Month: May 2018

Google and Facebook Are Benefitting From GDPR wsj.com

Nick Kostov and Sam Schechner, Wall Street Journal (Twitter redirect):

The reason: the Alphabet Inc. ad giant is gathering individuals’ consent for targeted advertising at far higher rates than many competing online-ad services, early data show. That means the new law, the General Data Protection Regulation, is reinforcing — at least initially — the strength of the biggest online-ad players, led by Google and Facebook Inc.

Hundreds of companies along the chain of automated bidding and selling of digital ads — from ad buyers to websites that show ads — have been scrambling to comply with the law while continuing to target people based on the personal information such as web-browsing histories, offline purchases or demographic details.

Given the option, it’s trivial to choose whether to opt into tracking on smaller websites and from advertising companies you’ve never heard of. But it’s pretty much guaranteed you’ll opt into the same from Google and Facebook because of how deeply-entrenched their products and, by extension, their tracking is across the web.

I don’t think the solution here is to roll back GDPR and make it easier for more companies to track people without their explicit consent.

The 2013 Mac Pro, Five Years Later 512pixels.net

Stephen Hackett:

On June 10, it will have been five years since Apple first showed off the iteration of the Mac Pro that has come to be known as The Trashcan.

To put that in a little context, it was the same WWDC keynote where iOS 7 and OS X Mavericks were introduced.

It’s been a minute since the Mac Pro was updated, of course, but Hackett really puts it into context here. I don’t expect to see anything about the future Mac Pro at WWDC this year, not — sadly — about the Mac Mini.

Rumours About Running iOS Apps on MacOS inessential.com

Brent Simmons:

I’ve heard more than once that at WWDC we’ll learn about how we can run iOS apps on Macs.

I’m worried, of course, that this will lead to the further degradation of the Mac UI, and even less incentive for developers to write Mac apps.

I’ve been thinking a lot about this rumour, and I’m not sure I share the same concern. I completely understand where Simmons and others with similar skepticism are coming from, but I think the other side of this coin is more interesting and positive. What if easier cross-platform development is less about bringing iOS apps to the Mac, and more about making it easier for developers to bring Mac-grade apps to iOS? That’s intriguing to me, particularly in the context of the iPad.

Bitcoin Miners Stress Power Grids seattletimes.com

Paul Roberts, Seattle Times:

In a normal year, demand for electric power in Chelan County grows by perhaps 4 megawatts — enough for around 2,250 homes — as new residents arrive and as businesses start or expand. But since January 2017, as Bitcoin enthusiasts bid up the price of the currency, eager miners have requested a staggering 210 megawatts for mines they want to build in Chelan County. That’s nearly as much as the county and its 73,000 residents were already using. And because it is a public utility, the PUD staff is obligated to consider every request.

The scale of some new requests is mind-boggling. Until recently, the largest mines in Chelan County used five megawatts or less. In the past six months, by contrast, miners have requested loads of 50 megawatts and, in several cases, 100 megawatts. By comparison, a fruit warehouse uses around 2.5 megawatts.

EurekAlert:

Bitcoin’s burgeoning electricity demands have attracted almost as much attention as the cryptocurrency’s wildly fluctuating value. But estimating exactly how much electricity the Bitcoin network uses, necessary for understanding its impact and implementing policy, remains a challenge. In the first rigorously peer-reviewed article quantifying Bitcoin’s energy requirements, a Commentary appearing May 16 in the journal Joule, financial economist and blockchain specialist Alex de Vries uses a new methodology to pinpoint where Bitcoin’s electric energy consumption is headed and how soon it might get there.

[…]

His estimates, based in economics, put the minimum current usage of the Bitcoin network at 2.55 gigawatts, which means it uses almost as much electricity as Ireland. A single transaction uses as much electricity as an average household in the Netherlands uses in a month. By the end of this year, he predicts the network could be using as much as 7.7 gigawatts — as much as Austria and half of a percent of the world’s total consumption. “To me, half a percent is already quite shocking. It’s an extreme difference compared to the regular financial system, and this increasing electricity demand is definitely not going to help us reach our climate goals,” he says. If the price of Bitcoin continues to increase the way some experts have predicted, de Vries believes the network could someday consume 5% of the world’s electricity. “That would be quite bad.”

It takes days to complete a single transaction, and sucks up a huge amount of power in the process. This industry is asinine.

Vermont Passes Regulation on Data Brokers techcrunch.com

Devin Coldewey, TechCrunch:

While Facebook and Cambridge Analytica are hogging the spotlight, data brokers that collect your information from hundreds of sources and sell it wholesale are laughing all the way to the bank. But they’re not laughing in Vermont, where a first-of-its-kind law hems in these dangerous data mongers and gives the state’s citizens much-needed protections.

Data brokers in Vermont will now have to register as such with the state; they must take standard security measures and notify authorities of security breaches (no, they weren’t before); and using their data for criminal purposes like fraud is now its own actionable offense.

This is excellent news for American consumers — even those who do not live in Vermont. Because many data brokers operate nationally or internationally, it will a widely-covered scandal when a data broker inevitably announces that it has suffered a breach or used its data improperly.

Facebook’s GDPR-Related Dark Patterns twitter.com

In a tweet, Francis Irving linked to Max Schrems’ complaint against Facebook (PDF):

[…] If the data subject has not consented until 25 May 2018, the whole Facebook account was blocked. [Facebook] used additional “tricks” to pressure the users: For example, the consent page included two fake red dots (violation against Article 5(1)(a) — neither “fair”, nor “transparent”), that indicated that the user has new messages and notifications, which he/she cannot access without consenting — even if the user did not have such notifications or messages in reality.

This is pretty sleazy, but also basically what you’d expect from a company that misleads users into accepting facial recognition, guilt trips users who try to deactivate their account, and places several other barriers to deactivation.

Apple Releases iOS 11.4 With AirPlay 2, Messages in iCloud, and More macstories.net

Ryan Christoffel, MacStories:

Today Apple released iOS 11.4, likely the final major release for the operating system before its successor, iOS 12, reaches the public in September. The update includes two major features that were originally revealed last June as iOS 11 features, but were later delayed: AirPlay 2 and Messages in iCloud.

The teasing and continued delays of both of these features has been aggravating, to say the least, but the latest builds of iOS 11.4 have been very stable for me. Messages in iCloud is one of my favourite new features.

Apple also announced today that the HomePod will be released in Canada on June 18, as well as France and Germany. Their deadline for those latter two countries was “this spring”, so it looks like they’ll make it.

In Email Obtained by MacStories, Phil Schiller Explains Steam Link App Rejection macstories.net

John Voorhees, MacStories:

Valve announced on May 9th that it would release a video game streaming app called Steam Link. According to Valve, that announcement was made after the app was approved by Apple’s App Review team. As we reported Friday, Valve says that App Review reversed its decision the next day, rejecting the app for what Valve describe as ‘business conflicts with app guidelines.’

Steam Link is an app designed to allow users to stream Steam games from a Mac or PC to an iOS device or Apple TV over fast WiFi or Ethernet. Valve appealed the rejection on the basis that it was similar to other LAN-based remote desktop apps available on the App Store, but the appeal was denied. That led some people to question whether Apple’s rejection was motivated by a desire to protect gaming on iOS devices and the Apple TV.

Phil Schiller, in an email obtained by Voorhees:

Unfortunately, the review team found that Valve’s Steam iOS app, as currently submitted, violates a number of guidelines around user generated content, in-app purchases, content codes, etc. We’ve discussed these issues with Valve and will continue to work with them to help bring the Steam experience to iOS and AppleTV in a way that complies with the store’s guidelines.

As with many controversial App Store rejections, this one comes as a result of poor communication: Apple apparently allowed the app, which meant Valve could announce it, and then rejected it for unclear reasons. It also sounds like Valve isn’t being entirely forthcoming about the app’s capabilities, or there’s some confusion about what the app allows — is it basically a VPN app, or does it have additional features? It sounds like there’s something Valve or Apple — or both — haven’t clearly stated about why this app was rejected, especially after being initially approved.

Apple’s Emoji Search Is Bad jeremyburge.com

Jeremy Burge of Emojipedia:

So here we are. Let’s say you type the Apple name for an emoji. Will it always come up? No.

The woman raising her hand? Apple calls her “Happy Woman Raising One Hand”:

[…]

If you search for this exact phrase, no results are shown:

[…]

It’s not clear why “raising” works as a search term here but not “happy” or “happy woman” (or even “hand” fails to bring this up).

This is pretty bad. However, I’ve tried everything that Burge cites in this post, and the one I quoted here is the only one where I found any discrepancy between the example and my experience. The search term “happy” works fine for me. Everything else Burge cites checks out, and it’s embarrassing.

Vevo Gives Into YouTube, Will Shut Down Site rollingstone.com

Amy X Wang, Rolling Stone:

The company announced in a blog post Thursday that it is shuttering its mobile apps and website, and that “going forward, Vevo will remain focused on engaging the biggest audiences and pursuing growth opportunities.” It will continue investing in original content and sponsorships, but phase out its own independently-operated platforms, it said. Read: Vevo is almost entirely succumbing to YouTube, the juggernaut that has long supplied most of its audience.

I completely forgot that Vevo had its own hosting service. I even have their app on my Apple TV, but the only time I ever come across anything with their name on it is on YouTube.

The major record labels set up Vevo – an abbreviation for “video evolution” – in 2009 as a designated streaming service for music videos that would ideally bring in greater revenue from more high-end advertisers. Via a distribution deal with YouTube, it received a cut of revenue from putting its music videos on the Google-owned site.

But YouTube’s might has grown: The video-streaming service recently took Vevo’s branding off its music videos, while also securing permission under a new licensing deal to sell Vevo’s clips directly to advertisers, cutting out the smaller company’s sales force. Though Vevo has been trying to peel away from its dependence on YouTube by touting its own suite of apps and offerings for years, it seems those efforts haven’t been met with much success.

It sounds to me like YouTube muscled them out. That’s unsurprising — what other website do you think of when you want to watch short videos? They have a huge amount of influence, and Vevo has now given them even more power. I don’t see this ending well for Vevo as its own brand.

Notes on Notifications

One of the reasons why using an iPhone has been so nice, for a decade now, is because of how little the user must manage it. The App Store gave even novice users the confidence to download new software, implicitly trusting that it would not cause problems on their phone or carry malware. You shouldn’t close open apps, either, and you don’t have to toggle Bluetooth or LTE to get great battery life. The system just sorts it out.

I want that same level of confidence with push notifications.

Apple has apparently intended for the notification system to be seen as less of a todo list of items of interest, and more of an advisory area — something that you look at occasionally, and never really worry about clearing fully. I think that it feels too heavy-handed to be something so passive. Either Apple ought to be more prescriptive about how push notifications are to be used, or the design of the system needs to be pragmatic and take into account the notifications that people actually get. The latter is more challenging because it would need to compensate for all kinds of edge cases, but I think that would ultimately result in a better product.

An easy benchmark is that users should not have to worry that allowing notifications from an app will subject them to spam and advertising. Apple already prohibits this, but some apps still abuse push notifications.

More difficult questions concern the scalability of the notification system. Even though most users probably don’t receive many hundreds of notifications a day, the system should still be able to scale to a point where notifications do not become egregiously overwhelming.

Finally, there’s the design of notifications themselves. Right now, a notification that arrives when using the phone will cover part of the top of the display and any UI elements underneath. And, right now, that means covering the app’s navigation bar — that is, if you tap a primary navigation button in an app at the same time a notification comes in, you’ll suddenly be taken out of that app and into another, with very little context.

This should not require a bunch of new settings and options for notifications. I don’t think apps should require users to figure out a granular array of notification types; apps should set appropriate priorities for different kinds of alerts they may push, and the system ought to have a way to enforce that. The same goes for prioritizing notifications across multiple apps — no matter how much I miss grouping notifications by app instead of sorting chronologically, I don’t think that’s something users should be required to manage. As with multitasking and Bluetooth connectivity, above, an iPhone should be able to figure this stuff out.

It is a hard problem: phones have a fixed display space, and notifications have to be somehow informative yet unobtrusive. And, yes, an Apple Watch helps bear the burden of rapidly-accumulating notifications. But I think iOS should to do better on its own. I don’t know for certain what radically-improved notifications look like, and I don’t think that it’s any sort of AI-backed magic algorithm sorting your notifications for you. Maybe it is, in part, taking a cue from the Apple Watch: a very small initial notification and expanding the notification only if you linger on it, something which can be accomplished on the iPhone by tracking eye movement with the TrueDepth camera.

Perhaps that is needlessly high-tech. Perhaps it’s as simple as queueing notifications for a few seconds, so your phone isn’t rattled off a table by repeated alerts. This sometimes exists within single apps — Mail, for instance, might post a notification that I have five new emails — but it’s something that I think should be applied to notifications from multiple apps.

Even grouping notifications from the same app would reduce the visual noise created by several individual bubbles.

I suspect that, whatever the solution is, it will require an ingenious combination of visual design and revised functionality — it isn’t simply one or the other. And I don’t know that my spitballed ideas would have a positive effect — I don’t think they’re particular original thoughts, so I wouldn’t be surprised if Apple had already tried similar options and rejected them for reasons I haven’t considered. What I do know is that the present implementation of notifications does not feel scalable and requires too much management. Whenever an app asks whether it can send me push notifications, I assume it’s going to overload me with nagging alerts, so I keep them turned off for a lot of apps. I don’t think I should have to worry about or disable a core feature of iOS for half the apps I use to make it bearable; the system should be designed with scalability in mind.

GDPR Hall of Shame gdprhallofshame.com

Your inbox has probably been inundated with requests for you to explicitly opt into receiving emails from companies you bought something from once, and requirements for you to accept updated privacy policies. Even though the date when GDPR comes into effect has been known for two years, it’s unsurprising that many companies have left compliance to the last possible minute.

While most of these notices are fairly routine, Owen Williams has been collecting examples of bad behaviours, like products that will become useless after GDPR takes effect for seemingly no reason, and hilarious data sharing agreements.

Instagram Adds a Mute Button buzzfeed.com

Katie Notopoulos, Buzzfeed:

If you’re sick of someone who posts too often, or you just don’t want to see them for any reason, you no longer have to outright unfollow them; you can just subtly mute them.

Although Instagram never made it obvious that you unfollowed someone, it was still possible for them to find out by looking through their followers list — and that had the potential to create some hurt feelings. And so it was that we remained hostage to their many unwelcome posts all this time.

But now, muting these insufferable people, like the gracious and polite person you are, solves those problems.

This is such a fascinating aspect of social media to me. I have no problem with following or unfollowing someone on any platform based on what they’re posting, regardless of their relationship to me. I follow almost nobody I know in real life on Instagram or Twitter — it isn’t that I don’t like them, it’s just that I don’t want to see them everywhere. And yet, I completely understand how a one-way follow or an unfollow could be seen as rude. We’ve managed to create a proxy for friendships without requiring any interaction. Isn’t that curious?

Illustration in the App Store subtraction.com

Khoi Vinh:

Apple’s dramatically redesigned App Store got a decent amount of attention when it debuted last year with iOS 11, but its unique success as a hybrid of product design and editorial design has gone little noticed since. That’s a shame, because it’s a huge breakthrough.

I myself paid it scant attention until one day this past winter when I realized that the company was commissioning original illustration to accompany its new format. If you check the App Store front page a few times a week, you’ll see a quietly remarkable display of unique art alongside unique stories about apps, games and “content” (movies, TV shows, comics, etc.). To be clear: this isn’t work lifted from the marketing materials created by app publishers. It’s drawings, paintings, photographs, collages and/or animations that have been created expressly for the App Store.

I’m not sure what the Today tab has done for me in terms of app discovery, but it’s my favourite feature of the redesigned App Store, in large part because of these illustrations. I only wish there were some way to see updates to the Today tab that’s more passive than opening the App Store — via a widget, perhaps. I often find myself remembering to open the App Store for several days to check out new Today articles, then forgetting for a week or two. Perhaps it just isn’t routine yet.

Comcast Preps All-Cash Offer for 21st Century Fox variety.com

Todd Spangler, Variety:

Confirming weeks of rumors, Comcast said Wednesday that it is in “advanced stages” of preparing an all-cash offer for entertainment assets of 21st Century Fox — in a move to outflank Disney’s $52.4 billion offer for Fox.

Comcast said that any offer for Fox would be at a “premium to the value of the current all-share offer from Disney,” but it didn’t reveal an anticipated price tag. The media conglomerate added that the structure and terms of its bid for the 21st Century Fox assets — including regulatory-risk provisions and the termination fee it would be required to pay — would be “at least as favorable to Fox shareholders as the Disney offer.”

Could you imagine if a single telecom owned two major motion picture studios in a post-net neutrality media landscape?

Amazon Rekognition Allows for Real-Time Identification From Photos and Video aclunc.org

Matt Cagle and Nicole A. Ozer of the ACLU:

Marketing materials and documents obtained by ACLU affiliates in three states reveal a product that can be readily used to violate civil liberties and civil rights. Powered by artificial intelligence, Rekognition can identify, track, and analyze people in real time and recognize up to 100 people in a single image. It can quickly scan information it collects against databases featuring tens of millions of faces, according to Amazon.

Amazon is marketing Rekognition for government surveillance. According to its marketing materials, it views deployment by law enforcement agencies as a “common use case” for this technology. Among other features, the company’s materials describe “person tracking” as an “easy and accurate” way to investigate and monitor people. Amazon says Rekognition can be used to identify “people of interest” raising the possibility that those labeled suspicious by governments — such as undocumented immigrants or Black activists — will be seen as fair game for Rekognition surveillance. It also says Rekognition can monitor “all faces in group photos, crowded events, and public places such as airports” — at a time when Americans are joining public protests at unprecedented levels.

John Moltz:

This is very cool coming from a company that sells cameras that sit on your nightstand and recording devices for your kids’ rooms and not at all troubling in any way.

For what it’s worth, Amazon previously did not respond to questions about whether they would help build a “Muslim registry”.

I get that the business argument exists, and that employees need an income. But that doesn’t absolve the shocking lack of conscience demonstrated here by Amazon.

‘60 Minutes’ Reports on Google’s Dominance cbsnews.com

This isn’t a terrific report. It is pretty light on details, skimming over more technical aspects of Google’s dominance: Google Chrome isn’t mentioned even once, despite being the world’s most popular web browser, and neither was the company’s mischievous bypassing of iPhone users’ privacy settings. While that may be a function of its allotted running time, Google’s behaviours deserves a much deeper dive.

Nevertheless, I think this exchange is worth paying attention to:

Gary Reback: Google makes the internet work. The internet would not be accessible to us without a search engine

Steve Kroft: And they control it.

Gary Reback: They control access to it. That’s the important part. Google is the gatekeeper for— for the World Wide Web, for the internet as we know it. It is every bit as important today as petroleum was when John D. Rockefeller was monopolizing that.

If this argument sounds familiar to you, it’s because Reback was extensively interviewed for a New York Times Magazine piece in February. However, it does raise two good questions:

  1. How fair and accurate is this comparison?

  2. While European antitrust regulators have reached to Google’s dominance, American regulators have been reluctant to do so while, even after Google’s acquisition of DoubleClick. What are they waiting for?

Ironically-Named LocationSmart Leaked Live Location Data for Customers of All Major U.S. Mobile Carriers on Its Website krebsonsecurity.com

Yesterday, I linked to Joseph Cox’s report for Vice concerning Securus’ weak safeguards protecting access to its software that monitors the real-time location of cellphones. While I was writing it, I couldn’t help but think that there isn’t much worse it could get, right? Well, what about if a similar location tracking application had no security — at all?

Brian Krebs (emphasis his):

LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.

There’s a lot about this that’s pretty outrageous, but I think the most alarming aspect of this is that a company most of you have probably only just heard of has access to your phone’s live location, and they’ve never asked you if that’s okay.

Basic Questions About Google Duplex axios.com

Dan Primack of Axios found Google’s demo of Duplex a little fishy:

When you call a business, the person picking up the phone almost always identifies the business itself (and sometimes gives their own name as well). But that didn’t happen when the Google assistant called these “real” businesses:

  • When the hair salon picks up, a woman says: “Hello, how can I help you?”

  • When the restaurant picks up, a woman says: “Hi, may I help you?”

Axios called over two dozen hair salons and restaurants — including some in Google’s hometown of Mountain View — and every one immediately gave the business name.

There also does not seem to be ambient noise in either recording, such as hair dryers or plates clattering. We heard that in most of the businesses we called, but not in all.

Google CEO Sundar Pichai insisted three times that these calls were real, but these discrepancies should be answered. If these calls were edited, even just to remove the business name to limit publicity, Google hasn’t said. Very strange.

Finally, neither the hair salon nor the restaurant ask for the customer’s phone number or any other contact information.

Primack also included this as a reason why the calls seemed suspicious, but I disagree. The hair salon asked for the customer name; I don’t usually book my haircuts, but when I do, they don’t ask for contact information. The restaurant didn’t need to ask for contact information because the staff member answering the phone said that no reservations would be accepted for Duplex’s party size.

Jack Wellborn on Twitter:

Regardless of whether the Duplex demo was real or not, I keep wondering why Google didn’t target it to businesses first. People are used to talking to robots when calling businesses and some might even prefer it.

As a demo, it’s pretty cool, though somewhat less compelling to me as a recording rather than a live preview. But as an actual consumer service offering, I’m not sure I get it in its current guise. While Pichai said that 60% of American businesses don’t have an online booking system, that number has been dropping and, though I doubt it will hit zero, their pitch is to a temporary and shrinking market.

But as a business product, like Wellborn describes, it makes more sense to me. Why not have a robot handle reservations? As Sarah Jeong said on Twitter, this is only a product “because we treat service industry people like robots” anyway, unfortunately.

But that’s only if we feel like Duplex is limited to making bookings. Over time, it will of course become more capable. Like they do for the web, Google is already crawling the real world with things like Street View and AI-powered verification of business details. What’s next?

Twitter Is Executing Its 2012 Vision manton.org

Yesterday’s announcement to API changes and pricing may have been foreshadowed six years ago, but it’s still hard to be facing what looks like the slow turning of the screw on third-party Twitter clients.