We used to be such optimists. Technology would bring us a world of wealth in harmony with the environment, and even bring us new worlds. The Internet would erase national boundaries, replace gatekeepers with a universal opportunity for free expression, and bring us all closer together. Remember when we looked forward to every advance?

I just finished Liu Cixin’s magisterial science-fiction trilogy Remembrance of Earth’s Past. It is very much a bracingly pessimistic story for our era. Without spoiling it too much, I’ll just say that it’s a depiction of a transition from optimistically anticipating contact with other worlds … to a bleak realization that we haven’t done so yet because the universe is a “dark forest,” the title of the trilogy’s second book. “Dark forest theory” holds that civilizations fear one another so much that they don’t dare to reveal themselves lest they immediately be considered a potential threat and destroyed.

There are certain analogies here. We’ve grown to fear technology, to mistrust everything it offers us, to assume its every new offering has a dark side. Consider the recent mini-viral-storm around the “10 Year Challenge” meme, and the resulting Wired piece suggesting it’s a Trojan Horse designed to manipulate us into training Facebook’s AI to improve recognition of aging faces.

I strongly doubt that that is actually the case. Not because I have any faith in Facebook’s transparent benevolence; because they already have a way-past-enormous cornucopia of such data, more accurately (implicitly) tagged. Even if explicit tags were helpful rather than counterproductive — which I doubt, given the stripping of metadata, the jokes riffing on the meme, etc. — they wouldn’t move the needle. As Max Read puts it:

But I find it a striking example of how so many of us have grown to treat technology as a dark forest. Everything tech does seems to now be considered a threat until proved a blessing, and maybe even then. It wasn’t long ago that the reverse was true. How and why did this happen?

Part of it is probably resentment. The fabulously wealthy and influential tech industry has become one of the world’s premier power centers, and people (correctly) suspect tech is now more likely to reify this new hierarchy than disrupt or undercut it. But it’s hard to shake the sense that it’s not really technology’s job to improve human hierarchies; it’s democracy’s. It’s true that democracy seems to have been doing a shockingly poor job over the last few years, but it’s hard to blame that entirely on technology.

Rather, I think a lot of this dark-forest attitude towards tech is because, to most people, technology is now essentially magic. In AI’s case, as we see from that Wired piece, even experts can’t agree on what the technology needs, much less exactly how it works, much less explain step-by-step how it arrives at its (not always be reproducible) results.

(Possibly implicitly biased results! you may shout. Yes, that’s true and important. But I find it bizarre how everyone outside of the business keeps hammering the table shouting about how the tech industry need to stop ignoring the fact that AI may reinforce implicit bias, while all the AI people I know are deeply aware of this risk, describe it as one of their primary concerns, talk about it constantly, and are doing all kinds of work to mitigate or eliminate it. Why the implicit assumption that all AI researchers and engineers are blithely ignoring this risk? Again: technology has become a dark forest.)

Tech-as-magic is not just limited to AI, though. How many people really understand what happens when you flick a switch and a light comes on? How many fewer really understand how text messaging works, or why a change of a mere few degrees in global temperatures is likely to be catastrophic for billions? Not many. What do we fear? We fear the unknown. Tech is a dark forest because to most people tech is dark magic.

The problem is, this dark magic happens to be our only hope to solve our immediate existential problems, such as global warming. We already live in a dark forest full of terrible but subtle and ill-defined threats, and they aren’t caused by new technologies, they’re caused by the consequences of exceeding the carrying capacity of our planet with our old technologies. Climate change is a grue coming through the trees for us with terrifying speed, and technology is the one torch which might lead us out.

Fine, granted, that fire might, theoretically, in the long run, and/or in the wrong, might eventually become some kind of a threat. It’s used by a lot of bad actors to manipulate people, reify oppression, and siphon wealth its users don’t deserve. In some parts of the planet it’s being horrifically misused in far worse ways yet. All true. But just because fire is dangerous doesn’t every new use of it is a malevolent threat. Let’s get past the knee-jerk backlash and try to restore a little optimism, a little hope, a little potential belief that new technological initiatives are not automatically a bad-faith misuse, even if they do come from Facebook.

(I’m the first to admit that Facebook does a lot of bad things, and condemn them for it! But that does not mean that everything they do is bad. Companies are like people; it is possible, hard as this may to be to believe in this Death Of Nuance era, that they can do some good things and some bad things at the same time. Most shocking of all, this is even true of Elon Musk.)

I’m not just saying that this would be nice. I’m saying it’s something we probably need to do, because like it or not, it seems that we have, as a species, already collectively wandered into a very real dark forest, and a cascading series of better technologies is the only plausible route out. It’ll be awfully hard to build that route if we start assuming it’s been deliberately filled with pitfalls and quicksand. Let’s be skeptical, by all means; but let’s not assume guilt and bad faith as our default stance.

A funny thing happened in the second half of 2018. At some moment, all the people active in crypto looked around and realized there weren’t very many of us. The friends we’d convinced during the last holiday season were no longer speaking to us. They had stopped checking their Coinbase accounts. The tide had gone out from the beach. Tokens and blockchains were supposed to change the world; how come nobody was using them?

In most cases, still, nobody is using them. In this respect, many crypto projects have succeeded admirably. Cryptocurrency’s appeal is understood by many as freedom from human fallibility. There is no central banker, playing politics with the money supply. There is no lawyer, overseeing the contract. Sometimes it feels like crypto developers adopted the defense mechanism of the skunk. It’s working: they are succeeding at keeping people away.

Some now acknowledge the need for human users, the so-called “social layer,” of Bitcoin and other crypto networks. That human component is still regarded as its weakest link. I’m writing to propose that crypto’s human component is its strongest link. For the builders of crypto networks, how to attract the right users is a question that should come before how to defend against attackers (aka, the wrong users). Contrary to what you might hear on Twitter, when evaluating a crypto network, the demographics and ideologies of its users do matter. They are the ultimate line of defense, and the ultimate decision-maker on direction and narrative.

What Ethereum got right

Since the collapse of The DAO, no one in crypto should be allowed to say “code is law” with a straight face. The DAO was a decentralized venture fund that boldly claimed pure governance through code, then imploded when someone found a loophole. Ethereum, a crypto protocol on which The DAO was built, erased this fiasco with a hard fork, walking back the ledger of transactions to the moment before disaster struck. Dissenters from this social-layer intervention kept going on Ethereum’s original, unforked protocol, calling it Ethereum Classic. To so-called “Bitcoin maximalists,” the DAO fork is emblematic of Ethereum’s trust-dependency, and therefore its weakness.

There’s irony, then, in maximalists’ current enthusiasm for narratives describing Bitcoin’s social-layer resiliency. The story goes: in the event of a security failure, Bitcoin’s community of developers, investors, miners and users are an ultimate layer of defense. We, Bitcoin’s community, have the option to fork the protocol—to port our investment of time, capital and computing power onto a new version of Bitcoin. It’s our collective commitment to a trust-minimized monetary system that makes Bitcoin strong. (Disclosure: I hold bitcoin and ether.)

Even this narrative implies trust—in the people who make up that crowd. Historically, Bitcoin Core developers, who maintain the Bitcoin network’s dominant client software, have also exerted influence, shaping Bitcoin’s road map and the story of its use cases. Ethereum’s flavor of minimal trust is different, having a public-facing leadership group whose word is widely imbibed. In either model, the social layer abides. When they forked away The DAO, Ethereum’s leaders had to convince a community to come along.

You can’t believe in the wisdom of the crowd and discount its ability to see through an illegitimate power grab, orchestrated from the outside. When people criticize Ethereum or Bitcoin, they are really criticizing this crowd, accusing it of a propensity to fall for false narratives.

How do you protect Bitcoin’s codebase?

In September, Bitcoin Core developers patched and disclosed a vulnerability that would have enabled an attacker to crash the Bitcoin network. That vulnerability originated in March, 2017, with Bitcoin Core 0.14. It sat there for 18 months until it was discovered.

There’s no doubt Bitcoin Core attracts some of the best and brightest developers in the world, but they are fallible and, importantly, some of them are pseudonymous. Could a state actor, working pseudonymously, produce code good enough to be accepted into Bitcoin’s protocol? Could he or she slip in another vulnerability, undetected, for later exploitation? The answer is undoubtedly yes, it is possible, and it would be naïve to believe otherwise. (I doubt Bitcoin Core developers themselves are so naïve.)

Why is it that no government has yet attempted to take down Bitcoin by exploiting such a weakness? Could it be that governments and other powerful potential attackers are, if not friendly, at least tolerant towards Bitcoin’s continued growth? There’s a strong narrative in Bitcoin culture of crypto persisting against hostility. Is that narrative even real?

The social layer is key to crypto success

Some argue that sexism and racism don’t matter to Bitcoin. They do. Bitcoin’s hodlers should think carefully about the books we recommend and the words we write and speak. If your social layer is full of assholes, your network is vulnerable. Not all hacks are technical. Societies can be hacked, too, with bad or unsecure ideas. (There are more and more numerous examples of this, outside of crypto.)

Not all white papers are as elegant as Satoshi Nakamoto’s Bitcoin white paper. Many run over 50 pages, dedicating lengthy sections to imagining various potential attacks and how the network’s internal “crypto-economic” system of incentives and penalties would render them bootless. They remind me of the vast digital fortresses my eight-year-old son constructs in Minecraft, bristling with trap doors and turrets.

I love my son (and his Minecraft creations), but the question both he and crypto developers may be forgetting to ask is, why would anyone want to enter this forbidding fortress—let alone attack it? Who will enter, bearing talents, ETH or gold? Focusing on the user isn’t yak shaving, when the user is the ultimate security defense. I’m not suggesting security should be an afterthought, but perhaps a network should be built to bring people in, rather than shut them out.

The author thanks Tadge Dryja and Emin Gün Sirer, who provided feedback that helped hone some of the ideas in this article.

Last April, Spotify surprised Wall Street bankers by choosing to go public through a direct listing process rather than through a traditional IPO. Instead of issuing new shares, the company simply sold existing shares held by insiders, employees and investors directly to the market – bypassing the roadshow process and avoiding at least some of Wall Street’s fees. That pattens is set to continue in 2019 as Silicon Valley darlings Slack and Airbnb take the direct listing approach.

Have we reached a new normal where tech companies choose to test their own fate and disrupt the traditional capital markets process?  This week, we asked a panel of six experts on IPOs and direct listings: “What are the implications of direct listing tech IPOs for financial services, regulation, venture capital, and capital markets activity?” 

This week’s participants include: IPO researcher Jay R. Ritter (University of Florida’s Warrington College of Business), Spotify’s CFO Barry McCarthy, fintech venture capitalist Josh Kuzon (Reciprocal Ventures), IPO attorney Eric Jensen (Cooley LLP), research analyst Barbara Gray, CFA (Brady Capital Research), and capital markets advisor Graham A. Powis (Brookline Capital Markets).

TechCrunch is experimenting with new content forms. Consider this a recurring venue for debate, where leading experts – with a diverse range of vantage points and opinions – provide us with thoughts on some of the biggest issues currently in tech, startups and venture. If you have any feedback, please reach out: Arman.Tabatabai@techcrunch.com.

Thoughts & Responses:

Jay R. Ritter

Jay Ritter is the Cordell Eminent Scholar at the University of Florida’s Warrington College of Business. He is the world’s most-cited academic expert on IPOs. His analysis of the Google IPO is available here.

In April last year, Spotify stock started to trade without a formal IPO, in what is known as a direct listing. The direct listing provided liquidity for shareholders, but unlike most traditional IPOs, did not raise any money for the company. Slack has announced that they will also conduct a direct listing, and it is rumored that some of the other prominent unicorns are considering doing the same.

Although no equity capital is raised by the company in a direct listing, after trading is established the company could do a follow-on offering to raise money. The big advantage of a direct listing is that it reduces the two big costs of an IPO—the direct cost of the fees paid to investment bankers, which are typically 7% of the proceeds for IPOs raising less than $150 million, and the indirect cost of selling shares at an offer price less than what the stocks subsequently trades at, which adds on another 18%, on average. For a unicorn in which the company and existing shareholders sell $1 billion in a traditional IPO using bookbuilding, the strategy of a direct listing and subsequent follow-on offering could net the company and selling shareholders an extra $200 million.

Direct listings are not the only way to reduce the direct and indirect costs of going public. Starting twenty years ago, when Ravenswood Winery went public in 1999, some companies have gone public using an auction rather than bookbuilding. Prominent companies that have used an auction include Google, Morningstar, and Interactive Brokers Group. Auctions, however, have not taken off, in spite of lower fees and less underpricing. The last few years no U.S. IPO has used one.

Traditional investment banks view direct listings and auction IPOs as a threat. Not only are the fees that they receive lower, but the investment bankers can no longer promise underpriced shares to their hedge fund clients. Issuing firms and their shareholders are the beneficiaries when direct listings are used.

If auctions and direct listings are so great, why haven’t more issuers used them? One important reason is that investment banks typically bundle analyst coverage with other business. If a small company hires a top investment bank such as Credit Suisse to take them public with a traditional IPO, Credit Suisse is almost certainly going to have its analyst that covers the industry follow the stock, at least for a while. Many companies have discovered, however, that if the company doesn’t live up to expectations, the major investment banks are only too happy to drop coverage a few years later. In contrast, an analyst at a second-tier investment bank, such as William Blair, Raymond James, Jefferies, Stephens, or Stifel, is much more likely to continue to follow the company for many years if the investment bank had been hired for the IPO. In my opinion, the pursuit of coverage from analysts at the top investment banks has discouraged many companies from bucking the system. The prominent unicorns, however, will get analyst coverage no matter what method they use or which investment banks they hire.

Barry McCarthy

Barry McCarthy is the Chief Financial Officer of Spotify. Prior to joining Spotify, Mr. McCarthy was a private investor and served as a board member for several major public and private companies, including Spotify, Pandora and Chegg. McCarthy also serves as an Executive Adviser to Technology Crossover Ventures and previously served as the Chief Financial Officer and Principal Accounting Officer of Netflix.

If we take a leap of faith and imagine that direct listings become an established alternative to the traditional IPO process, then we can expect:

1. Financing costs to come down – The overall “cost” of the traditional IPO process will come down, in order to compete with the lower cost alternative (lower underwriting fees and no IPO discount) of a direct listing.

2. The regulatory framework to remain unchanged – No change was / is required in federal securities laws, which already enable the direct listing process. With the SEC’s guidance and regulatory oversight, Spotify repurposed an existing process for direct listings – we didn’t invent a new one.

3. A level playing field for exits – Spotify listed without the traditional 180 day lock-up. In order to compete with direct listings, traditional IPOs may eliminate the lock-up (and the short selling hedge funds do into the lock-up expiry).

4. Financing frequency; right church, wrong pew – Regardless of what people tell you, an IPO is just another financing event. But you don’t need to complete a traditional IPO anymore if you want to sell equity. Conventional wisdom says you do, but I think conventional wisdom is evolving with the realities of the marketplace. Here’s how we’d do it at Spotify if we needed to raise additional equity capital. We’d execute a secondary or follow-on transaction, pay a 1% transaction fee and price our shares at about a 4% discount to the closing price on the day we priced our secondary offering. This is much less expensive “financing” than a traditional IPO with underwriter fees ranging from 3-7% (larger deals mean smaller fees) and the underwriter’s discount of ~36% to the full conviction price for the offering. You simply uncouple the going public event from the money raising event.

Josh Kuzon

Josh Kuzon is a Partner at Reciprocal Ventures, an early stage venture capital firm based in NYC focused on FinTech and blockchain. An expert in payments and banking systems, Josh is focused on backing the next generation of FinTech companies across payments, credit, financial infrastructure, and financial management software.

I think the implications of direct listing tech IPOs are positive for venture capitalists, as it creates a channel for efficient exits. However, the threat of low liquidity from a direct listing is significant and may ultimately outweigh the benefits for the listing company. 

Direct listing tech IPOs offers a compelling model for company employees and existing investors in pursuit of a liquidity event. The model features a non-dilutive, no lock-up period, and underwriting fee-less transaction, which is a short-term benefit of the strategy. Additionally, as a publicly traded company, there are longer-term benefits in being able to access public markets for financing, using company stock to pay for acquisitions, and potentially broaden global awareness of an organization. However, these benefits come with tradeoffs that should not be overlooked. 

One concern is the circular problem of liquidity. Without a defined supply of stock, it can be difficult to generate meaningful buyside demand. A floating price and indeterminate quantity will dampen institutional interest, no matter how great the listing company may be. Institutions require size and certainty; not only do they desire to build large positions, but they need to know they can exit them if needed. Without consistent institutional bids, sellers are less motivated to unwind their stakes, for fear of volatility and soft prices.

I believe institutional investors and their brokers are crucial ingredients for a properly functioning public equities market structure. They help make markets more liquid and efficient and serve as a check on companies to drive better business outcomes for their shareholders. A lack of institutional investors could be a very expensive long-term tradeoff for a short-term gain.

For companies that have significant brand awareness, don’t need to raise additional capital, or already have a diverse institutional investor base, the direct listing model may work out well for them. Few companies, however, fit this profile. Many more will likely have to work a lot harder to persuade the capital markets to participate in a direct listing and even if successful, may ultimately come back to bite them as they evolve and require additional capital markets cooperation.

Eric Jensen

Eric Jensen is a partner at Cooley LLP. He advises leading technology entrepreneurs, venture funds and investment banks in formation, financing, capital market and M&A transactions, and in in the past seven years was involved in over 55 offerings, raising over $21 billion, for companies such as Appian, Atlassian, Alteryx, Avalara, DocuSign, FireEye, Forty Seven, LinkedIn, MongoDB, NVIDIA, Redfin, SendGrid, ServiceNow, Tenable, Zendesk, Zulilly and Zynga.

It is challenging to draw market lessons from a single completed “direct listing.” The degree of interest I am seeing, often without folks knowing what it means, shows that the IPO model has issues. So first I describe to a client what it means – an IPO without the “I” and the “O”, meaning you are not selling any stock and therefore you don’t have a set initial stock price. These factors mean that a direct listing is relevant only for a small subset of private companies – those that:

1. Sold stock to a number of institutional buyers that are likely to hold or increase their interest once trading begins;
2. Are large enough (and didn’t restrict transfers) such that an active trading market developed as a private company, to be used as a proxy for the public trading price;
3. Don’t need to raise primary capital, and
4. Want to make their mark by doing something different, at the expense of placing IPO stock in the hands of new investors they have selected.

There is no evidence to indicate that it accelerates public market access, any company that can do a direct listing could do an IPO. The SEC doesn’t go away, and compared to the highly tuned IPO process, SEC scrutiny is actually higher. As least based on Spotify, it doesn’t put investment bankers out of a job, nor does it dramatically reduce total transactions costs. Spotify had no lock-up agreement, so the VCs I know love this feature, but it is not inherent in a direct listing, and IPOs don’t require lock-ups.

In my book, too soon to tell if it is the reverse Dutch Auction of its day.

Barbara Gray

Barbara Gray, CFA is a former top-ranked sell-side Equity Analyst and the Founder of Brady Capital Research Inc., a leading-edge investment research firm focused on structural disruption. She is also the author of the books Secrets of the Amazon 2.0, Secrets of the Amazon and Ubernomics.

Although Spotify successfully broke free of its reins last April and entered the public arena unescorted, I expect most unicorns will still choose to pay the fat underwriting fees to be paraded around by investment bankers. 

Realistically, the direct listing route is most suitable for companies meeting the following three criteria: 1) consumer-facing with strong brand equity; 2) easy-to-understand business model; and 3) no need to raise capital. Even if a company meets this criteria, the “escorted” IPO route could provide a positive return on investment as the IPO roadshow is designed to provide a valuation uptick through building awareness and preference versus competitive offerings by enabling a company to: a) reach and engage a larger investment pool; b) optimally position its story; and c) showcase its skilled management team.

Although the concept of democratizing capital markets by providing equal access to all investors is appealing, if a large institution isn’t able to get an IPO allocation, they may be less willing to build up a meaningful position in the aftermarket. The direct listings option also introduces a higher level of pricing risk and volatility as the opening price and vulnerable early trading days of the stock are left to the whims of the market. Unlike with an IPO, with benefits of stabilizing bids and 90 to 180 days lock-up agreements prohibiting existing investors from selling their shares, a flood of sellers could hit the market.

Graham Powis

Graham A. Powis is Senior Capital Markets Advisor at Brookline Capital Markets, a division of CIM Securities, LLC. Brookline is a boutique investment bank that provides a comprehensive suite of capital markets and advisory services to the healthcare industry. Mr. Powis previously held senior investment banking positions at BTIG, Lazard and Cowen.

While Spotify’s direct listing in 2018 and recent reports that Slack is considering a direct listing in 2019 have heightened curiosity around this approach to “going public,” we expect that most issuers in the near-to medium-term will continue to pursue a traditional IPO path. Potential benefits of a direct listing include the avoidance of further dilution to existing holders and underwriter fees. However, large, high-profile and well-financed corporations, most often in the technology and consumer sectors, are the companies typically best-suited to pursue these direct listings. By contrast, smaller companies seeking to raise capital alongside an exchange listing, and with an eye on overcoming challenges in attracting interest from the investing public, will continue to follow a well-established IPO process.

A case in point is the healthcare segment of the US IPO market, which has accounted for one-third of all US IPO activity over the last five years. The healthcare vertical tilts toward small unprofitable companies with significant capital needs and, as a result, direct listings aren’t likely to become a popular choice in that industry. Since 2014, unprofitable companies have accounted for more than 90% of all healthcare IPOs completed. Furthermore, the biotechnology subsector has been by far the most active corner of the healthcare IPO market, and biotechnology companies are voracious consumers of capital. Finally, healthcare IPOs tend to be relatively small: since 2014, healthcare IPO issuers have raised, on average, only 47% of the amount raised by non-healthcare issuers, and more than half have already returned to the market at least once for additional capital.

Illinois’s startup market in 2018 was very strong, and it’s not slowing down as we settle into 2019. There’s already almost $100 million in new VC funding announced, so let’s take a quick look at the state of venture in the Land of Lincoln (with a specific focus on Chicago).

In the chart below, we’ve plotted venture capital deal and dollar volume for Illinois as a whole. Reported funding data in Crunchbase shows a general upward trend in dollar volume, culminating in nearly $2 billion worth of VC deals in 2018; however, deal volume has declined since peaking in 2014.¹

Chicago accounts for 97 percent of the dollar volume and 90.7 percent of total deal volume in the state. We included the rest of Illinois to avoid adjudicating which towns should be included in the greater Chicago area.

In addition to all the investment in 2018, a number of venture-backed companies from Chicago exited last year. Here’s a selection of the bigger deals from the year:

• After raising $57 million in total venture funding, meal kit delivery company Home Chef was acquired by grocery chain Kroger for $200 million.
• Government technology platform provider CityBase was acquired by GTY Technology Holdings for $160 million. The company had raised $13.1 million from investors prior to the acquisition.
• Maestro Health, an employee benefits company, was acquired for $155 million by insurance giant AXA Group. Maestro Health had raised roughly $53 million in known venture funding.

Crain’s Chicago Business reports that 2018 was the best year for venture-backed startup acquisitions in Chicago “in recent memory.” Crunchbase News has previously shown that the Midwest (which is anchored by Chicago) may have fewer startup exits, but the exits that do happen often result in better multiples on invested capital (calculated by dividing the amount of money a company was sold for by the amount of funding it raised from investors).

2018 was a strong year for Chicago startups, and 2019 is shaping up to bring more of the same. Just a couple weeks into the new year, a number of companies have already announced big funding rounds.

Here’s a quick roundup of some of the more notable deals struck so far this year:

• On Thursday, commercial real estate search firm Truss raised $15 million in additional financing, extending the Deerfield, IL-based company’s Series A round. The deal was led by Boston-based General Catalyst. The deal brings Truss’s total equity and debt funding to more than $24 million.
• Learning management system company BenchPrep announced $20 million in a Series C round co-led by Chicago-based Jump Capital and Bay Area-based Owl Ventures, LP. Part of that capital reportedly comes in the form of debt. The SEC filing for the round, dated December 2018, discloses that $14.53 million was raised in an equity offering, of which $2,999,999 was used to buy shares from “certain executive officers” at the company.
• Delivery service Bringg raised $25 million in Series C funding, which was led by Next47. Other investors in the deal include The Coca-Cola Company, Salesforce Ventures and Aleph. Bringg’s customers include Walmart and McDonald’s. The company has raised at least $52 million in known venture funding to date.

Besides these, a number of seed deals have been announced. These include relatively large rounds raised by 3D modeling technology company ThreeKit, upstart futures exchange Small Exchange and 24/7 telemedicine service First Stop Health.

Globally, and in North America, venture deal and dollar volume hit new records in 2018. However, it’s unclear what 2019 will bring. What’s true at a macro level is also true at the metro level. Don’t discount the City of the Big Shoulders, though.

Behold, the LEGO Chevrolet Silverado. The full-size truck is basically a giant ad for Chevy and the new LEGO Movie, which is due out in February. Apparently they have to fight Duplo blocks from outer space. No, seriously, that’s the plot.

Anyway, the 2019 Silverado is six-feet tall, weighs 3,307 pounds and took 18 builders 2,000 hours to assemble the 334,544 pieces at a LEGO Master Builders shop in Connecticut. Chevy says it’s the first of its vehicles to be built full-scale in this manner.

The video is just over half-a-minute, but offers some interesting insight into how a team of people who get paid to build stuff with LEGO utilize computer models to complete the task.

We’re three weeks into January. We’ve recovered from our CES hangover and, hopefully, from the CES flu. We’ve started writing the correct year, 2019, not 2018.

Venture capitalists have gone full steam ahead with fundraising efforts, several startups have closed multi-hundred million dollar rounds, a virtual influencer raised equity funding and yet, all anyone wants to talk about is Slack’s new logo… As part of its public listing prep, Slack announced some changes to its branding this week, including a vaguely different looking logo. Considering the flack the $7 billion startup received instantaneously and accusations that the negative space in the logo resembled a swastika — Slack would’ve been better off leaving its original logo alone; alas…

On to more important matters.

Rubrik more than doubled its valuation

The data management startup raised a $261 million Series E funding at a $3.3 billion valuation, an increase from the $1.3 billion valuation it garnered with a previous round. In true unicorn form, Rubrik’s CEO told TechCrunch’s Ingrid Lunden it’s intentionally unprofitable: “Our goal is to build a long-term, iconic company, and so we want to become profitable but not at the cost of growth,” he said. “We are leading this market transformation while it continues to grow.”

Deal of the week: Knock gets $400M to take on Opendoor

Will 2019 be a banner year for real estate tech investment? As $4.65 billion was funneled into the space in 2018 across more than 350 deals and with high-flying startups attracting investors (Compass, Opendoor, Knock), the excitement is poised to continue. This week, Knock brought in $400 million at an undisclosed valuation to accelerate its national expansion. “We are trying to make it as easy to trade in your house as it is to trade in your car,” Knock CEO Sean Black told me.

Cybersecurity stays hot

While we’re on the subject of VCs’ favorite industries, TechCrunch cybersecurity reporter Zack Whittaker highlights some new data on venture investment in the industry. Strategic Cyber Ventures says more than $5.3 billion was funneled into companies focused on protecting networks, systems and data across the world, despite fewer deals done during the year. We can thank Tanium, CrowdStrike and Anchorfree’s massive deals for a good chunk of that activity.

Send me tips, suggestions and more to kate.clark@techcrunch.com or @KateClarkTweets. 

Fundraising efforts continue

I would be remiss not to highlight a slew of venture firms that made public their intent to raise new funds this week. Peter Thiel’s Valar Ventures filed to raise $350 million across two new funds and Redpoint Ventures set a $400 million target for two new China-focused funds. Meanwhile, Resolute Ventures closed on $75 million for its fourth early-stage fund, BlueRun Ventures nabbed $130 million for its sixth effort, Maverick Ventures announced a $382 million evergreen fund, First Round Capital introduced a new pre-seed fund that will target recent graduates, Techstars decided to double down on its corporate connections with the launch of a new venture studio and, last but not least, Lance Armstrong wrote his very first check as a VC out of his new fund, Next Ventures.

More money goes toward scooters

In case you were concerned there wasn’t enough VC investment in electric scooter startups, worry no more! Flash, a Berlin-based micro-mobility company, emerged from stealth this week with a whopping €55 million in Series A funding. Flash is already operating in Switzerland and Portugal, with plans to launch into France, Italy and Spain in 2019. Bird and Lime are in the process of raising $700 million between them, too, indicating the scooter funding extravaganza of 2018 will extend into 2019 — oh boy!

Startups secure cash

• Niantic finally closed its Series C with $245 million in capital commitments and a lofty $4 billion valuation.
• Outdoorsy, which connects customers with underused RVs, raised $50 million in Series C funding led by Greenspring Associates, with participation from Aviva Ventures, Altos Ventures, AutoTech Ventures and Tandem Capital.
• Ciitizen, a developer of tools to help cancer patients organize and share their medical records, has raised $17 million in new funding in a round led by Andreessen Horowitz.
• Footwear startup Birdies — no, I don’t mean Allbirds or Rothy’s — brought in an $8 million Series A led by Norwest Venture Partners, with participation from Slow Ventures and earlier investor Forerunner Ventures.
• And Brud, the company behind the virtual celebrity Lil Miquela, is now worth $125 million with new funding.

Feature of the week

TechCrunch’s Josh Constine introduced readers to Squad this week, a screensharing app for social phone addicts.

Listen to me talk

If you enjoy this newsletter, be sure to check out TechCrunch’s venture-focused podcast, Equity. In this week’s episode, available here, Crunchbase editor-in-chief Alex Wilhelm and I marveled at the dollars going into scooter startups, discussed Slack’s upcoming direct listing and debated how the government shutdown might impact the IPO market.

Something odd is in motion in Los Angeles. On a recent day at the office, colleagues debated the merits of the Boring Company’s proposal to alleviate Dodger traffic via levitating tunnel pods. I stepped out for coffee in the afternoon and was almost run over by an elderly man on a dozen scooters, balanced precariously as he rebalanced dockless inventory. And that night, I sat in traffic on the 10 Freeway listening to commentators discuss Uber’s ostensibly imminent eVTOL aircraft, while a venture capitalist friend rested his head in the sleeping compartment of a Cabin bus, carrying him back to Silicon Valley from Santa Monica.

Welcome to the abnormalization of transportation.

Even without hover-sleds and flying cars, the Los Angeles megalopolis is in the midst of a transformation in mobility. Neighborhoods from downtown to Silicon Beach have been carpeted in scooters and bikes. The Uber and Lyft revolution faces competition from the various dockless two wheelers and Via’s ridesharing as a service, launching in Los Angeles soon. Flixbus, looking to expand out of European dominance, targeted LA as its hub for inter-city private bus service. And Cabin’s luxury sleeper bus has been offering a premium alternative to Megabus to and from the Bay Area for months.

Cabin’s cabin

Los Angeles is far from the exception. Autonomous cars are driving people to and from school in Arizona, senior citizens around retirement homes in Florida, and a small army of journalists in an endless loop around Northern California. Starship’s delivery bots have rolled through more than 100 communities, and Kroger shoppers can let Nuro bring them the milk in Scottsdale today. And drone companies from around the world are vying for permission to replace vans and bikes with quadcopters for just-in-time deliveries, while nearly three dozen cities have signed onto the Urban Air Mobility Initiative to make flying cars a reality.

If even a fraction of the promise of this technology comes to pass, the movement of things and people in cities will be both bizarre and beautiful process in the near future.

Yet we fear that this future may not be realized if start-ups are given the red light by well-meaning regulators. As the cities of the world experience a shakeup they haven’t seen since the subway, we have three ideas to help policymakers bring about more equitable, efficient, and environmentally friendly transportation systems, and answer a fundamental question: how on earth do you plan for a future this wild?

• Rule 1: Play in the sand before you carve in stone.

It’s far from clear how these transformative, and multi-modal, technologies will fit together. Equally uncertain is the right framework to govern this puzzle. Proscriptive solutions risk killing innovation in its infancy. The solution is to encourage regulatory sandboxing. Regulatory sandboxes are mechanisms to allow emerging technologies to operate outside the constraints of normal regulations and to inform the development of future rules. These protected spaces, increasingly common in areas like fintech or crypto, allow the evolution of what Adam Thierer calls “soft law” before policymakers make hard decisions.

Perhaps the best example of regulatory sandboxes is a place, coincidentally, with a lot of sand. Arizona has aggressively moved to relieve regulatory burdens that would make testing in the real world effectively impossible. Cities across the state, including Tempe and Chandler, have competed for autonomous vehicle companies to launch their services. These deployments have surfaced a host of practical challenges like how frustrating autonomous cars can be for everyone else, how manned vehicles respond to unmanned grocery bots, and the safety challenges cities should consider when vehicles are operating at partial autonomy.

The federal Department of Transportation has recognized the value of such ecosystems and the lessons they bring. Last year, the DOT created the drone Integration Pilot Program which allows a number of state, local, and tribal governments to work with companies to test advanced drone operations, including the right balance of rules to govern such operations. Recognizing the early success of the IPP, DOT recently announced they would be creating a similar program for autonomous vehicles. These flexible environments promote critical collaboration between the companies building cutting-edge technologies and the regulator. New regulations are constructed on real-world experience, rather than hypotheses developed behind closed doors.

• Rule 2: Don’t pick winners and losers.

Regulators tend to be cautious folks, so more often than not, they favor incumbents. And even when they embrace innovation, too often, authorities takes sides and decide which companies, or even which technologies, are allowed to operate.

For example, some cities are writing off the scooter sector entirely, just as they did a few years ago with ridesharing. Beverly Hills has banned dockless scooters and impounded more a thousand, in an effort to send a message to Bird. Bird responded by suing the city, stating that the scooter ban violates several California laws.

Other cities haven’t gone so far as to ban scooters outright, but are nonetheless falling into the trap of replacing old cartels with new technocumbents. Santa Monica came very close to banning Lime and Bird, the two most popular scooter companies among locals, in favor of Uber and Lyft, who had never deployed scooters in the city before. Only after outcry from ordinary beach dwellers did the city council allow all four companies to operate. Still, no other scooter companies are allowed to operation within city limits.

We should let the market determine whether these technologies will succeed and which companies should deploy them. Cities should play an orchestration role, instead of adjudicator, facilitating connections between new technologies and the existing transit infrastructure. The alternative is to kill innovation in the crib.

Remember PickupPal? They were around well before Uber or Lyft, but you can’t call a PickupPal today. A Canadian pioneer in ridesharing in the early days of smartphones, the company was thwarted by incumbents raising a law banning pickups for profit. Rather than recognize the benefits of ridesharing, authorities crushed it (along with another popular ridesharing company Allo Stop). A technology-enabled last mile solution was regulated out of existence.

By contrast, Uber was able combat efforts to thwart its access to markets. They did so, in many cases, by taking an adversarial approach and changing the law to ensure ridesharing could continue. While this preserved ridesharing as an industry, it delayed the opportunity to connect ridesharing to existing transit networks. Regulators and ridesharing companies remain more at odds than not continuing to delay solutions to the systemic transportation challenges cities face.

• Rule 3: Embrace the challenge and the tools that will help you address it.

Transportation is inherently local, and the future of of mobility innovation will be as well. Even aviation, an industry that long soared above concerns of the urban environment, is being forced to rethink its relationship with the metropolis. EVTOL aircraft are revisiting the lessons helicopters learned in the 1970s and drone companies face the hyperlocal concerns that arise when your neighbor decides 3am is the ideal time for his Eaze order to be facilitated by a flying lawnmower.

And therein lies one of the most exciting opportunities for the cities of the future. The negative externalities accompanying changes on, under, and over our roads, can be mediated by the same technologies that have sparked new headaches. Cities may use platforms like RideOS to smooth autonomous traffic, Remix to incorporate scooters into transit planning, Via to offer ridesharing as a public service, or our company, AirMap, to integrate drones drones today and flying cars tomorrow.

Ultimately, solutions, not sanctions, will allow cities to welcome this weird new transportation future and realize it’s transformative potential. The abnormalization of transportation presents a tremendous challenge for city officials, planners, and legislators. It’s a road worth traveling.

Days after Snap announced the departure of its CFO, reports have emerged that the company’s HR chief was asked to leave following an internal investigation late last year that had led to the firing of its global security head.

The Wall Street Journal is reporting that Snap fired global security head Francis Racioppi late last year after an investigation uncovered that he had engaged in an inappropriate relationship with an outside contractor he had hired. After the relationship ended, Racioppi terminated the woman’s contract, the report says.

Racioppi denied any wrongdoing in a comment to the Journal. A report from Cheddar also adds that one of Racioppi’s assistants was fired for aiding in an attempt to cover up the scandal.

The investigation’s findings reportedly contributed to CEO Evan Spiegel asking the company’s HR head Jason Halbert to step down. Halbert announced his plans to leave the company this week.

While today’s news pins two high-profile executive departures to a single incident, Snap’s executive team has seemed to be losing talent from its ranks at a quickening pace.

Snap did not comment on the reports.

Reports emerged today that the FTC is considering a fine against Facebook that would be the largest ever from the agency. Even if it were 10 times the size of the largest, a $22.5 million bill sent to Google in 2012, the company would basically laugh it off. Facebook is made of money. But the FTC may make it provide something it has precious little of these days: accountability.

A Washington Post report cites sources inside the agency (currently on hiatus due to the shutdown) saying that regulators have “met to discuss imposing a record-setting fine.” We may as well say here that this must be taken with a grain of salt at the outset; that Facebook is non-compliant with terms set previously by the FTC is an established fact, so how much they should be made to pay is the natural next topic of discussion.

But how much would it be? The scale of the violation is hugely negotiable. Our summary of the FTC’s settlement requirements for Facebook indicate that it was:

• barred from making misrepresentations about the privacy or security of consumers’ personal information;
• required to obtain consumers’ affirmative express consent before enacting changes that override their privacy preferences;
• required to prevent anyone from accessing a user’s material more than 30 days after the user has deleted his or her account;
• required to establish and maintain a comprehensive privacy program designed to address privacy risks associated with the development and management of new and existing products and services, and to protect the privacy and confidentiality of consumers’ information; and
• required, within 180 days, and every two years after that for the next 20 years, to obtain independent, third-party audits certifying that it has a privacy program in place that meets or exceeds the requirements of the FTC order, and to ensure that the privacy of consumers’ information is protected.

How many of those did it break, and how many times? Is it per user? Per account? Per post? Per offense? What is “accessing” under such and such a circumstance? The FTC is no doubt deliberating these things.

Yet it is hard to imagine them coming up with a number that really scares Facebook. A hundred million dollars is a lot of money, for instance. But Facebook took in more than $13 billion in revenue last quarter. Double that fine, triple it, and Facebook bounces back.

If even a fine 10 times the size of the largest it ever threw can’t faze the target, what can the FTC do to scare Facebook into playing by the book? Make it do what it’s already supposed to be doing, but publicly.

How many ad campaigns is a user’s data being used for? How many internal and external research projects? How many copies are there? What data specifically and exactly is it collecting on any given user, how is that data stored, who has access to it, to whom is it sold or for whom is it aggregated or summarized? What is the exact nature of the privacy program it has in place, who works for it, who do they report to and what are their monthly findings?

These and dozens of other questions come immediately to mind as things Facebook should be disclosing publicly in some way or another, either directly to users in the case of how one’s data is being used, or in a more general report, such as what concrete measures are being taken to prevent exfiltration of profile data by bad actors, or how user behavior and psychology is being estimated and tracked.

Not easy or convenient questions to answer at all, let alone publicly and regularly. But if the FTC wants the company to behave, it has to impose this level of responsibility and disclosure. Because, as Facebook has already shown, it cannot be trusted to disclose it otherwise. Light touch regulation is all well and good… until it isn’t.

This may in fact be such a major threat to Facebook’s business — imagine having to publicly state metrics that are clearly at odds with what you tell advertisers and users — that it might attempt to negotiate a larger initial fine in order to avoid punitive measures such as those outlined here. Volkswagen spent billions not on fines, but in sort of punitive community service to mitigate the effects of its emissions cheating. Facebook too could be made to shell out in this indirect way.

What the FTC is capable of requiring from Facebook is an open question, since the scale and nature of these violations are unprecedented. But whatever they come up with, the part with a dollar sign in front of it — however many places it goes to — will be the least of Facebook’s worries.

If you’ve ever enthusiastically sent your spit off in the mail, you were probably anxious for whatever unexpected insights the current crop of DNA testing companies would send back. Did your ancestors hang out on the Iberian peninsula? What version of your particular family lore does the science support?

Most people who participate in mail-order DNA testing don’t think to question the science behind the results — it’s science after all. But because DNA testing companies lack aggressive oversight and play their algorithms close to the chest, the gems of genealogical insight users hope to glean can be more impressionistic than most of these companies let on.

To that point, Charlsie Agro, host of CBC’s Marketplace, and her twin sister sent for DNA test kits from five companies: 23andMe, AncestryDNA, MyHeritage, FamilyTreeDNA and Living DNA.

As CBC reports, “Despite having virtually identical DNA, the twins did not receive matching results from any of the companies.” That bit shouldn’t come as a surprise. Each company uses its own special sauce to analyze DNA so it’s natural that there would be differences. For example one company, FamilyTreeDNA, attributed 14% of the twins’ DNA to the Middle East, unlike the other four sets of results.

Beyond that, most results were pretty predictable — but things got a bit weird with the 23andMe data.

As CBC reports:

“According to 23andMe’s findings, Charlsie has nearly 10 per cent less “broadly European” ancestry than Carly. She also has French and German ancestry (2.6 per cent) that her sister doesn’t share.

The identical twins also apparently have different degrees of Eastern European heritage — 28 per cent for Charlsie compared to 24.7 per cent for Carly. And while Carly’s Eastern European ancestry was linked to Poland, the country was listed as “not detected” in Charlsie’s results.”

The twins shared their DNA with a computational biology group at Yale which verified that the DNA they sent off was statistically pretty much identical. When questioned for the story, 23andMe noted that its analyses are “statistical estimates” — a phrase that customers should bear in mind.

It’s worth remembering that the study isn’t proper science. With no control group and an n (sample size) of one set of twins, nothing definitive can be gleaned here. But it certainly raises some interesting questions.

Twin studies have played a vital role in scientific research for ages. Often, twin studies allow researchers to explore the effects of biology against those of the environment across any number of traits — addiction, mental illness, heart disease, and so on. In the case of companies like 23andMe, twin studies could shed a bit of light on the secret algorithms that drive user insights and revenue.

Beyond analyzing the cold hard facts of your DNA, companies like 23andMe attract users with promises of “reports” on everything from genetic health risks to obscure geographic corners of a family tree. Most users don’t care about the raw data — they’re after the fluffier, qualitative stuff. The qualitative reporting is where companies can riff a bit, providing a DNA-based “personal wellness coach” or advice about whether you’re meant to be a morning person or a night owl.

Given the way these DNA services work, their ancestry results are surprisingly malleable over time. As 23andMe notes, “because these results reflect the ancestries of individuals currently in our reference database, expect to see your results change over time as that database grows.” As many non-white DNA testing customers have found, many results aren’t nearly as dialed in for anyone with most of their roots beyond Europe. Over time, as more people of color participate, the pool of relevant DNA grows.

Again, the CBC’s casual experiment is by no means definitive science — but neither are DNA testing services. For anyone waiting with bated breath for their test results, remember that there’s still a lot we don’t know about how these companies come to their conclusions. Given the considerable privacy trade-off in handing your genetic material over to big pharma through a for-profit intermediary, it’s just some food for thought.