Pakistan has temporarily blocked several social media services in the South Asian nation, according to users and a notice reviewed by TechCrunch.
In an order titled “Complete Blocking of Social Media Platforms,” the Pakistani government ordered Pakistan Telecommunication Authority to block social media platforms including Twitter, Facebook, WhatsApp, YouTube, and Telegram from 11am to 3pm (9.30am GMT) Friday.
The move comes as Pakistan looks to crackdown against a violent terrorist group and prevent troublemakers from disrupting Friday prayers congregations following days of violent protests.
Earlier this week Pakistan banned the Islamist group Tehrik-i-Labaik Pakistan after arresting its leader, which prompted protests, according to local media reports.
An entrepreneur based in Pakistan told TechCrunch that even though the order is supposed to expire at 3pm local time, similar past moves by the government suggests that the disruption will likely last for longer.
Though Pakistan, like its neighbor India, has temporarily cut phone calls access in the nation in the past, this is the first time Islamabad has issued a blanket ban on social media in the country.
Pakistan has explored ways to assume more control over content on digital services operating in the country in recent years. Some activists said the country was taking extreme measures without much explanations.
What kind of national emergency we are dealing with that govt banned entire social media temporarily? These arbitrary decisions of blocking and banning have never done any good instead opened ways to blanket bans.
— Nighat Dad (@nighatdad) April 16, 2021
Are Facebook, Instagram and WhatsApp down for you right now? Us too! And lots and lots of other people too, it seems.
We’re getting reports left and right of outages across the three Facebook properties, with no indication so far as to the cause. It’s all down so hard that Facebook’s own server status page won’t even load to explain what’s up. Some of the respective mobile apps appear to load, but are just loading cached data; refresh or try to pull in a new page, and things probably won’t load correctly.
When Facebook on the web does load, it’s largely throwing the following error message:
This outage comes just a few weeks after one that took out Instagram and WhatsApp in March.
(Update, 3:19 PM: It appears things are coming back online, about an hour after the outage first began.)
Charles, a Berlin-based startup that offers a “conversational-commerce” SaaS for businesses that want to sell on WhatsApp and other chat apps, has raised €6.4 million in funding.
Led by Accel and HV Capital, the seed funding will be used by the company to scale and meet existing demand for its conversational commerce platform.
Launched in 2020 by Artjem Weissbeck and Andreas Tussing after the pair had run a year-long experiment running a store in WhatsApp, Charles enables businesses to sell products and services via WhatsApp and other chat apps in order to “increase conversion rate, customer loyalty and ultimately revenue”.
The SaaS connects chat app APIs, such as WhatsApp and Messenger, with shop and CRM systems, like Shopify, SAP and HubSpot, all delivered through a user-friendly interface. The idea is to make it easier for businesses to meet their customers on the channels they already use and to bridge the gap between sales enquiries and support, and actual conversions.
” ‘Traffic’ and with it ‘conversion’ will exponentially move from the streets (retail) and the browser/native apps into chat apps,” says Weissbeck. “Thereby, conversational commerce will be the third big pillar of commerce, gluing together all channels and unlocking the full potential of personalization via the unique identification of customers via their phone number”.
This transition, argues the Charles founder, creates “tremendous challenges and opportunities” for companies in terms of customer journey design and the tech stack, which to date — Asia, aside — has been predominantly tailored around webshops and e-mail.
“Ultimately our technology provides the operating system for companies to master this challenge,” adds Tussing. “The core of our software integrates chat apps with shop/CRM backends in an intuitive interface that puts the human chat sales agent in the center, supported by chatbots and AI”.
Luca Bocchio, partner at Accel, says that conversational commerce is emerging as a “critical channel for brands,” and is a trend that will reshape the way brands interact with customers. [This is] paving the way for potential new category-defining tools to emerge,” he says, noting that Charles has the potential to be one of those tools.
“When we talk to potential clients it’s mostly existing customer service tools like Zendesk who are starting to add chat apps as an additional channel,” says Weissbeck, when asked to cite direct competitors. “These tools are usually built upon a ‘ticketing’ logic, optimized to solve customer inquiries as quickly as possible and with a clear focus on service cases, not sales”.
In contrast, Weissbeck says Charles is built upon a “feed” logic, showing customer interaction as an ongoing conversation and end-to-end relationship — in the same way as the customer sees it.
“Further we deeply integrate into shop/CRM-backends to make it easy for agents to sell product and create carts or contracts — all in a very design-driven and intuitive interface, that is fun to use for the agent and puts her/him in the center,” says Tussing. “Supported by chatbots, not replaced”.
Meanwhile, the revenue model is simple enough: Businesses pay a monthly base fee to cover Charles’ fixed costs and on top of this the startup earns money on conversions. “We take a small share of the net sales, ensuring we are co-incentivised,” explains Weissbeck.
The pandemic’s remarkable impact on the app industry has not slowed down in 2021. In fact, consumer spending in apps has hit a new record in the first quarter of this year, a new report from App Annie indicates. The firm says consumers in Q1 2021 spent $32 billion on apps across both iOS and Google Play, up 40% year-over-year from Q1 2020. It’s the largest-ever quarter on record, App Annie also notes.
Last year saw both app downloads and consumer spend increase, as people rapidly adopted apps under coronavirus lockdowns — including apps for work, school, shopping, fitness, entertainment, gaming and more. App Annie previously reported a record 218 billion in global downloads and record consumer spend of $143 billion for the year.
Image Credits: App Annie
These trends have continued into 2021, it seems, with mobile consumers spending roughly $9 billion more in Q1 2021 compared with Q1 2020. Although iOS saw larger consumer spend than Android in the quarter — $21 billion vs. $11 billion, respectively — both stores grew by the same percentage, 40%.
But the types of apps driving spending were slightly different from store to store.
On Google Play, Games, Social and Entertainment apps saw the strongest quarter-over-quarter growth in terms of consumer spending, while Games, Photo & Video, and Entertainment apps accounted for the strongest growth on iOS.
By downloads, the categories were different between the stores, as well.
On Google Play, Social, Tools, and Fiance saw the biggest download growth in Q1, while Games, Finance and Social Networking drove download growth for iOS. Also on Google Play, other top categories included Weather (40%) and Dating (35%), while iOS saw Health and Fitness app downloads grow by a notable 25% — likely a perfect storm as New Year’s Resolutions combined with continued stay-at-measures that encouraged users to find new ways to stay fit without going to a gym.
Image Credits: App Annie
The top apps in the quarter remained fairly consistent, however. TikTok beat Facebook, in terms of downloads, and was followed by Instagram, Telegram, WhatsApp and Zoom. But the short-form video app only made it to No. 2 in terms of consumer spend, with YouTube snagging the top spot. Tinder, Disney+, Tencent Video, and others followed. (Netflix has dropped off this chart as it now directs new users to sign up directly, rather than through in-app purchases).
Image Credits: App Annie
Though Facebook’s apps have fallen behind TikTok by downloads, its apps — including Facebook, WhatsApp, Messenger and Instagram — still led the market in terms monthly active users (MAUs) in the quarter. TikTok, meanwhile, ranked No. 8 by this metric.
Up-and-comers in the quarter included privacy-focused messaging app Signal, which saw the strongest growth in the quarter by both downloads and MAUs — a calculation that App Annie calls “breakout apps.” Telegram closely followed, as users bailed from mainstream social after the Capitol riot. Another “breakout” app was MX TakaTak, which is filling the hole in the market for short-form video that resulted from India’s ban of TikTok.
Image Credits: App Annie
Gaming, meanwhile, drove a majority of the quarter’s spending, as usual, accounting for $22 billion of the spend — $13 billion on iOS (up 30% year-over-year) and $9 billion on Android (up 35%). Gamers downloaded about a billion titles per week, up 15% year-over-year from 2020.
Among Us! dropped to No. 2 in the quarter by downloads, replaced by Join Clash 3D, while DOP 2: Delete One Part jumped 308 places to reach No. 3.
Image Credits: App Annie
Roblox led by consumer spend, followed by Genshin Impact, Coin Master, Pokemon Go and others. And although Among Us! dropped on the charts by downloads, it remained No. 1 by monthly active users in the quarter, followed by PUBG Mobile, Candy Crush Saga, Roblox and others.
App Annie notes that the pandemic also accelerated the mobile gaming market, with game downloads outpacing overall downloads by 2.5x in 2020. It predicts that mobile gaming will reach $120 billion in consumer spending this year, or 1.5x all other gaming formats combined.
WhatsApp didn’t immediately respond to a request for comment.
This is a developing story. More to follow…
Instagram and WhatsApp experienced an apparent outage on Friday. It began around 1:40 p.m. ET and lasted for more than half an hour.
WhatsApp was unable to connect to the server, and messages were not being delivered. It’s not clear if the issue also affected Facebook Messenger, which last year rolled out new functionality to allow cross-platform messaging between Facebook, WhatsApp and Instagram.
Instagram was showing a 500 message, suggesting a back-end server error.
Instagram’s error page. (Image: TechCrunch)
WhatsApp unable to connect to the server. (Image: TechCrunch)
WhatsApp has more than two billion users, and Instagram has about one billion users. Facebook’s developer status page did not show any immediate outages.
Facebook spokesperson Leslie Grant said: “Earlier today, a technical issue caused people to have trouble accessing some Facebook services. We resolved this issue for everyone, and we apologize for any inconvenience.” The cause of the outage was not disclosed.
More on TechCrunch:
Updated with comment from Facebook.
Facebook will soon label all posts discussing the coronavirus vaccination with a pointer to official information about COVID-19, it said today.
It also revealed it has implemented some new “temporary” measures aimed at limiting the spread of vaccine misinformation/combating vaccine hesitancy — saying it’s reducing the distribution of content from users that have violated its policies on COVID-19 and vaccine misinformation; or “that have repeatedly shared content debunked as False or Altered by our third-party fact-checking partners”.
It’s also reducing distribution of any COVID-19 or vaccine content that fact-checking partners have rated as “Missing Context”, per the blog post.
While admins for groups with admins or members who have violated its COVID-19 policies will also be required to temporarily approve all posts within their group, it said. (It’s not clear what happens if a group only has one admin and they have violated its policies.)
Facebook will also “further elevate information from authoritative sources when people seek information about COVID-19 or vaccines”, it added.
It’s not clear why users who repeatedly violate Facebook’s COVID-19 policies do not face at least a period of suspension. (We’ve asked the company for clarity on its policies.)
“We’re continuing to expand our efforts to address COVID-19 vaccine misinformation by adding labels to Facebook and Instagram posts that discuss the vaccines,” Facebook said in the Newsroom post today.
“These labels contain credible information about the safety of COVID-19 vaccines from the World Health Organization. For example, we’re adding a label on posts that discuss the safety of COVID-19 vaccines that notes COVID-19 vaccines go through tests for safety and effectiveness before they’re approved.”
The incoming COVID-19 information labels are rolling out globally in English, Spanish, Indonesian, Portuguese, Arabic and French (with additional languages touted “in the coming weeks”), per Facebook.
As well as soon rolling out labels “on all posts generally about COVID-19 vaccines” — pointing users to its COVID-19 Information Center — Facebook said it would add additional “targeted” labels about “COVID-19 vaccine subtopics”. So it sounds like it may respond directly to specific anti-vaxxer misinformation it’s seeing spreading on its platform.
“We will also add an additional screen when someone goes to share a post on Facebook and Instagram with an informational COVID-19 vaccine label. It will provide more information so people have the context they need to make informed decisions about what to share,” Facebook added.
The moves follow revelations that an internal Facebook study of vaccine hesitancy — which was reported on by the Washington Post yesterday after it obtained documents on the large-scale internal research effort — found a small number of US users are responsible for driving most of the content that’s hesitant about getting vaccinated.
“Just 10 out of the 638 population segments [Facebook’s study divided US users into] contained 50 percent of all vaccine hesitancy content on the platform,” the Post reported. “And in the population segment with the most vaccine hesitancy, just 111 users contributed half of all vaccine hesitant content.”
Last week the MIT Technology Review also published a deep-dive article probing Facebook’s approach to interrogating, via an internal ‘Responsible AI’ team, the impacts of AI-fuelled content distribution — which accused the company of prioritizing growth and engagement and neglecting the issue of toxic misinformation (and the individual and societal harms that can flow from algorithmic content choices which amplify lies and hate speech).
In the case of COVID-19, lies being spread about vaccination safety or efficacy present a clear and present danger to public health. And Facebook’s PR machine does appear to have, tardily, recognized the extent of the reputational risk it’s facing if it’s platform is associated with driving vaccine hesitancy.
To wit: Also today it’s announced the launch of a global COVID-19 education drive that it says it hopes will bring 50M people “closer to getting vaccinated”.
“By working closely with national and global health authorities and using our scale to reach people quickly, we’re doing our part to help people get credible information, get vaccinated and come back together safely,” Facebook writes in the Newsroom post that links directly to a Facebook post by founder Mark Zuckerberg also trailing the new measures, including the launch of a tool that will show U.S. Facebook users where they can get vaccinated and provide them with a link to make an appointment.
Facebook said it plans to expand the tool to other countries as global vaccine availability steps up.
Facebook’s vaccine appointment finder tool (Image credits: Facebook)
Facebook has further announced that the COVID-19 information portal it launched in the Facebook app in March last year which points users to “the latest information about the virus from local health ministries and the World Health Organization” is finally being brought to Instagram.
It’s not clear why Facebook hadn’t already launched the portal on Instagram.
But it’s decided to double down on fighting bad speech (related to vaccines) with better speech — saying Instagram users will get new stickers they can add to their Instagram Stories “so people can inspire others to get vaccinated when it becomes available to them”.
In other moves being trailed in Facebook’s crisis PR blitz today it has touted “new data and insights” on vaccine attitudes being made available to public officials via COVID-19 dashboards and maps it was already offering (the data is collected by Facebook’s Data for Good partners for the effort at Carnegie Mellon University and University of Maryland as part of the COVID-19 Symptom Survey).
Albeit, it doesn’t specify what new information is being added there (or why now).
Also today it said it’s “making it easy to track how COVID-19 vaccine information is being spread on social media through CrowdTangle’s COVID-19 Live Displays“.
“Publishers, global aid organizations, journalists and others can access real-time, global streams of vaccine-related posts on Facebook, Instagram and Reddit in 34 languages. CrowdTangle also offers Live Displays for 104 countries and all 50 states in the US to help aid organizations and journalists track posts and trends at a regional level as well,” Facebook added, again without offering any context on why it hadn’t made it easier to use this tool to track vaccine information spread before.
Its blog post also touts “new” partnerships with health authorities and governments on vaccine registration — while trumpeting the ~3BN messages it says have already been sent “by governments, nonprofits and international organizations to citizens through official WhatsApp chatbots on COVID-19”. (As WhatsApp is end-to-end encrypted there is no simple way to quantify how many vaccine misinformation messages have been sent via the same platform.)
Per Facebook, it’s now “working directly with health authorities and governments to get people registered for vaccinations” (such as in the city and province of Buenos Aires, Argentina, which is using WhatsApp as the official channel to send notifications to citizens when it’s their turn to receive the vaccine).
“Since the beginning of the COVID-19 pandemic, we have partnered with ministries of health and health-focused organizations in more than 170 countries by providing free ads, enabling partners to share their own public health guidance on COVID-19 and information about the COVID-19 vaccine,” Facebook’s PR adds in a section of the post which it’s titled “amplifying credible health information and resources from experts”.
Last month, Facebook-owned WhatsApp announced it would delay enforcement of its new privacy terms, following a backlash from confused users which later led to a legal challenge in India and various regulatory investigations. WhatsApp users had misinterpreted the privacy updates as an indication that the app would begin sharing more data — including their private messages — with Facebook. Today, the company is sharing the next steps it’s taking to try to rectify the issue and clarify that’s not the case.
The mishandling of the privacy update on WhatsApp’s part led to widespread confusion and misinformation. In reality, WhatsApp had been sharing some information about its users with Facebook since 2016, following its acquisition by Facebook.
But the backlash is a solid indication of much user trust Facebook has since squandered. People immediately suspected the worst, and millions fled to alternative messaging apps, like Signal and Telegram, as a result.
Following the outcry, WhatsApp attempted to explain that the privacy update was actually focused on optional business features on the app, which allow business to see the content of messages between it and the end user, and give the businesses permission to use that information for its own marketing purposes, including advertising on Facebook. WhatsApp also said it labels conversations with businesses that are using hosting services from Facebook to manage their chats with customers, so users were aware.
Image Credits: WhatsApp
In the weeks since the debacle, WhatsApp says it spent time gathering user feedback and listening to concerns from people in various countries. The company found that users wanted assurance that WhatsApp was not reading their private messages or listening to their conversations, and that their communications were end-to-end encrypted. Users also said they wanted to know that WhatsApp wasn’t keeping logs of who they were messaging or sharing contact lists with Facebook.
These latter concerns seem valid, given that Facebook recently made its messaging systems across Facebook, Messenger and Instagram interoperable. One has to wonder when similar integrations will make their way to WhatsApp.
Today, WhatsApp says it will roll out new communications to users about the privacy update, which follows the Status update it offered back in January aimed at clarifying points of confusion. (See below).
Image Credits: WhatsApp
In a few weeks, WhatsApp will begin to roll out a small, in-app banner that will ask users to re-review the privacy policies — a change the company said users have shown to prefer over the pop-up, full-screen alert it displayed before.
When users click on “to review,” they’ll be shown a deeper summary of the changes, including added details about how WhatsApp works with Facebook. The changes stress that WhatsApp’s update don’t impact the privacy of users’ conversations, and reiterate the information about the optional business features.
Eventually, WhatsApp will begin to remind users to review and accept its updates to keep using WhatsApp. According to its prior announcement, it won’t be enforcing the new policy until May 15.
Image Credits: WhatsApp
Users will still need to be aware that their communications with businesses are not as secure as their private messages. This impacts a growing number of WhatsApp users, 175 million of which now communicate with businesses on the app, WhatsApp said in October.
In today’s blog post about the changes, WhatsApp also took a big swipe at rival messaging apps that used the confusion over the privacy update to draw in WhatsApp’s fleeing users by touting their own app’s privacy.
“We’ve seen some of our competitors try to get away with claiming they can’t see people’s messages – if an app doesn’t offer end-to-end encryption by default that means they can read your messages,” WhatsApp’s blog post read.
This seems to be a comment directed specifically towards Telegram, which often touts its “heavily encrypted” messaging app as more private alternative. But Telegram doesn’t offer end-to-end encryption by default, as apps like WhatsApp and Signal do. It uses “transport layer” encryption that protects the connection from the user to the server, a Wired article citing cybersecurity professionals explained in January. When users want an end-to-end encrypted experience for their one-on-one chats, they can enable the “secret chats” feature instead. (And this feature isn’t even available for group chats.)
In addition, WhatsApp fought back against the characterization that it’s somehow less safe because it has some limited data on users.
“Other apps say they’re better because they know even less information than WhatsApp. We believe people are looking for apps to be both reliable and safe, even if that requires WhatsApp having some limited data,” the post read. “We strive to be thoughtful on the decisions we make and we’ll continue to develop new ways of meeting these responsibilities with less information, not more,” it noted.
A security lapse by a Jamaican government contractor has exposed immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year.
The Jamaican government contracted Amber Group to build the JamCOVID19 website and app, which the government uses to publish daily coronavirus figures and allows residents to self-report their symptoms. The contractor also built the website to pre-approve travel applications to visit the island during the pandemic, a process that requires travelers to upload a negative COVID-19 test result before they board their flight if they come from high-risk countries, including the United States.
But a cloud storage server storing those uploaded documents was left unprotected and without a password, and was publicly spilling out files onto the open web.
Many of the victims whose information was found on the exposed server are Americans.
The data is now secure after TechCrunch contacted Amber Group’s chief executive Dushyant Savadia, who did not comment when reached prior to publication.
The storage server, hosted on Amazon Web Services, was set to public. It’s not known for how long the data was unprotected, but contained more than 70,000 negative COVID-19 lab results, over 425,000 immigration documents authorizing travel to the island — which included the traveler’s name, date of birth and passport numbers — and over 250,000 quarantine orders dating back to June 2020, when Jamaica reopened its borders to visitors after the pandemic’s first wave. The server also contained more than 440,000 images of travelers’ signatures.
Two U.S. travelers whose lab results were among the exposed data told TechCrunch that they uploaded their COVID-19 results through the Visit Jamaica website before their travel. Once lab results are processed, travelers receive a travel authorization that they must present before boarding their flight.
Both of these documents, as well as quarantine orders that require visitors to shelter in place and several passports, were on the exposed storage server.
Travelers who are staying outside Jamaica’s so-called “resilient corridor,” a zone that covers a large portion of the island’s population, are told to install the app built by Amber Group that tracks their location and is tracked by the Ministry of Health to ensure visitors stay within the corridor. The app also requires that travelers record short “check-in” videos with a daily code sent by the government, along with their name and any symptoms.
The server exposed more than 1.1 million of those daily updating check-in videos.
An airport information flyer given to travelers arriving in Jamaica. Travelers may be required to install the JamCOVID19 app to allow the government to monitor their location and to require video check-ins. (Image: Jamaican government)
The server also contained dozens of daily timestamped spreadsheets named “PICA,” likely for the Jamaican passport, immigration and citizenship agency, but these were restricted by access permissions. But the permissions on the storage server were set so that anyone had full control of the files inside, such as allowing them to be downloaded or deleted altogether. (TechCrunch did neither, as doing so would be unlawful.)
Stephen Davidson, a spokesperson for the Jamaican Ministry of Health, did not comment when reached, or say if the government planned to inform travelers of the security lapse.
Savadia founded Amber Group in 2015 and soon launched its vehicle-tracking system, Amber Connect.
According to one report, Amber’s Savadia said the company developed JamCOVID19 “within three days” and made it available to the Jamaican government in large part for free. The contractor is billing other countries, including Grenada and the British Virgin Islands, for similar implementations, and is said to be looking for other government customers outside the Caribbean.
Savadia would not say what measures his company put in place to protect the data of paying governments.
Jamaica has recorded at least 19,300 coronavirus cases on the island to date, and more than 370 deaths.
Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more.
All change in the capital as the Biden administration takes charge, and thankfully without a hitch (or violence) after the attempted insurrection two weeks earlier.
In this week’s Decrypted, we look at the ongoing fallout from the SolarWinds breach and who the incoming president wants to lead the path to recovery. Plus, the news in brief.
The cyberattack against SolarWinds, an ongoing espionage campaign already blamed on Russia, claimed the U.S. Bureau of Labor Statistics as another federal victim this week. The attack also hit cybersecurity company Malwarebytes, the company’s chief executive confirmed. Marcin Kleczynski said in a blog post that attackers gained access to a “limited” number of internal company emails. It was the same attackers as SolarWinds but using a different intrusion route. It’s now the third security company known to have been targeted by the same Russian hackers after a successful intrusion at FireEye and an unsuccessful attempt at CrowdStrike.
Today, I disclosed publicly that @Malwarebytes had been targeted by the same nation state actor that attacked SolarWinds. This attack is much broader than SolarWinds and I expect more companies will come forward soon.
— Marcin Kleczynski (@mkleczynski) January 19, 2021
Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast where we unpack the numbers behind the headlines.
This is Equity
Monday Tuesday, our weekly kickoff that tracks the latest private market news, talks about the coming week, digs into some recent funding rounds and mulls over a larger theme or narrative from the private markets. You can follow the show on Twitter here and myself here — and make sure to check out last week’s two episodes, covering all the news sans e-commerce, and then all the e-commerce news.
We’re here on a Tuesday due to an American holiday, but that short break did not mean that the world’s news volume slowed down in the slightest. Here’s the rundown:
And that’s that for today, we are back in short order on Thursday afternoon!
In an email to WhatsApp head Will Cathcart, the nation’s IT ministry said the upcoming update to the app’s data-sharing policy has raised “grave concerns regarding the implications for the choice and autonomy of Indian citizens… Therefore, you are called upon to withdraw the proposed changes.”
“Such a differential treatment is prejudicial to the interests of Indian users and is viewed with serious concern by the government,” the ministry wrote in the email, a copy of which was obtained by TechCrunch. “The government of India owes a sovereign responsibility to its citizens to ensure that their interests are not compromised and therefore it calls upon WhatsApp to respond to concerns raised in this letter.”
Through an in-app alert earlier this month, WhatsApp had asked users to agree to new terms of conditions that grants the app the consent to share with Facebook some personal data about them, such as their phone number and location. Users were initially provided until February 8 to comply with the new policy if they wished to continue using the service.
“This ‘all-or-nothing’ approach takes away any meaningful choice from Indian users. This approach leverages the social significance of WhatsApp to force users into a bargain, which may infringe on their interests in relation to informational privacy and information security,” the ministry said in the email.
The notification from WhatsApp prompted a lot of confusion — and in some cases, anger and frustration — among its users, many of which have explored alternative messaging apps such as Telegram and Signal in recent weeks.
An advertisement from WhatsApp is seen in a newspaper at a stall in New Delhi on January 13, 2021. (Photo by Sajjad HUSSAIN / AFP) (Photo by SAJJAD HUSSAIN/AFP via Getty Images)WhatsApp, which Facebook bought for $19 billion in 2014, has been sharing some limited information about its users with the social giant since 2016 — and for a period allowed users to opt-out of this. Responding to the backlash last week, the Facebook-owned app, which serves more than 2 billion users worldwide, said it was deferring the enforcement of the planned policy to May 15.
WhatsApp also ran front-page ads on several newspapers in India, where it has amassed over 450 million users, last week to explain the changes and debunk some rumors.
New Delhi also shared disappointment with the timing of this update, which to be fair WhatsApp unveiled last year. The ministry said that it was reviewing the Personal Data Protection Bill, a monumental privacy bill that is meant to oversee how data of users are shared with the world.
“Since the Parliament is seized of the issue, making such a momentous change for Indian users at this time puts the cart before the horse. Since the Personal Data Protection Bill strongly follows the principle of ‘purpose limitation,’ these changes may lead to significant implementational challenges for WhatsApp should the Bill become an Act,” the letter said.
On Tuesday, India’s IT and Law Minister Ravi Shankar Prasad also offered a loud advice to Facebook. “Be it WhatsApp, be it Facebook, be it any digital platform. You are free to do business in India but do it in a manner without impinging upon the rights of Indians who operate there.”
Be it WhatsApp, Facebook or any other digital platform they are free to do business in India but it should be done in a manner without impinging upon the rights of Indians who operate it. The sanctity of personal communications needs to be maintained: @rsprasad at #15IDS pic.twitter.com/p33qynU6Ur
— RSPrasad Office (@OfficeOfRSP) January 19, 2021
A long-running investigation in the European Union focused on the transparency of data-sharing between Facebook and WhatsApp has taken the first major step towards a resolution. Ireland’s Data Protection Commission (DPC) confirmed Saturday it sent a draft decision to fellow EU DPAs towards the back end of last year.
This will trigger a review process of the draft by other DPAs. Majority backing for Facebook’s lead EU data supervisor’s proposed settlement is required under the bloc’s General Data Protection Regulation (GDPR) before a decision can be finalized.
The DPC’s draft WhatsApp decision, which it told us was sent to the other supervisors for review on December 24, is only the second such draft the Irish watchdog has issued to-date in cross-border GDPR cases.
The first case to go through the process was an investigation into a Twitter security breach — which led to the company being issued with a $550,000 fine last month.
The WhatsApp case may look very timely, given the recent backlash over an update to its T&Cs, but it actually dates back to 2018, the year GDPR begun being applied — and relates to WhatsApp Ireland’s compliance with Articles 12-14 of the GDPR (which set out how information must be provided to data subjects whose information is being processed in order that they are able to exercise their rights).
In a statement, the DPC said:
“As you are aware, the DPC has been conducting an investigation into WhatsApp Ireland’s compliance with Articles 12-14 of the GDPR in terms of transparency, including in relation to transparency around what information is shared with Facebook, since 2018. The DPC has provisionally concluded this investigation and we sent a draft decision to our fellow EU Data Protection Authorities on December 24, 2020 (in accordance with Article 60 of the GDPR in order to commence the co-decision-making process) and we are waiting to receive their comments on this draft decision.
“When the process is completed and a final decision issues, it will make clear the standard of transparency to which WhatsApp is expected to adhere as articulated by EU Data Protection Authorities,” it added.
Ireland has additional ongoing GDPR investigations into other aspects of the tech giant’s business, including related to complaints filed back in May 2018 by the EU privacy rights not-for-profit, noyb (over so called ‘forced consent’). In May 2020 the DPC said that separate investigation was at the decision-making phase — but so far it has not confirmed sending a draft decision for review.
It’s also notably that the time between the DPC’s Twitter draft and the final decision being issued — after gaining majority backing from other EU DPAs — was almost seven months.
The Twitter case was relatively straightforward (a data breach) vs the more complex business of assessing ‘transparency’. So a final decision on WhatsApp seems unlikely to come to a swifter resolution. There are clearly substantial differences of opinion between DPAs on how the GDPR should be enforced across the bloc. (In the Twitter case, for example, German DPAs suggested a fine of up to $22M vs Ireland’s initial proposal of a maximum of $300k). Although there is some hope that GDPR enforcement of cross border cases will speed up as DPAs gain experience of the various processes involved in making these co-decisions.
Returning to WhatsApp, the messaging platform has had plenty of problems with transparency in recent weeks — garnering lots of unwelcome attention and concern over the privacy implications of a confusing mandatory update to its T&Cs which has contributed to a major migration of users to alternative chat platforms, such as Signal and Telegram.
The backlash led WhatsApp to announced last week that it was delaying enforcement of the new terms by three months. Last week Italy’s data protection agency also issued a warning over a lack of clarity in the T&Cs — saying it could intervene using an emergency process allowed for by EU law (which would be in addition to the ongoing DPC procedure).
On the WhatsApp T&Cs controversy, the DPC’s deputy commissioner Graham Doyle told us the regulator had received “numerous queries” from confused and concerned stakeholders which he said led it to re-engage with the company. The regulator previously obtained a commitment from WhatsApp that there is “no change to data-sharing practices either in the European Region or the rest of the world”. But it subsequently confirmed it would delay enforcement of the new terms.
“The updates made by WhatsApp last week are about providing clearer, more detailed information to users on how and why they use data. WhatsApp have confirmed to us that there is no change to data-sharing practices either in the European Region or the rest of the world arising from these updates. However, the DPC has received numerous queries from stakeholders who are confused and concerned about these updates,” Doyle said.
“We engaged with WhatsApp on the matter and they confirmed to us that they will delay the date by which people will be asked to review and accept the terms from February 8th to May 15th. In the meantime, WhatsApp will launch information campaigns to provide further clarity about how privacy and security works on the platform. We will continue to engage with WhatsApp on these updates.”
While there’s no doubt Europe’s record of enforcement of its much vaunted data protection laws against tech giants remains a major weak point of the regulation, there are signs that increased user awareness of rights and, more broadly, concern for privacy, is causing a shift in the balance of power in favor of users.
Proper privacy enforcement is still sorely lacking but Facebook being forced to put a T&Cs update on ice for three months — as its business is subject to ongoing regulatory scrutiny — suggests the days of platform giants being able to move fast and break things are firmly on the wain.
Similarly, for example, Facebook recently had to delay the launch of a dating feature in Europe while it consulted with the DPC. It also remains limited in the data it can share between WhatsApp and Facebook because of the existence of the GDPR — so still can’t share data for ad targeting and product enhancement purposes, even under the new terms.
Europe, meanwhile, is coming with ex ante rules for platform giants that will place further obligations on how they can operate with the aim of counteracting abusive behaviors and bolstering competition in digital markets.
India’s answer to WhatsApp has completely moved on from messaging.
Hike Messenger, backed by Tencent, Tiger Global and SoftBank and valued at $1.4 billion in 2016, earlier this month announced that it was shutting down Sticker Chat, its messaging app.
The startup, founded by Kavin Bharti Mittal, this month pivoted to two virtual social apps called Vibe and Rush, said Mittal, who is the son of telecom giant Airtel’s chairman Sunil Bharti Mittal.
In a series of tweets earlier this month, Kavin said that India will never have a homegrown messenger that makes inroads in the world’s second largest market unless it chooses to ban Western companies from operating in the nation. “Global network effects are too strong,” he said. WhatsApp has amassed over 450 million users in India, its biggest market by users.
Mittal described opportunities in building virtual worlds as a “much better approach for today’s world that is unconstrained by cheap, fast data and powerful smartphones.”
In recent years, Hike made bets on stickers and emojis to cater to the younger population in India. In a meeting with TechCrunch in late 2019, Mittal said that the startup was overwhelmed with the engagement stickers on its platform and was working to automate development of personalized stickers.
In a different meeting last year, Mittal showcased emojis that replicated human expressions and a virtual hangout place called HikeLand. Vibe is the rebranded version of HikeLand and the emojis Hike developed will continue to be available to users on both the newer apps, Mittal said earlier this month.
Hike, which has raised more than $260 million to date, had enough runway last year, Mittal said, who hinted that the startup may raise more capital a year later.
Hike also attempted to build its own operating system through acquisition of a startup called Creo. In 2018, Hike launched Total OS that aimed to cater to users with low-cost Android smartphones and slow internet data.
The startup later shut down the project. Mittal told TechCrunch that the arrival of Reliance Jio, which prompted Airtel and Vodafone to lower mobile data tariff on their networks, solved the data issues in the country and Total OS was no longer needed in the market.
As fears over WhatsApp’s privacy policies send millions of users in the West to Signal and Telegram, the two encrypted apps are also seeing a slight user uptick in China, where WeChat has long dominated and the government has a tight grip on online communication.
Following WhatsApp’s pop-up notification reminding users that it shares their data with its parent Facebook, people began fleeing to alternate encrypted platforms. Telegram added 25 million just between January 10-13, the company said on its official Telegram channel, while Signal surged to the top of the App Store and Google Play Store in dozens of countries, TechCrunch learned earlier.
The migration was accelerated when, on January 7, Elon Musk urged his 40 million Twitter followers to install Signal in a tweet that likely stoked more interest in the end-to-end encryption messenger.
The growth of Telegram and Signal in China isn’t nearly as remarkable as their soaring popularity in regions where WhatsApp has been the mainstream chat app, but the uplift is a reminder that WeChat alternatives still exist in China in various capacities.
Signal amassed 9,000 new downloads from the China App Store between January 8 and 12, up 500% from the period between January 3 and 7, according to data from research firm Sensor Tower. Telegram added 17,000 downloads during January 8-12, up 6% from the January 3-7 duration. WhatsApp’s growth stalled, recording 10,000 downloads in both periods.
Sensor Tower estimates that Telegram has seen about 2.7 million total installs on China’s App Store, compared to 458,000 downloads from Signal and 9.5 million times from WhatsApp.
The fact that Telegram, Signal and WhatsApp are accessible in China might come as a surprise to some people. But China’s censorship decisions can be arbitrary and inconsistent. As censorship monitoring site Apple Censorship shows, all major Western messengers are still available on the China App Store.
The situation for Android is trickier. Google services are largely blocked in China and Android users revert to Android app stores operated by local companies like Tencent and Baidu. Neither Telegram nor Signal is available on these third-party Android stores, but users with a tool that can bypass China’s Great Firewall, such as a virtual private network (VPN), can access Google Play and install the encrypted messengers.
The next challenge is actually using these apps. The major chat apps all get slightly different treatment from Beijing’s censorship apparatus. Some, like Signal, work perfectly without the need for a VPN. The catch is to sign up for Signal, a user must activate their account with a phone number, and Chinese phone numbers are tied to people’s real identities. Users have reported that WhatsApp occasionally works in China without a VPN, though it loads very slowly. And Facebook doesn’t work at all without a VPN.
“Some websites and apps can remain untouched until they reach a certain threshold of users at which point the authorities will try to block or disrupt the website or app,” said Charlie Smith, the pseudonymous head of Great Fire, an organization monitoring the Chinese internet that also runs Apple Censorship.
“Perhaps before this mass migration from WhatsApp, Signal did not have that many users in China. That might have changed over the last week in which case the authorities could be pondering restrictions for Signal,” Smith added.
To legally operate in China, companies must store their data within China and submit information to the authorities for security spot-checks, according to a cybersecurity law enacted in 2017. Apple, for instance, partners with a local cloud provider to store the data of its Chinese users.
The requirement raises questions about the type of interaction that Signal, Telegram and other foreign apps have with the Chinese authorities. Signal said it never turned over data to the Hong Kong police and had no data to turn over when concerns grew over Beijing’s heightened controls over the former British colony.
The biggest challenges for apps like Signal in China, according to Smith, will come from Apple, which is constantly under fire by investors and activists for submitting to the Chinese authorities.
In recent years, the American giant has stepped up app crackdown in China, zeroing in on services that grant Chinese users access to unfiltered information, such as VPN providers, RSS feed readers and podcast apps. Apple has also purged tens of thousands of unlicensed games in recent quarters after a years-long delay.
“Apple has a history of preemptively censoring apps that they believe the authorities would want censored,” Smith observed. “If Apple decides to remove Signal in China, either on its own initiative or in direct response to a request from the authorities, then Apple customers in China will be left with no secure messaging options.”
WhatsApp delays enforcement of a controversial privacy change, Apple may get rid of the Touch Bar in future MacBooks and Bumble files to go public. This is your Daily Crunch for January 15, 2021.
The big story: WhatsApp responds to privacy backlash
Earlier this month, WhatsApp sent users a notification asking them to consent to sharing some of their personal data — such as phone number and location — with Facebook (which owns WhatsApp). The alert also said users would have to agree to the terms by February 8 if they wanted to continue using the app.
“No one will have their account suspended or deleted on February 8. We’re also going to do a lot more to clear up the misinformation around how privacy and security works on WhatsApp,” the company said in a post. “We’ll then go to people gradually to review the policy at their own pace before new business options are available on May 15.”
The tech giants
Uber planning to spin out Postmates’ delivery robot arm — Postmates X is seeking investors in its bid to become a separate company.
Apple said to be planning new 14- and 16-inch MacBook Pros with MagSafe and Apple processors — This could be the end for the Touch Bar.
Amazon’s newest product lets companies build their own Alexa assistant for cars, apps and video games — Yes, that means your next car could have two Alexas.
Startups, funding and venture capital
Bumble files to go public — The company plans to list on the Nasdaq stock exchange, using the ticker symbol “BMBL.”
Tracy Chou launches Block Party to combat online harassment and abuse — Currently available for Twitter, Block Party helps people filter out the content they don’t want to see.
Everlywell raises $75M from HealthQuest Capital following its recent $175M Series D round — Everlywell develops at-home testing kits for a range of health concerns, and it added a COVID-19 home collection test kit last year.
Advice and analysis from Extra Crunch
Fifteen steps to fundraising a new VC or private equity fund — Launching is easy; fundraising is harder.
Lessons from Top Hat’s acquisition spree — The acquisition of Fountainhead Press marks Top Hat’s third purchase of a publishing company in the past 12 months.
Twilio CEO Jeff Lawson says wisdom lies with your developers — Takeaways from Lawson’s new book “Ask Your Developer.”
(Extra Crunch is our membership program, which aims to democratize information about startups. You can sign up here.)
Video game spending increased 27% in 2020 — According to the latest figures from NPD, spending on gaming hardware, software and accessories was up 25% in December and 27% for the full year.
DOT evaluated 11 GPS replacements and found only one that worked across use cases — The government wants to create additional redundancy and resiliency in the sector.
The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.