Can the sharing economy survive COVID-19?

For the most of us, the coronavirus pandemic has forced a new way of working, but for some businesses, there could be drastic consequences as societal behaviour and attitudes are shifted.

One segment which should be seriously worried is the sharing economy, a rapidly developing sub-sector of the technology industry which is currently dominated by the likes of Uber and AirBnB. Consumers are certainly less accommodating of the concept of ‘sharing’, perhaps critically undermining this ecosystem.

A big question which needs to be asked is whether the sharing economy can survive COVID-19?

What is the sharing economy?

The sharing economy is an incredibly varied ecosystem, with numerous different business models, usually involving a platform connecting buyers and sellers. Some examples include:

  • Uber and Lyft: Ride-hailing services powered by an app to connect customers and taxi drivers in the local area
  • AirBnB: A platform to connect holiday-goers with informal accommodation, sometimes a spare room in a family home or a flat which is vacant for the weekend
  • JustPark: Residents can sell access to private parking spaces in busy urban areas
  • Zipcar: Short-term car rental entirely powered through an app, with cars left in designated parking spots throughout the city
  • Hubble: Flexible office space on short-term contracts, connecting businesses with landlords and commercial space providers

This is one segment of the platform economy coming to life. None of the companies mentioned above actually own the assets which define their business, but simply act as an intermediary connecting one party to another.

Most importantly, the reason these businesses survive is because of confidence. These powerful and respected brands act as collateral, inspiring trust and confidence in the service provided. Uber, AirBnB or Zipcar is a mark of trust in the service, but success also relies on the idea that people are open to sharing, a concept which will be challenged over the coming months.

What’s the problem?

The original idea of AirBnB was to make use of spare rooms in a random individual’s homes, while Uber is effectively a private taxi company and Zipcar is for short-term rentals, as little as an hour.

In today’s society, where the pandemic rules all, the idea of sharing is a toxic one.

To use Uber, customers would have to trust the driver is healthy and the vehicle had been appropriately disinfected following the exit of the previous customer. If you are to sleep in an AirBnB, some would want the room to have a hospital grade cleaning regime. Zipcar will face even bigger challenges as the underlying concept is that the car exists without the need for employees to be near it.

COVID-19 has forced a change in attitudes for the general public, one which will does not necessarily fit in with the way these companies’ function. Consumers that don’t want to share will not want to spend money with these companies.

What is the risk?

When asking Telecoms.com readers what they thought would happen to the sharing economy, 23% of respondents believed the sub-sector would collapse as people will hate the idea of sharing post-coronavirus. 30% stated it would survive but transformation would be needed and 18% said there would need to be market consolidation.

At the moment, we don’t understand the consequences because it is too early, and Governments have not introduced regulation to prevent a second wave of infections. As the lockdown continues to ease, new standards for cleanliness might make it impossible for these companies to make money, here are two examples:

  1. Transport for London (TfL) suggests taxi drivers should disinfect door handles, window winders, seat belts, card payment devices, the rear of the front seats and other surfaces passengers may have touched between every journey. Uber is a company which loses a lot of money already, but if its drivers become less efficient due to new cleaning standards, how much more money will it lose?
  2. AirBnB has introduced an ‘Enhanced Cleaning Initiative’ for its hosts, but will this be enough to restore confidence, and considering the effort required to ensure potential customers are put at ease, how many hosts will decide it is not worth the effort? Should hosts start disappearing because its not an easy way to make extra cash anymore, can AirBnB survive?

The approach to cleanliness is voluntary for the moment but considering the damage to society and the economy which a second wave of infections could inflict, we would not be surprised to see these rules make official through industry regulation or government legislation.

Is there a ripple effect?

Perhaps.

Behind every one of these industries is a push towards greater automation to improve profitability. The most obvious example is autonomous driving.

Some have said Uber will never be profitable until autonomous vehicles are present on the roads, and it does make sense for this business model. However, the less money it is making, the less it will spend on already very expensive R&D pursuit.

But dents to the ride-hailing and sharing segment go deeper than Uber and Lyft R&D budgets. General Motors, Ford and numerous other car manufacturers are also venturing into this field with a belief that self-driving vehicles and intelligence route planning could be the future of transportation within cities. Should the sharing economy become less attractive to consumers, these manufacturers would also pull back R&D spend.

The sharing economy is not simply about the money which is being made upfront, but also the technological breakthroughs of tomorrow which are being enabled by these companies. Ride-hailing and sharing is a significant usecase for the autonomous vehicles segment, therefore a decline in interest in this area poses a risk for this technology.

Money is going to be needed

Realistically, these are not bad ideas, just ones which are being undermined by a very unique trading environment. However, is highly unlikely all of these emerging businesses will survive.

The champions of this industry, the likes of Uber, AirBnB and Zipcar for example, have investors and links to financing. The industry is likely to go dry over the coming months, thanks to shifting consumer attitudes, it will take cash injections for these businesses to survive and perhaps find alternative revenues streams. This is where the challenge lies for the smaller players.

Some companies do not have the backing of venture capitalists or other financing measures, as they do not have sufficient scale or a unique enough business model. In normal trading conditions they might survive, but under such severe pressure best case scenario is being acquired, worst case is simply going out of business.

This is an industry which will survive. Consumer behaviour might well come back sooner than we think, but the sub-sector might be a lot smaller by that point.

Uber crash reportedly claims 3k jobs and 45 offices

With society under lockdown and consumers becoming increasingly sensitive to enclosed spaces, Uber was always in a precarious position and now it appears the axe is swinging.

Less than complementary financials were released in recent weeks, and now the Wall Street Journal is suggesting 3,000 jobs could be lost at the firm as 45 offices are shut down. Drivers aren’t technically classed as employees, so not included in this figure as the firm attempts to save $1 billion in expenses.

“We’re seeing some signs of a recovery, but it comes off of a deep hole, with limited visibility as to its speed and shape,” CEO Dara Khosrowshahi said in an email to staff.

Uber Eats is one area which is on the rise, though success is no-where near high enough. Losses from reduced taxi operations are hitting the organisation hard; Uber is an incredibly expensive business to run after all.

Looking at the financials from May 7, Uber taxi bookings were down 3% year-on-year for the period running to March 31. By way of comparison, the previous quarter saw taxi bookings increase 20% year-on-year. Although not officially confirmed, bookings for the taxi service in April were allegedly down 80% year-on-year.

“I will not make any claims with absolute certainty regarding our future,” Khosrowshahi said in the memo.

“I will tell you, however, that we are making really, really hard choices now, so that we can say our goodbyes, have as much clarity as we can, move forward, and start to build again with confidence.”

This is perhaps a major turning point not only for Uber as a business, but maybe the overarching sharing economy. This is a segment which promised great things but might struggle in light of a new societal normality.

As little is known about COVID-19 and there are still many questions about how it is transmitted, confidence in public transport and taxis will be impacted. This is the long-term risk which Uber faces; people can’t use taxis today, but will they want to use taxis in the future?

To restore confidence, Uber might have to introduce strict cleaning procedures to prevent any transmission of the disease. This is costly (both in terms of cash and time) and impractical. If Uber is to make money, it needs drivers to be as efficient as possible, minimising the time where the cars are empty.

Looking at the financials of the business currently, Uber Food is playing a much more prominent role.

Financial performance of Uber to March 31 – bookings (US Dollar ($), thousands)
Metric Uber Rides Uber Eats Uber Freight Other
Revenues 13,512 4,374 219 26
Year-on-year 20% 73% 75% >900%
% of total 74.5% 24.1% 1.2% 0.1%

If the Wall Street Journal reports are to be believed, bookings for the taxi service in the second quarter are roughly half of 2019 numbers while Eats is continuing to grow. Considering how expensive it is to run a ride-hailing business (vehicle costs, driver salaries and bonus, fuel, sales and marketing, R&D etc.) Uber was already a loss-making business. This is likely to look apocalyptic when the next financial statement is released, a period which will include the heaviest impacts of COVID-19 lockdowns.

The beacon of hope for the moment at Uber is the food delivery business, though how sustainable this is once societies start to reopen remain to be seen. There will not be an immediate return to how the world worked prior to COVID-19, but the gains some technology firms are experiencing will also be eroded.

This is the question which remains; what will Uber look like in 12 months?

We suspect society will be very slow to return to shared transport services, while the Uber operations might be hit by new regulation on hygiene standards. Fortunately, the team is already playing a part in the food delivery segment, which could be compounded by the completion of a Grubhub acquisition, and the Freight operations could also be expanded.

This is a very important moment for Uber. Unless it reacts very precisely, it could be in a very precarious position in six months.

Jaguar Land Rover takes a rewarding approach to the sharing economy

Jaguar Land Rover is testing out a new rewards scheme that will see drivers rewarded with cryptocurrency for sharing data.

Like many automotive companies around the world, Jaguar Land Rover has seemingly identified the future of the industry lies beyond purchasing a vehicle, and this is certainly an interesting approach. In return for sharing data with Jaguar Land Rover, such as traffic congestion or potholes, drivers will earn cryptocurrency.

“The connected car technologies we are developing will be transformative and truly turn your Jaguar or Land Rover into a third space, in addition to your home or office,” said Russell Vickers, Software Architect at Jaguar Land Rover.

“In the future an autonomous car could drive itself to a charging station, recharge and pay, while its owner could choose to participate in the sharing economy – earning rewards from sharing useful data such as warning other cars of traffic jams.”

Partnering with the IOTA Foundation, to make use of distributed ledger technologies, by sharing relevant driving information with either Jaguar Land Rover or a local authority, cryptocurrency will be deposited into the driver’s smart wallet. These rewards could be used for a variety of different things, such as paying for tolls, parking and electric charging.

The technology is currently being trialled at the new Jaguar Land Rover software engineering base in Shannon, Ireland, forming part of part of Jaguar Land Rover’s Destination Zero strategy which aims to achieve zero emissions, zero accidents and zero congestion. Like many manufacturing companies, Jaguar Land Rover is attempting to carve itself a slice of the increasingly profitable sharing economy.

Instagram’s garden is starting to blossom

Just as Facebook’s core platform is beginning to wilt, Instagram is launching an assault on the shopping market built on the walled garden business model which bloomed in by-gone years.

A few people might have scoffed at Facebook handing over $1 billion for Instagram in 2012, but this acquisition is looking to be a clever bit of business. Facebook’s core social media platform, and the business model which underpins it, might be looking a bit jaded after recent attacks, but Instagram is maturing into a very attractive proposition.

Launched today (March 19), users can now purchase products from certain brands in the Instagram app. The team has been working hard to create a marketplace in Instagram over the last 12-18 months, and while the digital advertising model has been paying off, you get the impression the narcissistic tendencies of the app lend itself well to the online shopping arena, especially when it comes to fashion.

“When you tap to view a product from a brand’s shopping post, you’ll see a ‘Checkout on Instagram’ button on the product page,” the team said in a blog post. “Tap it to select from various options such as size or color, then you’ll proceed to payment without leaving Instagram. You’ll only need to enter your name, email, billing information and shipping address the first time you check out.”

For retailers, this could be a very interesting route to potential customers, both old and new. Instagram has proven to be a very effective tool for brands to engage consumers from a brand marketing perspective, but in terms of direct sales, the risk of navigating to another website comes with shopping carts being abandoned. Through in-app purchases, one purchasing hurdle is removed, simplifying the buying process.

Customer information will be stored with Instagram, and while it has been reported the details will not be pre-populated in other Facebook platforms, it would not surprise us if this is in the pipeline. Instagram will receive payments as a percentage of the total spent in-app, though in Facebook’s typically transparent fashion, the waters have been muddied with the team not revealing how much this percentage is.

This is perhaps another perfect example of Facebook’s ability to create a walled garden and charge third-parties to access the cultivated digital customers.

For years, Instagram has been creating an incredibly user-orientated platform, which is simple but very usable and addictive. The only way for users to access these users, to try and pry open wallets, is to strike a deal with Facebook. Facebook is not monetizing its users directly but charging third-parties entry at the gate. This model worked incredibly well for years, putting Facebook is the dominant and influential position it is in today.

The beauty of this plan is that Facebook/Instagram seems to have struck at the right time. Users are becoming increasingly used to using the app as an online catalogue, geared around window shopping not purchases. Another update launched last year, allows users to click on products which might features in posts or stories to see more information. Taking it one step further is a logical step, as long as its not done too aggressively.

While the raw materials are certainly there, the challenge which Instagram will face is not to over commercialise the platform. This is what happened with Facebook’s core social media platform, the focus was less on engagement and more on advertising revenues, resulting in the new generation ignoring and traditional users spending less time on it. If Instagram has learned from prior mistakes, this could be a very interesting proposition, with plenty of room for growth.

That said, learning from mistakes is one thing but keeping under-pressure executives in-line is another. Slowing growth figures have put the Facebook management team under pressure from investors, while scrutiny placed on the traditional business model in ever-increasing. New regulations to remove some of the freedoms granted in the data-sharing economy put profits under threat, and as with any other publicly traded company, they will have to be replenished somehow.

Recent attempts to carve out new revenue streams, such as Watch or Today In, have seemingly not produced the hoped-for bonanzas. In the case of news app Today In, the team is ironically struggling because Facebook and Google effectively destroyed the commercial viability of so many regional news sources. The ‘locusts are complaining there is no more corn’ one Twitter user commented.

Another development which is worth keeping an eye on is the change in management. After 14 years working for Facebook and Instagram, Chief Product Officer Chris Cox announced he was leaving last week. A replacement has not been announced, but the experience of this individual might give some insight as to how aggressively commercial elements of Instagram will appear.

Despite criticisms which might be directed towards Facebook and Instagram, this looks to be an excellent strategy. The team have been cultivating this audience for some time and seem to have created the perfect conditions for growth… just as long as the team learn from previous mistakes.

Facebook reportedly facing criminal charges over data sharing

Facebook’s day started off with a major outage and, should reports turn out to be true, it is ending with the social media giant facing a criminal investigation from Federal prosecutors.

According to the New York Times, a grand jury in New York has obtained records from two smartphone manufacturers, via subpoena, which will detail the data sharing partnerships in or previously in place with Facebook. Sources has retained anonymity and it is not exactly clear who the subpoenaed parties were, though Facebook did have more than 150 such relationships in place before winding-down over the last couple of years.

Although the investigation has not been officially confirmed, it will come as a surprise to few considering the scrutiny those dominating the data-sharing economy are facing. Over the last few months, there have been numerous attempts to weaken the influence of the internet giants, with some even suggesting legal force to break-up the empires. The internet giants created a cosy position, but this is certainly under threat.

That said, while the scandals over the last 18 months might lead some to presume the practice of selling personal data would be scaled back, there seems to be little evidence of this. A recent Motherboard investigation suggests various US telcos are still reaping the benefits, and in some cases, scaling up the practice.

What is worth noting is the concept of selling personal information is not illegal, as long as the right consent has been obtained from the end user. This is what Facebook, and the third-parties who entered into such arrangements, are facing criticism for today. Accusers suggest proper content was not obtained or done so in such a complicated fashion it should not be considered valid.

The data-sharing economy is gaining validity across the world, but only when the practice is managed in a fair and responsible manner. This is what GDPR and other regulations intend to enforce. The idea is not to stop the practice, but to ensure the companies involved act in a responsible manner, with the user properly informed and in control of the situation. The data-sharing economy can work, and can benefit everyone involved, as long as no single party abuses their position.

The partnerships which are reportedly being investigated here, however, have come under criticism for some time. Privacy campaigners suggest the partnerships violate a 2011 consent agreement between Facebook and the FTC, after allegations the social media giant had shared personal information in a way that deceived users. At one point, there were more than 150 such partnerships in place, though Facebook has been phasing out most of the agreements over the last few years.

Although this is a retrospective investigation into the company, it could potentially contradict statements from CEO Mark Zuckerberg and other executives suggesting the business was being more transparent and managing user data responsibly. Facebook has been making this statement for several years. This case could prove Facebook mislead the world with these claims as well.

There is a general feeling of ‘if’ not ‘when’ here. Politicians, governments and regulators are seemingly scouring the Facebook business for any cracks, allowing them to slap a significant fine and parade the streets with a victory on behalf of consumer privacy. Facebook’s lawyers have done a pretty good job of wriggling so far, but there is a bit of a feeling the dam could burst at any point.

Security is a concern, especially as it can hit bank accounts now

New research from EY suggests British businesses are more concerned than ever about security. Funny that, considering there’s now a whopping fine to worry about.

Security is one of those areas which is constantly discussed but little is done to address. Irrelevant as to how many CEOs tell you its top of the agenda or how many statements start with the phrase ‘our customers security is our number one concern’, it’s an aspect of the technology world which has been swept aside. But not according to this research from EY.

“It’s not surprising that businesses are most concerned with the threat of cyberattacks,” said Adrian Baschnonga, Global Lead Telecommunications Analyst at EY. “The introduction of 5G will help organisations unlock new growth opportunities, but this transition comes at a time when fears regarding data breaches and network security are especially pronounced.”

While you always have to take statements like this with a pinch of salt, it might be right this time. Why? Because if you want to make executives care about something aside from their annual bonuses, you have to fight fire with fire.

Under the General Data Protection Regulations (GDPR) brought into play last May, any company which is found to have inadequately protected customer or employee data are subject to fines of 3% of annual turnover or €20 million. GDPR fines are proportionate to the risk posed by a breach, allowing flexibility for regulators to tackle the problem, but it certainly seems to have caught some attention.

According to professional services firm RPC, in the 12 months prior to September 30 2018 (the period in which GDPR was introduced) the Information Commissioners Office issued fines totalling just over £5 million, a 24% increase on the previous period of 12 months. Considering the ICO only had a couple of months to swing the GDPR stick at offenders, it would be fair to assume the watchdog is fully embracing the new powers offered to it.

This also seems to have hit home with those investing in new technologies. 40% of respondents to EY’s survey are worried about 5G and cyberattacks, while 37% saw IoT as a risk. These numbers aren’t particularly high, but they are the biggest concerns.

Another factor to consider is the consumer. While many will have been blind to the risk of data breaches in by-gone years, this does not seem to be the case anymore. Recent Lloyd’s research claims 44% of UK consumers believe there is a risk to personal safety in the sharing economy, perhaps indicating they would be hard-pushed to share data. If enterprise organizations are going to benefit from the data boom, they’ll have to convince customers that their personal information will be safe.

Whether this translates to appropriate security investments remains to be seen, as there seems to be a lack of ownership over security overall. Enterprise organizations are looking to suppliers for security to be built into products, while it is perfectly reasonable for suppliers to ask enterprise organizations to do more. Security should be built into products, but if an individual buys a front door, the manufacturer cannot be blamed when it is left open or an inadequate lock is used.

More often than not the carrot is used to incentivise business, but it seems the GDPR stick is an effective tool in bringing security to the front of executive’s minds. Hopefully now there will be less pandering for PR headlines and more affirmative action.

Google challenges France’s first swing of the GDPR stick

Google has stated it will appeal the French regulator’s decision to dish out a €50 million fine for not being forthright enough with how it collects, stores and processes user’s personal data.

For Google, this is not about the money. €50 million for Google is nothing. This is a company which generated $33.7 billion over the final quarter of 2018. It would take a matter of minutes for the team to pay off this fine. However, should this ruling be allowed to stand Google would have to alter its business model, as would the rest of the data-sharing economy, causing a very unwelcomed, and potentially costly, disruption.

“The 50 million euro fine issued by the CNIL on 21 January 2019 significantly impacts Google as it directly challenges its business model based on the processing of personal data,” said Sonia Cissé, Head of TMT Practice of law firm Linklaters in Paris.

“Considering the seriousness of the CNIL’s findings and the broad publicity of this case, a potential appeal by Google is no surprise and makes perfect sense from a legal-strategy perspective.”

On Monday, France’s National Data Protection Commission (CNIL) dished out the fine for two violations of Europe’s General Data Protection Regulation (GDPR). Firstly, the search giant was not specific enough when requesting consent from users. Secondly, for users who wanted to dig deeper into the Google data practices, the company made it unnecessarily difficult to see the entire picture. Google was being too vague and not accessible enough.

“Users are not able to fully understand the extent of the processing operations carried out by Google,” the CNIL said in a statement.

This is the first time a regulator has used GDPR to hold one of the internet giants accountable, but there are plenty of other cases in the pipeline. Google is of course not the only target, as various different privacy advocates across the bloc lodge their complaints against the likes of Spotify, Amazon and Apple, just to name a few others.

In appealing this case, Google is making itself the tip of the spear for the entire internet ecosystem. There will be multiple appeals against the various rulings over the coming months because of how important precedent in this saga. If Google was to just let this ruling stand, it is effectively validating its opinion potentially undermining its own business model. If similar ruling start to appear across the continent the disruption to the data-sharing economy would be massive.

“In all likelihood, Google will challenge the CNIL’s decision on two main grounds: (i) procedural aspects (i.e., the competence of the CNIL); and (ii) the content of the case (i.e., challenging the facts),” said Cissé.

“Should Google be able to demonstrate that Google Ireland Limited was its main establishment in the European Union (EU) at the time of the CNIL’s investigations, then the competence of the CNIL could be validly challenged.

“Second, the content of the decision is another ground for action, and it will be up to the French administrative judges to determine, in light of the circumstances at stake, whether the transparency requirements under GDPR were met or not.”

GDPR is an incredibly complicated set of rules mainly because there are so many different definitions and clauses, but also certain exemptions. In most cases, companies would have to obtain consent from users to use data for explicit purposes, retaining the data only until these purposes have been satisfied. However, companies do not have to obtain consent when it is necessary to comply with another law, or there are ‘legitimate interests’. It paints a complicated picture.

Of course, for those who are more privacy sensitive, such rules and grey areas are a bounty of riches. The rules have created amble opportunity to challenge the internet giants’ business models, as well as the influence they have over the world. One of those is privacy campaigner Max Schrems.

“We are very pleased that for the first time a European data protection authority is using the possibilities of GDPR to punish clear violations of the law,” Schrems said following the CNIL ruling.

“Following the introduction of GDPR, we have found that large corporations such as Google simply ‘interpret the law differently’ and have often only superficially adapted their products. It is important that the authorities make it clear that simply claiming to be compliant is not enough.”

Schrems’ firm, None of Your Business (NYOB), has filed several complaints against other internet businesses on the grounds of accessibility. Those who will come under the scrutiny of Austrian courts include Apple, DAZN, Filmmit, Netflix and Amazon. More specifically, these complaints suggest the companies violated GDPR’s ‘right to access’, enshrined in Article 15 GDPR and Article 8(2) of the Chart of Fundamental Rights.

All of these cases will dictate how the internet economy will function over the coming years, but this battle between the CNIL and Google could prove to be a critical one, such is the power of precedent in the legal world.

“In a nutshell, it is highly difficult to identify certainties regarding the outcome of Google’s appeal,” said Cissé.

“Since data protection is a field of law particularly subject to interpretation and grey areas, one cannot exclude the possibility that Google could be successful in appealing the CNIL’s decision before the French Administrative Supreme Court. In any event, the ruling of the French administrative judges will be closely monitored by all the tech companies.”

Cybersecurity investments on the up but not sustainable – study

Research from Strategic Cyber Ventures points to an increased appetite for cyber security investments, but the euphoria sweeping the segment forward is not sustainable.

On numerous occasions we have commented security is the ugly duckling of the technology world. It is critical to ensure the industry, and digital society on the whole, functions appropriately, though more often than not it is ignored. There will be numerous reasons for this, perhaps because security is a thankless and often impossible task, but the data suggests 2018 might have been a watershed year.

Not only did 2018 see $5.3 billion in global venture capital funding, 81% more than 2016, M&A activity increased as did private equity investments. On the M&A side of things, Cisco made a bang with a $2.4 billion acquisition of Duo Security, while Blackberry acquired Cylance for $1.4 billion. These are two of the larger deals, though there was increased activity in the segment across the period.

In terms of private equity, Barracuda Networks was acquired for $1.6 billion by Thoma Bravo, Bomgar by Francisco Partners for $739 million, while Blackrock spent $400 million on Cofense. Elsewhere in the more complicated financial world, Skyhigh Networks acquired McAfee with assistance from its financial sponsors Thoma Bravo and TPG Capital.

Cybersecurity one

Overall, the trends for the security segments are heading in the right direction. Perhaps now this is an area which will be taken more seriously by the industry, with adequate investments heading into security department.

That said, Strategic Cyber Ventures has warned the trends from a funding perspective are not exactly the most favourable. The amount of cash being invested is increasing, though it does not appear the rewards are reflecting this. Some of these companies have raised funds through big rounds, but growth has slowed, perhaps due to vendor fatigue or increased competition. The risk here is firms cannot raise additional funds at increased valuations from prior rounds, meaning they will have to lean on existing investors. Eventually these parties will grow tired of keeping them alive for minimal rewards.

The issue here is the need and hype around security. Its critical to secure the expanding perimeter of the digital economy, creating the need for the segment, while executives constantly talk about security being a number one priority of firms, creating the hype. This would seem to be the perfect recipe for investment in security companies and start-ups. However, the segment hasn’t taken off, perhaps due to the preference of customers investing in technologies which will make the company money as opposed to more secure?

This is maybe the most accurate assumption on why the security segment has faltered continuously over the years. Companies have limited spending power with executives choosing to invest in areas which will make the company more profitable, such is the pressure from investors and shareholders. However, consumer attitudes might be changing.

While many would have ignored the security risks of the digital economy in years gone, today’s consumer is more educated. Privacy scandals have demonstrated the power of data forcing the consumer to consider security more critically. This might have an impact on future buying decisions.

According to research by Onbuy.com 60% of US and 44% of UK consumers believe there is a risk to personal safety in the sharing economy, while 58% of all the respondents believed the risks outweigh the benefits in the sharing economy. Such attitudes will force companies to consider their security credentials as there is now a direct link back to the bottom line.

What this means for VC funding and investments from around the ecosystem remains to be seen, though the tides are turning in favour of the security segment. As Strategic Cyber Ventures notes, the current levels of investment are unsustainable, but there certainly are rewards.

Privacy International points GDPR finger at Facebook

An investigation from privacy advocacy group Privacy International on the flow of personal information has questioned whether Facebook and its advertisers are violating Europe’s GDPR.

To date there have not been any major challenges using the data privacy regulation. There have of course been numerous violations of user privacy, but as these incidents occurred prior to the implementation of GDPR, the old-version of the rules and punishments were used. This investigation from Privacy International could prove to be a landmark.

The investigation itself questions whether Facebook and the app-developers which use its platform for data collection and user identification is acting responsibly and legally. Using the Facebook Software Development Kit (SDK), data is automatically sent back to the social media giant, irrelevant as to whether consent has been collected, or even if the user has a Facebook book account.

“Facebook routinely tracks users, non-users and logged-out users outside its platform through Facebook Business Tools,” Privacy International states on its website.

“App developers share data with Facebook through the Facebook Software Development Kit (SDK), a set of software development tools that help developers build apps for a specific operating system. Using the free and open source software tool called ‘mitmproxy’, an interactive HTTPS proxy, Privacy International has analysed the data that a number of Android apps transmit to Facebook through the Facebook SDK.”

After testing dozens of different apps, Privacy International claims 61% automatically transfer data to Facebook the moment a user opens the app, while others routinely send Facebook data that is incredibly detailed. Some of these users may be logged out of the platform or might not even have a Facebook account in the first place. Developers tested include travel comparison app Kayak, job search company Indeed and crowd-sourced search service Yelp.

Looking at the Kayak example, not only was information transferred back to Facebook once the app was opened and closed, but also during each stage of the search process. In the example Privacy International gives, the user selected a flight from London Gatwick to Tokyo between December 2 and 5, Narita Airport was then selected, before another search was conducted searching for hotels for two adults in the city. All of this information was sent to Facebook without prompt, despite Kayak claiming, ‘don’t worry, we’ll never share anything without your permission’, when the user signs in.

Alone this information is useful, but not incredibly so. However, when you consider the huge number of apps which will be sending information back to Facebook, an incredibly detailed picture of the user can be built. Using the other apps tested in this investigation, Facebook could also learn or make assumptions about the user’s religion (Muslim Pro), music interests (Shazam), salary and disposable income (Indeed Job Search) and interest in physical activities (MyFitnessPal). All of this information could be used to feed incredibly personalised advertisements to the user.

The big question which remains is whether this could be perceived as a violation of GDPR. Facebook has stated it released an update to the SDK which allowed developers to suspend the automatic data transfers, though this was only for version 4.34 and later. With the Opt-out section (the Google advertising ID) automatically turned off, some might suggest the user is being led as opposed to asked.

Another factor which could work against Facebook is the collection of data on users who do not have Facebook accounts; this is much more suspect. As per GDPR, a company has to have a specific and justified reason to collect personal information. It does appear Facebook is collecting information on users despite having no purpose or valid reason to do so.

With fines for violating GDPR up to 3% of annual turnover, the stakes are very high. This could prove to be one of the first tests of the rules, designed to protect the privacy of the general public, and few will be surprised Facebook is a central character in the story. With the social media giant seemingly antagonising many governments around the world, we suspect there will be a queue forming to have a swing with the sharp GDPR stick.

A ticket to ride is just a Whim away

The subscription based mobile app Whim aims to replace car ownership. It is getting closer to that aim but is not quite there yet.

The app, and the Finnish startup behind it, MaaS Global (standing for “Mobility as a Service”), drew broader attention outside of Finland when Whim won the European Startup Prize for Mobility earlier this year. The concept is to consolidate journey planner, ride booking, and payment of customers’ travels on public transport (bus, metro, tram, and local train), bike hire, car sharing, car rental, and taxi rides, all to one mobile app. When the user selects the starting and ending points and the time of travel, the app will plan the optimum trip combining all means of transport available.

It offers subscribers different payment options. Cautious users may choose the pay per ride option, to test out the app. In Helsinki, a basic tier of €49 per month will give users unlimited access to all local public transport, plus bike hires, at a price level slightly lower than the official monthly travel card (€54.70, without access to bike hires). The user then can choose “pay-as-you-go” if she needs to add taxi rides and other services. An all-inclusive package of €499 will also cover a certain mileage of taxi ride, car rental, and car sharing.

Helsinki set itself a target to rid all cars from the city centre by 2050. Whim is moving in the right direction. In monetary terms, the €499 monthly package is already more economical than the total cost of owning a car, to consider the annual depreciation, insurance, tax, parking, fuel, maintenance, and, unique to countries in the far north, winter and summer tyres. Helsinki also has an advantage to make the app more useful: the buses almost always run on time, to the minute. This will become less of a concern for busier cities with more traffic when connected vehicles supported by IoT come to the streets, especially when 5G becomes more available.

MaaS Global has raised funds from private investors, the biggest being Toyota and the Japanese insurance company Aioi Nissay Dowa, which combined have invested over €10 million. Whim is now operational in Finland’s capital area, the four-city cluster including Helsinki, and has recently expanded to Birmingham, the UK’s second largest city. More cities on its map or been explored include Seoul, Toronto, Antwerp, Vienna, Amsterdam, Vancouver, Miami, etc.

However if a consumer should make the decision to sell his car and sign on services like Whim, monetary savings would not be his only consideration. He should not make too much sacrifice in convenience owning a car would have brought him. It is on this point that Whim still falls short, largely due to two main factors.

One is temporary and easier to fix. Helsinki’s bike-sharing is still dock-based. They will not be easily integrated into Whim planning if there is not a station near a user or along the route she is travelling. Introduction of dockless bikes will alleviate this problem, like the one we have seen in Manchester, supplied by the Chinese venture Mobike.

The other is generic and more difficult to fix: the availability of transport at the right place at the right time. Just imagine 20,000 people coming out of a concert at the O2 Arena after midnight, and the tube has stopped. Hardly any car-sharing apps could help take these people home quick enough.

There are also special cases when owning a car would be easier. For example a group of friends decide to transport their bicycles to the countryside for a ride. They would need a couple of cars fixed with the gear to transport bikes to be available at a specific location at a specific time.

The app, and the concept, is clearly running on consumer trend to move from ownership to access, as demonstrated in streaming music and video overtaking download and disc purchase. But, as was commented in a feature done recently by the BBC’s technology reporter Dave Lee, when subscriptions become the essence of being, we would be left with nothing if we could no longer afford the subscription, or the service we subscribe to ceases to operate. It is the psychological hesitation that may prevent us from giving up ownership entirely, cars or something else.