Connect with us


Fb will shut down its adware VPN app Onavo

Judhajeet Das



Fb will finish its unpaid market analysis packages and proactively take its Onavo VPN app off the Google Play retailer within the wake of backlash following TechCrunch’s investigation about Onavo code being utilized in a Fb Analysis app the sucked up knowledge about teenagers. The Onavo Shield app will ultimately shut down, and can instantly stop pulling in knowledge from customers for market analysis, although it should proceed working as a Digital Personal Community within the brief-time period to permit customers to discover a alternative.

Fb has additionally ceased to recruit new customers for the Fb Analysis app that also runs on Android however was pressured off of iOS by Apple after we reported that it violated Apple’s Enterprise Certificates program for worker-solely apps. Present Fb Analysis app research will proceed to run, although.

With the suspicions about tech giants and looming regulation resulting in extra intense scrutiny of privateness practices, Fb has determined that giving customers a utility like a VPN in trade for quietly analyzing their app utilization and cellular searching knowledge isn’t a sensible technique. As an alternative, it can give attention to paid packages the place customers explicitly perceive what privateness they’re giving up for direct monetary compensation.

Onavo billed itself as a method to “restrict apps from utilizing background knowledge” and “use a safe VPN community on your private information” but in addition famous it might gather the “Time you spend utilizing apps, cellular and Wi-Fi knowledge you employ per app, the web sites you go to, and your nation, gadget and community sort.” A Fb spokesperson confirmed the change and offered this assertion: “Market analysis helps corporations construct higher merchandise for individuals. We’re shifting our focus to reward-based mostly market analysis which suggests we’re going to finish the Onavo program.”

Fb acquired Onavo in 2013 for a reported $200 million to make use of its VPN app to collect knowledge about what individuals have been doing on their telephones. That knowledge revealed WhatsApp was sending over twice as many messages per day as Messenger, BuzzFeed’s Ryan Mac and Charlie Warzel reported, convincing Fb to pay a steep sum of $19 billion to purchase WhatsApp. Fb went on to border Onavo as a means for customers to scale back their knowledge utilization, block harmful web sites, hold their visitors protected from snooping — whereas Fb itself was analyzing that visitors. The insights helped it uncover new developments in cellular utilization, regulate rivals and work out what options or apps to repeat. Cloning turned core to Fb’s product technique over the previous years, with Instagram’s model of Snapchat Tales rising bigger than the unique.

However final yr, privateness considerations led Apple to push Fb to take away the Onavo VPN app from the App Retailer, although it continued operating on Google Play. However Fb quietly repurposed Onavo code to be used in its Fb Analysis app that TechCrunch discovered was paying customers within the U.S. and India ages thirteen to 35 as much as $20 in present playing cards per 30 days to provide it VPN and root community entry to spy on all their cellular knowledge.

Fb ran this system in secret, obscured by middleman beta testing providers like Betabound and Applause. It solely knowledgeable customers it recruited with advertisements on Instagram, Snapchat and elsewhere that they have been becoming a member of a Fb Analysis program after they’d begun signup and signed non-disclosure agreements. A Fb spokesperson claimed in a press release that “there was nothing ‘secret’ about this”, but it had threatened authorized motion if customers publicly mentioned the Analysis program.

However the largest drawback for Fb ended up being that its Analysis app abused Apple’s Enterprise Certificates program meant for worker-solely apps to distribute the app outdoors the corporate. That led Apple to ban the Analysis app from iOS and invalidate Fb’s certificates. This shut down Fb’s inner iOS collaboration instruments, pre-launch check variations of its widespread apps and even its lunch menu and shuttle schedule to interrupt for 30 hours, inflicting chaos on the firm’s workplaces.

To preempt any extra scandals round Onavo and the Fb Analysis app and keep away from Google stepping in to forcibly block the apps, Fb is now taking Onavo off the Play Retailer and stopping recruitment of Analysis testers. That’s a shocking voluntary transfer that maybe exhibits Fb is lastly getting in tune with the general public notion of its shady actions. The corporate has repeatedly misinterpret how customers would react to its product launches and privateness invasions, main to close fixed gaffes and an endless information cycle chronicling its blunders.

With out Onavo, Fb loses a strong technique of market analysis, and its future initiatives right here will come at a better worth. Fb has run tons of focus teams, surveys and different consumer suggestions packages over the previous decade to study the place it might enhance or what improvements it might co-choose. And with extra apps just lately turning on encryption, Onavo doubtless began studying much less about their utilization. However given how cloning plus acquisitions like WhatsApp and Instagram have been very important to Fb’s success, it’s doubtless value paying out extra present playing cards and extra tightly monitoring its analysis practices. In any other case Fb might miss the subsequent huge factor which may disrupt it.

Hopefully Fb will probably be much less clandestine with its future market analysis packages. It ought to be upfront about its involvement, make sure that customers perceive what knowledge they’re giving up, cease researching teenagers or on the very least confirm the consent of their mother and father and keep away from slurping up delicate info or knowledge a few consumer’s unwitting pals. For a corporation that depends upon individuals to belief it with their content material, it has an extended option to go win again our confidence.

Tech Passionate and Heavy Geek! Into Blogging world since 2014 and never looked back since then :) I am also a YouTube Video Producer and a Aspiring Entrepreneur. Founder, MyDroidDoes

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Google reportedly suspends select business with Huawei over U.S. ban

Judhajeet Das



The Trump administration Huawei ban is sure to have wide-ranging and long lasting effects for all parties. In the meantime, it seems, a number of those involved in the periphery are treading lightly in hope of not burning bridges on either side. Google has taken accidental center stage, in its role providing Android and a variety of apps for the embattled handset maker.

According to a new report from Reuters, the U.S. software giant has taken some steps toward disentangling itself. Word comes from unnamed sources, who say the company has suspended all businesses with Huawei, aside from those covered by open-source licenses. The list appears to include updates to Android and popular apps like Gmail.

From the sound of it, Google is still attempting to wrap its head around how to proceed with the matter. Huawei, too, is assessing its options. Given the complexity of smartphone hardware and software, handsets routinely utilize components source from a variety of different locations. This fact has complicated things as trade tensions have begun to rise, hitting ZTE particularly hard over accusations that the company had violated U.S.-Iran sanctions.

Huawei has called the ban bad for all parties, but has continued to be defiant, noting its plans to become “self-reliant.” The company has no doubt been preparing for the seeming inevitability of heightened trade tensions, but its determination has some industry observers unconvinced that it can carry on with without any input from Google or U.S. chipmakers like Qualcomm.

Continue Reading


Huawei responds to Android ban with service and security guarantees, but its future is unclear

Judhajeet Das



Huawei has finally gone on the record about a ban on its use of Android, but the company’s long-term strategy on mobile still remains unclear.

In an effort to appease its worried customer base, the embattled Chinese company said today that it will continue to provide security updates and after-sales support to its existing lineup of smartphones, but it’s what the company didn’t say that will spark concerns.

Huawei was unable to make guarantees about whether existing customers will continue to receive Android software updates, while its statement is bereft of any mention of whether future phones will ship with the current flavor of Android or something else.

The company, which is the world’s second largest smartphone vendor based on shipments, said it will continue to develop a safe software ecosystem for its customers across the globe. Huawei will also extend the support to Honor, a brand of smartphones it owns. Nearly 50 percent of all of Huawei’s sales comes from outside China, research firm Counterpoint told TechCrunch.

Here’s the statement in full:

Huawei has made substantial contributions to the development and growth of Android around the world. As one of Android’s key global partners, we have worked closely with their open-source platform to develop an ecosystem that has benefitted both users and the industry,

Huawei will continue to provide security updates and after sales services to all existing Huawei and Honor smartphone and tablet products covering those have been sold or still in stock globally. We will continue to build a safe and sustainable software ecosystem, in order to provide the best experience for all users globally.

In addition, the company said it plans to launch the Honor 20 as planned. The device is set to be unveiled at an event in London tomorrow. While Honor is a sub-brand, any sanctions levied on Huawei will likely be reflected in its business, too.

Huawei’s lukewarm response isn’t unexpected. Earlier, Google issued a similarly non-committal statement that indicated that owners of Huawei phones will continue to be able to access the Google Play Store and Google Play Protect, but — like the Chinese firm — it made no mention of the future, and that really is the key question.

Indeed, sources within both Google and Huawei have told TechCrunch that the immediate plan of action for what happens next remains unclear.

It could turn out that Huawei is forced to use the open source version of Android, AOSP, which comes stripped of Google Mobile Services, a suite for Google services such as Google Play Store, Gmail, and YouTube. That’s unless it doesn’t plump for its own homespun alternative, which media reports have claimed it has built in the case of an emergency situation.

Huawei’s response comes a day after Reuters reported that Google had suspended some of its businesses with the Chinese technology giant. The Android-maker is complying with a U.S. Commerce Department’s directive that placed Huawei and 70 of its affiliates on an “entity list” that requires any U.S. company to gain government approval before doing business with the Chinese tech company.

In the meantime, the troubles are mounting for Huawei. In addition to Android, the U.S. government’s move has seen Intel, Qualcomm, Xilinx, and Broadcom reportedly pause supplying chips to Huawei until a resolution has been reached.

Continue Reading


GDPR adtech complaints keep stacking up in Europe

Judhajeet Das



It’s a year since Europe’s General Data Protection Regulation (GDPR) came into force and leaky adtech is now facing privacy complaints in four more European Union markets. This ups the tally to seven markets where data protection authorities have been urged to investigate a core function of behavioral advertising.

The latest clutch of GDPR complaints aimed at the real-time bidding (RTB) system have been filed in Belgium, Luxembourg, the Netherlands and Spain.

All the complaints argue that RTB entails “wide-scale and systemic” breaches of Europe’s data protection regime, as personal date harvested to profile Internet users for ad-targeting purposes is broadcast widely to bidders in the adtech chain. The complaints have implications for key adtech players, Google and the Internet Advertising Bureau, which set RTB standards used by other in the online adverting pipeline.

We’ve reached out to Google and IAB Europe for comment on the latest complaints. (The latter’s original response statement to the complaint can be found here, behind its cookie wall.)

The first RTB complaints were filed in the UK and Ireland, last fall, by Dr Johnny Ryan of private browser Brave; Jim Killock, director of the Open Rights Group; and Michael Veale, a data and policy researcher at University College London.

A third complaint went in to Poland’s DPA in January, filed by anti-surveillance NGO, the Panoptykon Foundation.

The latest four complaints have been lodged in Spain by Gemma Galdon Clavell (Eticas Foundation) and Diego Fanjul (Finch); David Korteweg (Bits of Freedom) in the Netherlands; Jef Ausloos (University of Amsterdam) and Pierre Dewitte (University of Leuven) in Belgium; and Jose Belo (Exigo Luxembourg).

Earlier this year a lawyer working with the complainants said they’re expecting “a cascade of complaints” across Europe — and “fully expect an EU-wide regulatory response” give that the adtech in question is applied region-wide.

Commenting in a statement, Galdon Cavell, the CEO of Eticas, said: “We hope that this complaint sends a strong message to Google and those using Ad Tech solutions in their websites and products. Data protection is a legal requirement must be translated into practices and technical specifications.”

A ‘bug’ disclosed last week by Twitter illustrates the potential privacy risks around adtech, with the social networking platform revealing it had inadvertently shared some iOS users’ location data with an ad partner during the RTB process. (Less clear is who else might Twitter’s “trusted advertising partner” have passed people’s information to?)

The core argument underpinning the complaints is that RTB’s data processing is not secure — given the design of the system entails the broadcasting of (what can be sensitive and intimate) personal data of Internet users to all sorts of third parties in order to generate bids for ad space.

Whereas GDPR bakes in a requirement for personal data to be processed “in a manner that ensures appropriate security of the personal data”. So, uh, spot the disconnect.

The latest RTB complaints assert personal data is broadcast via bid requests “hundreds of billions of times” per day — which it describes as “the most massive leakage of personal data recorded so far”.

While the complaints focus on security risks attached by default to leaky adtech, such a long chain of third parties being passed people’s data also raises plenty of questions over the validity of any claimed ‘consents’ for passing Internet users’ data down the adtech chain. (Related: A decision by the French CNIL last fall against a small local adtech player which it decided was unlawfully processing personal data obtained via RTB.)

This week will mark a year since GDPR came into force across the EU. And it’s fair to say that privacy complaints have been piling up, while enforcement actions — such as a $57M fine for Google from the French CNIL related to Android consent — remain far rarer.

One complexity with the RTB complaints is that the technology systems in question are both applied across EU borders and involve multiple entities (Google and the IAB). This means multiple privacy watchdogs need to work together to determine which of them is legally competent to address linked complaints that touch EU citizens in multiple countries.

Who leads can depend on where an entity has its main establishment in the EU and/or who is the data controller. If this is not clearly established it’s possible that various national actions could flow from the complaints, given the cross-border nature of the adtech — as in the CNIL decision against Android, for example. (Though Google made a policy change as of January 22, shifting its legal base for EU law enforcement to Google Ireland which looks intended to funnel all GDPR risk via the Irish DPC.)

The IAB Europe, meanwhile, has an office in Belgium but it’s not clear whether that’s the data controller in this case. Ausloos tells us that the Belgian DPA has already declared itself competent regarding the complaint filed against the IAB by the Panoptykon Foundation, while noting another possibility — that the IAB claims the data controller is IAB Tech Lab, based in New York — “in which case any and all DPAs across the EU would be competent”.

Veale also says different DPAs could argue that different parts of the IAB are in their jurisdiction. “We don’t know how the IAB structure really works, it’s very opaque,” he tells us.

The Irish DPC, which Google has sought to designate the lead watchdog for its European business, has said it will prioritize scrutiny of the adtech sector in 2019, referencing the RTB complaints in its annual report earlier this year — where it warned the industry: “the protection of personal data is a prerequisite to the processing of any personal data within this ecosystem and ultimately the sector must comply with the standards set down by the GDPR”.

There’s no update on how the UK’s ICO is tackling the RTB complaint filed in the UK as yet — but Veale notes they have a call today. (And we’ve reached out to the ICO for comment.)

So far the same RTB complaints have not been filed in France and Germany — jurisdictions with privacy watchdogs that can have a reputation for some of the most muscular action enforcing data protection in Europe.

Although the Belgian DPA’s recently elected new president is making muscular noises about GDPR enforcement, according to Ausloos — who cites a speech he made, post-election, saying the ‘time of sit back and relax’ is over. They made sure to reference these comments in the RTB complaint, he adds.

Veale suggests the biggest blocker to resolving the RTB complaints is that all the various EU watchdogs “need a vision of what the world looks like after they take a given action”.

In the meanwhile, the adtech complaints keep stacking up.

Continue Reading

Trending Now!