknowledging GDPR alone isn’t enough to fix myriad intersecting tech-fuelled problems.

“[After the Cambridge Analytica scandal] we said that we are relieved that after GDPR came into force we are protected against this kind of practice — that people have to give consent and be aware of that — but we see that it might be a weak measure only to rely on consent or leave it for the citizens to give consent,” she said.

“Enforcement of privacy rules is not sufficient — that’s why we are coming in the European Democracy Action Plan with the vision for the next year to come with the rules for political advertising, where we are seriously considering to limit the microtargeting as a method which is used for the promotion of political powers, political parties or political individuals.”

The European Commission is in the progress of drafting an ambitious and interlocking package of digital regulations, that it wants to fuel a regional data economy and set firm online rules to engender the necessary trust — and has said it wants this major digital policymaking effort to serve Europe for decades.

But without effective enforcement of its Internet rulebook it’s not clear how the bloc’s digital strategy will deliver as intended.

 

France’s data protection agency, the CNIL, has slapped Google and Amazon with fines for dropping tracking cookies without consent.

Google has been hit with a total of €100 million ($120M) for dropping cookies on Google.fr and Amazon €35M (~42M) for doing so on the Amazon .fr domain under the penalty notices issued today.

The regulator carried out investigations of the websites over the past year and found tracking cookies were automatically dropped when a user visited the domains in breach of the country’s Data Protection Act.

In Google’s case the CNIL has found three consent violations related to dropping non-essential cookies.

“As this type of cookies cannot be deposited without the user having expressed his consent, the restricted committee considered that the companies had not complied with the requirement provided for by article 82 of the Data Protection Act and the prior collection of the consent before the deposit of non-essential cookies,” it writes in the penalty notice [which we’ve translated from French].

Amazon was found to have made two violations, per the CNIL penalty notice.

CNIL also found that the information about the cookies provided to site visitors was inadequate — noting that a banner displayed by Google did not provide specific information about the tracking cookies the Google.fr site had already dropped.

Under local French (and European) law, site users should have been clearly informed before the cookies were dropped and asked for their consent.

In Amazon’s case its French site displayed a banner informing arriving visitors that they agreed to its use of cookies. CNIL said this did not comply with transparency or consent requirements — since it was not clear to users that the tech giant was using cookies for ad tracking. Nor were users given the opportunity to consent.

The law on tracking cookie consent has been clear in Europe for years. But in October 2019 a CJEU ruling further clarified that consent must be obtained prior to storing or accessing non-essential cookies. As we reported at the time sites that failed to ask for consent to track were risking a big fine under EU privacy laws.

Google and Amazon are now finding that out to their cost, it seems.

We’ve reached out to Amazon and Google for comment on the CNIL’s action.

In Google’s case the CNIL also found that when a user selected to deactivate personalized advertising — via an option that Google’s cookie notice presented them with — the mechanism only partially worked, as one advertising cookie remained stored on their machine and continued to process data in clear violation of the consent law.

This story is developing — refresh for updates…

France’s data protection agency, the CNIL, has slapped Google and Amazon with fines for dropping tracking cookies without consent.

Google has been hit with a total of €100 million ($120M) for dropping cookies on Google.fr and Amazon €35M (~42M) for doing so on the Amazon .fr domain under the penalty notices issued today.

The regulator carried out investigations of the websites over the past year and found tracking cookies were automatically dropped when a user visited the domains in breach of the country’s Data Protection Act.

In Google’s case the CNIL has found three consent violations related to dropping non-essential cookies.

“As this type of cookies cannot be deposited without the user having expressed his consent, the restricted committee considered that the companies had not complied with the requirement provided for by article 82 of the Data Protection Act and the prior collection of the consent before the deposit of non-essential cookies,” it writes in the penalty notice [which we’ve translated from French].

Amazon was found to have made two violations, per the CNIL penalty notice.

CNIL also found that the information about the cookies provided to site visitors was inadequate — noting that a banner displayed by Google did not provide specific information about the tracking cookies the Google.fr site had already dropped.

Under local French (and European) law, site users should have been clearly informed before the cookies were dropped and asked for their consent.

In Amazon’s case its French site displayed a banner informing arriving visitors that they agreed to its use of cookies. CNIL said this did not comply with transparency or consent requirements — since it was not clear to users that the tech giant was using cookies for ad tracking. Nor were users given the opportunity to consent.

The law on tracking cookie consent has been clear in Europe for years. But in October 2019 a CJEU ruling further clarified that consent must be obtained prior to storing or accessing non-essential cookies. As we reported at the time sites that failed to ask for consent to track were risking a big fine under EU privacy laws.

Google and Amazon are now finding that out to their cost, it seems.

We’ve reached out to Amazon and Google for comment on the CNIL’s action.

In Google’s case the CNIL also found that when a user selected to deactivate personalized advertising — via an option that Google’s cookie notice presented them with — the mechanism only partially worked, as one advertising cookie remained stored on their machine and continued to process data in clear violation of the consent law.

This story is developing — refresh for updates…

The rise of U.S.-China tensions has accelerated the bifurcation of global technology, with the two superpowers each working on their own tech systems. While the rift might be discouraging cross-border investment and business expansion between the rivals, the countries that are in-between — like those in Southeast Asia and Europe — are still finding opportunities.

Sweden’s Dirac is such an example. The 15-year-old firm has been licensing sound optimization technology to mobile, home entertainment, AR/VR, automotive, and other businesses where sounds are critical. The geopolitical complications “have not impacted” the company at all, its founder and chief executive Mathias Johansson told TechCrunch in an interview.

Based in the university city Uppsala of Sweden, Dirac has deep ties to China, offering solutions to the country’s smartphone leaders from Huawei, Oppo, Xiaomi, to Africa-focused Transsion. More than 50% of its revenue come from China today.

Dirac’s interest in China stems in part from the founder’s early fascination with the country. When Johansson visited China for the first time through his PhD program two decades ago, he was impressed by the “rapid evolution” in the tech industry there.

“The audio industry put a lot of manufacturing in China first, but then more and more on development and design. We realized this is a market that’s absolutely key for the entire consumer electronics ecosystem,” Johansson said.

The entrepreneur had since been traveling to Asia, especially Japan and China where electronics were flourishing. In 2010, he hired Dirac’s first China manager Tony Ye, who previously worked for Swedish software firm IAR Systems in Shanghai. At the time, the revolutionary iPhone 4 was making waves across the world, but Johansson and his team were also bullish about China.

“We thought that China is going to be the leader in smartphones eventually. We thought that with Android and with Arm processors [China] is going to be a very different market. So we really went in there and focused on the market. And we thought that [Chinese] would be more hungry, more interested in trying out new things, simply because they were newcomers just like we were pioneers,” the founder said.

“It turned out to be the right bet.”

Though the Chinese government has been advocating for technological autonomy, the national efforts are prioritizing strategic areas like 5G and AI. In smaller and less politically charged fields, imported technologies are still seeing demand. These solutions are often cutting-edge and built upon years of research and development, but they are too niched for big corporations to invest the money and time. That is true for certain video enhancement solutions (see TechCrunch’s profile of Imint, also an Uppsala-based company), or advanced sound optimization in the case of Dirac.

Johansson began researching the audio technology behind Dirac some 20 years ago during university, which made it harder for latecomers to catch up, the founder asserted. Dirac fixes audio like how glasses correct vision. Its team would first send out a test signal through the target speaker system, records it with a microphone, generates a digital fingerprint of audio, and measures the acoustic information. It then makes an exact “mirror universe” of the distortions created by the system, sends pre-distorted audio back to the speakers and the users will eventually get the distortion-free version of the sound.

The research and development cycle at Dirac is long, but working with Chinese companies has forced the Swedish firm to adapt.

“It challenged us to come up with new, more efficient ways of doing the same thing and to keep that innovation pace ahead of the competitor, whether it’s domestic Chinese, or the U.S., or wherever,” the founder admitted.

Dirac maintains its cashflow by licensing its intellectual property to clients and charges royalty fees per unit of device shipped. It also operates a B2B2C model, whereby the end-user can upgrade the sound system of a device, say, a speaker, by paying a fee, which is then divided between Dirac and its client, i.e. the device maker. Its latest big-name customer is the Chinese electric carmaker BYD, a deal that the company sees as an important step in furthering its automotive ambitions.

“Traditional carmakers are being challenged and the whole ecosystem is changing,” Johansson observed. “With software upgrades, cars are becoming something very different. They’re becoming much more like mobile phones and much more software-centric. The whole entertainment aspect and the audio experience in cars are becoming almost the most important part of the car because the noise is so low, the car is so quiet and you’re maybe driving a self-driving car. The audio experience you will get from cars will be outstanding in a couple of years.”

A startup that is improving the way construction and real estate companies in India procure materials and handle logistics for their projects has received the backing of three new investors.

Mumbai-headquartered Infra.Market said on Thursday it has raised $20 million in a Series B financing round. The round was led by Evolvence India Fund, Sistema Asia Fund, and Foundamental Gmbh, while existing investors Accel, Tiger Global, and Nexus also participated in it. The four-year-old startup has raised about $50 million to date.

Infra.Market helps small businesses such as manufacturers of paints and cements improve the quality of their production and meet various compliances. The startup adds its load cells to the manufacturing facilities of these small businesses to ensure there is no lapse in quality, and also helps them work with other businesses that can provide them with better raw material and provide guidance on pricing. It also works closely with businesses to ensure that their deliveries are made on time.

These improvements, explained co-founder Souvik Sengupta, help small manufacturers land larger clients that have higher expectations from the businesses with which they engage.

“We are bringing a service layer to these small manufacturers, enabling them to grow their business. We don’t own the asset and are creating private label brands,” he said in an interview with TechCrunch. Infra.Market today works with over 170 small manufacturers and counts the vast majority of major construction and real estate companies such as giants Larsen & Toubro and Tata Sons as its clients. Sengupta said the startup sells to over 400 large clients and 3,000 small retailers.

Sengupta said the startup was on track to hit the ARR (annual recurring revenue) of $100 million before the pandemic, which for at least two months nearly cut its business in half. But the startup has picked up pace again, and is now on track to hit the ARR of $180 million.

“As an enabler to this sector, Infra.Market has emerged as one of the most disruptive companies through pioneering technological innovation in the procurement and distribution of building materials catering to the infrastructure and construction industry by improving logistics, financing, procurement and project management of large scale projects in key markets across India. The company has very quickly demonstrated remarkable growth backed by a solid business model and deep sector domain knowledge of its founders and management team,” said Rohit Batra, Partner at Evolvence India, in a statement.

More to follow…

Demand for contactless payments and e-commerce has grown in South Korea during the COVID-19 pandemic. This is good news for payment service operators, but the market is very fragmented, so adding payment options is a time-consuming process for many merchants. CHAI wants to fix this with an API that enables companies to accept over 20 payment systems. The Seoul-based startup announced today it has raised a $60 million Series B.

The round was led by Hanhwa Investment & Securities, with participation from SoftBank Ventures Asia (the early-stage venture capital arm of SoftBank Group), SK Networks, Aarden Partners and other strategic partners. It brings CHAI’s total funding to $75 million, including a $15 million Series A in February.

Last month, the Bank of Korea, South Korea’s central bank, released a report showing that ()contactless payments increased 17% year-over-year since the start of COVID-19.

CHAI serves e-commerce companies with an API called I’mport, that allows them to accept payments from over twenty options, including debit and credit cards through local payment gateways, digital wallets, wire transfers, carrier billings and PayPal. It is now used by 2,200 merchants, including Nike Korea and Philip Morris Korea.

CHAI chief executive officer Daniel Shin told TechCrunch that businesses would usually have to integrate each kind of online payment type separately, so I’mport saves its clients a lot of time.

The company also offers its own digital wallet and debit card called the CHAI Card, which launched in June 2019 and now has 2.5 million users, a small number compared South Korea’s leading digital wallets, which include Samsung Pay, Naver Pay, Kakao Pay and Toss.

“CHAI is a late comer to Korea’s digital payments market, but we saw a unique opportunity to offer value,” said Shin. The CHAI Card offers merchants a lower transaction fee than other cards and users typically check its app about 20 times to see new cashback offers and other rewards based on how often they pay with their cards or digital wallet.

“We’ve digitized the plastic card experience, and this is the first step towards creating a robust online rewards platform,” Shin added.

In press statement, Hanhwa Investment & Securities director SeungYoung Oh director said, “I’mport has reduced what once took e-commerce businesses weeks to complete into a simple copy-and-paste task, radically reducing costs. It is a first-of-its-kind business model in Korea, and I have no doubt that CHAI will continue to grow this service into an essential infrastructure of the global fintech landscape.”

LabCorp has now become the first company to receive approval to sell its COVID-19 test kit over-the-counter without a prescription, according to a statement form the company.

One of the largest diagnostics testing companies in the U.S., LabCorp could be a significant competitor to companies like EverlyWell, which received approvals for its at-home testing kits in May; MyLab Box, which announced a partnership with Walmart earlier this week to sell COVID-19 test kits with the giant retailer; or LetsGetChecked, which has its own at-home test.

LabCorp was actually the first company to receive approval from the FDA for its test kit, and now the company can sell the product through retail channels without a prescription.

“With the first over-the-counter at-home collection kit ever authorized by the FDA for COVID-19, we are empowering people to learn about their health and make confident decisions,” said Dr. Brian Caveney, chief medical officer and president of LabCorp Diagnostics, in a statement. “With this authorization, we can help more people get tested, reduce the spread of the virus and improve the health of our communities.”

It’s pretty inarguable that anything that reduces the friction consumers face in getting tested for SARS-CoV-2, the virus that causes COVID-19, is a good thing. It’s also in line with a broader push to increase healthcare access for consumers in an effort to reduce costs.

When customers purchase the COVID-19 test kit, they register the kit on the company’s website and then follow the instructions given there. Tests results are delivered through a corporate portal and a healthcare provider is available to assist customers who test positive on how to proceed with a course of treatment.

The company said its kit should not be viewed as a substitute for visits to a healthcare professional and is intended for use by adults 18 or older.

It’s important to note that the LabCorp PCR test has not been cleared or approved by the FDA and is being authorized under an emergency use authorization.

The WSJ is reporting that Airbnb is expected to priced its IPO at either $67 or $68 per share. The American hospitality unicorn raised its IPO price target earlier this week, from $44 to $50 to $56 to $60.

While we’re still waiting for official pricing, Airbnb is worth $41 billion at its IPO price, using the upper pricing estimate and the company’s share count of 602,448,251 from its most recent S-1/A filing. That figure rises sharply if we included more than 50 million shares that could be added to the mix upon the exercise of vested employee options. The company’s fully-diluted valuation at its IPO price was calculated to be $47 billion.

Regardless of how you prefer to value the company, its worth has risen sharply from an early-pandemic nadir of $18 billion. After COVID-19 ravaged the company’s business, it laid off staff and took on external capital.

Since the end of Q1 and the first months of Q2, Airbnb has recovered, allowing it to file to go public and earn its highest valuation to-date.

The company’s pricing comes after both DoorDash and C3.ai each priced above their own raised ranges, and saw their shares skyrocket in the first day’s trading. Some exuberance was therefore not unexpected.

Airbnb starts trading tomorrow morning. More then.

Facebook faces big antitrust lawsuits, DoorDash and C3.ai go public and YouTube announces new election misinformation policies. This is your Daily Crunch for December 9, 2020.

The big story: FTC and 48 state AGs sue Facebook

The Federal Trade Commission filed an antitrust lawsuit against Facebook today, as did 48 attorneys general representing 46 states.

They’re separate suits, although the two groups coordinated their investigations. Both suits claim that Facebook has behaved illegally when it acquired Instagram and WhatsApp, and that it used its monopoly power to suppress competition. The FTC suit also calls for Instagram and WhatsApp to be split off from the company.

In response, Facebook tweeted, “Years after the FTC cleared our acquisitions, the government now wants a do-over with no regard for the impact that precedent would have on the broader business community or the people who choose our products every day.”

The tech giants

DoorDash, C3.ai skyrocket in public market debuts — Two American tech unicorns saw their values climb after they began trading today.

YouTube declares war on US election misinformation… a month late — YouTube waited until the “safe harbor” deadline, when audits and recounts must be wrapped up at the state level, to enforce a set of rules against election misinformation.

Google CEO says company will review events leading up to Dr. Timnit Gebru’s departure — In CEO Sundar Pichai’s memo, he said the company needs to “accept responsibility for the fact that a prominent Black, female leader with immense talent left Google unhappily.”

Startups, funding and venture capital

Squire, a barbershop tech startup, triples its valuation to $250M in latest round — Squire raised $59 million in a round led by Iconiq Capital.

Career Karma raises $10M to connect students to coding bootcamps — The startup is bringing a pick-and-shovel strategy to the coding bootcamp world.

Ada Ventures closes first fund at $50M, investing in diverse founders tackling society’s problems — A year ago this week, Ada Ventures launched on stage at TechCrunch Disrupt.

Advice and analysis from Extra Crunch

Coinbase’s backstory and future with ‘Kings of Crypto’ author Jeff John Roberts — “Kings of Crypto” tells the story of Coinbase, Brian Armstrong and the dream of a crypto economy.

As several marketplace unicorns prepare IPOs, a VC digs into the data — “Growth trumps all,” says Menlo Ventures partner Venky Ganesan.

How DoorDash and C3.ai can defend their red-hot IPO valuations — An excited market brings big valuations, stacks of cash and high expectations.

(Extra Crunch is our membership program, which aims to democratize information about startups. You can sign up here.)

Everything else

Gift Guide: The best books for 2020 as recommended by VCs and TechCrunch writers (Part 2) — Here are nine more books (plus one bonus) recommended by VCs and TechCrunch writers.

Streamers, including Netflix and CBS All Access, roll out new family-friendly features — Netflix announced the rollout of the Kids Activity Report and Family Profiles, while CBS All Access added a Kids Mode.

TC Sessions: Space 2020 launches next week — We’ll be (virtually) hosting out-of-this-world experts, innovative agencies and bold, boundary-breaking startups.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.