Category: UNCATEGORIZED

North’s Focals smart glasses are the first in the category to even approach mainstream appeal, but to date, the only way to get a pair has been to go into a physical North showroom and get a custom fitting, and then return once they’re ready for a pick-up and final adjustment. Now, North has released its Showroom app, which makes Focals available across the U.S. and Canada without an in-person appointment.

This approach reduces considerable friction, and it’s able to do so thanks to technology available on board the iPhone X or later – essentially the same tech that makes Face ID possible. People can go through the sizing and fitting process using these later model iPhones (and you can borrow a friend’s if you’re on Android or an older iOS device) and then North takes those measurements and can produce either prescription or non-prescription Focals, shipped directly to your door after a few weeks.

The Showroom app also includes an AR-powered virtual try-on feature for making sure you like the look of the frames, and for picking out your favorite color. Once the Focals show up at your door, the final fitting process is also something you can do at home, guided by the app’s directions for getting the fit just right.

Should you still want to hit an actual physical showroom, North’s still going to be operating its Brooklyn and Toronto storefronts, and will be operating pop-ups across North America as well.

Focals began shipping earlier this year, bringing practical smart notification, guidance and other software experiences to your field of view via a tiny projector and in-lens transparent display. North, which previously existed as Thalmic Labs and created the Myo gesture control armband, recognized that they were building control devices optimized for exactly this kind of application, but also found that no one was yet getting wearable tech like smart glasses right. Last year, Thalmic Labs pivoted to become North and focus on Focals as a result.

Since launching its smart glasses to consumers, it’s been iterating the software to consistently add new features, and making them more accessible to customers. An early price drop significantly lessened sticker shock, and now removing the requirement to actually visit a location in person to both order and collect the glasses should help expand their customer base further still.

Julo, a peer-to-peer lending platform in Indonesia, said on Wednesday it has extended its $5 million Series A raise to $15 million as it looks to scale its business in the key Southeast Asian market.

The $10 million Series A2 round for the Jakarta-headquartered startup was led by Quona Capital, with Skystar, East Ventures, Provident, Gobi Partners, and Convergence participating in it. The two-year-old startup, which has raised about $16 million to date, is now closing the round, Adrianus Hitijahubessy, co-founder and CEO of Julo, told TechCrunch in an interview.

Through its eponymous Android app, Julo provides loans of about $300 to users at aggressively competitive rate of 3-5% per month — one of its key differentiating factors. Julo has managed to keep its interest rate low because its credit scoring system is more efficient than those of its rivals, claimed Hitijahubessy, who has amassed more than a decade of experience in credit scoring system using alternative data from his previous stints.

“There are lots of players in this market. Not just Indonesia, but globally. But it comes down to who actually knows what they are doing. The bar is becoming higher and it is increasingly becoming difficult for digital lending companies to just launch an app and charge high interest rate,” he said.

Julo works with banks and individuals to finance loans to customers. It says it has disbursed about $50 million to date.

Hitijahubessy said Julo will use the fresh capital to expand the team and enhance its credit score system. The startup intends to focus on growing its business in Indonesia itself.

In a statement, Ganesh Rengaswamy, co-founder and partner of Quona Capital, said, “a significant majority of JULO’s loans are used for productive purposes that can enhance the economic well-being of families and small businesses — driving financial inclusion in Indonesia, which is a cornerstone of Quona’s focus.”

Digital lending is becoming an increasingly crowded space in South Asian markets. In India, for instance, a growing number of digital mobile wallets including Paytm and MobiKwik have recently started to offer credits to customers.

Tableau was acquired by Salesforce earlier this year for $15.7 billion, but long before that, the company had been working on its Fall update, and today it announced several new tools including a new feature called ‘Explain Data’ that uses AI to get to insight quickly.

“What Explain Data does is it moves users from understanding what happened to why it might have happened by automatically uncovering and explaining what’s going on in your data. So what we’ve done is we’ve embedded a sophisticated statistical engine in Tableau, that when launched automatically analyzes all the data on behalf of the user, and brings up possible explanations of the most relevant factors that are driving a particular data point,” Tableau chief product officer, Francois Ajenstat explained.

He added that what this really means is that it saves users time by automatically doing the analysis for them, and It should help them do better analysis by removing biases and helping them dive deep into the data in an automated fashion.

Ajenstat says this is a major improvement in that previously users would have do all of this work manually. “So a human would have to go through every possible combination, and people would find incredible insights, but it was manually driven. Now with this engine, they are able to essentially drive automation to find those insights automatically for the users,” he said.

He says this has two major advantages. First of all, because it’s AI-driven it can deliver meaningful insight much faster, but it also it gives a more of a rigorous perspective of the data.

In addition, the company announced a new Catalog feature, which provides data bread crumbs with the source of the data, so users can know where the data came from, and whether it’s relevant or trustworthy.

Finally, the company announced a new server management tool that helps companies with broad Tableau deployment across a large organization to manage those deployments in a more centralized way.

All of these features are available starting today for Tableau customers.

Robin Healthcare,  a new startup founded by serial entrepreneurs Noah Auerhahn and Emilio Galan, is hoping to harness the power of personal assistants to make the business of healthcare easier for the physicians who practice it

The company’s technology, which works much the same way as a Google Home or Amazon Alexa or Echo, is placed in hospital rooms and transcribes and formats doctor interactions with patients to reduce paperwork and streamline the behind-the-scenes part of the process that can drive doctors to the point of distraction, the company’s co-founder said.

“I had a background doing claims data work in healthcare was at UCSF and finishing my clinical training,” says Galan. “And I was hearing lots of doctors telling me not to practice.”

The problem, says Galan, was the overabundance of paperwork. After school Galan doubled down on his work in claims and billing launching a company called HonestHealth where he worked with institutions and companies . like The Robert Wood Johnson Foundation, Consumer Reports, and the New York State Department of Health to analyze health care claims data and develop consumer applications.

Galan met Auerhahn at the HLTH conference a few years ago just as Auerhahn was looking for his next challenge after the sale of his previous company, ExtraBux.

The two men saw the wave of smart devices coming and figured there must be a way to use the technology to build a fully billable clinical report from monitoring the conversations with patients.

The company currently has dozens of its smart devices installed in hospitals around the country including a large surgical practice in Tennessee, the Campbell Clinic; Duke University Medical Center’s Private Diagnostic Clinic; the University of California San Francisco Medical Center; and Webster Orthopedics in Northern California.

Robin integrates with the major electronic health records companies, Epic and Cerner, through third party integrations that are designed to make it easier to input data automatically as doctors are assessing a patient’s condition and delivering treatments.

“Part of why Robin exists is to avoid technology interrupting care,” says Auerhahn. “Having fewer interactions with EMR is a good way to do that.”

Robin’s service is human-assisted natural language processing to make sure that the data is input correctly.

The company’s early vision has been enough to attract investors like Norwest Venture Partners, which led the company’s $11.5 million Series A round.

In all, Robin Healthcare has raised $15 million in financing. The company’s other investors include Social Leverage, the early stage investment firm founded by Howard Lindzon.

 

PlayVS, the platform that allows high school students to compete on varsity esports teams through their school, has today announced the close of a $50 million Series C led by existing investor NEA. Battery Ventures, Dick Costolo and Adam Bain of 01 Advisors, Sapphire Sport, Michael Zeisser, Dennis Phelps of IVP and cofounder of CAA Michael Ovitz.

This brings the startup’s total funding to $96 million, the vast majority of which was raised in the last 13 months.

PlayVS launched in April of 2018 under founder and CEO Delane Parnell, who believes that the opportunity of esports is fundamentally broken without high school leagues. Through an exclusive partnership with the NFHS (the NCAA of high schools), PlayVS allows schools across the country to create esports teams and participate in leagues with their neighboring schools, just like any other varsity sport.

PlayVS also partners with the game publishers, which allows the platform to pull in stats and track players performance across every game directly from the PlayVS website.

The startup charges either the player, parent/guardian or school $64 per player to participate in ‘Seasons’, PlayVS’s first product. It was launched in October of 2018 in five states and expanded to eight states this spring.

Since launch, 13,000 schools have joined the waitlist to get a varsity esports team through PlayVS, which represents 68 percent of the country. PlayVS says that just over 14,000 high schools in the United States have a football program, marking the idea of varsity esports as a relatively popular one.

With the upcoming fall Season for 2019, all 50 states will have access to the PlayVS platform, with 15 states competing for an actual State Championship in partnership with their state association. These states include Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Georgia, Hawaii, Kentucky, Massachusetts, Mississippi, Rhode Island, Virginia and Washington D.C.

States that have not gotten an endorsement from their state association will still compete regionally for a PlayVS championship. PlayVS supports League of Legends, Rocket League and SMITE with plans to support other games in the future.

Not only does PlayVS offer high school students the chance to play organized esports, but it also gives colleges and esports orgs a recruitment tool to scope and scoop young talent.

But what about that funding? Well, Parnell says that the new round gives the company a war chest to not only hire aggressively — the company has gone from 18 to 41 employees in the last year — but also to consider mergers and acquisitions as a means of growth.

Perhaps most importantly, the company will use the funding to explore products outside of high school, with eyes squarely focused on the collegiate market. With esports still in its infancy, there is a huge opportunity to provide the infrastructure of these leagues early on, and PlayVS is looking to capture that.

It’s still early days for quantum computing, but we’re nonetheless seeing an interesting group of startups emerging that are helping the world take advantage of the new technology now. Aliro Technologies, a Harvard startup that has built a platform for developers to code more easily for quantum environments — “write once, run anywhere” is one of the startup’s mottos — is today coming out of stealth and announcing its first funding of $2.7 million to get it off the ground.

The seed round is being led Flybridge Capital Partners, with participation also from Crosslink Ventures and Samsung NEXT’s Q Fund, a fund the corporate investor launched last year dedicated specifically to emerging areas like quantum computing and AI.

Aliro is wading into the market at a key moment in the development of quantum computing.

While vendors continue to build new quantum hardware to be able to tackle the kinds of complex calculations that cannot be handled by current binary-based machines, for example around medicine discovery, or multi-variabled forecasting — just today IBM announced plans for a 53-qubit device — even so, it’s widely acknowledged that the computers that have been built so far face a number of critical problems that will hamper wide adoption.

The interesting development of recent times is the emergence of startups that are tackling these specific critical problems, dovetailing that progress with that of building the hardware itself. Take the fact that quantum machines so far have been too prone to error when used for extended amounts of time: last week, I wrote about a startup called Q-CTRL that has built firmware that sits on top of the machines to identify when errors are creeping in and provide fixes to stave off crashes.

The specific area that Aliro is addressing is the fact that quantum hardware is still very fragmented: each machine has its own proprietary language and operating techniques and sometimes even purpose for which it’s been optimised. It’s a landscape that is challenging for specialists to engage in, let alone the wider world of developers.

“We’re at the early stage of the hardware, where quantum computers have no standardisation, even those based on same technology have different qubits (the basic building block of quantum activity) and connectivity. It’s like digital computing in 1940s,” said CEO and chairman Jim Ricotta. (The company is co-founded by Harvard computational materials science professor Prineha Narang along with Michael Cubeddu and Will Finegan, who are actually still undergraduate students at the university.)

“Because it’s a different style of computing, software developers are not used to quantum circuits,” and engaging with them is “not the same as using procedural languages. There is a steep on-ramp from high-performance classical computing to quantum computing.”

While Aliro is coming out of stealth, it appears that the company is not being specific with details about how its platform actually works. But the basic idea is that Aliro’s platform will essentially be an engine that will let developers work in the languages that they know, and identify problems that they would like to solve; it will then assess the code and provide a channel for how to optimise that code and put it into quantum-ready language, and suggest the best machine to process the task.

The development points to an interesting way that we may well see quantum computing develop, at least in its early stages. Today, we have a handful of companies building and working on quantum computers, but there is still a question mark over whether these kinds of machines will ever be widely deployed, or if — like cloud computing — they will exist among a smaller amount of providers who will provide access to them on-demand, SaaS-style. Such a model would seem to fit with how much computing is sold today in the form of instances, and would open the door to large cloud names like Amazon, Google and Microsoft playing a big role in how this would be disseminated.

Such questions are still theoretical, of course, given some of the underlying problems that have yet to be fixed, but the march of progress seems inevitable, with forecasts predicting that quantum computing is likely to be a $2.2 billion industry by 2025, and if this is a route that is taken, the middlemen like Aliro could play an important role.

“I have been working with the Aliro team for the past year and could not be more excited about the opportunity to help them build a foundational company in Quantum Computing software, “ said David Aronoff, General Partner at Flybridge, in a statement. “Their innovative approach and unique combination of leading Quantum researchers and a world-class proven executive team, make Aliro a formidable player in this exciting new sector.

“At Samsung NEXT we are focused on what the world will look like in the future, helping to make that a reality,” said Ajay Singh, Samsung NEXT’s Q Fund, in a statement. “We were drawn to Prineha and her team by their impressive backgrounds and extent of research into quantum computing. We believe that Aliro’s unique software products will revolutionize the entire category, by speeding up the inflection point where quantum becomes as accessible as classical computing. This could have implications on anything from drug discovery, materials development or chemistry. Aliro’s ability to map quantum circuits to heterogeneous hardware in an efficient way will be truly transformative and we’re thrilled to be on this journey with them.”

Enterprise search tools have always suffered from the success of Google. Users wanted to find the content they needed internally in the same way they found it on the web. Enterprise search has never been able to meet those lofty expectations, but today Salesforce announced Einstein Search, an AI-powered search tool for Salesforce users that is designed to point them to the exact information they are looking for.

Will Breetz, VP of product management at Salesforce says that enterprise search has suffered over the years for a variety of reasons. “Enterprise search has gotten a bad rap, but deservedly so. Part of that is because in many ways it is more difficult than consumer search, and there’s a lot of headwinds,” Breetz explained.

To solve these issues, the company decided to put the power of its Einstein artificial intelligence engine to bear on the problem. For starters, it might not know the popularity of a given topic like Google, but it can learn the behaviors of an individual and deliver the right answer based on a person’s profile including geography and past activity to deliver a more meaningful answer.

Next, it allows you to enter natural language search phrasing to find the exact information you need, and the search tool understands and delivers the results. For instance, you could enter, “my open opportunities in Boston” and using natural language understanding, the tool can translate that into the exact set of results you are looking for –your open opportunities in Boston. You could use conventional search to click a series of check boxes to narrow the list of results to only Boston, but this is faster and more efficient.

Finally, based on what the intelligence engine knows about you, and on your search parameters, it can predict the most likely actions you want to take and provide quick action buttons in the results to help you do that, reducing the time to action. It may not seem like much, but each reduced workflow adds up throughout a day, and the idea is to anticipate your requirements and help you get your work done more quickly.

Salesforce appears to have flipped the enterprise search problem. Instead of having a limited set of data being a handicap for enterprise search, it is taking advantage of that, and applying AI to help deliver more meaningful results. It’s for a limited set of findings for now such as accounts, contacts and opportunities, but the company plans to additional options over time.

India’s government has announced an immediate ban on e-cigarettes — citing youth-focused public health concerns.

In a news statement following a cabinet meeting today finance minister Nirmala Sitharaman said the ban covers production, manufacturing, import, export, transport, sale, distribution, storage and advertising of e-cigarettes.

Sitharaman suggested India’s youth are viewing e-cigarettes as a “style statement”, implying it’s encouraging them to get hooked on nicotine — whereas she noted that companies behind the vaping trend have pitched their products as a way to ween existing smokers off cigarettes.

“This decision is taken keeping in mind the impact that [e-cigarettes are] having on the youth of today,” she said of the ban order. “The data that we have largely is derived from the US’ experience and it the US the latest stats that I have before me states that there has been a 77.8% growth among school students who are at the 10th and 12th level.”

She also pointed to “surprising” growth in e-cigarette use among US middle school students — up 48.5%, per stats she cited. 

India has some 106M adult smokers, making it a major market for cigarette companies of all stripes. But with the e-cigarette ban, vaping startups like Juul are set to be shut out entirely — even as traditional tobacco giants are allowed to continue to operate.

According to the World Health Organization the use of tobacco in Indian, which includes both smoked and smokeless products, kills close to 1M people per year.

The ban on e-cigarettes will need formal approval when India’s parliament returns this fall, though this step is typically considered a formality.

Penalties for breaching the ban order include up to one year in jail and a fine of 100,000 rupees ($1,405) for first-time offenders, per Reuters. Repeat violation risks up to three years and a penalty of up to 500,000 rupees. It’s not clear whether users of e-cigarettes will risk any penalties for the act of vaping itself.

India’s ban comes at a time when the US is also preparing to tighten regulation in response to concerns around youth vaping. This month the Trump administration said it’s working on a compliance policy for flavored e-cigarettes that are especially appealing to children.

The US’ CDC public health agency also recently warned against using e-cigarettes — as it investigates a lung condition associated with vaping, following hundreds of cases and a suspected death in August.

Amazon is making it easier for customers to pay with cash for their online purchases. The retailer today announced the U.S. arrival of Amazon PayCode, a new checkout option that will allow online shoppers to pay for Amazon.com purchases at one of 15,000 Western Union locations. Separately from this, Amazon said that its Amazon Cash service, which lets you load cash into an Amazon account, is now offered at over 100,000 cash-loading locations across the U.S.

Prior to today, PayCode was available in 19 countries around the world, including emerging markets where paying with cash is more common and bank account penetration is lower than in the U.S. or Europe.

The service itself launched earlier this year in partnership with Western Union, and was initially available in 10 markets: Chile, Colombia, Hong Kong, Indonesia, Kenya, Malaysia, Peru, Philippines, Taiwan, and Thailand. It has since expanded to Barbados, Costa Rica, Federated States of Micronesia, Kazakhstan, Marshall Islands, Mauritius, Palau, Kenya, Tanzania, and Uruguay.

Instead of using a bank card to pay for online purchases, shoppers can instead choose the PayCode option at checkout on Amazon.com. They then receive a QR code they could take to a Western Union to pay for the items they wanted to buy.

At launch, Amazon said PayCode customers had 48 hours to make that payment. With its U.S. launch, that time frame narrows to 24 hours. This change is due to shorter delivery windows for U.S. customers versus cross-border customers, Amazon says, and the impact to the company’s delivery promises.

While the U.S. is a more developed market and less in need of supporting cash-based payments, cash still has a big foothold here. Amazon, citing data from the Federal Reserve Bank of San Francisco, noted that 39% of in-person payments continue to be made using cash, for example.

In the past, Amazon has addressed the un-banked (or under-banked) U.S. consumer through the Amazon Cash service. This lets shoppers load up funds on their Amazon account at places like CVS, Rite Aid, GameStop, and 7-Eleven, as well as, now, Western Union.

PayCode may be a more convenient option, as it allows you to shop first, then pay — not vice versa. Plus, Amazon notes that 80% of Americans live within 5 miles of a participating Western Union.

“We’re constantly innovating to improve the shopping experience on behalf of our customers, and are proud to expand Amazon Paycode to customers in the U.S.,” said Ben Volk, Director, Payments at Amazon, in a statement. “Customers have told us they love the convenience of paying in cash. Together with Western Union, we’re able to offer customers more shopping choices, enabling them to pay for their online purchases in a way that is convenient for them,” he added.

Cash payments are only one way Amazon is reaching a different class of online shopper.

It also in 2017 launched a low-cost version of its membership program Prime for customers on government assistance, and this year joined a USDA pilot program that lets SNAP (food stamp) recipients shop for groceries online.

The general thinking is that online shopping is no longer a luxury — it’s a system that can even benefit budget shoppers. People who have access to shop online may be able to find better deals than available at brick-and-mortar stores. In the case of Amazon Cash or now, Amazon PayCode, they may be able to eliminate multiple trips to different retailers to instead place a single Amazon.com order — saving themselves both time and gas money.

“As one of the world’s largest digital and physical money movers, we’re innovating our service to give customers more access and choice,” said Khalid Fellahi, President, Consumer Money Transfer for Western Union, in a statement. “We’re embracing the complexity of a world where cash and digital payments are likely to coexist far into the future. We are providing easy solutions for customers who want access to the convenience of online shopping but prefer to pay in-person.”

Amazon PayCode will roll out to U.S. shoppers over the next few weeks.

In cities across Russia, large boxes in locked rooms are directly connected to the networks of some of the country’s largest phone and internet companies.

These unsuspecting boxes, some the size of a washing machine, house equipment that gives the Russian security services access to the calls and messages of millions of citizens. This government surveillance system remains largely shrouded in secrecy, even though phone and web companies operating in Russia are forced by law to install these large devices on their networks.

But documents seen by TechCrunch offer new insight into the scope and scale of the Russian surveillance system — known as SORM (Russian: COPM) — and how Russian authorities gain access to the calls, messages and data of customers of the country’s largest phone provider, Mobile TeleSystems (MTS) .

The documents were found on an unprotected backup drive owned by an employee of Nokia Networks (formerly Nokia Siemens Networks), which through a decade-long relationship maintains and upgrades MTS’s network — and ensures its compliance with SORM.

Chris Vickery, director of cyber risk research at security firm UpGuard, found the exposed files and reported the security lapse to Nokia. In a report out Wednesday, UpGuard said Nokia secured the exposed drive four days later.

“A current employee connected a USB drive that contained old work documents to his home computer,” said Nokia spokesperson Katja Antila in a statement. “Due to a configuration mistake, his PC and the USB drive connected to it was accessible from the internet without authentication.”

“After this came to our attention, we contacted the employee and the machine was disconnected and brought to Nokia,” the spokesperson said.

Nokia said its investigation is ongoing.

‘Lawful intercept’

The exposed data — close to 2 terabytes in size — contain mostly internal Nokia files.

But a portion of the documents seen by TechCrunch reveals Nokia’s involvement in providing “lawful intercept” capabilities to phone and internet providers, which Russia mandates by law.

SORM, an acronym for “system for operative investigative activities,” was first developed in 1995 as a lawful intercept system to allow the Federal Security Services (FSB, formerly the KGB) to access telecoms data, including call logs and content of Russians. Changes to the law over the last decade saw the government’s surveillance powers expand to internet providers and web companies, which were compelled to install SORM equipment to allow the interception of web traffic and emails. Tech companies, including messaging apps like Telegram, also have to comply with the law. The state internet regulator, Roskomnadzor, has fined several companies for not installing SORM equipment.

Since the system’s expansion in recent years, several government agencies and police departments can now access citizens’ private data with SORM.

Most countries, including the U.S. and the U.K., have laws to force telecom operators to install lawful intercept equipment so security services can access phone records in compliance with local laws. That’s enabled an entirely new industry of tech companies, primarily network equipment providers like Nokia, to build and install technologies on telecom networks that facilitate lawful intercepts.

Alexander Isavnin, an expert at Roskomsvoboda and the Internet Protection Society, told TechCrunch that work related to SORM, however, is “classified” and requires engineers to obtain special certifications for work. He added that it’s not uncommon for the FSB to demand telecom and internet companies buy and use SORM equipment from a pre-approved company of its choosing.

The documents show that between 2016 and 2017, Nokia planned and proposed changes to MTS’s network as part of the telecom giant’s “modernization” effort.

Nokia planned to improve a number of local MTS-owned phone exchanges in several Russian cities — including Belgorod, Kursk and Voronezh — to comply with the latest changes to the country’s surveillance laws.

TechCrunch reviewed the documents, which included several floor plans and network diagrams for the local exchanges. The documents also show that the installed SORM device on each phone network has direct access to the data that passes through each phone exchange, including calls, messages and data.

The plans contain the physical address — including floor number — of each phone exchange, as well as the location of each locked room with SORM equipment in large bold red font, labeled “COPM.” One document was titled “COPM equipment installation [at] MTS’ mobile switching center,” a core function for handling calls on a cell network.

One photo showed the inside of one of the SORM rooms, containing the sealed box containing intercept equipment with the letters “COPM” in large font on the metal cabinet next to an air-conditioning unit to keep the equipment cool.

Nokia says it provides — and its engineers install — the “port” in the network to allow lawful intercept equipment to plug in and intercept data pursuant to a court order, but denied storing, analyzing or processing intercepted data.

That’s where other companies come into play. Russian lawful intercept equipment maker Malvin Systems provides SORM-compatible technology that sits on top of the “port” created by Nokia. That compatible technology allows the collection and storage of citizens’ data.

“As it is a standard requirement for lawful interception in Russia and SORM providers must be approved by the appropriate authorities, we work with other companies to enable SORM capabilities in the networks that we provide,” said Nokia’s spokesperson, who confirmed Malvin as one of those companies.

Nokia’s logo was on Malvin’s website at the time of writing. A representative for Malvin did not return a request for comment.

Another set of documents shows that the “modernized” SORM capabilities on MTS’s network also allows the government access to the telecom’s home location register (HLR) database, which contains records on each subscriber allowed to use the cell network, including their international mobile subscriber identity (IMSI) and SIM card details.

The documents also make reference to Signalling System 7 (SS7), a protocol critical to allowing cell networks to establish and route calls and text messages. The protocol has widely been shown not to be secure and has led to hacking.

MTS spokesperson Elena Kokhanovskaya did not respond to several emails requesting comment.

‘Bulk wiretapping’

Lawful intercept, as its name suggests, allows a government to lawfully acquire data for investigations and countering terrorism.

But as much as it’s recognized that it’s necessary and obligatory in most Western countries — including the U.S. — some have expressed concern at how Russia rolled out and interprets its lawful intercept powers.

Russia has long faced allegations of human rights abuses. In recent years, the Kremlin has cracked down on companies that don’t store citizens’ data within its borders — in some cases actively blocking Western companies like LinkedIn for failing to comply. The country also has limited freedom of speech, expression and dissidents, and activists are often arrested for speaking out.

“The companies will always say that with lawful interception, they’re complying with the rule of law,” said Adrian Shahbaz, research director for technology and democracy at Freedom House, a civil liberties and rights watchdog. “But it’s clear when you look at how Russian authorities are using this type of apparatus that it goes far beyond what is normal in a democratic society.”

For Nokia’s part, it says its lawful intercept technology allows telecom companies — like MTS — to “respond to interception requests on targeted individuals received from the legal authority through functionality in our solutions.”

But critics say Russia’s surveillance program is flawed and puts citizens at risk.

Isavnin, who reviewed and translated some of the files TechCrunch has seen, said Russia’s view of lawful intercept goes far beyond other Western nations with similar laws. He described SORM as “bulk wiretapping.”

He said in the U.S., the Communications Assistance for Law Enforcement Act (CALEA) requires a company to verify the validity of a wiretap order. “In Russia, the operator installs it and have no control over what is being wiretapped,” he said. The law states that the telecom operation is “not able to determine what data is being wiretapped,” he said.

“Only the FSB knows what they collect,” he said. “There is no third-party scrutiny.

Nokia denied wrongdoing, and said it is “committed” to supporting human rights.

Nokia chief marketing officer David French told TechCrunch in a call that Nokia uses a list of countries that are considered “high-risk” on human rights before it sells equipment that could be used for surveillance.

“When we see a match between a technology that we think has potential risk and a country that has potential risk, we have a process where we review it internally and decide to go forward with the sale,” said French.

When pressed, French declined to say whether Russia was on that list. He added that any equipment that Nokia provides to MTS is covered under non-disclosure agreements.

A spokesperson for the Russian consulate in New York could not be reached by phone prior to publication.

This latest security lapse is the second involving SORM in recent months. In August, a developer found thousands of names, numbers, addresses and geolocations said to have leaked from SORM devices. Using open-source tools, Russian developer Leonid Evdokimov found dozens of “suspicious packet sniffers” in the networks of several Russian internet providers.

It took more than a year for the internet providers to patch those systems.

Ingrid Lunden contributed translations and reporting.

---

Got a tip? You can send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send PGP email with the fingerprint: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.