1. Home /
  2. Tech News /
  3. Headlines in Tech 13 – 20 Jul 2022
  • 2022.07.22

Headlines in Tech 13 – 20 Jul 2022

Artificial Intelligence

UK Government sets out proposals for new regulation on AI as call for evidence is launched

…Regulators will apply six principles to oversee AI in a range of contexts with flexibility to implement them.

  • Ensure that AI is used safely: requirements to remain commensurate with actual risk – comparable with non-AI use cases. Focus will therefore be on high risk use cases
  • Ensure that AI is technically secure and functions as designed: the functioning, resilience and security of a system should be tested and proven, and the data used in training and in deployment should be relevant, high quality, representative and contextualised
  • Make sure that AI is appropriately transparent and explainable: Have regard to IP rights and confidential information. Transparency requirements could include disclosure of information about: (a) the nature and purpose of the AI, (b) the data being used and information relating to training data, (c) the logic and process used and where relevant information to support explainability of decision making and outcomes, (d) accountability.
  • Consider fairness: design, implement and enforce appropriate governance requirements for ‘fairness’ as applicable to the entities that they regulate
  • Identify a legal person to be responsible for AI: accountability and legal liability to rest with an identified or identifiable legal person
  • Clarify routes to redress or contestability: regulators to implement proportionate measures to ensure the contestability of the outcome of the use of AI in relevant regulated situations

Like for most digital regulations, the government distinguishes itself from the EU: “Instead of giving responsibility for AI governance to a central regulatory body, as the EU is doing through its AI Act, the government’s proposals will allow different regulators to take a tailored approach to the use of AI in a range of settings” – it said. The point is however, many businesses would wish to do businesses in the EU as well. Therefore the benefits of a more flexible and potentially less burdensome rules may be limited. For example, AI built on rules which contravene EU rules may not be operable in the EU.

BigTech/ Data / Platforms

Safety

Boris Johnson becomes Tech business’ flavour of the month as UK’s controversial Online Safety Bill is delayed

…that is a complete over statement, but the UK government chaos is reported to have been the reason behind the delay to the controversial Online Safety Bill from being passed into law much to the relief of tech businesses. The bill was to deliver the government’s manifesto commitment “to make the UK the safest place in the world to be online while defending free expression“. As you can imagine, this is fiendishly difficult, and riddled with controversy. One person’s idea of illegality (eg. [Insert name of your top tyrant here] should be hanged and quartered – in this case could constitute incitement of hatred and violence, which is unlawful in the UK) is another person’s idea of free expression. Tech platforms are requested to [in short] ensure illegal content is removed and to control “lawful but harmful” content. Non-compliance can lead to executives being jailed and penalty levied amounting to a maximum of 10 percent of global annual turnover [not profits].

Actually, Boris Johnson may be popular this month. At least among the leading tech businesses.

Meanwhile the position may become even more complicated in the US unless the proposed American Data Privacy and Protection Act (ADPPA) comes into play – which as I understand it precludes a separate state privacy law. California governors and other states want to retain the power to set stricter privacy laws than ADPPA provides, especially since the fall out of Roe v Wade.

…but the UK Government have managed to introduce Data Protection and Digital Information Bill into Parliament

…The government says this includes measures to use AI responsibly while reducing compliance burdens on businesses. The digital secretary said “Outside of the EU we can ensure people can control their personal data, while preventing businesses, researchers and civil society from being held back by a lack of clarity and cumbersome EU legislation”…hopefully such a comment will not lead the EU to scrutinise UK’s law and withdraw the UK’s adequacy status, needed to enable data to flow freely between the UK and the EU…

What does the Bill propose?

  • Small businesses no longer need to have a Data Protection Officer (DPO) and to undertake lengthy impact assessments, if they are able to manage the risks effectively.
    • Privacy management programmes will be required to ensure they are accountable for how they process personal data.
  • Fines for nuisance calls and texts and other serious data breaches under the UK’s existing Privacy and Electronic Communications Regulations (PECR) [yes please!]
  • Websites no longer need to seek consent to collect data about your visit (cookie consents). The government’s new opt-out model for cookies means users can set an overall approach to how their data is collected and used online – for example via their internet browser settings [I can imagine privacy groups crying out for an opt-in model – as some people might not know how to opt-out]. However most websites also serve the EU – not sure whether such websites can programme the website operation so that pop ups do not appear if a UK user is visiting the site.
  • Provide clarity about when they can obtain user consent to collect or use data for broad research purposes

Possible defective platform at issue in a case where a child ended up being paired with a sexual predator

…Omegle, a chat service which pairs random people up for anonymous chats, was sued when a child ended up being paired with a sexual predator. Omegle sought to rely on Section 230 of the Communications Decency Act of the United States which generally protects websites from liability over content uploaded by users or third parties, but the judge in the case held that the claim did not concern the platform’s failure to moderate content, rather the claim was against defective platform design. The judge characterised the claim as a product liability suit, stating that the website could have implemented measures preventing minors from being paired with adults. The issue though is how this measure could have been implemented without losing anonymity, one of the key feature of Omegle’s services. The case continues. Those in the UK that are in favour of the UK’s Online Safety Bill would have approved the judge’s thoughts. 

Regardless of the outcome of the case, online service providers will increasingly be expected to think about their offering and structure their business to avoid potential foreseeable harms. It also signals potential liability for platforms that are accused of implementing algorithms which keep users (especially youths) addicted to their device. Not only that, there may, in the future be further requirements for businesses to implement positive measures (eg. train algorithms) to make the system to be in compliance with the law. For example, at a virtual event, US FTC Commissioner Slaughter is reported to have stated that ” We need to be actively anti-racist”, and the agency will research into how systems can ensure racial equity. This could mean that the algorithm has to be actively trained to be anti-racist.

Privacy

Amazon responds to US senator’s accusation of liberal sharing of private data captured by Ring with the US police

…Back in April, Democrat Senator Ed Markey essentially said that Amazon’s Ring app (door bell with camera features) allows invasive surveillance, especially as a number of law enforcement authorities are given access to data captured by the Ring device installed on thousands of households across the country. Amazon has written back explaining that everything is transparent and data collected are mostly used for serious crimes. Further info on this in the Delving Deeper section, below.

Class Action strikes streaming service provider Paramount for giving Facebook access to subscribers’ viewing information together with personal information

…the tool used is Facebook’s Pixel. Cause of action is the violation of Video Privacy Protection Act (“VPPA”) of 1988, which objective is to confer onto consumers the power to “maintain control over personal information divulged and generated in exchange for receiving services from video tape service providers.”

Paramount is alleged to have used Facebook’s Pixel tool to supply Facebook with highly personalised information so that it can know its users’ interests to enable Facebook to either target those users with relevant material or to find other users with similar profile to carry out highly specific ad targeting to them. The information shared is to have included name, email address, birthday and address so that Facebook can identify the user’s Facebook profile and what that user watched on Paramount’s streaming service (CBS.com). Similar cases are on foot against Discovery Communications, Nextar Media Group. Similar allegation has been made against Facebook/Meta itself, for embedding the Pixel tool in healthcare providers’ websites.

Google defeats fraud claim that it took data generated by non-Google apps for use in developing new products and competing with other market participants

…there were several reasons, but one of them was that Google had disclosed that it will collect data through non-Google apps. Google said that this indicates that Google would use the data to improve its offering. The Judge considered that there was no misrepresentation.

GDPR means the public sector must stop using Google products says the Danish Data Protection Authority

… In 2020, EU’s top court (CJEU) ruled that it was unlawful to transfer EU citizens’ data to the US where the EU considered had inadequate protection for personal data owing to US’ invasive survelliance programmes under which the government could request US businesses to turn over data under their control (Schrems II decision). Before transferring data to the US, entities must implement additional measures to prevent EU citizen data from passing into the hands of US government. The Danish municipality explained that data was encrypted but the Danish Data Protection Authority stated that such measure was inadequate.

Competition

In preparation for the Digital Markets Act, Google allows other payment services to facilitate in-app purchases for non-gaming apps in the EU

… the impending EU’s Digital Markets Act provides for a ban on requiring app developers to use certain of the gatekeeper’s services (such as payment systems) in order to appear in app stores of the gatekeeper. The offer which only encompasses the EU, is a 3% discount on transactions generated by non-gaming apps that are using an alternative billing system. It had been the case that in-app purchases on Android phones require users to use the Google Play billing system.  There is a question mark over whether this is offer is sufficient to satisfy the Digital Markets Act. An alternative, cheaper billing system will be available for gaming apps too when the Digital Markets Act come in to play. As the majority of in-app purchases are carried out via gaming apps, Google may be trying to take advantage of the little time it has left without having to comply with the Digital Markets Act.

Italian antitrust authority is investigating Google for obstructing data portability

…In the EU, there is a concept called data portability, which means any user can request for personal data held by a platform to be transferred to them to enable the user to switch between different services thereby preventing lock-in to the incumbent service provider.

A company called Weople is in the business of collecting data of subscribers (with their consent), anonymising and aggregating the data to enable ad-targeting without the disclosure of the personal information, and to sell depersonalised information. Weople complained that Google forbade it from collecting its subscribers’ data on their behalf, insisting that the request must be made from the Google account holder’s personal account. This reduces the take up of Weople’s services. Weople claimed that Google was abusing its dominant position.

Business

Microsoft clinches partnership with Netflix to provide ad supported streaming services, beating bids from Comcast and Google

…Maybe Comcast and Google, with their considerable streaming businesses (Peacock and YouTube respectively), were too close for comfort, instead choosing Microsoft, an established platform albeit less known for ad-supported content delivery. Microsoft’s digital ad revenues are derived from Bing search and LinkedIn, neither of which involve streaming. Note however, that Microsoft is poised to power up their gaming business with the purchase of Activision Blizzard for ~$70bn and Netflix is also diversifying into gaming, having tentatively launched last year and purchased three gaming studios. Perhaps because of this convergence, there have been speculations that Microsoft might eventually buy Netflix. Or perhaps Microsoft will continue to generate revenue from similar partnerships using this high profile deal as a springboard. It has recently acquired Xandr, a consumer advertising platform from AT&T, which Microsoft has promptly been able to leverage.

What does Microsoft have to say? It said Netflix’ choice “endorses Microsoft’s approach to privacy, which is built on protecting customers’ information”. So we also have a privacy angle, which is an increasing risk for platforms. Take note: privacy, security, antitrust risks are really real [and see the next news piece that brings home the point]. I’m sure pricing may also have had something to do with it as well, though who knows.

Why is Netflix compelled to offer ad supported streaming?

Netflix’ plan is to provide a cheaper, ad-supported tier to boost subscription numbers. They will be hoping that their current subscribers will continue to buy services without the commercials. It isn’t a good time to be opening up a cheaper offering though, when inflation is high and households are tightening their belts. It will also present a significant cultural change for Netflix which relied on delivering stellar content without the ad interruptions as its USP.  But they are an established company and are likely to have reached a saturation point plus they are now facing vastly increased competition (eg. Disney+, Comcast/Peacock, Apple TV, YouTube, Amazon etc not to mention other competitors for eyeball time, especially TikTok) – at least in the developed countries, so offering a cheaper service is another way of growing. In addition they are expanding internationally and reaching over to gaming.

Disney+ is also in on the act. It is offering ad supported streaming with the aid of Trade Desk, an adTech company to better target subscribers.

Amazon management revealed to have considered shuttering its private label Amazon Basics in the face of heavy antitrust clamp downs

…at the moment, the news is that Amazon has considered lumping Amazon Basics – but this in itself is a big deal because it goes to show how serious regulatory pressures are. Worst case, Amazon could be ordered to break up – for example, into platform and seller. Others have voiced that Amazon’s eCommerce unit should be splintered from AWS cloud business; AWS is so profitable that it can effectively allow the eCommerce business to undercut third party sellers by a significant margin, which dampens competition.

What this brings to the fore though is Amazon’s modus operandi; do business based on cold hearted calculation; the Amazon Basic range has low profit margins – accounting for only a single digit percentage of overall sales. Is it worth the antitrust risk?  – so it asked the question even though that amounts to several billions in revenue (though the important value is the profits, of course. A small percentage of several billions will likely be still significant).

EU antitrust probe

EU has investigated Amazon for potential anticompetitive conduct (essentially self-preferencing), and Amazon has proposed compromises to settle the claim:

  • Using data gained from its retail customers to inform Amazon’s own retail business as a result of its dual role as platform and seller: Amazon can assess what products sell well only to manufacture those products itself and place them prominently on its site in preference over others
  • Amazon proposes it will not use data from third party retailers to advantage its business
  • Operation of the Buy Box which displays an offer from a single seller: EU found that Amazon found it favoured its own retail business and third party sellers that uses its logistics services (called Fulfillment by Amazon, or FBA).
  • Amazon promises to treat all sellers fairly, meaning there will be equal chances of winning the Buy Box spot even if the seller doesn’t use an FBA. It will also provide a second offer which might be cheaper but have a long delivery period.
  • Operation of Amazon Prime which offers premium services to customers: EU found that Amazon had favoured its own retail business and third party sellers that uses FBA
  • Amazon will set non-discriminatory conditions for sellers to qualify to offer goods to Prime customers.
    • Prime sellers can freely choose a non-Amazon logistics services, and will not use data about them.

The EU has asked for comments about Amazon’s concessions. The US looks like it will implement an anti-self-preferencing measure under the American Innovation and Choice Online Act.  These measures may also be called for in the US.

Amazon sues 10,000 Facebook marketplace administrators from co-ordinating fake review postings

…Not all 5 star product rated reviews on Amazon apparently deserve it. For example, Amazon says sellers on its platform had, using an intermediary, incentivised consumers to provide a good review in return for a refund, or other incentives – in this way, sellers ensured that reviewers have actually purchased the product.  The marketplaces paid people that would be willing to rate products highly, and offered their services to the third party sellers on Amazon’s site. Facebook is tackling the issue behind the scenes, but Amazon’s aim was to unveil the culprits behind the operations.

Cloud

German Court suggests Google/Nintendo venture company Niantic to consider settling claim that Pokemon Go infringes a patent licensing firm’s patent

… So, not all cloud patent claims are fintech related. The patent is understood to concern detecting nearby players and connecting them up. The patent licensing company in question is K.Mizra, who is reported to be asserting other patents against Samsung and GM. In the US well over half of patent infringement cases are initiated by patent licensing companies, whose business is to generate revenue from licensing, usually purchased from operating companies.

EVs

Panasonic obtains US aid to build EV battery factory in Kansas

…Panasonic was originally the main supplier of batteries to Tesla, and the move is calculated to strengthen business supplying batteries to Tesla. It already jointly operates a gigafactory in Nevada. Tesla now has other EV suppliers, notably China’s CATL, the world’s largest EV battery maker and in addition has developed its own capability to make EV batteries. Panasonic itself has sought other clients, and has a JV with Toyota. It is not known whether the Kansas venture will also involve a research capability.

Rolls Royce tests planes powered on hydrogen to cut emissions

…hydrogen of course will help with decarbonisation as it will turn into water on combustion. However, hydrogen fuels are expensive because it is so volatile and it is gaseous. This pushes infrastructure and investment costs. Airbus is doing the same with CFM International, which is a joint venture between Safran and General Electric. In the industry, greener fuels are called SAFs, short for Sustainable Aviation Fuels.

Mercedes Formula 1 Team to invest in SAFs

… on a similar theme. The firm will invest millions in its bid to achieve net zero emissions by 2030.

San Francisco official says data needed from autonomous vehicle companies to understand whether they block public roads

…we need to ensure autonomous vehicles are not seen as “roadway litter”, the official is reported to have said at a conference.

Google loses appeal of ~€100million fine in Italy for blocking Enel, a charging app

…the appeal was upheld in a case in which Google was claimed to have abused its dominant position by blocking Enel which operated Juicepass an EV charging app. An app enabled the user to find the nearest charging station and book a timeslot. Google rejected Enel’s application to be included on Android Auto platform because it was “only accepting apps within the Media or short form Messaging categories”, despite allowing its own apps (Google Maps and Wave) to be onboarded.  Google had said that the safety of the app was not guaranteed to not distract drivers and so required further research. Google suggested that Juicepass functionality could be integrated into Google Maps combined with a voice assistant but Enel had resisted handing over its valuable data about its customers, their movements and charge point information.

Gaming

Unity, a mainstream real time 3D graphics engine to merge with mobile adtech company Ironsource

…the Unity software enables developers/digital artists to create games with high fidelity 3D graphics and renders them in real time.  The tie up with mobile ad tech business Ironsource is calculated to enable creators to develop graphics based on data on audience feedback to direct creators as they generate content and help them monetize their creations.

Patents

EU commission to investigate patent pool Alliance for Open Media (AOM) which holds patents concerning compressing video files

…the particular standard is called AV1, and the development of this open source video technology was primarily spearheaded by members of AOM (Amazon, ARM, Cisco, Google, IBM, Intel, Meta, Microsoft, Mozilla, Netflix, and NVIDIA). The EU commission is concerned that AOM is influencing other businesses that are also building AV1, to sign up to a royalty free cross-licensing terms, when they have every right to seek licence fees in respect of any valid patents that are relevant to the AV1 standard. This could chill innovation and so needs investigating, in the EU’s view.

Semiconductors

STMicro and Global Foundaries to build a chip making foundary in France using French State Aid

…Reducing reliance on China and SE Asian countries is key. US is gearing up to hopefully pass its Chips Act which would provide a $52billion subsidy, a significant portion of which would go to manufacturing chips.

Software

Microsoft does a quick U-turn on banning profiting from apps which uses open source software

…why on earth did Microsoft ban monetisation of open source software based apps in the first place?

Microsoft’s objective is apparently to control rampant copying and profiting off other people’s work. A developer develops an app using open source software. A third party can swipe that, may or may not build a service on top of that, and offer the app for a higher price. Sometimes, the third party also uses the original developer’s trade mark (leading to trade mark disputes) so that when things do go wrong, users go to the original developer to get it sorted or get a refund. That can happen because updates and patches developed by the original developer might not reach the secondary app users.

In response to opposing voices, including those which are well known in the field, Microsoft has decided to suspend the rule at least for now. Microsoft may consider implementing a nuanced wording which stops third parties from taking apps based on open source software to onward sell and to offer an app in a way that confuses users as to its origin.

Microsoft under scrutiny

Microsoft subsidiary GitHub (platform which hosts code and supports collaboration) together with OpenAI (research organisation in which Microsoft has a stake) has recently launched Copilot, which is a service that suggests lines of code and functions in real-time. Copilot is driven by OpenAI Codex, trained on a huge library of opensource software data.  Some criticise Microsoft for double standards, as Copilot service – which was built using data from open source projects – is not entirely free.

Copilot also raises other issues which are interesting from an Intellectual Property standpoint, as it could muddy the authorship of software developed using Copilot; not altogether helped by the fact Copilot suggestions are devoid of attribution or applicable licence terms (something Amazon’s rival code generator (called CodeWhisperer) appears to have addressed, as noted by the same critic).

NOTE: Open Source Software are codes which are publically available, free for anyone to use, modify, improve, develop, add etc. However, it does not necessarily mean you cannot monetise work based on open source software depending on the applicable licence associated with the open source software you have used. Copyleft is perhaps the one everyone needs to be careful of, because that compels any user of that software to make available on the same terms, any modification carried out on that original code. Suppose you were to incorporate some codebase dictated by copyleft licence, then you could be compelled to offer up enormous amounts of work you might have built using it. Again, depending on the applicable licence, it is possible to build additional functionalities or added security on top of the open source software base, or create an AI powered service using open source software as Copilot has done, and monetise the enhanced offering. Businesses usually deploy an Open Source Software manager to ensure compliance.

Delving Deeper

Amazon responds to US senator’s accusation of liberal sharing of private data captured by Ring with the police

…Back in April, Democrat Senator Ed Markey sent the Ring unit of Amazon with the following concerns:  

  • Concerns about the Ring business’ surveillance practices and engagement with law enforcement
  • His investigation into Amazon illustrates that it has become increasingly difficult for the public to move, assemble, and converse in public without being tracked and recorded:
    • Ring records both video and audio on and around the properties which use Ring
    • Ring stated previously it does not verify compliance
  • Damage goes far beyond abstract privacy invasion: individuals may use Ring devices’ audio recordings to facilitate blackmail, stalking, and other damaging practices
  • Ring’s tie up with law enforcement is concerning
  • more than 2100 policing agencies joined Neighbors Public Safety Service (NPSS), a platform on which participating police departments may request footage from Ring users.
    • Law enforcement thereby circumvent key systems of public accountability
    • No controls imposed on what law enforcement can do with data accessed
  • Requested Amazon to make certain commitments, such as to never taking financial contributions, to never provide data access to immigration or federal law enforcement, to never be involved in police sting operations.

Amazon’s response made the following points:

  • Audio recording – much used by Ring users to understand what’s going on. Therefore the default which records audio data needs to be maintained.
  • Recordings are stored securely in the customer’s Ring account in accordance with Amazon’s standard retention and deletion policies, unless the customer selects a shorter custom retention period. Customers do have the option to manually delete their recordings at any time
    • Ring offers end-to-end encryption of stored recordings
  • New York University (NYU) School of Law recently completed an extensive audit of Ring
    • committed to the findings of this audit being made public
    • Requests for Assistance are controlled by the users, not the requesting agencies
    • Most requests concerned video related to relatively serious crimes like “vehicle burglaries and robberies, shootings, home burglaries and robberies, and stolen vehicles.”
  • Ring reserves the right to respond immediately to urgent law enforcement requests for information in cases involving imminent danger of death or serious physical injury to any person
  • Ring does not allow private security companies on NPSS

In parallel, Amazon has been sued in a potential class action alleging loss sustained owing to Ring’s cyber-security vulnerability. The suit also alleges that Ring shares personal data with (non law-enforcement) third parties.