Category: UNCATEGORIZED

It’s official: Days after Amazon CEO Jeff Bezos was peppered with awkward questions by US lawmakers concerned about the market power of his ecommerce empire, the UK’s competition regulator has confirmed it’s happy for the tech giant to take a 16% bite out of local on-demand food delivery app, Deliveroo.

The CMA had been investigating the planned stake for some 15 months, completing phase one of its scrutiny in December. At the time it decided it had enough concerns to move to a phase 2 probe — chewing over whether or not the stake might discourage Amazon from re-entering the online restaurant food market and “further developing its presence within the online convenience grocery delivery market in the UK”, as it put it.

Soon after the regulator started in on this work COVID-19 struck Europe — impacting investigation as it had a marked impact on Deliveroo’s business. Initially the impact of the coronavirus looked negative, with Deliveroo claiming it would have gone out of business without Amazon’s stake. The CMA concurred with this analysis, treating it as a “failing firm” and reasoning that Deliveroo’s exit from the market would have been worse for competition — thereby provisionally clearing the Amazon stake in April.

Then again in June the regulator provisionally cleared the deal — although it now no longer considered Deliveroo failing, being as, from April 2020, it found a sharper than expected recovery in the restaurant food delivery market, as well as a shift in the restaurant ‘mix’ (“towards smaller, independent restaurants and away from large fast food chains”) — both of which resulted in money being poured into Deliveroo’s coffers. Yet then — with the startup’s finances experiencing “rapid and significant turnaround” — the regulator felt it necessary to complete a “substantive assessment” to of the risks to competition.

Now it’s finally concluded that Amazon’s 16% stake does not cross the competitive risk threshold. So Bezos can crack out the bubble — assuming he knows what the heck Deliveroo is of course.

The CMA said its decision to clear the deal on competition grounds is “the culmination of extensive analysis of internal documents from Amazon and Deliveroo, a survey of more than 3,000 consumers, and extensive submissions from interested third parties”.

It said the assessment looked at how a 16% shareholding by Amazon would “affect its incentives to compete independently with Deliveroo in both restaurant delivery and online convenience grocery delivery in the coming years”.

“The CMA ultimately found that this level of investment will not substantially lessen competition in either market. However, if Amazon were to acquire a greater level of control over Deliveroo — through, for example, acquiring a controlling interest in the company — this could trigger a further investigation by the CMA,” it added.

Commenting further in a statement, Stuart McIntosh, inquiry chair, said: “Taking account of the higher legal standard that applies at Phase 2, the Group has concluded that the transaction will not result in a substantial lessening of competition in either restaurant delivery or convenience grocery delivery.”

McIntosh was also at pains to emphasize that the decision reflects the scale of the investment and Amazon ‘s “incentives to compete in both markets” — reiterating the warning that should Amazon try to increase its share of Deliveroo a fresh investigation may be triggered. 

The announcement that Amazon was leading a $575 million Series G investment in the UK food delivery app business dates back to May 2019.

The move signalled a second act for the ecommerce behemoth in the UK food delivery market, after it launched an on-demand food delivery offer with London restaurants for Prime members back in 2016. However it went on to shutter the effort a couple of years later — having faced fierce competition from the likes of Deliveroo and Uber Eats.

Responding to the CMA’s clearance of the Amazon stake, Deliveroo emphasized that “none of the five ‘Theories of Harm’ on which the CMA based its investigation have been substantiated”.

A company spokesperson also emailed this statement:

We are delighted that the CMA has concluded its 15 month investigation and that the Amazon minority investment can now go ahead.

This is fantastic news for UK customers and restaurants, and for the British economy. British born Deliveroo will use the investment to increase choice and value for customers, support for restaurants and will be able to offer more riders the flexible work they value as the company expands.

Deliveroo is excited that Amazon, the most customer-obsessed and innovative company in the world, has shown such a huge vote of confidence in Deliveroo and chosen to invest in the company’s future.

The company offered some updated business metrics, saying there are now 100,000 restaurants on its platform globally, with 30,000 joining this year alone — which it claimed points to “the extent to which the Covid crisis has seen restaurants turn to delivery as a vital source of revenue”.

“75,000 of the restaurants who work with Deliveroo globally are small, independent restaurants who have been hit hardest by the pandemic,” it added.

It’s official: Days after Amazon CEO Jeff Bezos was peppered with awkward questions by US lawmakers concerned about the market power of his ecommerce empire, the UK’s competition regulator has confirmed it’s happy for the tech giant to take a 16% bite out of local on-demand food delivery app, Deliveroo.

The CMA had been investigating the planned stake for some 15 months, completing phase one of its scrutiny in December. At the time it decided it had enough concerns to move to a phase 2 probe — chewing over whether or not the stake might discourage Amazon from re-entering the online restaurant food market and “further developing its presence within the online convenience grocery delivery market in the UK”, as it put it.

Soon after the regulator started in on this work COVID-19 struck Europe — impacting investigation as it had a marked impact on Deliveroo’s business. Initially the impact of the coronavirus looked negative, with Deliveroo claiming it would have gone out of business without Amazon’s stake. The CMA concurred with this analysis, treating it as a “failing firm” and reasoning that Deliveroo’s exit from the market would have been worse for competition — thereby provisionally clearing the Amazon stake in April.

Then again in June the regulator provisionally cleared the deal — although it now no longer considered Deliveroo failing, being as, from April 2020, it found a sharper than expected recovery in the restaurant food delivery market, as well as a shift in the restaurant ‘mix’ (“towards smaller, independent restaurants and away from large fast food chains”) — both of which resulted in money being poured into Deliveroo’s coffers. Yet then — with the startup’s finances experiencing “rapid and significant turnaround” — the regulator felt it necessary to complete a “substantive assessment” to of the risks to competition.

Now it’s finally concluded that Amazon’s 16% stake does not cross the competitive risk threshold. So Bezos can crack out the bubble — assuming he knows what the heck Deliveroo is of course.

The CMA said its decision to clear the deal on competition grounds is “the culmination of extensive analysis of internal documents from Amazon and Deliveroo, a survey of more than 3,000 consumers, and extensive submissions from interested third parties”.

It said the assessment looked at how a 16% shareholding by Amazon would “affect its incentives to compete independently with Deliveroo in both restaurant delivery and online convenience grocery delivery in the coming years”.

“The CMA ultimately found that this level of investment will not substantially lessen competition in either market. However, if Amazon were to acquire a greater level of control over Deliveroo — through, for example, acquiring a controlling interest in the company — this could trigger a further investigation by the CMA,” it added.

Commenting further in a statement, Stuart McIntosh, inquiry chair, said: “Taking account of the higher legal standard that applies at Phase 2, the Group has concluded that the transaction will not result in a substantial lessening of competition in either restaurant delivery or convenience grocery delivery.”

McIntosh was also at pains to emphasize that the decision reflects the scale of the investment and Amazon ‘s “incentives to compete in both markets” — reiterating the warning that should Amazon try to increase its share of Deliveroo a fresh investigation may be triggered. 

The announcement that Amazon was leading a $575 million Series G investment in the UK food delivery app business dates back to May 2019.

The move signalled a second act for the ecommerce behemoth in the UK food delivery market, after it launched an on-demand food delivery offer with London restaurants for Prime members back in 2016. However it went on to shutter the effort a couple of years later — having faced fierce competition from the likes of Deliveroo and Uber Eats.

Responding to the CMA’s clearance of the Amazon stake, Deliveroo emphasized that “none of the five ‘Theories of Harm’ on which the CMA based its investigation have been substantiated”.

A company spokesperson also emailed this statement:

We are delighted that the CMA has concluded its 15 month investigation and that the Amazon minority investment can now go ahead.

This is fantastic news for UK customers and restaurants, and for the British economy. British born Deliveroo will use the investment to increase choice and value for customers, support for restaurants and will be able to offer more riders the flexible work they value as the company expands.

Deliveroo is excited that Amazon, the most customer-obsessed and innovative company in the world, has shown such a huge vote of confidence in Deliveroo and chosen to invest in the company’s future.

The company offered some updated business metrics, saying there are now 100,000 restaurants on its platform globally, with 30,000 joining this year alone — which it claimed points to “the extent to which the Covid crisis has seen restaurants turn to delivery as a vital source of revenue”.

“75,000 of the restaurants who work with Deliveroo globally are small, independent restaurants who have been hit hardest by the pandemic,” it added.

Way back in the before times of October 2019, Microsoft announced that it would be expanding its Designed for Xbox stamp of approval to a line of mobile accessories. The play was pretty obvious: The company is trying to get serious about smartphone gaming through the backdoor approach of its own Project xCloud streaming service.

Without a major in-person gaming conference this summer, Microsoft is announcing a number of new additions to the line this morning, by way of blog post. The line is getting five approved devices from names that should prove familiar to anyone with a passing interest in gaming accessories. All of them go up for pre-order today, ahead of the September 15 launch of the Xbox Game Pass Ultimate.

Most of the included accessories are, unsurprisingly, controllers. Aside from latency, the biggest hurdle to this type of technology is control. After all, we’re talking about playing console games on a touchscreen handset. Without a sufficient accessory, the vast majority of titles just aren’t going to fly here.

Thankfully, Razer, PowerA and 8bitdo all have forthcoming controllers designed expressly for the purpose of xCloud streaming. Both the expandable Razer Kishi and PowerA MOGA XP7-X Plus Bluetooth controllers run $100, while the clever mini 8bitdo is $50. PowerA and 8bitdo also offer smartphone clips for wireless Xbox controllers, priced at $15.

Also getting the Xbox thumbs-up are the $100 Arctis 1 from SteelSeries. The headphones are designed specifically to switch back and forth between console games and mobile devices.

“Marketing Cloud” has become an increasingly popular concept in the world of marketing technology — used by the likes of Salesforce, Adobe, Oracle and others to describe their digital toolsets for organizations to identify and connect with customers. Now, a startup that is building its own take on the idea aimed specifically at e-commerce companies is announcing some funding after seeing a surge of business in the last few months.

Yotpo, which provides a suite of tool to help direct-to-comsumer and other e-commerce players build better relationships with customers, is today announcing that it has raised $75 million in funding, money it will use to continue growing its suite of products, as well as to acquire more customers and build out more integration partnerships.

The Series E included a number of Yotpo’s existing investors, namely Bessemer Venture Partners, Access industries (the owner of Warner Music Group, among a number of other holdings) and Vertex Ventures (a subsidiary of Temasek), new investor Hanaco (which focuses on Israeli startups — Yotpo is co-headquartered in Tel Aviv and New York), and other unnamed investors.

It brings the total raised by the startup to $176 million, and while it’s not disclosing valuation, its CEO Tomer Tagrin — who co-founded the company with COO Omri Cohen — describes it as “nearly a unicorn.”

“I like to call what we’re building a flamingo, which is also a rare and beautiful animal but also a real thing, and we are a proper business,” he said in an interview, adding that Yotpo is on target for ARR next year to be $100 million.

The company had its start as an app in Shopify’s App Store, providing tools to Shopify customers to help with customer engagement by way of user-generated content, and while it has outgrown that single relationship — it now has some 500 additional strategic partners, including Salesforce, Adobe, BigCommerce and others — Yotpo’s CEO still likes to describe his company in Shopify-ish terms.

“Just as Shopify manages your business, we manage your customers end to end,” Tagrin said. He said that while it’s great to see the bigger trend of consolidation around marketing clouds, it’s not a one-size-fits-all problem. He believes Yotpo’s e-commerce-specific approach to that stands apart from the pack because it addresses issues unique to D2C and other e-commerce companies.

Yotpo’s services today include SMS and visual marketing, loyalty and referral services, and reviews and ratings, which are used by a range of e-commerce companies, spanning from newer direct-to-consumer brands like Third Love and Away, to more established names like Patagonia and 1800flowers. Some of these have been built in-house, and some by way of acquisition — most recently, SMSBump, in January. The plan is to use some of the funding also to continue that acquisition strategy.

“Since our first investment more than three years ago, Tomer and Omri have executed flawlessly, expanding the product suite, serving a wider range of customers, and continually hiring strong talent across the organization,” says Adam Fisher, a Partner at BVP, in a statement. “Yotpo is singularly focused on helping direct-to-consumer eCommerce brands solve the dual challenge of engaging consumers and increasing revenue, and with their multi-product strategy and innovative edge, they are uniquely positioned to dominate the eCommerce industry for years to come.”

Yotpo is built as a freemium platform, with some 9,000 customers paying for services, and a further 280,000 customers on its free usage tier. Customer count grew by 250% in the last year, Tagrin said.

The COVID-19 pandemic has had a well-documented impact on internet use, and specifically e-commerce, as people turned to digital channels in record numbers to procure things while complying with shelter-in-place orders, or trying to increase social distancing to slow down the spread of the coronavirus.

E-commerce has been on the rise for years, but the acceleration of that trend has been drastic since February, with revenue and spend both regularly exceeding baseline figures over the last several months, according to research from digital marketing agency Common Thread Collective.

That, in turn, had a big impact on companies that help enable those e-commerce enterprises operate in more direct and personable ways. Yotpo was a direct beneficiary: it said it had a surge of sign-ups of new customers, many taking paid services, working out to a 170% year-on-year ARR and lower customer churn.

The bigger picture, of course, is not completely rosy, with thousands of layoffs across the whole tech service, and a huge number of brick-and-mortar business closures. Those economic indicators could ultimately also have a knock-on effect not just in more business moving online, but also a slowdown in spending overall.

That will inevitably have an impact on startups like Yotpo, too, which is definitely on a rise now but will continue to think longer term about the impact and how it can continue to diversify its products to meet a wider set of customer use cases.

For example, today, the company addresses customer care needs by way of integrations with companies like Zendesk, but longer term it might consider how it can bring in services like this to continue to build out the touchpoints between D2C brands and their customers, and specifically running those through a bigger picture of the customer as profiled on Yotpo’s platform.

This is a big part of our product in our meetings and debates,” Tagrin said about product expansions.

“I do think any celebration of growth and funding comes to me with something else: we need to be internalising more what is going on,” he said. “The world is not back to normal and we shouldn’t act like it is.”

The UK government is suspending the use of an algorithm used to stream visa applications after concerns were raised the technology bakes in unconscious bias and racism.

The tool had been the target of a legal challenge. The Joint Council for the Welfare of Immigrants (JCWI) and campaigning law firm Foxglove had asked a court to declare the visa application streaming algorithm unlawful and order a halt to its use, pending a judicial review.

The legal action had not run its full course but appears to have forced the Home Office’s hand as it has committed to a redesign of the system.

A Home Office spokesperson confirmed to us that from August 7 the algorithm’s use will be suspended, sending us this statement via email: “We have been reviewing how the visa application streaming tool operates and will be redesigning our processes to make them even more streamlined and secure.”

Although the government has not accepted the allegations of bias, writing in a letter to the law firm: “The fact of the redesign does not mean that the [Secretary of State] accepts the allegations in your claim form [i.e. around unconscious bias and the use of nationality as a criteria in the streaming process].”

The Home Office letter also claims the department had already moved away from use of the streaming tool “in many application types”. But it adds that it will approach the redesign “with an open mind in considering the concerns you have raised”.

The redesign is slated to be completed by the autumn, and the Home Office says an interim process will be put in place in the meanwhile, excluding the use of nationality as a sorting criteria.

The JCWI has claimed a win against what it describes as a “shadowy, computer-driven” people sifting system — writing on its website: “Today’s win represents the UK’s first successful court challenge to an algorithmic decision system. We had asked the Court to declare the streaming algorithm unlawful, and to order a halt to its use to assess visa applications, pending a review. The Home Office’s decision effectively concedes the claim.”

The department did not respond to a number of questions we put to it regarding the algorithm and its design processes — including whether or not it sought legal advice ahead of implementing the technology in order to determine whether it complied with the UK’s Equality Act.

“We do not accept the allegations Joint Council for the Welfare of Immigrants made in their Judicial Review claim and whilst litigation is still on-going it would not be appropriate for the Department to comment any further,” the Home Office statement added.

The JCWI’s complaint centered on the use, since 2015, of an algorithm with a “traffic-light system” to grade every entry visa application to the UK.

“The tool, which the Home Office described as a digital ‘streaming tool’, assigns a Red, Amber or Green risk rating to applicants. Once assigned by the algorithm, this rating plays a major role in determining the outcome of the visa application,” it writes, dubbing the technology “racist” and discriminatory by design, given its treatment of certain nationalities.

“The visa algorithm discriminated on the basis of nationality — by design. Applications made by people holding ‘suspect’ nationalities received a higher risk score. Their applications received intensive scrutiny by Home Office officials, were approached with more scepticism, took longer to determine, and were much more likely to be refused.

“We argued this was racial discrimination and breached the Equality Act 2010,” it adds. “The streaming tool was opaque. Aside from admitting the existence of a secret list of suspect nationalities, the Home Office refused to provide meaningful information about the algorithm. It remains unclear what other factors were used to grade applications.”

Since 2012 the Home Office has openly operated an immigration policy known as the ‘hostile environment’ — applying administrative and legislative processes that are intended to make it as hard as possible for people to stay in the UK.

The policy has led to a number of human rights scandals. (We also covered the impact on the local tech sector by telling the story of one UK startup’s visa nightmare last year.) So applying automation atop an already highly problematic policy does look like a formula for being taken to court.

The JCWI’s concern around the streaming tool was exactly that it was being used to automate the racism and discrimination many argue underpin the Home Office’s ‘hostile environment’ policy. In other words, if the policy itself is racist any algorithm is going to pick up and reflect that.

“The Home Office’s own independent review of the Windrush scandal, found that it was oblivious to the racist assumptions and systems it operates,” said Chai Patel, legal policy director of the JCWI, in a statement. “This streaming tool took decades of institutionally racist practices, such as targeting particular nationalities for immigration raids, and turned them into software. The immigration system needs to be rebuilt from the ground up to monitor for such bias and to root it out.”

“We’re delighted the Home Office has seen sense and scrapped the streaming tool. Racist feedback loops meant that what should have been a fair migration process was, in practice, just ‘speedy boarding for white people.’ What we need is democracy, not government by algorithm,” added Cori Crider, founder and director of Foxglove. “Before any further systems get rolled out, let’s ask experts and the public whether automation is appropriate at all, and how historic biases can be spotted and dug out at the roots.”

In its letter to Foxglove, the government has committed to undertaking Equality Impact Assessments and Data Protection Impact Assessments for the interim process it will switch to from August 7 — when it writes that it will use “person-centric attributes (such as evidence of previous travel”, to help sift some visa applications, further committing that “nationality will not be used”.

Some types of applications will be removed from the sifting process altogether, during this period.

“The intent is that the redesign will be completed as quickly as possible and at the latest by October 30, 2020,” it adds.

Asked for thoughts on what a legally acceptable visa streaming algorithm might look like, Internet law expert Lilian Edwards told TechCrunch: “It’s a tough one… I am not enough of an immigration lawyer to know if the original criteria applied re suspect nationalities would have been illegal by judicial review standard anyway even if not implemented in a sorting algorithm. If yes then clearly a next generation algorithm should aspire only to discriminate on legally acceptable grounds.

“The problem as we all know is that machine learning can reconstruct illegal criteria — though there are now well known techniques for evading that.”

“You could say the algorithmic system did us a favour by confronting illegal criteria being used which could have remained buried at individual immigration officer informal level. And indeed one argument for such systems used to be ‘consistency and non-arbitrary’ nature. It’s a tough one,” she added.

Earlier this year the Dutch government was ordered to halt use of an algorithmic risk scoring system for predicting the likelihood social security claimants would commit benefits or tax fraud — after a local court found it breached human rights law.

In another interesting case, a group of UK Uber drives are challenging the legality of the gig platform’s algorithmic management of them under Europe’s data protection framework — which bakes in data access rights, including provisions attached to legally significant automated decisions.

WhatsApp, one of the most popular instant messaging platforms on the planet, has rolled out a new feature in select markets that makes it easier for users to verify whether the assertions made in messages they have received on the app are true.

The Facebook -owned service has enabled users in Brazil, Italy, Ireland, Mexico, Spain, UK, and US to click on a magnifying glass-shaped icon next to frequently forwarded messages — those that have been forwarded at least five times — to search the web for their contents and verify them.

WhatsApp said the new feature, called ‘search the web’, works by allowing users to upload the message — it could be text or an image — via their browser. This means that WhatsApp itself never sees the content of any message, it said in a blog post.

The feature, available across WhatsApp’s Android, iOS, and Web apps, is in pilot stage, the messaging platform said. It remains unclear how soon WhatsApp intends to roll out this feature, which it began testing several months ago, to users across the globe.

But regardless, the new feature comes at a time when WhatsApp and other messaging platforms are being used more often than ever before as people stay in touch with their friends, families, and colleagues at the height of a global pandemic.

WhatsApp, which has been forced to confront with the spread of misinformation challenge on its platform in recent years, has introduced several features and imposed restrictions to better control the flow in the past year.

In April, WhatsApp put in place additional restriction on how frequently a message could be shared on its platform. WhatsApp said that any message that has been forwarded five or more times will now face a new limit that will prevent a user from forwarding it to more than one chat (contact) at a time. Weeks later, volume of “highly forwarded” messages had already dropped by 70% globally, it claimed.

Though WhatsApp has visibly rushed to take timely actions in recent quarters, misinformation has not vanished from the app. Ill-informed explanations about Indian government’s moves, and “cures” of Covid-19 were still doing rounds on the platform a few months ago in India, its biggest market, for intance. And to be fair, there’s only so much a tech firm can do to fight human stupidity.

Twitter has disclosed it’s facing a potential fine of more than a hundred million dollars as a result of a probe by the Federal Trade Commission (FTC) which believes the company violated a 2011 consent order by using data provided by users for a security purpose to target them with ads.

In an SEC filing, reported on earlier by the New York Times, Twitter revealed it received the draft complaint from the FTC late last month. The activity the regulator is complaining about is alleged to have taken place between 2013 and 2019.

Last October the social media firm publicly disclosed it had used phone numbers and email addresses provided by users to set up two-factor authentication to bolster the security of their accounts in order to serve targeted ads — blaming the SNAFU on a tailored audiences program, which allows companies to target ads against their own marketing lists.

Twitter found that when advertisers uploaded their own marketing lists (of emails and/or phone numbers) it matched users to data they had submitted purely to set up two-factor authentication on their Twitter account.

“The allegations relate to the Company’s use of phone number and/or email address data provided for safety and security purposes for targeted advertising during periods between 2013 and 2019,” Twitter writes in the SEC filing. “The Company estimates that the range of probable loss in this matter is $150.0 million to $250.0 million and has recorded an accrual of $150.0 million.”

“The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome,” it adds.

We’ve reached out to Twitter with questions.

The company has had a torrid few weeks on the security front, suffering a major security incident last month after hackers gained access to its internal account management tools, enabling them to access accounts of scores of verified Twitter users, including Bill Gates, Elon Musk and Joe Biden, and use them to send cryptocurrency scam tweets. Police have since charged three people with the hack, including a 17-year-old Florida teen.

In June Twitter also disclosed a security lapse may have exposed some business customers’ information. While it was forced to report another crop of security incidents last year — including after a researcher identifying a bug that allowed him to discover phone numbers associated with millions of Twitter accounts.

Twitter also admitted it gave account location data to one of its partners, even if the user had opted-out of having their data shared; and inadvertently gave its ad partners more data than it should have.

Additionally, the company is now at the front of a long queue of tech giants pending enforcement in Europe, related to major GDPR complaints — where regional fines for data violations can scale to 4% of a company’s global annual turnover. Twitter’s lead data protection regulator, Ireland’s DPC, submitted a draft decision related to a probe of one of its security breaches to the bloc’s other data agencies in May — with a final decision slated as likely this summer.

The decision relates to an investigation the regulator instigated following yet another major security fail by Twitter in 2018 — when it revealed a bug had resulted in some passwords being stored in plain text.

As we reported at the time it’s pretty unusual for a company of such size to make such a basic security mistake. But Twitter has a very long history of failing to protect users’ data — with additional hacking incidents all the way back in 2009 leading to the 2011 FTC consent order.

Under the terms of that settlement Twitter was barred for 20 years from misleading consumers about the safety of their data in order to resolve FTC charges that it had “deceived consumers and put their privacy at risk by failing to safeguard their personal information”.

It also agreed to establish and maintain “a comprehensive information security program”, with independent auditor assessments taking place every other year for 10 years.

Given the terms of that order a fine does indeed look inevitable. However the wider failing here is that of US regulators — which, for over a decade, have failed to grapple with the exploitative, surveillance-based business models that have led to breaches and security lapses by a number of data-mining adtech giants, not just Twitter.

Twitter has disclosed it’s facing a potential fine of more than a hundred million dollars as a result of a probe by the Federal Trade Commission (FTC) which believes the company violated a 2011 consent order by using data provided by users for a security purpose to target them with ads.

In an SEC filing, reported on earlier by the New York Times, Twitter revealed it received the draft complaint from the FTC late last month. The activity the regulator is complaining about is alleged to have taken place between 2013 and 2019.

Last October the social media firm publicly disclosed it had used phone numbers and email addresses provided by users to set up two-factor authentication to bolster the security of their accounts in order to serve targeted ads — blaming the SNAFU on a tailored audiences program, which allows companies to target ads against their own marketing lists.

Twitter found that when advertisers uploaded their own marketing lists (of emails and/or phone numbers) it matched users to data they had submitted purely to set up two-factor authentication on their Twitter account.

“The allegations relate to the Company’s use of phone number and/or email address data provided for safety and security purposes for targeted advertising during periods between 2013 and 2019,” Twitter writes in the SEC filing. “The Company estimates that the range of probable loss in this matter is $150.0 million to $250.0 million and has recorded an accrual of $150.0 million.”

“The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome,” it adds.

We’ve reached out to Twitter with questions.

The company has had a torrid few weeks on the security front, suffering a major security incident last month after hackers gained access to its internal account management tools, enabling them to access accounts of scores of verified Twitter users, including Bill Gates, Elon Musk and Joe Biden, and use them to send cryptocurrency scam tweets. Police have since charged three people with the hack, including a 17-year-old Florida teen.

In June Twitter also disclosed a security lapse may have exposed some business customers’ information. While it was forced to report another crop of security incidents last year — including after a researcher identifying a bug that allowed him to discover phone numbers associated with millions of Twitter accounts.

Twitter also admitted it gave account location data to one of its partners, even if the user had opted-out of having their data shared; and inadvertently gave its ad partners more data than it should have.

Additionally, the company is now at the front of a long queue of tech giants pending enforcement in Europe, related to major GDPR complaints — where regional fines for data violations can scale to 4% of a company’s global annual turnover. Twitter’s lead data protection regulator, Ireland’s DPC, submitted a draft decision related to a probe of one of its security breaches to the bloc’s other data agencies in May — with a final decision slated as likely this summer.

The decision relates to an investigation the regulator instigated following yet another major security fail by Twitter in 2018 — when it revealed a bug had resulted in some passwords being stored in plain text.

As we reported at the time it’s pretty unusual for a company of such size to make such a basic security mistake. But Twitter has a very long history of failing to protect users’ data — with additional hacking incidents all the way back in 2009 leading to the 2011 FTC consent order.

Under the terms of that settlement Twitter was barred for 20 years from misleading consumers about the safety of their data in order to resolve FTC charges that it had “deceived consumers and put their privacy at risk by failing to safeguard their personal information”.

It also agreed to establish and maintain “a comprehensive information security program”, with independent auditor assessments taking place every other year for 10 years.

Given the terms of that order a fine does indeed look inevitable. However the wider failing here is that of US regulators — which, for over a decade, have failed to grapple with the exploitative, surveillance-based business models that have led to breaches and security lapses by a number of data-mining adtech giants, not just Twitter.

TaxScouts, the U.K. tax preparation startup founded by TransferWise and MarketInvoice alumni, has raised £5 million in Series A funding for European expansion.

Leading the round is Octopus Ventures, with previous investors SpeedInvest, Seedcamp and Finch Capital, following on. Also participating is Clocktower Technology Ventures, the U.S. venture capital firm specialising in financial technology.

Aiming to build a “pan-European” tax filing service, first stop outside the U.K. is Spain, with TaxScouts having already appointed a Madrid-based country manager. It says it has chosen Spain based on the size of the market and the complexity of the local tax system, and will expand to further European markets in the near future.

Combining “automation” with a network of human accountants, TaxScouts’ service is designed to support you through your annual tax filing preparation and submission. The company charges a simple flat fee — currently £119 in the U.K. — and promises a quick turnaround, typically just 1-2 days.

To achieve this, the web app walks you through your tax status, income and expenses without assuming too much prior knowledge. This includes asking you to upload or take a photo of any required documents, such as invoices or dividend certificates. The idea is that all of the admin is captured digitally and packaged up ready for an assigned accountant to check.

TaxScouts says the new Series A investment will be used to develop the company’s Spanish service and make key hires across its engineering, product, and marketing teams.

Mart Abramov, co-founder and CEO of TaxScouts, comments: “We see a huge amount of potential in launching TaxScouts into Spain. Naturally, the weather and the wine were considered when picking the market, but having successfully built a solution for one of the trickiest tax systems in Europe, we are confident that we can deliver another great product for Spain’s complex tax structure. The market is double that of the UK, and this is the first step to us building a pan-European tax service”.

Grab announced today that its financial unit, which previously focused mainly on services for entrepreneurs and small businesses, is launching a slew of consumer products, including micro-investments, loans, health insurance and a pay-later program.

Based in Singapore, Grab began in 2012 as a ride-hailing company before expanding into on-demand deliveries and other services. In January 2019, it formed a joint venture with ZhongAn Insurance to build a digital insurance marketplace. Since then, its financial services portfolio has grown through a series of partnerships and the acquisition of Bento, which allowed it to offer investment and wealth management services as well.

In February, Grab announced that it had raised up to $856 million to speed up development of its payments and financial services.

Yesterday, Bloomberg reported that Grab raised $200 billion from South Korean private equity firm Stic, bringing its total funding so far to more than $10 billion at a valuation of about $14.3 billion. A Grab spokesperson declined TechCrunch’s request for comment on that raise.

Tapping into a growing market

During a call with reporters today, when asked if Grab has a timeline for reaching profitability, Reuben Lai, senior managing director at Grab Financial Group, said there isn’t one yet, but “research has shown that there is a real demand for the products we are launching today. What we really want to do is focus on consumers and make sure we deliver products they use. We think profitability and sustainability will follow.”

Grab Financial Group’s new products including AutoInvest, a platform that allows consumers to invest small sums of money through Grab’s app; consumer loans; a buy now, pay later program; and expanded insurance offerings, including hospital insurance that will first launch in Indonesia.

While Grab’s new consumer products were in the works before the COVID-19 pandemic, Lai said the crisis has accelerated demand for services like online shopping, digital payments and insurance.

Grab’s consumer products will compete with services like StashAway, an online investment platform based in Singapore, but Lai said Grab Financial Group’s competitive edge is that there are already millions of Grab users in Southeast Asia. This gives it a built-in consumer base and also data to continually refresh the scoring models it uses to determine creditworthiness.

According to a 2019 report by e-Conomy Asia, a research program run by Google and Temasek, about 70% of people in Southeast Asia are “underbanked,” meaning that they lack access to credit cards or long-term savings products. Even in Singapore, one of Asia’s financial centers, about 40% of consumers qualify as underbanked. Bain and e-Conomy estimate that the digital financial services in Southeast Asia can generate $60 billion in revenue by 2025, making it a lucrative market for Grab.

Micro-investing and insurance

Most of the unit’s insurance was previously focused on Grab’s ecosystem, including drivers and merchants on its platform. But new products, like hospital coverage that will launch in Indonesia first to supplement the country’s national healthcare system, are targeted at consumers.

Chandrima Das, who founded Bento in 2016 and is now head of GrabInvest, said Grab’s new micro-investment product will be accessible through Grab’s digital wallet. Returns can be cashed out and spent on Grab services or merchants that accept GrabPay. it is partnered with liquid fixed-income funds managed by Fullerton Fund Management and UOB Asset Management, and allows users to invest as little as SGD $1 at a time, with the potential to earn returns about about 1.8%. It will launch first in Singapore at the beginning of September.

While Grab Financial Group already offers working capital loans to drivers and purchase financing for merchants on its platform, its new consumer credit products include PayLater, which allows users to pay for Grab services at the end of each month, and will first be available in Singapore and Malaysia.

The company is also offering consumer loans with an application process that it Ankur Mehrota, Grab Financial Group’s head of lending, says is so simple “you can do it while sitting on your couch watching Netflix.” Grab will partner with licensed banks and financial institutions to help verify users’ creditworthiness. Once approved, lenders can use Grab’s Buy Now Pay Later services, which allows them to pay in monthly installments or defer payments to the following month.

Mehrota said benefits of the program for merchants include increased gross merchandise value, larger basket sizes and lower cart abandonment rates.