Month: January 2020

Teen Vogue Publishes, Then Pulls, an Uncritical Interview With Facebook’s Election Security Team twitter.com

Teen Vogue today ran an un-bylined article about Facebook’s election security efforts. Here’s the lede:

As the 2020 campaign gains speed, Facebook is taking measures to protect against foreign interference and stop the spread of misinformation. Social media is a fertile space for civic participation, and Facebook is at the forefront of encouraging civil discourse. But with the company’s huge platform comes huge responsibility.

Five women across Facebook and Instagram — Katie Harbath, Sarah Schiff, Monica Lee, Antonia Woodford, and Crystal Patterson — are key to ensuring the integrity of the 2020 election on Facebook. Behind the scenes, these women have helped overhaul the company’s approach to protecting elections, creating a new ad library to ensure transparency and partnering with over 55 third party fact-checking organizations. With just under a year until the election, Teen Vogue spoke with Facebook to learn more about what they’ve been up to.

This looks like a regular Teen Vogue article. On the homepage, it’s indistinguishable from older and newer pieces, aside from its lack of byline. For all intents and purposes, it is a Teen Vogue article — until you read it.

Ryan Broderick:

Publishing this sort of uncritical corporate propaganda is especially noxious on a website like Teen Vogue.

The website’s demographic doesn’t remember in a world without Facebook.

To frame this as a fun guide to election integrity is shameful.

Sophie Kleeman:

It is egregiously bad to omit a byline on pretty much any story, let alone a puff piece like this! What is happening!

No credit on these very PR-friendly photos, either. Curious!

It’s stranger than that: all of the photos in the article are screenshots, carrying file names like Screen Shot 2020-01-06 at 3.21.21 PM.png. Setting aside how unwise it is to present photographs as PNG files — they’re all well over 2 MB — the only time I’ve seen this technique used is to mask the source of the photograph, so no Exif data is retained from the camera or photographer. I’m not claiming that’s the reason Teen Vogue decided to screenshot these pictures instead of uploading the originals, but why wouldn’t they publish photographs as photographs?

Max Tani, about an hour after the article’s publication:

This piece was just updated with an editor’s note saying it’s “sponsored editorial content.”

Cecilia Kang, half an hour later:

Wait wait wait. The sponsored label is gone and I”m hearing from FB is it not sponsored content. WTF is happening?

About half an hour after that, the article or advertisement was pulled. If you’re curious, I’ve uploaded a copy to Dropbox.

If this was an example of native advertising, why wasn’t it initially and clearly identified as such? Why was it so easy to confuse it with an article? If it was just a regular article, why wasn’t it bylined? Why was it so easy too confused with an ad?

Update: Before it was deleted, Sheryl Sandberg shared this ad that’s definitely not an ad.

Update: Peter Kafka:

Newest in teenvoguegate: Facebook sponcon *was* supposed to be sponcon: “We had a paid partnership with Teen Vogue related to their women’s summit, which included sponsored content. Our team understood this story was purely editorial, but there was a misunderstanding.” – FB spox

How to parse that, per source: FB piece was supposed to be sponcon, tied to Facebook sponsorship of a Teen Vogue event last fall. Then, supposedly, FB decides they don’t want/need the sponcon after all.

But! Sponcon was created anyway, and was floating around the Teen Vogue CMS, and then…

And then it was published, tweeted about by Facebook, shared by Sandberg on Facebook, and was somehow labelled with a contributor’s name who has since stressed that she did not write the piece.

Condé Nast, which publishes Teen Vogue, began using their editorial staff to write stuff like this about five years ago, rather than leaving it up to their ad teams. This seems like a predictable consequence.

Why Not Both? Or: Privacy Laws Won’t Fix Everything and That’s Okay

There’s a silly dismissal of privacy laws that goes something like this: because these laws require that data processors get opt-in consent from users, they empower Facebook and Google, which means these laws are failures on a grand scale. I thought this argument was absurd when it first appeared last year in relation to Europe’s GDPR, but California’s new CCPA has made it ripe and juicy again.

Mike Masnick of Techdirt covered a story by Nick Kostov and Sam Schechner of the Wall Street Journal last year:

We warned folks that these big attempts to “regulate” the internet as a way to “punish” Google and Facebook would only help those companies. Last fall, about six months into the GDPR, we noted that there appeared to be one big winner from the law: Google. And now, the Wall Street Journal notes that it’s increasingly looking like Facebook and Google have grown thanks to the GDPR, while the competition has been wiped out.

“GDPR has tended to hand power to the big platforms because they have the ability to collect and process the data,” says Mark Read, CEO of advertising giant WPP PLC. It has “entrenched the interests of the incumbent, and made it harder for smaller ad-tech companies, who ironically tend to be European.”

So, great work, EU. In your hatred for the big US internet companies, you handed them the market, while destroying the local European companies.

Antonio García Martínez:

The result is that not only is there a privacy/convenience tradeoff that users must navigate, there’s a privacy/competition one that regulators must navigate as well.

You want users to have transparent, wide-ranging choice in how their data is used, with companies they know?

Then you’ve got to limit data use to first-party companies with a big public brand and lots of public scrutiny, rather than a complex ecosystem of many data producers and vendors.

There is absolutely nothing wrong with making it harder for any company — large or small, American or European — from abusing users’ privacy. Besides, it isn’t as though most big websites carry only one tracker. The fewer companies that are able to build highly personalized profiles, the better.

More relevant, though, is that you probably can’t name many of these smaller ad tech companies, but you can name the three biggest ones: Google, Facebook, and Amazon. That’s probably because you have a profile with at least one of them, if not all three, so of course it’s easier for them to get consent from you. If you have a user account, they already have your consent.

I doubt that compliance costs — in the sense of documentation or technical support — prevent smaller firms from competing with the big three. It’s the first-party relationship that these companies have with their users. Remember: Google is not a software and services company, it is an advertising company with several interactive and useful features. Facebook is not a family of social networks and chat apps, but a personalized advertising company that entices you to give them as much data as you can. Amazon — well, they’re everything, but they’re also a big fan of advertising to you Amazon listings for the things you just bought off Amazon.

Complying with GDPR really is much harder for a company nobody has ever heard of that asks permission to keep a copy of your name, phone number, email address, and anything else you submit to an unrelated service. But why shouldn’t it be?

These privacy laws are not perfect, yet they’ve had an immediate impact. In the year-and-a-half since GDPR has been in effect, hundreds of millions of Euros worth of fines have been issued. Plenty of companies have had to tighten their privacy and security measures as a result. But, yes, Google, Facebook, and Amazon have become stronger as a result of their ease of compliance.

And that’s probably why the E.U. also has antitrust concerns about all three of these companies. There are currently open investigations into Amazon and Facebook. Google was fined a billion-and-a-half Euros for abusing its dominance in online advertising, which is particularly important since they have controlled the most widely-used ad exchanges even before GDPR went into effect.

GDPR and CCPA are largely good — if imperfect — first steps towards regulating the unhinged worlds of advertising technology firms and data brokerages. We should encourage our public representatives to set broad expectations about how our data may be collected and used. We also ought to fight for more people-friendly interpretations of antitrust law. It isn’t a failure that privacy laws fail to address antitrust concerns any more than it is a failure that restaurant sanitation requirements don’t rein in corn subsidies.

It’s possible to do both, and it isn’t indicative of poor policy that we should do both. Well, it isn’t indicative of poor privacy regulations, anyhow; it absolutely does point to missed opportunities for decades. Now is as good a time as any to fix those shortcomings.

Tim Cook and Apple in 2019 barrons.com

Kevin Rooke (via Christina Warren):

Imagine a startup with $12 billion of revenue, 125%+ YoY revenue growth (two years in a row), and Apple-esque gross margins (30-50%). Without knowing anything else about the business, what would you value it at? $50 billion? $100 billion? More?

That’s Apple’s AirPods business, the fastest-growing segment of the world’s most valuable company.

John Misczak:

“Assuming an even split of sales between Gen 1, Gen 2, and AirPods Pro” is a really faulty premise to base a lot of this analysis on. No denying they’re incredibly successful, though.

Rooke estimates that AirPods are a bigger business than all of Adobe, Nvidia, AMD, or Spotify.

Jeran Wittenstein, Bloomberg:

Credit the shift in sentiment to Apple’s focus on tapping an ecosystem of nearly 1.5 billion users to generate a steady stream of profit. The increasing contribution from services like iCloud storage and Apple Music is making its business more stable and therefore deserving of a higher multiple, according to Gene Munster, a long-time Apple analyst and founder of Loup Ventures.

“Investors are slowly getting more comfortable with the concept that a company that has a combination of software, hardware and services can be a dependable business,” Munster said.

Between the blockbuster sales of new products like the AirPods and Apple Watch, subscriptions to services new and old — plus the continued success of the rest of the lineup — it’s little wonder that Apple’s stock hit an all-time high last week.

Eric Savitz, Barron’s:

Apple’s mammoth 2019, which took the stock up 86% for the year and 50% in the second half alone, has created a conundrum for analysts with Buy ratings on the stock but target prices below the current level. While the stock is just shy of $300, the average target is $266. Analysts need to decide: turn more cautious or boost the target?

So far, the consensus move is to push out the goal post.

Now is as good a time as any to look back at nearly a decade of analyst commentary advising the replacement of Tim Cook as CEO. Any shareholder that sold their stake in Apple after those complaints would have kicked themselves silly across 2019.

Sounds great. But the wild gains in service subscriptions haven’t come out of nowhere.

John Gruber:

But I worry that with its services push, Apple is turning into an advertising company too. It’s just advertising its own services. In iOS 13 they put an ad for AppleCare at the very top of Settings. They use push notifications to ask you to sign up for Apple Pay and Apple Card, and subscribe to Apple Music, TV, and Arcade. The free tier of Apple News is now a non-stop barrage of ads for Apple News+ subscriptions. Are we at the “hellscape” stage with Apple? No, not even close. But it’s a slippery slope. What made Apple Apple is this mindset: “Ship great products and the profits will follow” — not “Ship products that will generate great profits”.

With the AirPods and Apple Watch, Cook has proven himself to be a CEO that can define entire product categories by bringing visionary ideas to market. But Apple’s services business isn’t nearly as revolutionary. Lots of people are subscribed to Apple Music, but that’s probably partly because it’s a default option, and partly because there’s little profound differentiation in music streaming platforms. MacOS and iOS badger you to upgrade your iCloud storage when you’re running low. I’m sure a lot of people are Apple TV Plus subscribers, but that’s because a lot of people bought an Apple product in the past few months and got a free year.

I am not suggesting that Apple’s services are not successful, nor am I saying that Apple is misrepresenting them. But they’re pushing services hard in a way that I worried about after their March event. I’m not saying that services sell themselves; Apple clearly has to promote them somehow. It’s just that such a hard sell cheapens their hardware and operating systems. Users should want to subscribe to Apple News Plus because it is a good service — you know, hypothetically — not because it is irritating to use Apple News without it.

Update: Kevin Rooke’s analysis has a bunch of holes in it, as Neil Cybart points out. I regret linking to it. Even so, by Cybart’s estimates, Apple’s AirPods business generated closer to $7.5 billion in revenue in 2019.

The FBI Is Trying to Weaken Encryption Again nbcnews.com

Pete Williams, NBC News:

The FBI is asking Apple Inc. to help unlock two iPhones that investigators think were owned by Mohammed Saeed Alshamrani, the man believed to have carried out the shooting attack that killed three people last month at Naval Air Station Pensacola, Florida.

In a letter sent late Monday to Apple’s general counsel, the FBI said that although it has court permission to search the contents of the phones, both are password-protected. “Investigators are actively engaging in efforts to ‘guess’ the relevant passcodes but so far have been unsuccessful,” it said.

The letter, from FBI General Counsel Dana Boente, said officials have sought help from other federal agencies, as well as from experts in foreign countries and “familiar contacts in the third-party vendor community.” That may be a reference to the undisclosed vendor that helped the FBI open the locked phone of Syed Farook, the gunman who attacked a city meeting in San Bernardino, California, in 2015. The Justice Department took Apple to court in an effort to get the company to help the FBI open that phone.

Thomas Brewster, Forbes:

The U.S. government also has access to many tools that can help acquire data from iPhones, Androids and myriad other mobile devices. For instance, Cellebrite tools and Grayshift’s GrayKey have long been able to grab data from iPhones, and the FBI is one of many agencies that own hacking tech from both.

Forbes recently obtained a search warrant from Ohio, signed off on in October 2019, showing an FBI-owned GrayKey was able to extract data from an iPhone 12.5, though no device exists (neither does iOS 12.5). In the search warrant application, the government doesn’t specify what model of iPhone it was, but an image shows it has three camera lenses on the back of the device. Only Apple’s top of the range iPhone 11 Pro and iPhone 11 Pro Max models have three cameras. Though it’s not clear the iPhone was locked prior to being search by the FBI, a photo of the front of the device shows it on a locked screen with a handful of missed calls.

“iPhone12,5” is the model identifier for the iPhone 11 Pro Max in this warrant, which is unrelated to the Pensacola case. It’s news alone that the GrayKey can unlock the newest iPhone models.

As with the San Bernardino case, Apple says that it is cooperating with authorities. But, unlike that case, the FBI hasn’t yet tried to legally compel Apple into, for example, creating a special version of iOS that has no restrictions on passcode attempts. As with that case, it would set a troubling precedent that encryption should be weakened. So far, there is simply no practical or realistic way of doing so without breaking every user’s security.

Twenty Years Ago, Steve Jobs Showed Off the Aqua Interface for the First Time 512pixels.net

Stephen Hackett:

Aqua was a huge leap over the classic MacOS’ Platinum appearance, and far richer than anything on Windows at the time. It felt alive, with subtly pulsating buttons and progress bars that looked like they were some sort of modern-day barber poles, turned on their sides.

I remember seeing Aqua for the first time in its Jaguar iteration. By then, the roughest edges of the earliest implementations had been ironed out and Mac OS X was finally fast enough on a family friend’s Power Mac G4 that the system felt like it was supposed to.

I was young; I knew none of this. All I knew is that the copy of Windows XP that I used at home was, in an instant, hilariously outdated.

Windows remains a spectacular example of tasteless and unrefined user interface design. Meanwhile, MacOS has aged gracefully with basically the same interface elements as twenty years ago. Even the old stuff still holds up — mostly. The pinstripes of the earliest versions of Mac OS X are pretty garish, and the dark drop shadows behind seemingly every UI widget and menu label are pretty heavy-handed.

But you could have shown me a copy of Catalina fifteen years ago and told me that this was the way the next version of Mac OS X was going to look, and I would have entirely believed you. That’s evolving gracefully. That’s refinement.

See Also: Jimmy Grewal of the Macintosh IE 5 team. IE5 was demoed by Steve Jobs as an example of a Carbon app on Mac OS X using the Aqua user interface elements. Only two caveats: first, Carbon apps did not automatically inherit Aqua UI components; and, second, the IE5 team independently arrived at an Aqua-like UI without ever having seen Aqua.

Tortoise Media Begins Investigating Tech Companies as Though They Were Nation-States, Starting With Apple members.tortoisemedia.com

Peter Hoskin and Alexi Mostrous, Tortoise (via Kirk McElhearn):

From Apple TV+ to Apple Music, from Apple Pay to Apple News+, Cook’s company is now the gateway through which millions of us live our lives. We watch movies, pay for groceries, read the news, go to the gym, adjust our heating and monitor our hearts through Apple services, which is now the company’s fastest growing division.

Living within this carefully curated ecosystem, soon to be bolstered by new augmented reality products, the company’s 1.4 billion active users have become less like customers and more like citizens. We no longer just live our lives on Apple’s phones, but in them.

Apple’s market valuation is roughly equal to the national net worth of Denmark, the 28th wealthiest country in the world. It has as many users as China has citizens. Its leader has a close relationship with the US president and other heads of state. In all but name, this is a superpower, wielding profound influence over our lives, our politics and our culture.

That’s why Tortoise has decided to report on Apple as if it is a country: the first instalment in a year-long project we are calling Tech Nations, which will cover all the main technology giants. Here, we’ll examine Apple’s economy, its foreign policy and its cultural affairs. We’ll dig into its leadership, its security operation and its lobbying spend. We’ll identify the executives likely to succeed Cook, and the areas where Apple is falling behind in the global tech race.

This is a curious way to frame this series of reports. It’s not hard to see this as the corporate insider counterpart to the countless Apple is a religion takes that have littered the media world since the 1980s. Most of those were entirely thoughtless; this seems to be more considered, but it verges on the ridiculous. While many of us may be “citizens” of Apple, we have every ability to leave that world by replacing their products and services with competitors’ offerings. But it is virtually impossible to never use anything from Amazon, Google, or Microsoft — even if you are not consciously using products from any of those companies. And that makes mongering sentiments, like the clause in the last sentence of this paragraph, seem wildly mistargeted:

There is a sense of necessity, even of wisdom, about these shifts. After all, consumers have become less willing to pay out for iteratively improved phones, so new ways of making money from the phones they already have must be found. The idea is to expand the Apple ecosystem so far that consumers never need to – or never can – leave it.

The “shifts” described are in Apple’s emphasis of its more private products and services:

Yet Cook has made some defining interventions. Other companies, such as Facebook and Google, are happy for a sort of chaos to prevail: an online world that’s sprawling, messy and mostly unregulated, where data can be plucked from the air and passed on to advertisers. Cook is trying to create a refuge: a unified world of hardware, software and services, all under Apple’s flag, where citizens can expect their data to remain their own.

Far from hoping that Apple will be the sole provider of “refuge”, Cook has argued for privacy legislation. It’s fair to retort that this would be in the best interests of Apple, but I also think it would be better for everyone if Apple could not be one of the few companies that can claim to care about privacy. Privacy should not be a unique selling point. Users of any product or service should expect their personal data to be treated with due respect, without exploitation.

Imagine if Apple had to compete primarily on the quality of their services, with privacy as a guaranteed benchmark for them and their competitors.

Instead, we’re seeing the opposite: exploitative ad companies like Google and Facebook are re-framing themselves as respectful of user privacy, despite making no meaningful business model changes. While many of Apple’s services — like iCloud, Messages, and Maps — have been getting much better, they’re now tasked with also redefining their unique offering in the absence of meaningful privacy regulation. It’s entirely fair for them to keep beating that drum.