Connect with us

Biz & IT

Ahead of third antitrust ruling, Google announces fresh tweaks to Android in Europe

Published

on

Google is widely expected to be handed a third antitrust fine in Europe this week, with reports suggesting the European Commission’s decision in its long-running investigation of AdSense could land later today.

Right on cue the search giant has PRed another Android product tweak — which it bills as “supporting choice and competition in Europe”.

In the coming months Google says it will start prompting users of existing and new Android devices in Europe to ask which browser and search apps they would like to use.

This follows licensing changes for Android in Europe which Google announced last fall, following the Commission’s $5BN antitrust fine for anti-competitive behavior related to how it operates the dominant smartphone OS.

tl;dr competition regulation can shift policy and product.

Albeit, the devil will be in the detail of Google’s self-imposed ‘remedy’ for Android browser and search apps.

Which means how exactly the user is prompted will be key — given tech giants are well-versed in the manipulative arts of dark pattern design, enabling them to create ‘consent’ flows that deliver their desired outcome.

A ‘choice’ designed in such a way — based on wording, button/text size and color, timing of prompt and so on — to promote Google’s preferred browser and search app choice by subtly encouraging Android users to stick with its default apps may not actually end up being much of a ‘choice’.

According to Reuters the prompt will surface to Android users via the Play Store. (Though the version of Google’s blog post we read did not include that detail.)

Using the Play Store for the prompt would require an Android device to have Google’s app store pre-loaded — and licensing tweaks made to the OS in Europe last year were supposedly intended to enable OEMs to choose to unbundle Google apps from Android forks. Ergo making only the Play Store the route for enabling choice would be rather contradictory. (As well as spotlighting Google’s continued grip on Android.)

Add to that Google has the advantage of massive brand dominance here, thanks to its kingpin position in search, browsers and smartphone platforms.

So again the consumer decision is weighted in its favor. Or, to put it another way: ‘This is Google; it can afford to offer a ‘choice’.’

In its blog post getting out ahead of the Commission’s looming AdSense ruling, Google’s SVP of global affairs, Kent Walker, writes that the company has been “listening carefully to the feedback we’re getting” vis-a-vis competition.

Though the search giant is actually appealing both antitrust decisions. (The other being a $2.7BN fine it got slapped with two years ago for promoting its own shopping comparison service and demoting rivals’.)

“After the Commission’s July 2018 decision, we changed the licensing model for the Google apps we build for use on Android phones, creating new, separate licenses for Google Play, the Google Chrome browser, and for Google Search,” Walker continues. “In doing so, we maintained the freedom for phone makers to install any alternative app alongside a Google app.”

Other opinions are available on those changes too.

Such as French pro-privacy Google search rival Qwant, which last year told us how those licensing changes still make it essentially impossible for smartphone makers to profit off of devices that don’t bake in Google apps by default. (More recently Qwant’s founder condensed the situation to “it’s a joke“.)

Qwant and another European startup Jolla, which leads development of an Android alternative smartphone platform called Sailfish — and is also a competition complainant against Google in Europe — want regulators to step in and do more.

The Commission has said it is closely monitoring changes made by Google to determine whether or not the company has complied with its orders to stop anti-competitive behavior.

So the jury is still out on whether any of its tweaks sum to compliance. (Google says so but that’s as you’d expect — and certainly doesn’t mean the Commission will agree.)

In its Android decision last summer the Commission judged that Google’s practices harmed competition and “further innovation” in the wider mobile space, i.e. beyond Internet search — because it prevented other mobile browsers from competing effectively with its pre-installed Chrome browser.

So browser choice is a key component here. And ‘effective competition’ is the bar Google’s homebrew ‘remedies’ will have to meet.

Still, the company will be hoping its latest Android tweaks steer off further Commission antitrust action. Or at least generate more fuzz and fuel for its long-game legal appeal.

Current EU competition commissioner, Margrethe Vestager, has flagged for years that the division is also fielding complaints about other Google products, including travel search, image search and maps. Which suggests Google could face fresh antitrust investigations in future, even as the last of the first batch is about to wrap up.

The FT reports that Android users in the European economic area last week started seeing links to rival websites appearing above Google’s answer box for searches for products, jobs or businesses — with the rival links appearing above paid results links to Google’s own services.

The newspaper points out that tweak is similar to a change promoted by Google in 2013, when it was trying to resolve EU antitrust concerns under the prior commissioner, Joaquín Almunia.

However rivals at the time complained the tweak was insufficient. The Commission subsequently agreed — and under Vestager’s tenure went on to hit Google with antitrust fines.

Walker doesn’t mention these any of additional antitrust complaints swirling around Google’s business in Europe, choosing to focus on highlighting changes it’s made in response to the two extant Commission antitrust rulings.

“After the Commission’s July 2018 decision, we changed the licensing model for the Google apps we build for use on Android phones, creating new, separate licenses for Google Play, the Google Chrome browser, and for Google Search. In doing so, we maintained the freedom for phone makers to install any alternative app alongside a Google app,” he writes.

Nor does he make mention of a recent change Google quietly made to the lists of default search engine choices in its Chrome browser — which expanded the “choice” he claims the company offers by surfacing more rivals. (The biggest beneficiary of that tweak is privacy search rival DuckDuckGo, which suddenly got added to the Chrome search engine lists in around 60 markets. Qwant also got added as a default choice in France.)

Talking about Android specifically Walker instead takes a subtle indirect swipe at iOS maker Apple — which now finds itself the target of competition complaints in Europe, via music streaming rival Spotify, and is potentially facing a Commission probe of its own (albeit, iOS’ marketshare in Europe is tiny vs Android). So top deflecting Google.

“On Android phones, you’ve always been able to install any search engine or browser you want, irrespective of what came pre-installed on the phone when you bought it. In fact, a typical Android phone user will usually install around 50 additional apps on their phone,” Walker writes, drawing attention to the fact that Apple does not offer iOS users as much of a literal choice as Google does.

“Now we’ll also do more to ensure that Android phone owners know about the wide choice of browsers and search engines available to download to their phones,” he adds, saying: “This will involve asking users of existing and new Android devices in Europe which browser and search apps they would like to use.”

We’ve reached out to Commission for comment, and to Google with questions about the design of its incoming browser and search app prompts for Android users in Europe and will update this report with any response.

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Twitter’s latest robo-nag will flag “harmful” language before you post

Published

on

Enlarge / Before you tweet, you might be asked if you meant to be so rude.

Want to know exactly what Twitter’s fleet of text-combing, dictionary-parsing bots defines as “mean”? Starting any day now, you’ll have instant access to that data—at least, whenever a stern auto-moderator says you’re not tweeting politely.

On Wednesday, members of Twitter’s product-design team confirmed that a new automatic prompt will begin rolling out for all Twitter users, regardless of platform and device, that activates when a post’s language crosses Twitter’s threshold of “potentially harmful or offensive language.” This follows a number of limited-user tests of the notices beginning in May of last year. Soon, any robo-moderated tweets will be interrupted with a notice asking, “Want to review this before tweeting?”

Earlier tests of this feature, unsurprisingly, had their share of issues. “The algorithms powering the [warning] prompts struggled to capture the nuance in many conversations and often didn’t differentiate between potentially offensive language, sarcasm, and friendly banter,” Twitter’s announcement states. The news post clarifies that Twitter’s systems now account for, among other things, how often two accounts interact with each other—meaning, I’ll likely get a flag for sending curse words and insults to a celebrity I never talk to on Twitter, but I would likely be in the clear sending those same sentences via Twitter to friends or Ars colleagues.

Additionally, Twitter admits that its systems previously needed updates to “account for situations in which language may be reclaimed by underrepresented communities and used in non-harmful ways.” We hope the data points used to make those determinations don’t go so far as to check a Twitter account’s profile photo, especially since troll accounts typically use fake or stolen images. (Twitter has yet to clarify how it makes determinations for these aforementioned “situations.”)

As of press time, Twitter isn’t providing a handy dictionary for users to peruse—or cleverly misspell their favorite insults and curses in order to mask them from Twitter’s auto-moderation tools.

So, two-thirds kept it real, then?

To sell this nag-notice news to users, Twitter pats itself on the back in the form of data, but it’s not entirely convincing.

During the kindness-notice testing phase, Twitter says one-third of users elected to either rephrase their flagged posts or delete them, while anyone who was flagged began posting 11 percent fewer “offensive” posts and replies, as averaged out. (Meaning, some users may have become kinder, while others could have become more resolute in their weaponized speech.) That all sounds like a massive majority of users remaining steadfast in their personal quest to tell it like it is.

Twitter’s weirdest data point is that anyone who received a flag was “less likely to receive offensive and harmful replies back.” It’s unclear what point Twitter is trying to make with that data: why should any onus of politeness land on those who receive nasty tweets?

This follows another nag-notice initiative by Twitter, launched in late 2020, to encourage users to “read” an article linked by another Twitter user before “re-tweeting” it. In other words: if you see a juicy headline and slap the RT button, you could unwittingly share something you may not agree with. Yet this change seems like an undersized bandage to a bigger Twitter problem: how the service incentivizes rampant, timely use of the service in a search for likes and interactions, honesty and civility be damned.

And no nag notice will likely fix Twitter’s struggles with how inauthentic actors and trolls continue to game the system and poison the site’s discourse. The biggest example remains an issue found when clicking through to heavily “liked” and replied posts, usually from high-profile or “verified” accounts. Twitter commonly bumps drive-by posts to the top of these threads’ replies, often from accounts with suspicious activity and lack of organic interactions.

Perhaps Twitter could take the lessons from this nag notice roll-out to heart, particularly about weighting interactions based on a confirmed back-and-forth relationship between accounts. Or the company could get rid of all algorithm-driven weighting of posts, especially those that drive nonfollowed content to a user’s feed and go back to the better days of purely chronological content—so that we can more easily shrug our shoulders at the BS.

Continue Reading

Biz & IT

Data leak makes Peloton’s Horrible, No-Good, Really Bad Day even worse

Published

on

Peloton

Peloton is having a rough day. First, the company recalled two treadmill models following the death of a 6-year-old child who was pulled under one of the devices. Now comes word Peloton exposed sensitive user data, even after the company knew about the leak. No wonder the company’s stock price closed down 15 percent on Wednesday.

Peloton provides a line of network-connected stationary bikes and treadmills. The company also offers an online service that allows users to join classes, work with trainers, or do workouts with other users. In October, Peloton told investors it had a community of 3 million members. Members can set accounts to be public so friends can view details such as classes attended and workout stats, or users can choose for profiles to be private.

I know where you worked out last summer

Researchers at security consultancy Pen Test Partners on Wednesday reported that a flaw in Peloton’s online service was making data for all of its users available to anyone anywhere in the world, even when a profile was set to private. All that was required was a little knowledge of the faulty programming interfaces that Peloton uses to transmit data between devices and the company’s servers.

Data exposed included:

  • User IDs
  • Instructor IDs
  • Group Membership
  • Workout stats
  • Gender and age
  • Weight
  • If they are in the studio or not

Ars agreed to withhold another piece of personal data exposed because Peloton is still working to secure it.

A blog post Pen Test Partners published on Wednesday said that the APIs required no authentication before providing the information. Company researchers said that they reported the exposure to Peloton in January and promptly received an acknowledgement. Then, Wednesday’s post said, Peloton went silent.

Slow response, botched fix

Two weeks later, the researchers said, the company silently provided a partial fix. Rather than providing the user data with no authentication required at all, the APIs made the data available only to those who had an account. The change was better than nothing, but it still let anyone who subscribed to the online service obtain private details of any other subscriber.

When Pen Test Partners informed Peloton of the inadequate fix, they say they got no response. Pen Text Partners researcher Ken Munro said he went as far as looking up company executives on LinkedIn. The researchers said the fix came only after TechCrunch reporter Zack Whittaker, who first reported the leak, inquired about it.

“I was pretty pissed by this point, but figured it was worth one last shot before dropping an 0-day on Peloton users,” Munro told me. “I asked Zack W to hit up their press office. That had a miraculous effect – within hours I had an email from their new CISO, who was new in post and had investigated, found their rather weak response and had a plan to fix the bugs.”

A Peloton representative declined to discuss the timeline on the record but did provide the following canned response:

It’s a priority for Peloton to keep our platform secure and we’re always looking to improve our approach and process for working with the external security community. Through our Coordinated Vulnerability Disclosure program, a security researcher informed us that he was able to access our API and see information that’s available on a Peloton profile. We took action and addressed the issues based on his initial submissions, but we were slow to update the researcher about our remediation efforts. Going forward, we will do better to work collaboratively with the security research community and respond more promptly when vulnerabilities are reported. We want to thank Ken Munro for submitting his reports through our CVD program and for being open to working with us to resolve these issues.

The incident is the latest reminder that data stored online is often free for the taking, even when companies say it isn’t. This puts people in a bind. On the one hand, sharing weight, workout stats, and other data can often help users get the most out of training sessions or group workouts. On the other… well, you know.

I generally try to falsify much of the data I provide. Most of the services I use that require a credit card will approve purchases just fine even when I supply a false name, address, and phone number. Not having those details attached to user names or other data can often minimize the sting of a data leak like this one.

Continue Reading

Biz & IT

Starlink can serve 500,000 users easily, several million “more of a challenge”

Published

on

Enlarge / Screenshot from the Starlink order page, with the street address blotted out.

SpaceX has received more than 500,000 orders for Starlink broadband service, the company said yesterday.

“‘To date, over half a million people have placed an order or put down a deposit for Starlink,’ SpaceX operations engineer Siva Bharadvaj said during the launch webcast of its 26th Starlink mission,” CNBC reported.

SpaceX opened preorders for Starlink satellite service in February and is serving at least 10,000 users in its beta in the US and overseas combined. The preorders required a $99 deposit for service that would be available in the second half of this year. The 500,000 total orders presumably include both US residents and people in other countries; we asked SpaceX for more details and will update this article if we get a response.

A preorder doesn’t guarantee that you’ll get service, and slots are limited in each geographic region because of capacity limits. Still, SpaceX CEO Elon Musk said he expects all of the preorderers to get service—but said that SpaceX will face a challenge if it gets millions of orders.

“Only limitation is high density of users in urban areas,” Musk tweeted yesterday. “Most likely, all of the initial 500k will receive service. More of a challenge when we get into the several million user range.”

The total cost for each Starlink user is $499 for hardware, $50 for shipping and handling, and $99 for monthly service, plus tax. Preorders are still open on the Starlink website.

SpaceX prepares for up to 5 million users in US

Despite Musk’s comment, SpaceX has been laying the groundwork to potentially serve up to 5 million subscribers in the US. SpaceX initially obtained a Federal Communications Commission license to deploy up to 1 million user terminals (i.e. satellite dishes) in the US and later asked the FCC to increase the authorized amount to 5 million terminals. The application is still pending.

“SpaceX Services requests this increase in authorized units due to the extraordinary demand for access to the Starlink non-geostationary orbit satellite system,” the company told the FCC in its license-change request on July 31, 2020. At that time, nearly 700,000 people in the US had registered interest on Starlink’s website, but that action didn’t require putting down any money. The 500,000 orders and deposits that Starlink has received even without saying exactly when the service will exit beta is a stronger indication of people’s interest in the satellite broadband system, though this number likely includes non-US residents.

Musk has said that Starlink will be available to “most of Earth” by the end of 2021 and the whole planet by next year. SpaceX is also planning a new version of the “Dishy McFlatface” satellite dish for large vehicles, aircraft, and ships. Musk has said that the original version of the dish “should be fully mobile later this year, so you can move it anywhere or use it on an RV or truck in motion.”

Continue Reading

Trending