Privacy is in the same position as security was five years ago

It has taken years for the technology and telecoms industry to take security seriously, and now we are at the beginning of the same story arc with privacy.

The purpose of a story arc in popular culture is to take the character on a journey, agonising through challenges and failures, and up to success and lessons, ultimately concluding with some sort of resolution. There are seven different types, for example, a Cinderella story arc where the protagonist experiences a rise, then a fall, before a final rise, or an Icarus arc where there is simply a rise before an ultimate failure.

The security segment of the technology and telecoms world has gone through somewhat of a Rags to Riches story arc, with adequate protections being ignored for years before becoming a critical component of the technology landscape. That said, some would argue the arc has not been completed as there is still not enough investment.

Perhaps privacy is treading the same path as security, and it will have to battle moral dilemmas, successes and failures over numerous series before it is finally appreciated. The principles of privacy are certainly being ignored, massaged and bent sideways by private and public organisations today.

One question which might be raised is whether we need to reconsider the definitions of privacy for the new world; are we inappropriately judging digital privacy by the standards of the analogue era?

“In my view, there is currently no case for relaxing the privacy rules. There is a need to embed privacy considerations in design of technology,” said Joann O’Brien, VP of Digital Ecosystems at the TM Forum.

“In many cases architectural design/best practice and the embedding of the citizen at the centre of the design still needs to happen. When this happens, meeting privacy requirements becomes exponentially easier to achieve. In many cases relaxing any privacy policy due to impacts on innovation is really playing into the hands of lazy architectures and exploitative technologies.”

This sounds remarkably similar to the same rhetoric which was positioned around security technologies for years. Experts said security needs to be built into the products foundations, not simply an add-on. It does appear the same mistakes are being made with privacy.

One country which does seem to be taking the right approach to building contact tracing applications to combat COVID-19 is Switzerland. Using the decentralised approach, the app was built around the privacy foundations, with all sensitive operations taking place on the user’s device. Other countries should take note of this example championing privacy rights.

“TM Forum advocates for continuing and upholding the privacy rules as the long-term consequences of not doing so will have a negative impact on society and potentially run the risk of citizens losing trust in technology.”

While any reasonable person should not advocate the dilution of privacy rules, perhaps there is a case for reimagining them.

Should governments be able to ensure the same levels of protections and privacy are maintained, there is a case for rewriting rules to ensure they are fit for the digital society. After all, privacy rules as we know them today were written for a bygone era. It is like trying to fit a square peg through a round hole, it might fit if you try hard enough, but it is more suitable for another hole.

“The problem with the current system is it insists that every company asks for consent at a very granular level, which makes it impossible for people to read and understand what they are agreeing to,” said Ross Fobian, CEO of ResponseTap, a provider of intelligent call tracking software.

“It is also annoying because you are presented with messages on every website, but don’t have the time to really understand each one. This results in the user simply trying to get the box out of the way as quickly as possible. This means that generally people default to simply clicking the ‘I agree’ button, without understanding what they are agreeing to.”

The transfer of data to corporations can benefit both sides, however. Companies more intelligently and appropriately are able to target potential customers, while experience of products and services can be enhanced for the consumer.

“The problem is that some companies or even government entities don’t necessarily use your data just to help you,” said Fobian. “They use your data to manipulate you. Cambridge Analytica is a perfect example of this. Also, companies can get hacked and hackers can use that data in ways it was never intended. For this reason, at ResponseTap we don’t store personal data by default, which minimises the risk. However, this is not always possible.”

There are new privacy rules being created for this era, which are heading in the right direction according to Fobian. Telecoms.com readers generally agree with this statement also, with 32% believing privacy rules should be re-imagined for the digital era and 48% suggesting the user should be given more choice to create own privacy rights.

Privacy is a challenge today for several reasons, most of which can be directly linked back to corporations and governments ignoring its importance. In years gone, security was an add-on, despite what anyone told you, and the exact same position has been created for privacy today.

All these companies are telling us that they are pro-privacy, but eventually they will have to start showing us with actions which back up the rhetoric.

Switzerland claims to be first to trial Apple and Google COVID-19 APIs

Two universities, the army and several hospitals in Switzerland have launched what is claimed to be the worlds’ first major trial for Google and Apple’s decentralised contact tracing APIs.

While many governments have opted against the advice of privacy and security experts, universities ETH Zurich and Ecole polytechnique fédérale de Lausanne (EPFL) will work with the army and several hospitals to trial Silicon Valley’s version of the contact tracing app.

“This is the first time that the operating system updates from Google and Apple enable its deployment and testing on such a large scale,” said Professor Edouard Bugnion, Vice-President for Information Systems at EPFL.

Should the app work as desired it would certainly be a cause for celebration for the many societies under strict lockdown protocols. It could also prove quite embarrassing for the government who elected for a centralised data model, contrary to expert advice, some of which are facing teething problems.

Several thousand Swiss citizens are now free to download the application, with the pilot set to last for a few weeks. The team is effectively waiting for legislation amendments before launching to the general public, though depending on the timeliness of politicians is similar to guessing the length of string.

This application is based on the Decentralized Privacy-Preserving Proximity Tracing (DP3T) design, geared towards protecting privacy. As it should be with every application, the Swiss app is built on and around the concept of maintaining and protecting privacy, not with privacy as an add-on when other criteria have been satisfied, like the UK-version has.

“Our goal is to offer a solution that can be adopted in Europe and around the world,” said Professor Carmela Troncoso, head of the Security & Privacy Engineering Laboratory at EPFL and the brain behind the DP3T protocol.

Operations for the application which are deemed essential but also sensitive from a privacy perspective will all be performed on the device. The application will log the unique identifier of any other device which has been in close proximity (less than two metres) for a sustained period (15 minutes). Should the individual test positive for the coronavirus, as GP will issue a single-use code to be entered into the app, which will alert any individuals who have been logged as a contact.

Although calls for a unified approach to creating contact tracing applications have largely been ignored by attention seeking politicians, the world should be watching this Swiss experiment very closely. The decentralised approach is one which is built with privacy in the foundations, and while it might not offer the flexibility some government data scientists are after, there is no need to make any compromises to privacy or security.

This should be taken as a lesson by politicians around the world; privacy and security should not be forgotten in the battle against COVID-19.

UK Cabinet Office, as well as DCMS and DoH, clueless about COVID app

Some might assume the strategy to combat COVID-19 is being devised on the hoof while patchy delivery suggests there is little communication between departments, and the cynics would be right!

After a week of bouncing from department to department and representatives being unable to offer any clear guidance or in-depth knowledge of the contact tracing application, Telecoms.com is becoming increasingly concerned about the Government strategy, as well as potential implications for privacy and security.

With the information which has been offered from Government representatives to date, it is clear few have any idea what is actually going on.

Last week, the Cabinet Office released new documents which detailed the UK Government strategy to exit the current societal lockdown. Featured in this broad document were 14 projects needed to ensure the country can exit the lockdown effectively, including the creation of a contact-tracing application to monitor the impact and potential spread of the virus.

The following extract is from the bottom of page 39, the section dealing with testing and tracing:

“Information collected through the Test and Trace programme, together with wider data from sources such as 111 online, will form part of a core national COVID-19 dataset. The creators of a number of independent apps and websites which have already launched to collect similar data have agreed to work openly with the NHS and have aligned their products and data as part of this central, national effort.”

Despite this document being published and distributed by the Cabinet Department, and featuring a foreword from Prime Minister Boris Johnson, it was unknown who the ‘independent apps and websites’ are, when the trials of the COVID-19 tracing app on the Isle of Wight would be concluded or how many downloads were being targeted upon release.

Considering the importance of this document and the material in it, one would assume this information would be available, though we were referred to other Government departments, who have not been able to provide insight either.

This is not the first time we have been referred from a department which should have knowledge of the situation and to another. In recent weeks, prior to the beginning of the Isle of Wight trials, the Department of Digital, Culture, Media and Sport (DCMS) stated it was not involved at all with the development of the application, referring us to the Department of Health and Social Care (DHSC), before being directed by representatives of DHSC to the NHS technology unit where communication went unanswered.

Despite the Cabinet Office, DCMS and DHSC presumably being critical Government departments in the development of a contact tracing app to combat COVID-19, there does not seem to be anyone in the know as to what is actually going on.

Unfortunately for everyone involved, the questions posed were not overly complex and should be simple to answer if the information is available, instead one department pointed us to another. Perhaps no-one wanted to muddy their hands with what is quickly turning into a debacle, or maybe no-one could actually answer these simple questions.

If there is little contribution from these departments on the development of the app, how can one ensure there are effective safeguards for cybersecurity or data privacy? The Government has gone against industry advice in pursing a centralised data model, but confidence in its ability to manage this process is increasingly thinning.

The NHS has somewhat of a checkered past when it comes to digital and data projects, and that is putting it politely. Some of these previous attempts to do digital in the NHS has been completely and utterly disastrous, accomplishing nothing, yet the NHS is seemingly blindly trusted as Government departments plead ignorance. The NHS flying solo will have some critics shifting in their seats very uncomfortably.

For the app to work as desired, 60% adoption is a number which has been floated by academia. This is going to be a big ask, therefore delivery will have to be close to perfection. One might hope that the relevant Government departments are a bit more informed moving forward considering the importance of this technology in aiding the UK’s recovery.

Verizon starts toying around with mid-band spectrum

With 5G falling flat in the US, it appears Verizon is taking matters into its own hands with an application to the FCC to experiment with mid-band spectrum, specifically, 3.7-3.8 GHz.

In fairness to the US telcos, there hasn’t been much opportunity to deliver 5G over the airwaves which are proving critical to the rest of the world. The ‘C-band’ spectrum is congested, though the FCC is currently in the process of clearing it and creating a dynamic spectrum sharing initiative which could be the envy of the world. Better late than never.

According to the application made to the FCC, Verizon is planning on running trials over the 3.7-3.8 GHz spectrum in several locations in three states, namely:

  • Basking Ridge, New Jersey
  • Westlake, Texas
  • Williamston, Michigan
  • Okemos, Michigan
  • Jenison, Michigan
  • Hudsonville, Michigan
  • Ada, Michigan
  • Lowell, Michigan
  • Sunnyvale, California

Many telcos around the world have been bragging of the benefits of mid-band spectrum, benefiting from a more palatable compromise between increased download speeds and coverage, the US telcos have been struggling with mmWave or low-band airwaves, neither of which can deliver on the much-hyped 5G promise.

The status quo of disappointment was fine as long as all the telcos are underwhelming, but there has been a recent development which should worry the likes of Verizon and AT&T.

As part of the merger agreement between T-Mobile US and Sprint, the new company will have access to all three tiers of spectrum. T-Mobile had been offering 5G over 600 MHz and mmWave already, which was not satisfactory, however it now has access to Sprint’s 2.5 GHz assets. A blend of low-, mid- and high-band spectrum licences should see a very effective delivery of 5G. This is already being delivered in Philadelphia, though it won’t be long until it is scaled by the ambitious challenger.

Looking at the 5G subscriber forecasts by analyst firm Omdia, this could have a very material impact on the balance of power in the US telco industry.

Forecast of 5G subscriptions in US (2020-2022)
Telco 2020 2021 2022
AT&T 5,581,572 14,416,872 29,301,757
Verizon 2,520,867 16,560,150 35,020,621
T-Mobile and Sprint 5,560,802 18,560,447 36,266,014

Source: Omdia World Information Series

Alone, T-Mobile would erode the subscription lead AT&T and Verizon hold over it today, but it would still be in third place. When you combine the T-Mobile and Sprint figures, you have a market leading firm.

Some might suggest the figures are incorrect as the merger would mean Sprint disappears, but this will not happen overnight. Legacy deals might well be kept in play for the short-term under the Sprint brand as integration projects and campaigns run, but they will be delivered over the same network. The very network which will have the most comprehensive and attractive blend of spectrum.

“Mid-band spectrum provides the sweet spot combination of capacity and coverage for modern 5G networks that the rest of the world is coalescing behind,” Chris Pearson, President of 5G Americas, recently wrote on a blog post championing 5G as a catalyst for recovery from the current global pandemic.

“The international standards forum 3GPP identified the spectrum range 3.3-4.2 GHz as the core 5G band for countries around the world. But the US has yet to auction any exclusive use licensed spectrum in that global mid-band range for 5G.”

Pearson has pointed to regulatory restrictions slowing progress in accessing mid-band spectrum, a critical component in ensuring 5G meets the promises being made by the telecoms industry. A lack of mid-band spectrum is problematic for numerous reasons.

Firstly, coverage can only be delivered only low-band airwaves, but this does not deliver speed upgrades as T-Mobile customers are finding out. Over mmWave means coverage is very limited, which AT&T and Verizon customers are discovering, while it means network deployment is also a lot more expensive as densification projects are very costly and time consuming. Latency is also falling short of all standards by all telcos.

Pearson is of course a champion for the telecoms industry, but the necessity of mid-band spectrum is also replicated at regulatory level.

“For America to be a global leader and win the race to 5G technologies, which we must do for both economic and national security reasons, we must actively identify and make available a key ingredient necessary for 5G networks and systems: mid-band spectrum,” FCC Commissioner Mike O’Reilly said in a letter to President Donald Trump in April.

“Yet, the pipeline is nearly empty, and our wireless providers lack sufficient mid-band spectrum to meet the exponential growth enabled by 5G networks and expected by users. I believe that only you personally, with your unique ability to cut through the bureaucratic stonewalling, can free the necessary spectrum bands to provide our wireless providers the means to succeed.”

If the US is to deliver the 5G promise it needs access to mid-band spectrum. Not only will this benefit consumers, but it will allow enterprise customers to deliver on the newly emerging 5G-powered business models. Without it, US corporations might fall behind international rivals who exist in countries where the mid-band airwaves are available. This is a mid- to long-term consequence, but one which would be much more damaging to the US economy on the whole.

As it stands, only T-Mobile is in an adequate position. This should be a concern for AT&T and Verizon.

T-Mobile is a company which has been very successful in recent years, growing from a position of irrelevance to a genuine threat. The comfortable spectrum position could act as another catalyst for growth, potentially creating a new leader in the US telecoms industry.


Telecoms.com Daily Poll:

How critical is mid-band spectrum in delivering 5G services?

Loading ... Loading ...

51% of IT pros disagree with Gov approach to COVID-19 app

With the UK’s COVID-19 tracing application being test on the Isle of Wight, only 24% of IT professionals believe the initiative will be successful.

Research from BCS, an association for IT professionals, suggests the Government is struggling to source support from the IT community. This is not to say the efforts will not be a success, but it is hardly a confidence boost.

“BCS is clear that if done ethically and competently a tracing app can make a huge contribution to stopping the spread of COVID-19; but a majority of our members don’t believe the current model will work and are worried about the reliance on a centralised database,” said Bill Mitchell, Director of Policy at BCS.

“Yet despite their doubts 42% would still install the app and 21% are undecided. It feels like there is a lot of goodwill out there to give a tracing app a chance – if it can be shown to work. That means if these concerns are fully addressed then maybe over 60% of the population will install a high-quality app. That’s the magic adoption figure we need for the app to have real impact on stopping COVID-19.”

According to the research, only 24% believe the application will succeed. 32% explicitly believe it will fail and the remainder are still undecided. Interestingly enough, 51% believe the Google/Apple approach, the decentralised model where data is stored on user devices, should have been taken forward by the Government.

This is an argument which will persist as long as the coronavirus does. Some countries have opted for the decentralised model, which is being championed by Silicon Valley, and others have gone for centralised. What is worth noting is there is a very valid argument for the centralised data approach.

“If you don’t have the data at the starting point of the tunnel, you are facing a challenge,” said Sebastien Ourselin, a professor from Kings College London, during an industry conference. “When you want to react quickly, access to the data is key.”

Ourselin’s argument is that a centralised data model means you have access to the data all the time and whenever you want. It means you can run different models and apply different conditions to forecasting models, which is a lot more difficult when you only have access to the insight not the raw data.

The issue with the Government decision for centralised data is one of credentials.

When asked what the IT pros were concerned about, and why they would not download the app, 69% said data security, 67% pointed to privacy, 59% worried it was a pointless exercise and 49% lacked trust in the Government.

The final concern is why some might suggest opting for the Google/Apple route would have been more successful. People don’t trust Governments, but the majority have already handed personal information over to Silicon Valley. There is a respect for the smarts and capabilities of these companies. The Government could have weaponised Silicon Valley’s credibility to drive user adoption of the application.

If the Government fails to convince the general public to adopt this app, it will not succeed as imagined. There will be a valid contribution, but for a material success 60% of the population will have to download the application. This is a tough ask, though the lessons learned from the Isle of Wight trials should provide some valuable insight.


Telecoms.com Daily Poll:

Who would you consider the King of Innovation in the telco industry currently?

Loading ... Loading ...

Return to work messages start to appear as Twitter hands power to employees

One of the questions which has lingered over the last few weeks is whether the COVID-19 enforced digital transformation will persist in the long-term, though the answer is becoming a bit clearer.

Twitter is one of the first of the technology giants to break the silence and make a commitment. Offices will be opened at some point after September, though the decision as to whether to come in or not will be left entirely to the employees.

“We were uniquely positioned to respond quickly and allow folks to work from home given our emphasis on decentralization and supporting a distributed workforce capable of working from anywhere,” said Jennifer Christie, Chief HR Officer at Twitter.

“The past few months have proven we can make that work.

“So if our employees are in a role and situation that enables them to work from home and they want to continue to do so forever, we will make that happen. If not, our offices will be their warm and welcoming selves, with some additional precautions, when we feel it’s safe to return.”

Twitter embracing the work-from-home dynamic is hardly surprising. This is a digital native company which attracts the interest of a certain demographic. This is also a company where the necessity to work within an office is very low, as it is a platform business; product design is virtual not physical after all.

On the other end of the scale, there are companies and professions where work-from-home is not an option. There are obvious categories, construction for instance, but also others which are less so. Due to regulatory and compliance issues, those who work in a company’s treasury department or conduct high-profile trades in the financial markets might find it difficult to work from the living room.

Another factor to consider is the creation of products, such as smartphones.

According to Bloomberg, Apple has already begun the process of reintroducing employees to some offices around the world. Senior managers are reaching out to employees to explain who will be working from home and who will have to come back into the office, but those who are creating new products, such as the flagship 5G smartphone to be launched in a few months, will not be able to work from home as it is highly unlikely each of these engineers have a cleanroom at their residences.

Other parts of the Apple business could work from home. Sales and marketing, for instance, or the developers who work from the software and services unit could very feasibly continue. As one of the Silicon Valley fraternity, Apple would presumably embrace the idea of mobility but it does also have to justify the $5 billion which has been spent to construct the new doughnut-shaped headquarters in Cupertino.

These are perfectly understandable answers to the longevity of the work-from-home question, but the most interesting developments will be around the companies who can function remotely, but probably don’t want to.

There are numerous industries which have resisted digital transformation programmes. This is because of a lack of vision, ‘lifers’ in middle-management roles who have no desire to evolve or executive management teams who were brought up in a different era and have no concept of digital. Despite what many would claim, the FTSE 100 and Dow Jones is littered with such organisations.

These are the companies who are spending money on the cloud currently, but only because they have been strong-armed through a digital transformation programme. They are thousands of companies who lack the foresight and imagination to realise the importance of evolution and many of these will revert back to pre-coronavirus operations.

But here is the question; how many of these luddites are there?


Telecoms.com Poll:

Do you think your business will continue the current work from home dynamic once the coronavirus pandemic has passed?

Loading ... Loading ...

After 107 million downloads in April, TikTok faces a European privacy probe

Questions over the privacy of popular video-sharing application TikTok have been raised by Dutch authorities, but scepticism can’t slow the rapid expansion.

Although other investigations around the world are far more damning, suggesting some very nefarious activities, let’s not forget giants can be taken down by unsuspecting means. After all, Goliath was conquered by a pebble and Al Capone was felled by tax evasion charges.

“A huge number of Dutch children clearly love using TikTok,’ said Monique Verdier, Deputy Chairman of the Dutch DPA.

“We will investigate whether the app has a privacy-friendly design. We’ll also check whether the information TikTok provides when children install and use the app is easy to understand and adequately explains how their personal data is collected, processed and used. Lastly, we’ll look at whether parental consent is required for TikTok to collect, store and use children’s personal data.”

The investigation will focus on whether TikTok effectively protects the privacy of Dutch children, and whether there would need to be any changes enforced on the team through regulation. As with every other investigation, this probe from the Dutch could shed light on certain aspect of operations which could have a domino effect.

While TikTok was thrust on the world to much consumer enthusiasm last year, the momentum has certainly continued through 2020 and has perhaps been compounded by lockdown protocols currently in place around the world.

Most downloaded Apps (non-gaming) during April 2020 – Global
Overall App Store Google Play
1. Zoom Zoom Zoom
2. TikTok TikTok TikTok
3. Facebook Google Meet Facebook
4. WhatsApp Microsoft Teams WhatsApp
5. Instagram Netflix Aarogya Setu

Source: Sensor Tower

With more entertainment needed by those taking part in enforced lockdown, there has been a surge in interest in numerous categories, but social media and content streaming applications are close to the top of the list. TikTok has benefitted from these tendencies, but also endorsements from numerous celebrities around the world.

Over the weekend, Anthony Hopkins challenged Sylvester Stallone and Arnold Schwarzenegger to a dance-off on the platform with Drake’s Toosie Slide.

@anthonyhopkins##Drake I’m late to the party… but better late than never. @oficialstallone @arnoldschnitzel ##toosieslidechallenge♬ original sound – officialanthonyhopkins

With more and more celebrities embracing the platform, everyday consumers will be encouraged, especially during a period of boredom. This might be seen as a worrying trend to US politicians who are attempting to dilute the influence China and its companies have on global societies and economies.

Last October, Republican Senator Tom Cotton and Senate Minority Leader Chuck Schumer wrote to the Acting Director of National Intelligence, Joseph Maguire, to formally request an investigation into TikTok, questioning whether it is a threat to national security as the applications developer ByteDance could be coerced to collaborate with the Chinese Government.

A few days later, Senator Josh Hawley also introduced a new bill, known as the National Security and Personal Data Protection Act (S.2889), which would force foreign technology companies to store data locally.

This would provide some protections to US consumers but would also open up the political class to a barrage of complications as the US has been attempting to punish countries who enforce data localisation rules on US companies. India is one of these nations at loggerheads with the US, and while many would attempt to avoid such complications, hypocrisy and irony seem to be completely lost on the current political administration.

TikTok has escaped much scrutiny over the last few months, though this is perhaps due to other areas demanding more attention. The application might be enjoying success for the moment, but we suspect it is not clear of privacy investigations just yet.

Why is Google so interested in Fitbit?

In early November, Google announced it was acquiring Fitbit for $2.1 billion, a transaction which has polarised opinion. But why is Google interested in a faltering wearables brand?

Acquisitions in the technology world are not unsurprising, especially when it comes to search engine giant Google. This is a company which is constantly pushing the boundaries of normality, testing ideas outside its core competencies and exploring for the next multi-billion-dollar business.

The question which remains in the minds of some is whether Fitbit could be the catalyst for profits, or if this is an unjustified expansion of Google’s ability to pry into the personal lives of users around the world.

$2.1 billion for a failing wearables business

When talking about wearables, it used to be impossible to avoid Fitbit. This appeared to be one of the very few companies who could turn a profit in a segment which flattered to deceive. Until recently that is.

Looking at the financials of Fitbit, the business was heading south very quickly.

Full-year financial results for Fitbit 2015-19 (USD ($), millions)
Year Total revenue Net Income (Loss)
2019 1,434 (320)
2018 1,512 (185)
2017 1,615 (277)
2016 2,169 (102)
2015 1,858 175

Source: Fitbit Investor Relations

In 2015, Fitbit was a rapidly growing wearables brand turning a tidy profit. What made this even more impressive is the failures of almost everyone else to crack the market; wearables was a segment which no-one else seemed to be able to make work, not even Apple.

The trick with Fitbit was simplicity. It didn’t try to take on traditional timepieces with a clunky digital alternative which still had to be tethered to a smartphone, it produced a simple fitness device. It identified a need and fulfilled a purpose, without trying to be too clever.

The issue which it has faced in recent years is two-fold. Firstly, wearables become more mainstream and demanded more functionality. And secondly, mainstream brands were allocating big marketing budgets.

Fitbit attempted to evolve its offering, creating more devices which were more in-line with the smartwatch image of today, but it struggled to compete with the likes of Apple and Samsung when it came to functionality, design, marketing and acquiring new customers who had not previously been interested in wearables. It failed to evolve, adapt and expand.

That said, the barebones of a successful business are still there.

The resurgence of Fitbit as a competitive force

Fitbit is an interesting acquisition for Google. It has a solid and reputable fitness brand, a loyal customer base as well as existing products and IP. The fundamentals of a good business are in place, the reason Fitbit failed is it was not able to advance its business model to the next level of development.

Aside from good products, consumers nowadays are insisting on experiences and an ecosystem of supporting applications. One explanation as to why Fitbit is a failing business is that it was unable to develop the supporting applications, experiences and services to bundle behind the hardware.

This is where Google can help.

With the Fitbit team concentrating on developing new products, the software and services element can be delegated to the Google engineers. With an army of software experts and existing products, Fitbit could certainly emerge as a fighting force on the wearable scene once again.

Aside from the Android operating system which has Google has created for the wearable ecosystem, Wear OS, there are numerous other services which could be more closely linked to the Fitbit products such as Google Maps and YouTube Music. The products could also benefit from the work Google is doing into new areas such as the voice user interface and gesture control.

Bringing together the Fitbit hardware experience, IP and brand, with Google’s OS expertise and software engineering smarts is a very attractive mix.

Why would Google care about the wearable segment?

Firstly, Google is interested in any idea which can make money, and with the right care and attention, as well as patience, you can make money out of just about anything.

Secondly, the wearable ecosystem allows Google to operate in an area where it currently doesn’t.

And finally, wearable products allow it to buildout other investments in areas such as healthcare and smart cities.

Global smartphone market share – 2019
Brand Market share
Apple 31.7%
Xiaomi 12.4%
Samsung 9.2%
Huawei 8.3%
Fitbit 4.7%

Source: Statista

Just like the smart speaker products Google launched in recent years, the greater opportunity is not to profit from product sales, but to build a services ecosystem behind the hardware. Fitbit products with Wear OS allow Google to interact with customers in a new setting, in a new way, while collecting new data.

This data can of course be used to supplement existing advertising models, hyper-targeted messaging is where the money is after all, but it can also offer Google the opportunity to build new services. With a portfolio of fitness related products, Google can collect new data to create new applications as well as buildout the development of existing ideas.

For example, Verily is a research organization devoted to the study of life sciences. Verily works with academia, hospitals and health systems and life sciences companies to improve healthcare. The work is of course technology focused, making best use of data to augment the healthcare industry, and the addition of a portfolio of health and fitness wearable products would improve this proposition.

Another example is Sidewalk Labs, an ‘urban innovation’ investment from Google. The concept of smart cities is quickly gathering steam, and should the right investments be made, software companies could make billions. Wearable devices will be an important element of the smart cities for identification and authentication with public services, payments and interaction with other applications which could emerge.

These are two ideas which already exist in the Alphabet family, but Google does not currently have a venture into fitness and lifestyle. Fitbit it an entry point.

Owning the OS is critical to owning the ecosystem

Google is one of the most successful companies in the world because it manages to position its products and brands in front of people. And perhaps the most important acquisition it made in its history was Android.

The operating system, founded in 2003 by Andy Rubin, ensured Google powered the majority of smartphones across the world. It is free for smartphone manufacturers to use, but this comes with conditions; certain applications have to be installed as default. Aside from these products being very good, accessibility is one of the reasons they are so popular.

Wear OS, the operating system for wearable devices, offers Google the same opportunity. If users are tied into the Wear OS ecosystem, Google can build services and monetize the audience.

However, success for Wear OS has been wayward to date.

Apple devices use WatchOS, Xiaomi have their own as well, Garmin has developed one internally, Tizen is a Linux-based primarily by Samsung, while Fitbit also had their own. No-one was really that interested in Google’s OS when they have proprietary software, as this would mean handing data and the controlling stake in the software ecosystem to Google.

Purchasing Fitbit offers Google the opportunity to get Wear OS into the wild, collecting data to improve its capabilities. Without the Fitbit acquisition, Wear OS would most likely have dwindled and died, but if the Fitbit brand can be reinvigorated, there is every chance Google could be very influential in this segment. Especially as Fitbit already have a health-orientated brand perception.

Data, data, data…

The Google business is built on data. The algorithm powering search engines only works well because it is constantly trained to improve accuracy of results. Google advertising is only successful because it is hyper-targeted. The Maps products constantly need to be fed data to ensure route-planning is most efficient, local businesses are listed and preferences are honed to the user.

Fitbit offers some extraordinary data, which would be very useful for companies like Google.

To make best use of fitness-based products and applications, additional information on the user is often needed. Weight, height, fitness and lifestyle objectives, eating habits are some examples which can be plugged into the application. These devices also track user location, how and when they exercise, heart rate, and sleep patterns. Analysing this information is very useful for fitness-orientated users, but it is also incredibly valuable to advertisers.

It is always worth pointing out that the more people making use of Wear OS, the more data Google is collecting to fuel the advertising machine. Thanks to Deepmind, Google’s AI powerhouse, all of Google’s service make use of user insight to improve the accuracy and profitability.

This is where some of the objections to the Fitbit acquisition have been directed.

How much is too much insight?

There are many in society who are uncomfortable with the amount of information the internet giants, not Google alone, have already and how much additional access they are gaining through acquisitions. There are some who like the idea of Google purchasing Fitbit, but there are also others who question whether this is handing too much power and influence to the search giant.

Some might question how much of a window Google should be given into the personal lives of people around the world.

“The most critical issue is Google’s acquisition of Fitbit’s trove of health and biometric data,” the Electronic Frontier Foundation, an opponent of the acquisition, said. “Obtaining that data will help Google both improve its advertising business and significantly expand its data empire.

“Google’s acquisition of Fitbit will also deprive users of one simple, meaningful choice they could have made: to track their health and fitness without putting that data into Google’s ecosystem.

“And where users have already made this choice—by buying and using Fitbit devices prior to the acquisition—an acquisition destroys those user choices, retrospectively opting them into Google data collection despite their revealed preference to use a Google competitor.”

The Electronic Frontier Foundation has two objections to Google’s acquisition of Fitbit. Firstly, Google is getting too much personal information. A single, private organisation should not have such power. And secondly, such an acquisition would restrict competition in an already restrictive segment.

On the competition side of things, there is a valid point.

Not only is the smartwatch and wearable segment pretty small already, competition is the digital advertising space is also limited. Should Google expand further it would become more powerful in the advertising game, potentially killing off rivals.

The Electronic Frontier Foundation is not alone with its objections to the deal, and the concerns are not going unheard.

In the US, the Department of Justice is considering the impact of the acquisition in terms of data collection and privacy as well as market competition. Down in Australia, the Australian Competition and Consumer Commission (ACCC) has launched a similar investigation which is due to conclude on May 21.

The big question of whether Google should be allowed to acquire Fitbit

By acquiring Fitbit, Google gives itself a leapfrog in the wearable OS segment, it builds out investments in healthcare and smart cities, creates additional revenue streams, allows it to drive forward another ecosystem in its own vision and adds more valuable data into the advertising machine.

For Google, this is an incredibly intelligent acquisition, $2.1 billion well spent.

However, if it is to be successful it has to develop this business intelligently. The Wear OS team should focus on the development of the operating system and supporting ecosystem, while the Fitbit engineers should be empowered to create excellent devices, whether they are simplistic fitness trackers or complex smartwatches.

Enough money has to be thrown at the development teams, but Google has to let Fitbit be Fitbit; it is a successful brand and must be allowed to continue its own path. Let Google engineers concentrate on software, and Fitbit engineers concentrate on hardware.

But the question is not whether Google is smart in acquiring Fitbit, more whether it should be allowed to. The acquisition would enable Google access to a treasure trove of very personal information, as well as posing a potential risk to competition. The internet giants have already demonstrated a sluggish attitude to data privacy, and this transaction offers access to some very personal information.

Authorities will have to assess whether Fitbit would have survived on its own, which looking at the financials is unlikely, and whether Google should be allowed to expand its influence and power through the acquisition of more data.

UK snubs Google and Apple privacy warning for contact tracing app

Reports have suggested the UK will pursue a centralised data collection approach for its COVID-19 contact tracing app, despite the well-publicised security and privacy risks.

Last week, the National Health Service (NHS) published a blog entry which pointed towards some element of centralised data collection, though the choice was seemingly been offered to the consumer. It now appears this is not the case.

“This anonymous log of how close you are to others will be stored securely on your phone,” Matthew Gould and Geraint Lewis of NHSX, the technology unit of the NHS, wrote in the blog post.

“If you become unwell with symptoms of COVID-19, you can choose to allow the app to inform the NHS which, subject to sophisticated risk analysis, will trigger an anonymous alert to those other app users with whom you came into significant contact over the previous few days.”

Details are of course still thin on the ground, but the BBC is now reporting the NHS will pursue a centralised approach, collating data on NHS servers for analysis and to send out notifications. There are of course advantages to this approach, models can be adapted quicker and additional analysis can be performed, but the question which remains is whether this outweighs the risk to security and privacy; Google and Apple clearly do not think so.

While a centralised approach proposes the collection and storage of all relevant data on NHS servers, an API created between Google and Apple would do the analysis on devices.

Using Bluetooth once again, the decentralised API would store the interaction between device on the user’s device, only sending a key indicating whether that specific user is infected or not to the cloud. Devices would reference the cloud database regularly and should the on-device logs match an infected key, alerts would be sent to other devices which have been logged as contact traces.

The decentralised approach has been embraced by Germany, though this was a surprise, however French authorities has gone the same direction as the UK is seemingly heading. The one which flies in the face of expert advice.

An open letter from cybersecurity specialists and other data scientists has slammed the centralised approach employed by France and, allegedly, the UK.

“All these applications in fact involve very significant risks with regard to respect for privacy and individual freedoms,” the letter states. “One of them is mass surveillance by private or public actors, against which the International Association for Research in Cryptology (IACR) committed itself through the Copenhagen resolution.

“This mass surveillance can be carried out by collecting the graph of interactions between individuals, the social graph. It can intervene at the level of operating systems (OS) of mobile phones. Not only OS producers could reconstruct the social graph, but also the State, more or less easily depending on the solutions proposed.”

The letter has been signed by hundreds of French cybersecurity experts from a range of academic institutions and private research organisations. Support to this position has also been pledged by hundreds of non-cybersecurity technologists also. It is a very comprehensive list of academic experts all condemning the centralised approach as an unneeded risk and an action which undermines privacy principles.

Although the details of the NHS application have yet to be revealed, it does appear the team is heading down the same route as the French. The pursuit of simplicity and flexibility has been deemed more important that the grave warnings to security and privacy offered by experts in the field.

Hopefully the collection of data on centralised servers does not act as too much of a red flag to the hacker community, most of which do not too many invitations to have a crack at stealing information which can be used for nefarious means. Aside from the risk to privacy, collecting millions of datasets of personal information in a single place could be viewed as somewhat of a treasure trove.

Israel halts mobile-tracking quarantine measures on privacy grounds

The Israeli Government is suspending police powers to requisition mobile roaming data from telcos to monitor quarantines, with politicians citing privacy concerns.

Last month, Prime Minister Benjamin Netanyahu offered new powers to police authorities to force telcos to hand over location-tracking data for mobile phones. This data was subsequently used to monitor citizens ordered to self-isolate as suspected or confirmed coronavirus cases. The Government has now been forced to backtrack on this move after it was challenged in the Supreme Court by civil liberties groups.

“We have decided on a foreign committee and the security to freeze the legislation enabling cellular retention to enforce the isolation,” Ayelet Shaked tweeted (below), a member of right-wing political party Yamina. Shaked also serves on the Foreign Affairs and Defense Committee.

Although the police have argued the technology is an effective tool to ensure quarantine rules are being followed, 203 arrests have been attributed to the data, the threat to privacy has been deemed to great. This is not an end to the use of the technology, authorities will still use the contact tracing elements to map the spread and identify potential infected individuals, but the all-encompassing, location-tracking concept is closed for the moment.

The original move to offer this data to police authorities was authorised under emergency coronavirus regulations, although it had a month-long time limit attached. A further extension of these powers was subject to Parliamentary approval and legislation, however the Foreign Affairs and Defense Committee have blocked the extension. The Government had slated a bill to extend the powers, as the initial month period is due to expire Wednesday.

Although the use of technology in combatting the on-going coronavirus outbreak should be applauded, it has to be done in a responsible and respectable manner; privacy and security rights should not be forgotten in tackling COVID-19.

Interestingly enough, this is not the only Government which is attracting attention for the creation of a coronavirus app. In France, Ministers have foolishly asked Apple to suspect certain privacy and security features to enable its own contact tracing and tracking app to work as designed.

The approach from the French is almost laughable as it demonstrates just how hypocritical it can be. For years, French authorities have been criticising, sanctioning and fining internet companies for privacy and security concerns, but now it is asking Apple to turn a blind eye to an application which has an in-built and highly publicised vulnerability. It is quite remarkable how ignorant some politicians are to the rule of unintended consequences.