Security is a concern, especially as it can hit bank accounts now

New research from EY suggests British businesses are more concerned than ever about security. Funny that, considering there’s now a whopping fine to worry about.

Security is one of those areas which is constantly discussed but little is done to address. Irrelevant as to how many CEOs tell you its top of the agenda or how many statements start with the phrase ‘our customers security is our number one concern’, it’s an aspect of the technology world which has been swept aside. But not according to this research from EY.

“It’s not surprising that businesses are most concerned with the threat of cyberattacks,” said Adrian Baschnonga, Global Lead Telecommunications Analyst at EY. “The introduction of 5G will help organisations unlock new growth opportunities, but this transition comes at a time when fears regarding data breaches and network security are especially pronounced.”

While you always have to take statements like this with a pinch of salt, it might be right this time. Why? Because if you want to make executives care about something aside from their annual bonuses, you have to fight fire with fire.

Under the General Data Protection Regulations (GDPR) brought into play last May, any company which is found to have inadequately protected customer or employee data are subject to fines of 3% of annual turnover or €20 million. GDPR fines are proportionate to the risk posed by a breach, allowing flexibility for regulators to tackle the problem, but it certainly seems to have caught some attention.

According to professional services firm RPC, in the 12 months prior to September 30 2018 (the period in which GDPR was introduced) the Information Commissioners Office issued fines totalling just over £5 million, a 24% increase on the previous period of 12 months. Considering the ICO only had a couple of months to swing the GDPR stick at offenders, it would be fair to assume the watchdog is fully embracing the new powers offered to it.

This also seems to have hit home with those investing in new technologies. 40% of respondents to EY’s survey are worried about 5G and cyberattacks, while 37% saw IoT as a risk. These numbers aren’t particularly high, but they are the biggest concerns.

Another factor to consider is the consumer. While many will have been blind to the risk of data breaches in by-gone years, this does not seem to be the case anymore. Recent Lloyd’s research claims 44% of UK consumers believe there is a risk to personal safety in the sharing economy, perhaps indicating they would be hard-pushed to share data. If enterprise organizations are going to benefit from the data boom, they’ll have to convince customers that their personal information will be safe.

Whether this translates to appropriate security investments remains to be seen, as there seems to be a lack of ownership over security overall. Enterprise organizations are looking to suppliers for security to be built into products, while it is perfectly reasonable for suppliers to ask enterprise organizations to do more. Security should be built into products, but if an individual buys a front door, the manufacturer cannot be blamed when it is left open or an inadequate lock is used.

More often than not the carrot is used to incentivise business, but it seems the GDPR stick is an effective tool in bringing security to the front of executive’s minds. Hopefully now there will be less pandering for PR headlines and more affirmative action.

UK sets out battle plan to tackle Silicon Valley’s ‘Digital Gangsters’

Facebook is only the tip of the iceberg, but Parliament is coming after Zuckerberg and his Silicon Valley cronies in the long-standing battle to understand and curb the influence of social media.

Featuring representatives from both sides of the political aisle led by the Department for Digital, Culture, Media and Sport (DCMS), this perhaps set the scene for one of the most aggressive stances against the social media giants. If all the recommendations are followed up on, there could be some major disruption on the horizon.

New regulations, new definitions for the business model, a new regulator, new fines, new competition investigations and new levies against the internet players, the outcome certainly justifies the months spend investigating the complex and diverse tapestry of social media and its impact on today’s society.

“We hope that the Government will include these considerations when it reviews the UK’s competition powers in April 2019, as stated in the Government response to our Interim Report,” the report states in its concluding statements. “Companies like Facebook should not be allowed to behave like ‘digital gangsters’ in the online world, considering themselves to be ahead of and beyond the law.”

Such is the pace of the legislative machine, nothing will change in the immediate future, but this is an important first step into the red-tape maze of regulation. This parliamentary committee, and the subsequent report, are laying the foundations for the future. The scene has been set, with the committee painting a complex picture of deception, greed and mistrust, readying bureaucrats for an assault.

To understand how we have gotten to this point you have to go back to Cambridge Analytica scandal. Until this point the data economy was thundering along relatively undisturbed, free from the worries of regulation and oversight, however this scandal pulled the curtain back ever so slightly. The data machine was slightly exposed, but ever since politicians have been clawing to understand the cogs and levers.

But what does this report recommend? Firstly, new regulatory mechanisms. The parliamentary committee has suggested the formation of a new regulatory body, which will be funded by levies placed on the internet companies wishing to operate in the UK, which would have greater insight and powers to pry open business models and processes. Another interesting recommendation is the creation of new definitions for the internet economy.

This is part of the issue today and the reason internet giants have so much freedom. Rules have been designed for different types of organizations for a bygone era. To compensate for the inadequacy of the rulebook, new clauses have been built on top. The issue has been compounded, creating a complicated red-tape maze with loop holes, secret corridors and grey areas for lawyers to expose. The shaky foundations have not provided a suitable mechanism to hold the segment accountable.

The report states what many already know but little has been done to correct. These social media companies are no-longer simply ‘platforms’ and neither are they ‘publishers’, therefore they should not be regulated as such. A new definition should be created, with rules specific to this segment. It’s amazing to think it has taken this long to come to this conclusion, but the committee is pushing for specific rules for specific circumstances.

The report also calls for a new ‘code of ethics’, designed by independent experts and overseen by the newly created regulatory body, to hold the internet giants accountable. Using the same principle as Ofcom uses for the regulation of broadcasters, these rules would be specific to the case. It would be a square peg for a square hole.

This new approach may also be extended to the murky world of political campaigning also. After the ICO called for a pause of political spending during election periods last year, the committee has responded by suggesting new powers which would:

“…define digital campaigning, including having agreed definitions of what constitutes online political advertising, such as agreed types of words that continually arise in adverts that are not sponsored by a specific political party.”

Again, this is a criticism of the sluggish nature of regulation, not recognising the world has evolved. New rules should reflect the new digital landscape, the changing methods of promoting messages and microtargeted political campaigning. More transparency will be suggested, “clear, persistent banners on all paid-for political adverts and videos, indicating the source and the advertiser”, as well as new transparency metrics for campaigns to declare such activities.

Perhaps a more dangerous area which has finally been addressed is the in-direct campaigning which benefits or detracts from parties and individuals. These are organizations such as Leave.EU, which had no direct link to political bodies but presenting questionable materials to individuals through the hyper-targeted advertising model offered by social media companies. This takes the committee into the nefarious world of foreign influence also.

Finally, the committee is also tasking the Competition Markets Authority (CMA) to conduct an extensive investigation into the power and influence of the social media companies. Again, this means little for the moment, but it could be the first step towards identifying potential ‘monopolies’, providing justification to break up the gathering empires.

This aspect of the report leans on documentation sourced by Six4Three, a tech company which is suing Facebook for in-appropriately influencing the success of its products.

“Given the contents of the Six4Three documents that we have published, it should also investigate whether Facebook specifically has been involved in any anti-competitive practices and conduct a review of Facebook’s business practices towards other developers, to decide whether Facebook is unfairly using its dominant market position in social media to decide which businesses should succeed or fail,” the report states.

The content of this report should not be dismissed as busywork for boresome bureaucrats but a direct threat to the success of Silicon Valley. The internet companies should be very worried about the content of this report, the conclusions these politicians have drawn and the potential implications of any recommendations. This is a political hot point right now, and we suspect there is enough ill-feeling towards the internet players to take these suggestions forward.

Facebook is the company which is constantly attracting the headlines, but this company is just one of many. The mentality has spread throughout the digital ecosystem, but Facebook is the scape goat. Unfortunately for all those involved, Facebook CEO Mark Zuckerberg has continued to antagonise politicians by refusing to show up to briefings, compounding the problem and rallying political enemies towards a single cause.

Although these recommendations are only the first steps into the complicated world of regulation, there is potential for significant disruption. With GDPR bubbling away in the background, and further privacy regulations in the pipeline, the basic business model of the internet giants is being challenged here. This document could be a defining factor in the future of the digital economy.

California data dividend sounds nice but shows digital economy ignorance

The State of California might be making friends in Silicon Valley with its defence of net neutrality rules, but in proposing a ‘data dividend’ on the digital economy, these kinships might turn sour very quickly.

In his ‘State of the State’ speech this week, California Governor Gavin Newsom proposed a new ‘data dividend’ which would see internet players who monetise user’s personal information have to pay those users for the privilege, according to CNBC. This might sound like a lovely idea to share the wealth, but you can guarantee Silicon Valley is going to throw a temper tantrum about this.

“California’s consumers should also be able to share in the wealth that is created from their data,” said Newsom.

Aside from the revolt from the likes of Google and Facebook which is bound to be on the horizon, Newsom has joined the long list of politicians who are demonstrating they don’t understand how the digital economy functions. Social media platforms or video hosting websites are offered for free to the consumer because data is taken as payment. The value exchange is a free service for the permission to monetise personal data.

While this might sound like an excellent way for Newsom to score political points with the voters of California, you have to wonder how the internet players are going to react. There will of course be intense lobbying, but should the proposal make it into the rulebook, will services continue to be offered for free? Perhaps the internet players will replace lost revenues created by the digital dividend with a paywall?

Some politicians appear to be very anti-profit when it comes to the internet players, seemingly believing platforms like Facebook and Twitter are a public service not private corporations with shareholders to keep happy. These are companies which should of course be held accountable when it comes to data privacy and protection standards, but the value exchange in the digital economy has been accepted as a business model which benefits both sides of the equation.

This is not the first time such an idea has been aired, though rarely has it floated out of such senior political offices. The profits which flow into Silicon Valley are being attacked from numerous sides currently, but you also have to ask what others impacts there will be on the development of the digital economy.

One of the reasons the technology industry has been advancing so quickly in recent years is the aggressive investments which have been made in R&D by Silicon Valley. The likes of Amazon and Google are certainly not shy about searching for the next big idea, fully embracing the concept of fail-fast, but the confidence in these investments exists partly because of the commercial successes of the core business models. Sustained erosion of these revenue channels might well result in smaller R&D operations.

Not only will this slow down improvements to customer experience, it could also place speed bumps in-front of momentum. The US technology industry is advancing very quickly, with some truly wonderful and ludicrous ideas being explored (See Google’s Loon), but this progress could stutter when you attack the ways these companies make money.

The battle between Silicon Valley and rule makers is raging for several reasons. The internet companies have been caught with their pants down in the data protection and privacy realms, though their resistance to collaboration is antagonising politicians. Silicon Valley is desperately trying to side-road and resist any new rules to govern the digital economy, as any major corporation would, but these rules are of course critical for positive societal development. The more Silicon Valley resists, the more aggressive proposals will be put forward.

We strongly agree with the calls to increase regulation on the digital economy, but you have to pick your battles. What would be the benefit to the user with these rules? A couple of dollars a year, nothing which will turn heads, but what will be the consequences?

Hold the internet players to more stringent data protection rules. Enforce more consent regulations. Ensure these companies pay fair and reasonable tax. But destroying a generally accepted way to make money will probably not end well. We suspect this might be a net loss in the long-run.

Germany has a swing at Facebook advertising platform

German regulator Bundeskartellamt has made a fresh attempt to curb the powers of the internet giants, this time targeting the data processing capabilities of Facebook.

The case built by Bundeskartellamt is based on what it has deemed market abuses by the dominant social media player in Germany. With Google+ shutting down, the regulator believes Facebook has a dominant position in the market, though it has not effectively informed users about the process of combing third-party data sets with information taken from the core Facebook platform to improve the detail of user profiles for advertising purposes.

This has been deemed inappropriate and Facebook has been ordered to shut down the process. This is not the first time this practise has been criticised by the regulator, but this is the first concrete ruling to for Facebook to desist.

“With regard to Facebook’s future data processing policy, we are carrying out what can be seen as an internal divestiture of Facebook’s data,” said Andreas Mundt, President of the Bundeskartellamt. “In future, Facebook will no longer be allowed to force its users to agree to the practically unrestricted collection and assigning of non-Facebook data to their Facebook user accounts.

“In future, consumers can prevent Facebook from unrestrictedly collecting and using their data. The previous practice of combining all data in a Facebook user account, practically without any restriction, will now be subject to the voluntary consent given by the users. If users do not consent, Facebook may not exclude them from its services and must refrain from collecting and merging data from different sources.”

Facebook has already stated it will appeal the decision with the Düsseldorf Higher Regional Court, though this should come as little surprise considering the attack on the foundations of the social media giants business model. The reason companies like Facebook and Google have been so successful in the early days of the data-sharing economy is because of the accuracy of advertising. This ruling could have a notable impact.

Not only does Facebook collect information about you from its core platform, but by supplementing this picture with more detail from third-party sources, a hyper-targeted advertising platform can be created. It’s seemingly one of the reasons advertisers have stuck by Facebook despite numerous scandals over the last couple of years; there are very few other platforms or businesses which can offer advertising services on par.

Although it is now common knowledge platforms such as Facebook sell ‘you’ to advertisers to fuel the spreadsheets, Bundeskartellamt believes the firm should obtain consent from the user should it want to use additional information to create a more detailed user profile. This data could be taken from sister platforms such as Instagram or WhatsApp, or third-party websites and applications which have ‘like’ or ‘share’ buttons embedded.

“By combining data from its own website, company-owned services and the analysis of third-party websites, Facebook obtains very detailed profiles of its users and knows what they are doing online,” said Mundt.

The practise becomes a bit more nefarious however. Even if there is no Facebook symbols or embedded buttons on the page or application a user is viewing, data might still be flowing back to the social media giant. This is not what anyone would consider transparent and should be addressed in all markets, not just Germany.

Overall, the Bundeskartellamt believes Facebook is abusing its dominant market position to the detriment of the other side of the equation, the user. While this will be escalated to higher courts, should the regulator win favour from the judges Facebook would have to obtain consent from every single one of its 32 million German users. It certainly will be able to obtain consent from many, but it would be a dent to the increasing under-fire advertising machine.

This is of course not the first time Germany has taken a run up at the internet giants. Germany has consistently been one of the leading nations attempting to tackle the power and influence of the internet players, creating a more tightknit regulatory framework which you would naturally expect in business. However, the social giants and their slippery lawyers are doing their best to resist.

Back in 2016, Facebook was told to stop collecting WhatsApp data from users and delete all the information it has already collected, due to the fact proper consent had not been obtained. It has also been investigating whether the Google+ data breach during the latter months of 2018 violates GDPR. Germany has also been one of the leading voices in the prolonged battle to ensure the internet giants pay fair and reasonable taxes across the European bloc.

What we are seeing in this case is another example of a regulator cracking down on the freedoms granted to Silicon Valley. For years, the internet players have been sliding between rules designed to parallel industries, exposing the grey and unregulated areas, as rule makers consistently struggle to keep pace with technological progress. There are numerous governments attempting to create more accountability, though it has been an uphill struggle so far.

The next couple of months will certainly be an interesting period in Germany. With judges considering the Facebook appeal, a win for the Bundeskartellamt could at as a springboard to wrap up the OTTs in more red-tape. We hope there is enough wiggle room left to innovate, but the last two years of scandals have shown the dire need to more strictly regulate Silicon Valley.

Privacy International points GDPR finger at Facebook

An investigation from privacy advocacy group Privacy International on the flow of personal information has questioned whether Facebook and its advertisers are violating Europe’s GDPR.

To date there have not been any major challenges using the data privacy regulation. There have of course been numerous violations of user privacy, but as these incidents occurred prior to the implementation of GDPR, the old-version of the rules and punishments were used. This investigation from Privacy International could prove to be a landmark.

The investigation itself questions whether Facebook and the app-developers which use its platform for data collection and user identification is acting responsibly and legally. Using the Facebook Software Development Kit (SDK), data is automatically sent back to the social media giant, irrelevant as to whether consent has been collected, or even if the user has a Facebook book account.

“Facebook routinely tracks users, non-users and logged-out users outside its platform through Facebook Business Tools,” Privacy International states on its website.

“App developers share data with Facebook through the Facebook Software Development Kit (SDK), a set of software development tools that help developers build apps for a specific operating system. Using the free and open source software tool called ‘mitmproxy’, an interactive HTTPS proxy, Privacy International has analysed the data that a number of Android apps transmit to Facebook through the Facebook SDK.”

After testing dozens of different apps, Privacy International claims 61% automatically transfer data to Facebook the moment a user opens the app, while others routinely send Facebook data that is incredibly detailed. Some of these users may be logged out of the platform or might not even have a Facebook account in the first place. Developers tested include travel comparison app Kayak, job search company Indeed and crowd-sourced search service Yelp.

Looking at the Kayak example, not only was information transferred back to Facebook once the app was opened and closed, but also during each stage of the search process. In the example Privacy International gives, the user selected a flight from London Gatwick to Tokyo between December 2 and 5, Narita Airport was then selected, before another search was conducted searching for hotels for two adults in the city. All of this information was sent to Facebook without prompt, despite Kayak claiming, ‘don’t worry, we’ll never share anything without your permission’, when the user signs in.

Alone this information is useful, but not incredibly so. However, when you consider the huge number of apps which will be sending information back to Facebook, an incredibly detailed picture of the user can be built. Using the other apps tested in this investigation, Facebook could also learn or make assumptions about the user’s religion (Muslim Pro), music interests (Shazam), salary and disposable income (Indeed Job Search) and interest in physical activities (MyFitnessPal). All of this information could be used to feed incredibly personalised advertisements to the user.

The big question which remains is whether this could be perceived as a violation of GDPR. Facebook has stated it released an update to the SDK which allowed developers to suspend the automatic data transfers, though this was only for version 4.34 and later. With the Opt-out section (the Google advertising ID) automatically turned off, some might suggest the user is being led as opposed to asked.

Another factor which could work against Facebook is the collection of data on users who do not have Facebook accounts; this is much more suspect. As per GDPR, a company has to have a specific and justified reason to collect personal information. It does appear Facebook is collecting information on users despite having no purpose or valid reason to do so.

With fines for violating GDPR up to 3% of annual turnover, the stakes are very high. This could prove to be one of the first tests of the rules, designed to protect the privacy of the general public, and few will be surprised Facebook is a central character in the story. With the social media giant seemingly antagonising many governments around the world, we suspect there will be a queue forming to have a swing with the sharp GDPR stick.

Facebook back on the ropes with more privacy punches

Facebook faces fresh questions surrounding data privacy, with reports emerging it granted advertising customers access to user’s private messages with friends and family.

This is a company which is not helping itself but is looking increasingly suspect. The data and sharing economy does of course require users to make an exchange in order to receive free services, but the personalised advertising machine created by Facebook is starting to look scary. The detail which is known on users, and the apparent nonchalant approach the firm has to abuse of the platform, is starting to become very worrying.

Now we have one of the most worrying accusations. According to the New York Times, new documents have emerged suggesting Facebook granted permissions to advertisers which seemingly go far beyond the consent granted by users.

Among the accusations, sourced from internal documents, Netflix and Spotify were given the ability to read user’s private messages, while Bing was able to access all information about a user’s connections without specific consent. Amazon was given permission to obtain contact information through indirect connections, and Yahoo was allowed view streams of friends’ posts. The Yahoo partnership can be traced back to this summer, long after Facebook had declared such practises had been ended.

Aside from the NYT investigation, one user has also taken the time to pen her frustrations after realising location controls on the platform made no difference to personalised advertising. Aleksandra Korolova turned off all available location services on Facebook, WhatsApp and Instagram, cleared location details off her profile, removed geo-tagging on photos, but was still receiving personalised ads based on recent movements.

“Reading Facebook’s explanations to advertisers provides insight into how this is done,” said Korolova in a Medium post. “Specifically, Facebook tells advertisers that it learns user locations from the IP address, WiFi and Bluetooth data.”

The illusion of control has been created, though Facebook is finding ways around user consent and loopholes to any commitments it has previously made.

The inability for Facebook to be transparent, clearly telling the user what is going on, is incredible. There are so many examples of this company misleading the general public, governments and regulators, they are becoming difficult to count. This is a toxic company which should not be trusted. We are struggling to believe any statement which the company is now making.

In response, Konstantinos Papamiltiadis, Director of Developer Platforms and Programs, has gone to Facebook’s standard response.

“…we recognize that we’ve needed tighter management over how partners and developers can access information using our APIs,” said Papamiltiadis. “We’re already in the process of reviewing all our APIs and the partners who can access them.”

This seems to be Facebook’s new response to accusations which question whether it has acted ethically or legally; partially accepting responsibility and saying they will do better in the future. This is not a good enough answer anymore. It might have worked the first couple of times, but the repetition from Facebook executives just shows how little the company thinks about the general public. We are just assets to be traded in the pursuit of greater advertising revenues.

Privacy is a small hurdle; the grey expanses of technology regulation are too wide for this to be a problem. Facebook is making a mockery of the general public and the data privacy landscape.

UK Gov pulls back the curtain on Facebook data policies

With pressure mounting against Facebook over the last few months it was only a matter of time before a treasure trove of treachery was unveiled; the UK government has done just that.

Considering the breadth and depth of the information revealed by Damian Collins, a MP and Chair of the Digital, Culture, Media and Sport Committee, and the likelihood this is only scratching the surface, it’ll be some time before we discover the full impact. But, the door has been opened. For Facebook, the PR machine will have to find another gear as this will take some battling.

“As we’ve said many times, Six4Three – creators of the Pikinis app – cherrypicked these documents from years ago as part of a lawsuit to force Facebook to share information on friends of the app’s users,” Facebook said in a statement. “The set of documents, by design, tells only one side of the story and omits important context.”

Facebook is standing by changes made in 2014 which prevented developers seizing personal information of user’s friends, those who had not opted in. This is effectively the saga which kicked off the entire Cambridge Analytica scandal. Facebook argues Six4Three didn’t receive a temporary extension, allowing the app to continue operating while the changes were implemented, and the court case is manufactured revenge.

The Six4Three lawsuit is where Collins and his Committee managed to get their hands on the documents which have been unveiled here. Officials compelled Six4Three CEO Ted Kramer to hand over the documents while on a business trip to London. The documents were obtained as part of a legal discovery process brought about through Six4Three’s lawsuit against Facebook.

The documents are quite damning, suggesting Facebook used user personal information as a commodity, offering the team a useful bargaining chip to secure more attractive contracts, while also nipping any competitive threats before momentum was gathered. For Facebook, this should be considered a nightmare, and it seems investors agree. At the time of writing share price had dropped by 2.7% in overnight trading.

While these reports might not come as a surprise to those who work in the technology space, the general public are unlikely to find these reports very appealing. Facebook crafts an image of itself as a business which wants to help society, though these documents creates a perception of millionaires viewing the user as nothing more than a number, trading away information which doesn’t really belong to them. This idea will not be well-received by the general public.

Looking at the specifics of the documents, apps were invited to use Facebook just as long as it improved the Facebook brand, while some competitors were not allowed to use Facebook tools without the specific sign-off of CEO Mark Zuckerberg himself. One of these examples is Vine, which could be viewed as a means to obstruct rivals. Those who are legally-minded will know this could cause all sorts of problems for the social media giant.

Facebook has clearly recognised this is an issue as well. As part of its statement, Facebook has said it prevented apps which replicate the core functionality of its platform from reaping the full benefits, though it plans to remove this ‘out of date’ policy as soon as possible.

This is of course on concession Facebook is making, though there will have to be a hell of a lot more over the coming months. These documents are damning of the attitudes towards data privacy and also Facebook’s own policies. The lawmakers are sharpening their sticks and it won’t be long before they start taking more accurate aims at a firm which has done little to aid investigations, dodging meaningful questions like perfectly crafted PR ninjas.

One of the biggest recurring themes of the documents is the value which has been placed on data obtained through user’s friends. The idea of linking financial value to the developer’s ability to gain access to friend’s data is one of the key issues being raised by Collins. Some might suggest this goes against repeated statements from Facebook that it was unaware its platform was being abused.

This is the issue. Facebook has continually proclaimed its innocence, accepting criticisms that it should have done more, but ultimately the blame for abuse should be directed elsewhere. These documents suggest the social media giant was not only aware of the abuses but debated and understood the controversial nature. This does appear to be a complete contradiction of the firm’s previous stance.

Another example of this is an update made to changes to its policies on the Android mobile phone system, which enabled the Facebook app to collect a record of calls and texts sent by the user.

Perhaps this suggests a breach of trust during internal meetings and email exchanges, but it also damages the brand credibility of Facebook moving forwards. Facebook is in a hole right now, there’s no doubt about that.

Google faces GDPR complaints over user location tracking

Seven privacy advocacy groups will be reporting Google to their relevant data protection authority, claiming the firm is violating GDPR through location tracking of users.

Forbrukerrådet (Norway), Consumentenbond (The Netherlands), Ekpizo (Greece), dTest (Czech Republic), Zveza Potrošnikov Slovenije (Slovenia), Federacja Konsumentów (Poland) and Sveriges Konsumenter (Sweden) will all file complaints, while vzbv in Germany is considering action for an injunction and the  Transatlantic Consumer Dialogue will bring it to the attention of the Federal Trade Commission. This is of course not the first time Google has faced complaints in the EU over privacy, but the volume here might cause a headache.

The complaint is a simple one. Even if a dataset has been anonymised by Google, detailed information on that users location can make this irrelevant, while in-depth and personal insights can be learned, violating user rights to privacy. For example, if a smartphone is stationary for eight hour consistently, at the same time every night, it would be a fair assumption this is the home address of the person, while learning about what bars they visit could give away the sexual persuasion of the individual.

Not only are these insights which can be used for personalised advertising, but the data can be sold onto other companies to dictate was services are sold to that individual at what price. An insurance company could up premiums for someone who never visits the gym, but this is not personal information which the individual has given permission to be released. Some would argue it is an invasion of privacy, others would suggest it is statistical science and fair game.

One of the complaints being made against Google is the lack of transparency. Yes, Google has made the consumer aware it collects information when the opt-outs are not altered in ‘location history’ settings tabs, though it has not made the user aware this opt-out could be irrelevant. By using other apps and services, Google is collecting the data in any case. Once it is said out loud it should seem obvious, even if you have opted out when you want to use the Maps app, you will have to send Google your location data, but the slight contradiction has the capacity to confuse users. This is not what many would consider complete transparency.

“Google’s practices leave consumers very little choice other than providing their location data, which is then used by the company for a wide range of purposes including targeted advertising,” European privacy group BEUC said in a statement. “BEUC and its members argue that these practices contradict basic principles of the GDPR, such as the lawfulness, transparency and fairness of processing, and infringe on data subject’s rights such as the right to information. In our assessment Google notably lacks a lawful legal ground for processing the location data in question.”

There will of course be investigations over the course of the next couple of months, as we suspect there will be more complaints filed in the near future, though this will be a test of GDPR. As a reminder, the largest fine which the EU can impose is 3% of annual turnover. Google might have been able to swallow previous fines from the EU, but this one will be a bit more difficult to justify.

BBWF 2018: Open data is the key to nailing smart cities

In an entertaining session at Broadband World Forum, a common theme emerged; open data, which is a key component of any successful smart city programme.

The format was an interesting one. Four smart cities were given seven minutes to explain their proposition, and then three minutes to answer questions. Featured were Milan, Athens, Helsinki and Amsterdam, though thanks to your correspondent getting lost on the show floor, the Amsterdam pitch was missed and will not get the attention it deserves. That said, the common theme throughout was open data.

Starting in Milan, data is being used to create a hub of intrigue for start-ups. There isn’t necessarily a focus on segment or vertical, more a top-line ambition to create jobs and value for the economy. As part of the initiative, more than 300 data sets have been made available for citizens and businesses to create new applications and services. Looking at the numbers, the scheme should be deemed a success.

There are currently 1600 start-ups based in the city, out of the total of roughly 8000 across the whole of Italy. 10,000 people are directly employed (or own) start-ups, 80% of which survive the first two years of operation, the most dangerous time for any business. These are certainly promising numbers.

In Helsinki the message is the same. The Mayor has an ambition to create the world’s ‘most functional city’ through digital, with tourism a key factor. Part of this story is opening data up to the community and local businesses to create value.

Finally, over in Athens, open data has been used in a different way. Thanks to financial difficulties in Greece, governments are not trusted. This makes it incredibly difficult to launch new schemes, though by opening up data to the general public and businesses, Konstantinos Champidis, the Chief Digital Officer for Athens, said the team are regaining credibility. The aim here is not only to try and help those citizens create something new, but develop a culture of transparency to regain the trust.

Trust is a key element in these smart cities strategies, as while open data does fuel innovation, the data has to be sourced in the first place. Should citizens not be open to having information about them or their activities collecting and analysed, the whole concept of the data economy runs dry.

We’re sure the presentation from the city of Amsterdam was equally as interesting as the three we saw, but the theme was plainly clear here; open data is a critical component of the smart cities mix.

Connected speakers could refresh smart home euphoria

Enthusiasm for connected devices is on the rise, but it’s taking the buzz away from smart appliances and the smart home category on the whole.

According to research from GfK, products which are geared towards improving connectivity and entertainment are gaining traction in the market, though this is replacing the appetite for smart home appliances which are geared towards efficiency and functionality.

“Take-up of smart home products in the UK continues to rise, with interactive speakers the hot product of the last year,” said Trevor Godman, Divisional Director at GfK. “In contrast however, the level of consumer excitement about smart home as a category has lost momentum somewhat – particularly for smart appliances and smart health products.  As smart home pivots to the mass market, it is essential that manufacturers look at what is holding consumers back and communicate compelling benefits that capture consumers’ imaginations.”

While Godman is taking a rather negative approach to the trends, we do not see it in the same light. The idea of the smart home, and various devices in the kitchen or around the house being connected and programmable is not a new idea. The smart fridge or connected light bulbs have been around for years without stimulating enough momentum for the segment to really take off. A creative spark was needed to engage consumers and offer an attractive proposition, unfortunately, smart energy readers do not offer this. Smart speakers and TVs do however.

For the mass market to embrace new ideas, there needs to be genuine excitement. Being able to switch the light in the living off with your smartphone might be functional and useful occasionally, but the smart speakers capture the imagination of the consumer. These are products consumers would actually want to buy, instead of a central heating system which reacts to the weather outside.

According to the research, the UK smart home market was worth £900 million in 2017, making it the second largest market in Europe. It has also become the fastest growing, increasing by 19% in value from 2016 and 35% by volume. There are now 336 brands offering 3,777 smart home products, while 85% of the UK’s online population now own at least one smart product, and the number owning four or more has grown from 35% last year to 44% this year. The fastest growing segment is smart speakers, though this does seem to be at the expense of other categories.

Manufacturers of smart cookers or connected mirrors might look at these statistics and worry, though GfK suggests consumers who plan to buy a smart device or appliance in the future have their sights set on a wide range of products. The smart home might have failed to deliver over the last couple of years, though the accessibility and entertainment value of smart speakers does seem to open up consumers to new purchases.

The purchase of smart home devices might not be growing across the board, but that isn’t necessarily awful for those who have their eyes on the long-game. Smart speakers are normalising the idea of the connected economy. Once the basic concept has been accepted by the mass market, the opportunity to sell becomes significantly easier as value is more readily realised and accessible.

Philips might preach about the benefits of a smart central heating system, but the frivolous purchases were needed to normalise the segment first. The smartphone ecosystem didn’t explode overnight, there were years of adoption as the touch user interface become second-nature, the same could be said here. Frivolous purchasing is needed before the connected bug can spread throughout the home.