The move is meant to regain the trust of Bloomberg’s terminal clients, like J.P. Morgan and Goldman Sachs. They’re understandably perturbed by revelations that reporters at Bloomberg News used a function that tracks how recently a client has logged in as a way of generating story leads about personnel changes.

Palmisano, Bloomberg said in a statement, will “immediately undertake a review of the company’s current practices and policies for client data and end user information, including a review of access issues recently raised by the company’s clients.” He’ll report directly to the company’s board of directors. Helping him will be the Hogan Lovells law firm and the Promontory Financial Group.

One wonders if part of the job will be to conduct a full audit of how many reporters used the controversial “Z function” to view client activity, how often it was used and what the result was, specifically if its use led to stories that were published. As I wrote earlier this week, that data probably exists, because Bloomberg has always been a big data company with a knack for keeping track of what its reporters do. And if there is an audit, will its results be publicly disclosed?

The function in question showed two bits of data that have made Bloomberg clients — essentially the who’s who of Wall Street and the financial industry in general — a little queasy. First, it reveals the last time a person logged in to his or her terminal. Reporters would sometimes use that to start asking questions about whether or not someone had left a given firm, and, if they had, write a story about it.

The other thing it was said to show is how often a client used a given function, though not in such granular detail that you could see what stocks or bonds were being researched. But again, it’s the sort of thing that might lead to questions that wouldn’t otherwise be asked, and eventually to stories that wouldn’t otherwise have been written.

Bloomberg also named its editor at large, Clark Hoyt, a former public editor at the New York Times, to review the relationship between Bloomberg’s commercial operations and its news operations.

(Of course, in the interest of full disclosure, I should remind you that for about a year during 2009-2010, I was an employee of Bloomberg News after the company bought BusinessWeek magazine from the McGraw-Hill Companies and relaunched it as Bloomberg Businessweek.)

The letter, addressed to CEO Larry Page and signed by eight members of the bipartisan Privacy Caucus, asks Google whether it plans to use facial recognition technology in conjunction with Glass, what proactive steps Google is taking to protect non-Glass-wearing bystanders and what privacy policy changes Google might make for Glass, among other topics.

The group, led by U.S. Rep. Joe Barton, seeks answers by June 14.

Glass, at this point, has a fairly limited range of abilities such as taking pictures, getting directions and performing a search. Developers can build simple apps using a programming interface called Mirror. However, Google announced on Thursday that it is readying a broader Glass Development Kit giving developers deeper access to the Glass hardware.

A Google representative was not immediately available for comment.

Update: At a fireside chat with developers, Google Glass product director Steve Lee said that the Glass team takes privacy seriously.

“From the beginning, the social implications … of Glass, of people wearing Glass, has been at the top of our mind,” Lee said, adding that the team extended its concern not just to those wearing Glass but those around them.

He noted that to take a picture requires pressing a button or issuing a voice command. Also, the Glass screen lights up when the device is active.

Lee said that Glass is operating by Google’s existing privacy policy in terms of what data it collects.

“We’re not really deviating from that,” Lee said.

As for face recognition, Lee said that “we’ve definitely experimented with it but it is not in the product today,” Lee said. “I can imagine that existing.”

Letter to Google From Congress re: Glass Privacy

Now the New Yorker magazine says it can help journalists, and their sources, cover their tracks. It is rolling out an electronic tip box it says will give leakers and tipsters the ability to cloak their identity when they reach out to the magazine.

And it’s releasing the software that built the box, created by the late Web activist Aaron Swartz, via an open-source license. Which means that it expects and encourages other news organizations to build their own versions.

You can find detailed information about the New Yorker’s Strongbox here, along with posts from Joshua Rothman, the magazine’s archive editor, and Kevin Poulsen, the investigations editor at Wired, which, like the New Yorker, is published by Conde Nast. Poulsen’s post, which explains how he and Swartz collaborated to create Strongbox, makes for particularly good reading.

Strongbox isn’t the first attempt to create a secure tipbox in recent years. In 2011, following WikiLeaks’ rise to prominence, The Wall Street Journal launched SafeHouse, a similar project. But the security experts quickly pointed out flaws in the Journal’s technology, and if the paper has gotten much use out of it since then, they’re not saying (the Journal, like this website, is owned by News Corp.).

I have zero ability to judge the relative security of the New Yorker’s box, but I’m sure that Swartz’s connection to the project will reassure lots of people. (For the record, both the Journal and the New Yorker’s boxes use Tor, an anonymizing Web tool/network.)

I can try to explain the basic principle behind the box, though: It’s supposed to allow anyone to submit a letter, document or any thing else, while keeping their identity secret. If a New Yorker staffer wants to try to contact the tipster, they can reach out through an electronic version of a dead drop, which gives the original tipster the ability to re-contact the magazine.

The New Yorker had planned on introducing Strongbox last month, but delayed it for technical tweaks. But the last week’s revelations about the federal government’s surveillance of the Associated Press helps illustrate the need for the tech, said Poulsen.

“We see governments around the world putting a lot of resources into tracking journalistic sources,” he said. “So far, technology has been an ally not of journalists but the government.”

Read the rest of this post on the original site »

That’s what Bloomberg CEO Dan Doctoroff told employees in a companywide email following a complaint from Goldman Sachs that accused Bloomberg News journalists of using private subscriber information pulled from company data terminals to break news.

According to reports, Bloomberg journalists routinely gathered information from the company’s financial data terminals, which are widely used on Wall Street. While reporters weren’t able to see market-sensitive details like securities-level or trading data, they were able to see customer contact, login and usage data, and chat information between subscribers and customer service representatives.

Far from hard-core “big data,” but easily enough to gather insight into a trader’s interests and thinking. Indeed, sources at J. P. Morgan tell the Financial Times that the firm believes that Bloomberg reporters used login information to determine whether Bruno Iksil, the so-called “London Whale,” had left the bank. Other sources tell CNBC that a former Bloomberg employee used the company’s data terminals to view usage information on Federal Reserve Chairman Ben Bernanke and former U.S. Treasury Secretary Tim Geithner.

Sources say that a preliminary investigation into the incident by Bloomberg found that hundreds of reporters had misused the company’s terminals by trolling for scoops.

Just ask yourself this: How much would a hedge fund pay for the information Bloomberg journalists had?

— felix salmon (@felixsalmon) May 11, 2013

Bloomberg has since restricted its newsroom staff’s access to customer data, following the complaint from Goldman. It has also created a new client-data compliance officer to oversee customer data-security issues. Meanwhile, both the Federal Reserve and the U.S. Treasury Department are said to be scrutinizing the incidents.

Dow Jones & Co., publisher of AllThingsD and The Wall Street Journal, competes with Bloomberg in financial news and information.

Doctoroff’s note in full, below:

Since our founding more than 30 years ago, the proper safeguarding of customer data has been a central tenet of Bloomberg’s culture.

A Bloomberg client recently raised a concern that Bloomberg News reporters had access to limited customer relationship management data through their use of the Bloomberg terminal. Although we have long made limited customer relationship data available to our journalists, we realize this was a mistake.

Having recognized this mistake, we took immediate action. Last month we changed our policy so that all reporters only have access to the same customer relationship data available to our clients. Additionally, we decided to further centralize our data security efforts by appointing Steve Ross, one of our most senior executives, to the new position of Client Data Compliance Officer. Steve is responsible for reviewing and, if necessary, enhancing protocols which among other things will continue to ensure that our news operations never have access to confidential customer data.

To be clear, the limited customer relationship data previously available to our reporters never included access to our trading, portfolio, monitor, blotter or other related systems or our clients’ messages. Moreover, reporters could not see news stories that clients read, or the securities they viewed. Bloomberg has very strict data security policies in place, in addition to significant and rigorous training, processes and protocols. Upon hiring, all Bloomberg employees enter into confidentiality provisions, including Bloomberg News.

Client trust is our highest priority and the cornerstone of our business, and we are deeply committed to ensuring the complete integrity and confidentiality of our clients’ data in all situations and at all times.

Dan

Now that 21st century digital behemoths such as Facebook and Google have discovered how to make personal information the most valuable resource in the history of humanity, they are strip-mining mountains of it into completely unrecognizable states.

Conversely, we tend to ignore this process because the most magnificent, technologically advanced and socially connected digital city is being built from it.

You are living in this growing digital city, and I’m guessing that you really like it here. Unfortunately, you can’t live in this city for free. Your rent is due in the form of your personal information, and you have to accept a certain loss of your privacy.

There’s no credit check to move in. You just need to share your name, birth date, where you’re from, your alma mater and a few more personal details. It’s effortless to hand over your information, and will only take you about 60 seconds to sign a lease.

But if you don’t read the fine print of your lease, you’ll gloss over the fact that surveillance cameras and microphones have been installed to cover every square inch of the city and that you have consented to being watched at all hours.

Meanwhile, marketers and advertisers will eavesdrop on your conversations and abruptly interrupt when you bring up any topics related to their products. (Bizarrely, you are also required to eat a complimentary cookie every time you enter a building.)

Real estate metaphors notwithstanding, losing your privacy is not such a bad thing. You pay into the new digital economy with your demographic and behavioral information.

Some people raise legitimate concerns, but claims of an Orwellian dystopia are alarmist hyperbole. There is a level of discomfort that comes with voluntarily divulging private information, and, understandably, greater anxiety results from being watched at all times.

As a society, we need to define the rules under which our personal information can be mined. Our collective unease is largely the result of not having clear parameters to create an equilibrium between privacy and personalization.

These parameters will help shift our focus from the negatives to the positives, because in return for your personal information, you realize a net benefit with tremendous value.

Access to Your Data From Anywhere, at Any Time, Using Any Device

I don’t want access to my data being constrained by the time of day, where I am or what digital device I have access to. I shouldn’t have to go to work to grab an Excel file off my computer and I shouldn’t need my personal device to show a photo of my dog to coworkers.

The solution is adopting a cloud service like Dropbox, Google or Facebook. They become the stewards of your data, responsible for keeping it secure and accessible at all times. In exchange, you grant them full visibility of your data and permit them to monetize it.

I don’t know about you, but I don’t like carrying a USB stick around and I definitely loathe the pain of a hard drive failure corrupting three years of photos and memories. I’m sticking with the cloud.

Personalized Experience

A personalized experience is why companies like American Express, Brooks Brothers and USAA consistently rank at the top of consumer surveys. These are giant corporations, but they make you feel special by focusing on you. They also happen to know a lot about you and your spending habits.

The sheer volume of information online is overwhelming and often leads to decision paralysis. You need help cutting through the noise; the best companies personalize your digital experience, only presenting information that is relevant to you.

I don’t want to dig through the iTunes or Netflix libraries. I want to choose from recommendations based upon what I’ve watched in the past and what my friends are watching. If I’m buying something on Amazon, or planning a vacation on TripAdvisor, I’d like to see reviews and recommendations from my friends. I’m far more likely to make a better and more informed choice with the trusted validation of my social circle.

Proactive Digital Assistant

Google knows where I live, where I work and the typical route I take to commute between them. I find it extremely valuable when I am alerted about an accident before I’m already stuck in the horrific traffic jam for over an hour.

Facebook pings me with a push notification about my friend’s birthday so I don’t forget yet again. I can see from Instagram photos that my friend went to the Nationals game and I can ask him how it was. Foursquare will let me know if one of my friends has checked in near me and we can now meet for a serendipitous drink.

Our 21st century digital economy makes my life better. I have access to what I need, when I need it. My online experience is largely customized to suit my needs. And, I have better ambient awareness of what’s happening in my social circles.

The cost to improve my life is sharing my personal information. A barter economy is based on the exchange of goods and services of perceived equal value. In my mind, I’m receiving far more than I’m giving up.

There is a zero-sum relationship between personalization and privacy. To get the personalized digital experience you want and have grown accustomed to, you have to accept the loss of your privacy.

Tom Cochran is CTO at Atlantic Media, publisher of the Atlantic, Quartz, National Journal and Government Executive. Prior to that, he was at the White House as the Director of New Media Technologies. Follow him on Twitter at @tommer.

In a Tuesday ruling, the Berlin Regional Court declared eight of the 15 clauses in Apple’s data use policy invalid because they don’t comply with German law, and forbade the company from doing things like asking customers for “global consent” to use their data.

Since Apple had already agreed to abandon the other seven clauses earlier this year, the court’s ruling means the company now has to either adjust its privacy policy to accommodate Germany’s requirements, develop an entirely new one specific to the country, or prevail on its likely inevitable appeal of the ruling. Apple declined comment.

“The lack of a delete button on the Internet is a significant issue. There is a time when erasure is a right thing.”

– Google Chairman Eric Schmidt

That’s the gist of Eric Schmidt’s latest comments on Google’s forthcoming facephone, whose launch the company is approaching with quite a bit of circumspection. Speaking at an event Thursday at Harvard University’s Kennedy School of Government, Schmidt said Glass requires a rethinking of social etiquette, and a heavy curative hand from Google with Glass app developers.

“There are obviously places where Google Glasses are inappropriate,” Schmidt said. “It’s so new, we decided to be more cautious.”

Seriously? Wearing Google Glass AT a urinal? That part of some off the books, scatological 20% project? OK Glass!

— John Paczkowski (@JohnPaczkowski) March 3, 2013

Wise move, and not just from a public relations standpoint, but from a regulatory one, as well. If Glass draws the same sort of scrutiny as Street View, even a single privacy misstep could very quickly turn into a grueling nightmare.

“We want to be very careful that this sort of new invention is not misused,” Schmidt said later. “It’s already been banned in Las Vegas casinos. They haven’t even seen it. I’m always concerned about premature regulation based on fear, as opposed to understanding what’s possible.”

Certainly a legitimate concern, given Google’s history.

Commissioner Johannes Caspar ordered the U.S. Internet company to pay 145,000 euros ($189,000) for collecting data of private Wi-Fi networks when Google’s cars drove through the streets to take pictures from 2008 until 2010.

Read the rest of this post on the original site »

Asa Mathat / AllThingsD.com

It’s been a long, hectic week for news — so it’s understandable if you’ve missed a couple stories on the technology side of things. Here’s a quick weekend roundup of the news that powered AllThingsD this week:

1. In an essay in AllThingsD Voices, Jan Chipchase writes that Google Glass is the company’s “unintentional public service announcement on the future of privacy … it threatens surreptitious, unexpected or continuous recording from the perspective of the human-eye/ear view.”
2. At D: Dive Into Mobile, WhatsApp CEO Jan Koum announced that his messaging app is now bigger than Twitter, which officially claims 200 million monthly active users.
3. Also announced at our mobile conference were Facebook’s updates to its iPhone and iPad apps to incorporate the “Chat Heads” from Facebook Home. As of Wednesday, those changes have started rolling out to users.
4. In an interview with Arik Hesseldahl, Workday co-CEO and Greylock Partner Aneel Bhusri said, “it’s the most disruptive time in 25 years” for enterprise, and that landing HP as a customer at Workday “gives people more comfort that the cloud is real.”
5. Peter Zatko, a computer hacking expert better known as Mudge, is leaving his post at DARPA, where he was tasked with helping government agencies fend off cyber attacks. Mudge’s next stop? Google.
6. If the netbook wasn’t dead already, it will be soon. New data from research house IHS iSuppli say shipments of the mini-computers will fall to zero by 2015.
7. Maybe you’ve heard of this small company called Microsoft? Windows Phone head Terry Myerson is casting his division as an underdog and going on the offensive against Google: “[there is] clearly mutiny in the Starship Android,” he said.
8. Facebook would love to put its new Home overlay on Apple’s iPhone and iPad. Apple almost certainly doesn’t want it there. In this interview, Kara Swisher asked Facebook CTO Mike Schroepfer and mobile head Cory Ondrejka to explain the two companies’ complicated relationship.
9. If you haven’t heard of Chinese smartphone company Xiaomi yet, you will soon. With 7.19 million handsets sold in 2012, Xiaomi president Bin Lin said the company expects to sell twice as many this year.
10. And finally, one of readers’ favorite quotes of the week came from AllThingsD’s own Walt Mossberg. He kicked off Dive Into Mobile by asking Mozilla CEO Gary Kovacs about Firefox’s mobile operating system: “So … what the f**k?”

To stay on top of the latest, you should follow AllThingsD on Twitter and Facebook, and subscribe to our daily email newsletter.

Hence this morning’s announcement. Facebook will work with the National Association of Attorneys General to promote privacy awareness and general tips for teenagers on how to use the social network’s page settings.

It’s pretty straightforward stuff. Facebook will work with 19 attorneys general across the country (potentially more to come), creating state-specific videos on how to better manage your Facebook pages. There’s also a general tip sheet with data points on the topic, as well as videos created by the privacy team answering questions sent from the Facebook-using public on privacy questions in general.

“At Facebook, we work hard to make sure people understand how to control their information and stay safe online,” said Facebook COO Sheryl Sandberg in a statement. “We’re grateful for Maryland Attorney General Doug Gansler’s leadership on this issue, and we look forward to working with him and attorneys general around the country.”

Sandberg met with NAAG President Gansler and a few other state attorneys general on Sunday to talk about the initiative in advance of a privacy summit this week, also chatting about general Facebook privacy and safety efforts.

It’s another in a string of Facebook’s recently promoted information session initiatives, headed by Erin Egan, the company’s chief privacy officer. The goal is to find better ways to inform its massive user base of changes to the network, and how to better navigate it — a tough challenge, considering that there are so many users to inform, each with different levels of technology savvy.

Probably a good idea, considering that Facebook agreed to years of privacy audits as a result of a settlement with the Federal Trade Commission back in 2011. Not to mention the heightened attention paid to the Children’s Online Privacy Protection Act (COPPA) in recent years.

Expect to see the videos and initiatives promoted on Facebook over the coming year.

There is but one remedy for the Glass wearer — a bucket of ice water in the face whenever you suspect he has taken you unawares

With the public beta launch of Google Glass, there has been a lot of discussion on why it will or won’t fail. The ultimate benchmark for success is high: After someone has tried Glass, can they imagine life without it?

It’s the wrong question.

Glass is Google’s unintentional public service announcement on the future of privacy. Our traditional bogeyman for privacy was Big Brother and its physical manifestation — closed-circuit TV — but the reality today is closer to what I call Little Sister, and she is socially active, curious, sufficiently tech-savvy, growing up in the land of “free,” getting on with life and creating a digital exhaust that is there for the taking. The sustained conversation around Glass will be sufficient to lead to a societal shift in how we think about the ownership of data, and to extrapolate a bit, the kind of cities we want to live in. For me, the argument that Glass is somehow inherently nefarious misses a more interesting point: It is a physical and obvious manifestation of things that already exist and are widely deployed today, whose lack of physical, obvious presence has limited a mainstream critical discourse.

As a product that is both on-your-face and in-your-face, Glass is set to become a lightning rod for a wider discussion around what constitutes acceptable behavior in public and private spaces. The Glass debate has already started, but these are early days; each new iteration of hardware and functionality will trigger fresh convulsions. In the short term, Glass will trigger anger, name-calling, ridicule and the occasional bucket of thrown water (whether it’s ice water, I don’t know). In the medium term, as societal interaction with the product broadens, signs will appear in public spaces guiding mis/use¹ and lawsuits will fly, while over the longer term, legislation will create boundaries that reflect some form of im/balance between individual, corporate and societal wants, needs and concerns.

So Shoot Me

Of all of the companies and organisations that could bring Glass to market, I’m pleased that Google is the one making a significant investment: A company with a recent record of genuine innovation that stretches/defines social and behavioral norms² with a strong revenue stream and deep enough pockets to have a fighting chance of medium to long-term success. It also helps that the project is considered of strategic importance, and has key executive sponsorship. Less obvious, but no less relevant in this equation, is that the company has a lot to lose, is no longer the media darling, has fucked up enough times in public to know it can do so again (and again), has been humbled by more nimble competitors, has experienced talent drain and understands the impact of this on its culture and its bottom line. Of course, Google can financially afford to fail again: Experimentation and failure is a critical part of its DNA, but while privacy-snafu fines are low, the internal and external cultural costs of Glass failing are high.

All technology challenges the status quo, and if a technology is noticed by consumers/users/constituents at all, it presents for some an opportunity and for others a threat. The perceived and actual threat from Glass comes not from crimes against taste. (Many have commented on the perceived inelegance of the design.) Google’s design team appears to have done a sterling job, if you assume that particular design direction and constraints. Our sense of what is tasteful succeeds or fails as part of a far broader narrative, which they, too, are exploring. Yes, you can find a hundred and one designs of “wearable computing” from the past decade that look similar, but very few are packing the same experience into the same form factor. However, as a connected, sensing object, it is capable of recording and transmitting photos, video and sound directly through content analysis or indirectly through proximate connected devices, other data such as location, temperature, trajectory and so on. In other words, in a worst/best case scenario it could record and measure “everything,” and associate that data to a person. How will this play out?

I want you to try a little experiment. Find somewhere where you can sit and observe people interact with one another. Pick somewhere just out of the throng — the edge of a cafe looking in, a park bench, a doorway close to a market. It’s easier if you choose somewhere you don’t know so well, you’ll have less to unlearn.

Give yourself 30 minutes to view and reflect upon the scene in front of you: Who visits that space, and why; the differences in ritual greetings, and indeed whether or not a person is greeted; how people project who they are; things that signify status and social hierarchy; where objects are placed; the level of interaction with those objects when not in use. What can you see being documented online or off? What can you imagine being documented? Pay particular attention to things that fit your definition of “technology” and reflect upon the things in front of you that once fit this definition but no longer do (my list of were-once-technologies includes the pencil, the wristwatch and the smartphone).

If you’re close enough to other people, you’ll overhear conversations plus bits of conversations that the speakers will allow you to hear, raised, projected, sotto voce and in whispers, combined with body language all serving to emphasize what is said, and the intent of what is communicated. How much of that conversation is directed at the “listener” and how much of it is directed at others in proximity, including you? This rich social choreography is playing out hundreds of billions of times a day across our planet, and is as subtle and delicate as anything appearing in a BBC2 nature documentary.

Of course, people and systems are already capturing (and channeling) content and data in this space in the form of photos, video, background noise on phone or video calls, who is connected to what, and what they are doing. It is likely that Google, Microsoft and Nokia’s Navteq (to name but three) have already systematically mapped this space and are serving up street views online. The difference with Glass is that it threatens surreptitious, unexpected or continuous recording from the perspective of the human-eye/ear view. At this point, it doesn’t matter whether it can support sustained recording for long periods or not; what matters is that the form factor supports this, that it could at some point, and that we all know Google is in the business of selling ads against insight drawn from large volume of data. Continuous, indiscriminate recording in this space is the dragnet fishing of data collection — it’s a destructive technology, a conversation- and privacy-killer.³

Back to our experiment. Take in the scene in front of you. Who owns this space, both legally and figuratively? Who has the rights to do what? By what authority? Who enforces that authority? How do these rights differ for regulars or a first-time visitor? What are the ways people signal the beginning or the end of an activity? And how does that signalling make something more or less acceptable? The obvious clue to activities people have deemed socially unacceptable are often found on hand-scribbled “do not” signs, as in “staff will refuse to serve customers who are on their mobile phone,” or “do not ask for credit.” The more sustained the infringement, the more official-looking the sign.

Today, we falsely assume that our conversations and our images are not by default recorded by other people in proximity.⁴ Not having a persistent record allows us to present a nuanced identity to different people, or groups of people; it provides the space to experiment with what we could be. The risk that what we say will be broadcast, or narrowcasted, to people we don’t know, or may bubble up at some point in the future in the hands of someone serving up ads, fundamentally changes what we want to talk about. The challenge for Glass is that the costs of ownership fall on people in proximity of the wearer, and that its benefits have yet to be proven.

Social Interaction

A number of years ago, while I was working at Nokia, I was asked to explore use cases using an appearance model (a non-working prototype) of a form factor similar to Glass, but clunkier and definitely less refined.⁵ In the first phase of this make-it-up-as-you-go-along-and-see-what-works study, we hired students in Tokyo to act out various scenarios, including content browsing, viewing and game-play using gestures and voice commands, in a range of contexts: At home, on a commuter train, on a long-distance train, in a hotel lobby, in a park, a cafe, and while walking along. The research team then noted interaction issues with the glasses, carefully observing social reactions from people in proximity before finally interviewing the actors/actresses for their own experience.⁶

Fans of Milgram’s New York subway experiment will be happy to note that our actors and actresses felt extremely self-conscious about wearing nonstandard glasses, and awkward about acting out the scenarios, particularly in contexts where there were others in close proximity. A number of the things we learned from this study surprised us:

• Most of what we “see” at any time is out of focus in the periphery where as long as the things going on in peripheral vision don’t trigger a threat response will probably pass the glance test. It will be interesting to see whether Glass is perceived as a threatening object and thus may force others in proximity of a wearer to maintain a hyperawareness of the wearer and their own actions — whereas today they are currently able to relax. This would be, in effect, like a blanket tax on the collective attention of society.⁷
• Spoken interaction is awkward for almost everyone in confined spaces on systems with less than 100 percent accuracy. An interface built around short responses to contextually understood events will be the dominant form of interaction.
• Gesture interaction is just as awkward in close spaces, and in many instances will restrict regular use and/or in a vocabulary of “quiet gestures.” To get a sense of how this plays out, the next time you are on the subway and have people sitting on either side, raise your hands in front of your face or look down and move your hands in your field of vision. Even simple gestures require upper-arm/shoulder movements, which, when you are sitting shoulder to shoulder, impact fellow passengers. A Glass wearer who wants to maintain the social cohesion in that context (and not all will be that self-aware or considerate) can mitigate this by pausing interactions for the moment when they are appropriate, or more likely by avoiding interactions in that context.
• In contexts where social interaction is required — sitting with friends around a table in a cafe, say — Glass will create a situation where people are not sure whether they or the contents of the display are engaging the wearer.
• In-ear or close-to-ear (inductive) audio changes the wearer’s enjoyment of food and drink — a problem for an otherwise prime use case: Watching movies at home, where snacks and beverages might naturally be consumed.
• Humans tend to fall asleep in contexts where they are seated, safe, and there is minimal physical movement — providing opportunities to design for disengagement.
• Humans have a vested interest in tracking changing emotional states of the people around them. This will introduce “Are you lookin’ at me?” moments where others in proximity assume that a smile, tear or frown is triggered by their own presence, and will spur people to send inappropriate content to their Glass-wearing peers, with a weary inevitability that will include this but is far less likely to include this (or is it the other way around?). In some contexts, these moments will lead to confrontation. Read the footnote in this article in the Atlantic, by Ta-Nehisi Coates, and imagine introducing erratic behavior into the equation. Amplify to billions of social interactions a day.

What starts out as a fairly broad set of use cases rapidly starts to narrow.

Tooling Up

I’ve got a confession to make. Frog, the design and innovation consultancy where I work, has recorded thousands of conversations around the world, videotaped many more, tailed people around town and nosed around people’s homes — opening cupboards and drawers, asking personal questions where there were none. All with their permission, and all in the name of research. There are a few things we’ve learned that relate to the broader discussion of what is collected by whom, how and why, and how it is used; you’ll see why these are relevant in a moment.

Any idiot can collect data. The real issue is how to collect data in such a way that meets both moral and legal obligations and still delivers some form of value.

• Ownership. People are naturally suspicious of what they don’t know. The simple act of giving them control over the process or the objects/technologies we carry defuses initial suspicion. A few simple field-research techniques can rapidly build trust. These include handing someone you’ve just met on the street a $5,000 camera and then ignoring them to concentrate on a conversation with their friends. This shows we trust them. And then they trust us.
• Clear On/Off States. Most people have (at least initial) concerns about being recorded. There are numerous effective ways that we in Frog’s design research team emphasize the transition between on and off: From how a camera or other recording device is held when not in use. It is useful to think of a camera as a gun: Understand the impact that bringing it out can have on any given context; only take it out if you’re prepared to use it and be careful where you point it.
• Reciprocity. Today it is easy to maintain a persistent connection between the researcher and the participant — often in the form of a social media account or email address. You’ve asked something of them, and they have the right and now have a channel through which to ask something of you.
• Full circle: We give participants the opportunity to review, delete or own any of the data collected on them by the research team. This is normally carried out at the end of the session, after any reward is handed over (so they are not pressured into letting us keep data) and before any data consent form is signed (so they better understand the implications of what they are signing). A team that knows the data will be reviewed by the participant changes what they collect in the first place; it becomes self-policing. More than any training, this simple principle helps keep teams honest and operating within social norms.

A few simple steps lower the more obviously anti-social aspects of Glass. The evolution of body language that helps communicate Glass’s current state, e.g. pushed above the head to show that it is not in use; a literacy around the spoken commands that communicate the current task that the user is engaged in “take panorama” or “grindr lookup”; and showing whether the camera and other recording mechanisms are in use or disabled.

Glass has four design principles for developers that focus on the Glass wearer’s user experience: “design for Glass,” “don’t get in the way,” “keep it timely,” and “avoid the unexpected.”⁸ As challenging as it is to find a compelling use-case (beyond porn), these principles are aimed at the wrong people — Glass wearers, rather than those in proximity.

Two complementary principles will go some way toward accommodating the concerns of people in proximity and lower social barriers to adoption:

• Proximate Transparency: Allow anyone in proximity to access the same feed that the wearer is recording or seeing and view it through a device of their choosing. Make it easy to identify the Glasses themselves and to trace them back to the wearer. This simple act can help demystify the technology, create a broader sense of ownership of its inclusion in any given space. The reality is that very few people would be interested in jacking in and the act of having an open stream will change the behavior of what is watched. For many this won’t be enough of a step; it is after all an opt-out measure for people who have the technological know how and literacy to — forcing people in proximity to do something for dubious gain.
• Remote Control: allow identifiable people in proximity to control Glass’s recording functionality and have access to the output of what was recorded. Allowing others to demonstrably benefit from the utility of Glass will make it part of the social landscape.

Pedestal or a Pauper’s Grave?

One could argue that the form taken by Glass offers up a lazy futurist’s vision of what might be — take the trajectory of one product (displays becoming smaller/cheaper/more efficient over time) and integrate it with another (eyeglasses), sprinkle in connectivity and real-time access to content and big-data-analytics. Our expectations of what it could be are raised in part because this join-the-dots vision of the future fits neatly into Western un/popular young-male culture, from “The Terminator” through to Halo. Glass has a certain inevitability about it, like the weight of expectation on of child born to a great composer or, if you will, to a middle-aged suicide. As any visitor to Yodobashi camera over the past decade will tell you, the hardware technologies that make Glass hardly feel novel (and for recent competitors, see Sony, Golden-i, or this Telepathy device prototype) but neither do they need to be, because this is all about how they are brought together into a holistic experience.

There are of course alternative visions of this connected future that are far more discrete, taking connected, sensing things and embedding them in the world around us to inform, guide, direct, cajole, tax, enrich us and the things around us. It’s an area worthy of an essay in its own right, but for now, here are a few pointers to people, places and things that have helped inform my sense of this space: Dan Hill at City of Sound; the MIT Senseable City Lab; Design Interactions at the Royal College of Art; Tisch ITP; BERG, Nicholas Nova and Julian Bleecker at the Near Future Laboratory help stretch our understanding of what could be; Curious Rituals in conjuction with students at the Arts Center College of Design in particular is a lovely piece of work; living for more than a decade in Tokyo, Shanghai and frequent trips to the cities that define this century’s urban experience — the Seoul/Nairobi/Mumbai/Rio/Chongqings of this world; products like Nike+, FitBit, Moves (to take one narrow category) through to less well known but arguably more impactful services that for me are at the very center of the internet of things — services like Kilimo Salama and Sarvajal;⁹ through to business units/activities in large corporations such as Cisco, IBM, Disney, and Ericsson with more of a how to make money/make a difference at scale.¹⁰

That Moment in Time

I started this essay by paraphrasing a quote — here is the original in full: “There is but one remedy for the amateur photographer. Put a brick through his camera whenever you suspect he has taken you unawares.” It could be written about Glass today, but is in fact taken from an 1885 edition of “Amateur Photographer”¹¹ magazine, seven years after the introduction of dry plates, a technology that supported more surreptitious photography. (The essay by Bill Jay is worth reading in full.)

The same essay contains another quote from “Amateur Photographer,” twenty five years later, when cameras were becoming smaller, less noticeable: “Our moral character dwindles as our instruments get smaller.” In due course, the technologies to deliver Glass’s emerging functionality will truly disappear from view — this is a window of opportunity for discussion, debate and a reflection.

I’m thankful to Google for putting so much effort into Glass at this moment in time.

That passion? Channel it.

That anger? Channel it.

Jan Chipchase is Executive Creative Director of Global Insights at Frog, a design and innovation consultancy. He has not tried Google Glass, and has no idea whether he has been recorded through one. His first book, “Hidden in Plain Sight,” available from HarperCollins on April 16, explores issues around technology adoption, use and abuse.

¹ This sign did the rounds but is closer to advertising for a pleasantly seedy bar than a warning sign. The suspicion can be real, but the true test comes from reactions to a wider deployment.
² Eric Schmidt’s quote, “Google policy is to get right up to the creepy line and not cross it,” is an interesting reflection of company culture. It’s refreshing to have a CEO that is this frank about the business they are in and the way they operate, and it’s an interesting assumption that the best way to institutionalize an understanding of creepy is to measure it and place it on a line.
³ If you want to extrapolate the argument around wholesale recording through Glass, it’s actually highly inefficient, particularly once much of that space and context is known. There are other, emerging technologies with far more processing power and unlimited power supply that are in a better position to continuously record.
⁴ There are many examples of what we say and do being recorded: From the obvious conversations in an interrogation room through to corporations tracking employee emails and IM chats, all the way to state agencies. When conducting research in Iran and making a call to the U.S., I assume it is being recorded by both Iranian and U.S. agencies. The only question is who else is listening and what is their motivation, today and at some point in the future.
⁵ I’ve not done a full write up of the research, but it was shared publicly a few years back.
⁶ After the Tokyo study, my then colleague Raphael Grignani ran a comparable study in New York City, with broadly analogous findings.
⁷ The physical toll of having to maintain a state of hyper-awareness is touched on here and here, and while these are extreme examples it is an interesting topic to further explore.
⁸ As Bruce Sterling pointed out, take each of those design principles and flip them to understand the actual experience.
⁹ We are running a study around water consumption and Sarvajal and will be sharing more on the project in due course.
¹⁰ Full disclosure: This list includes both personal and Frog clients.
¹¹ “The Amateur Photographer,” 18 September 1885, p. 871.

The big tech story of the week was clearly Facebook Home, and Arik Hesseldahl was on Fox Business News, talking about the privacy implications of Facebook’s move:

Speaking of privacy, Liz Gannes appeared on KCRW’s “To The Point” to talk about the issues raised by Google Glass.

Mike Isaac took on a range of topics while on “This Week In Startups,” and Bonnie Cha was on “Tech News Today”:

Meanwhile, Ina Fried was on NPR’s “Morning Edition,” talking about travel guidebooks and the apps that are forcing them to the sidelines.

And, of course, Walt Mossberg was on the The Wall Street Journal’s “Digits” show to talk about this week’s review — Dell’s convertible XPS laptop:

]]> http://allthingsd.com/20130407/sounding-off-on-facebook-home-privacy-and-why-travel-books-are-going-extinct/feed/ 0 http://allthingsd.com/20130402/eu-wants-google-to-stop-ignoring-its-privacy-policy-complaints/ http://allthingsd.com/20130402/eu-wants-google-to-stop-ignoring-its-privacy-policy-complaints/#comments Tue, 02 Apr 2013 15:48:17 +0000 Liz Gannes http://allthingsd.com/?p=308436 Back in October, European regulators told Google they had some edits for its privacy policy, which the company unified early last year. For instance, they wanted a page with all the opt-outs together, and more clarity about how long data is retained. The regulators gave the company four months.

palpitation/Shutterstock

What happened since then? A task force meeting with Google in March, and not much else.

“No change has been seen,” the French CNIL said in a press release today. “After this period has expired, Google has not implemented any significant compliance measures.”

So, what now? Additional investigations and inspections by the Europeans, but this time they’re being called “enforcement actions,” and they’re being conducted by each country individually.

Six countries — France, Germany, Italy, the Netherlands, Spain, and the United Kingdom — launched actions today based on their own laws. The investigations and inspections could result in fines and restrictions, but it’s not yet clear that those would be significant.

Google sent a statement, “Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the DPAs involved throughout this process, and we’ll continue to do so going forward.”

Coincidentally, Google’s director of privacy for product and engineering, Alma Whitten, just retired. She’ll be replaced by another longtime Google engineer, Lawrence You.

]]> http://allthingsd.com/20130402/eu-wants-google-to-stop-ignoring-its-privacy-policy-complaints/feed/ 0 http://allthingsd.com/20130401/google-director-of-privacy-alma-whitten-steps-down/ http://allthingsd.com/20130401/google-director-of-privacy-alma-whitten-steps-down/#comments Mon, 01 Apr 2013 20:57:33 +0000 Liz Gannes http://allthingsd.com/?p=308237 Alma Whitten, Google’s director of privacy for product and engineering, is stepping down. She is said to be retiring after 10 years at Google. The news was first reported by Forbes.

Google and privacy are an explosively divisive topic with lots of public and regulatory scrutiny, but the London-based Whitten had not been a particularly loud external proponent for the company over the past three years since she took the role. Rather, she seemed more focused on internal engineering efforts.

Whitten will be replaced by Lawrence You, an eight-year veteran of Google who is an infrastructure engineer and has been involved in privacy efforts. He will report to Eric Grosse, the vice president of security and privacy engineering.

A Google spokesman said in a statement, “During her 10 years at Google, Alma has done so much to improve our products and protect our users. The privacy and security teams, and everyone else at Google, will continue this hard work to ensure that our users’ data is kept safe and secure.”

]]> http://allthingsd.com/20130401/google-director-of-privacy-alma-whitten-steps-down/feed/ 0 http://allthingsd.com/20130330/adria-richards-response-facebooks-new-ad-plan-and-finding-the-next-steve-jobs-the-allthingsd-week-in-review-32413-33013/ http://allthingsd.com/20130330/adria-richards-response-facebooks-new-ad-plan-and-finding-the-next-steve-jobs-the-allthingsd-week-in-review-32413-33013/#comments Sat, 30 Mar 2013 19:00:17 +0000 Eric Johnson http://allthingsd.com/?p=307983

Photo by Asa Mathat

For our readers who are not inclined to constantly hit the refresh button, here’s a quick look back the top 10 stories that drove AllThingsD this week:

1. Yahoo Paid $30 Million in Cash for 18 Months of Young Summly Entrepreneur’s Time
2. iTunes Not Exactly Break-Even Anymore
3. Fired SendGrid Developer Evangelist Adria Richards Speaks Out
4. Another Reason Google Reader Died: Increased Concern About Privacy and Compliance
5. A Smarter Calendar for iPhone
6. BlackBerry’s Million-Smartphone Mystery Partner: Brightstar
7. Facebook’s New Ad Plan Is the Web’s Old Plan
8. New Flipboard: News and Posts Handpicked and Shared
9. Sony’s High-End Xperia ZL Comes to U.S. at a Hefty $719
10. Q&A: Atari Founder Nolan Bushnell on Innovation, the “Next Steve Jobs” and Why Mobile Games Are “Over”

For more of the week in review, you should follow us on Facebook and Twitter.

]]> http://allthingsd.com/20130330/adria-richards-response-facebooks-new-ad-plan-and-finding-the-next-steve-jobs-the-allthingsd-week-in-review-32413-33013/feed/ 0 http://allthingsd.com/20130324/another-reason-google-reader-died-increased-concern-about-privacy-and-compliance/ http://allthingsd.com/20130324/another-reason-google-reader-died-increased-concern-about-privacy-and-compliance/#comments Sun, 24 Mar 2013 14:00:30 +0000 Liz Gannes http://allthingsd.com/?p=306130 Google has warned that it will shut down its Google Reader news aggregator July 1. Many people (myself very much included) are mourning a beloved and useful product, but the company cited declining usage.

Shutterstock/Yuri Arcurs

Under CEO Larry Page, Google has made a practice of “spring cleaning” throughout all the seasons so it can narrow its focus. Reader was just a another bullet point on the latest closure list.

But the shutdown wasn’t just a matter of company culture and bigger priorities, sources said. Google is also trying to better orient itself so that it stops getting into trouble with repeated missteps around compliance issues, particularly privacy.

That means every team needs to have people dedicated to dealing with these compliance and privacy issues — lawyers, policy experts, etc. Google didn’t even have a product manager or full-time engineer responsible for Reader when it was killed, so the company didn’t want to add in the additional infrastructure and staff, the sources said.

But at the same time, Google Reader was too deeply integrated into Google Apps to spin it off and sell it, like the company did last year with its SketchUp 3-D modeling software.

The context for this concern about compliance is Google’s repeated public failures on privacy due to lack of oversight and coordination. It’s pretty clear why Page is trying to run a tighter ship.

Regulators have had ample reasons to go after the company. Google recently paid $7 million to settle with U.S. attorneys general over its years-long international Street View Wi-Fi incident, while agreeing to more closely police its employees. And last summer the company paid $22.5 million for breaking the terms of its U.S. Federal Trade Commission agreement over informing users accurately about privacy practices when it used a trick to install ad cookies for users of Apple’s Web browser Safari.

In the Wi-Spy case, after repeatedly downplaying the incident, Google ultimately disclosed that an engineer had devised the drive-by plan to collect user data from unsecured Wi-Fi networks, and had easily passed it through rubber-stamp approval processes.

In the Safari bypass case, Google said it was just trying to check whether users were logged into Google+, and any resulting tracking was inadvertent and no personal information was collected. Ultimately, what the company was held accountable for was having an out-of-date help page — an even more basic slip-up.

While it might not be obvious how Google Reader could be compromised by similar lapses — perhaps policies could fall out of date, or user RSS subscription lists could be exposed — the point is that Google wasn’t willing to commit to ensuring that it was well-run.

So how many users would Google Reader need to make it a valuable enough product to be worthy of investment and a real team?

A petition to save Reader on Change.org has nearly 150,000 signatures. That’s clearly not enough.

Google wouldn’t disclose how many users the product had, but Flipboard CEO Mike McCue told me yesterday that two million people have connected their Google Reader accounts to the Flipboard visual news apps. So you have to imagine it’s probably an order of magnitude larger than two million.

(By the way, many people involved with the product agree that it wasn’t just tech news fanatics who loved the service, but politics junkies and mommy bloggers and anyone who likes to mainline fresh content from their preferred outlets.)

Nick Baum, one of the original Reader product managers who’s no longer at Google, noted that in the early days of the product there were “several millions” of weekly active users.

In a conversation this weekend, Baum said, ”My sense is, if it’s a consumer product at Google that’s not making money, unless it’s going to get to 100 million users it’s not worth doing.”

But Baum left the team in 2007 — before the rise of Twitter — and he notes Google never put the resources in to do things like help new Google Reader users find feeds to follow and parse the most interesting content from high-volume outlets.

The irony, Baum said, is that if Google Reader were out seeking venture funding in Silicon Valley with its high-value audience, it most likely would have gotten it. “As a startup they would have been perfectly viable,” he said. Not to mention, startups don’t have to worry about compliance issues.

“Someday someone will do something in this space that will work,”  Baum said. “And maybe then Google will buy them.”

]]> http://allthingsd.com/20130324/another-reason-google-reader-died-increased-concern-about-privacy-and-compliance/feed/ 0 http://allthingsd.com/20130312/how-one-person-captured-10000-photos-at-sxsw/ http://allthingsd.com/20130312/how-one-person-captured-10000-photos-at-sxsw/#comments Tue, 12 Mar 2013 18:40:43 +0000 Lauren Goode http://allthingsd.com/?p=302725 Most of us are hitting our numbers if we produce a handful of sepia-toned Instagrams throughout a conference.

Not Oskar Kalmaru, the Swedish co-founder of the Memoto life-blogging camera. Kalmaru and the company’s CEO, Martin Kallstrom, brought the tiny device with them to Austin and have been taking a photo every 30 seconds since last Thursday.

This wearable square device got its early buzz late last year, when it hit crowdfunding site Kickstarter. The five-megapixel, eight gigabyte camera has a two-day battery, an accelerometer, a compass and built-in GPS.

Memoto raised more than $550,000 through Kickstarter to fund production of the $279 camera. It is currently set to ship at the end of April or early May. It’s being manufactured in Taiwan, after early samples were made in Stockholm.

When I asked Kalmaru today how many SXSW photos he now has stored on his laptop, he said it was around 10,000, which would take up 14 gigabytes of memory (Kalmaru cleared the camera during the festival).

Considering the frequency of shots, plenty of these were off-center, blurry, dark or black photos. Others were cool images of SXSWers crossing Sixth Street in Austin, with the sun bouncing off buildings and crisp blue skies in the background.

That’s where the Memoto software comes in, Kalmaru says: The subscription-based, photo-storage service smartly organizes your photos in a timeline, and chooses the best photo from a moment or an event. Tapping on that photo in the Memoto mobile app will reveal the collective photos from that event, but they’re not all cluttering your feed.

But Memoto could also face a privacy firestorm when the wearable camera does come on the market. One of the use cases Kalmaru gave me for the camera was meeting your significant other for the first time. Most people don’t have a memento or photo from this event; with this camera, you could. A better use case for the camera might be when you lean over to look at your new child for the first time, or when you’re on vacation and seeing a new landscape.

However, it’s hard to imagine a person you’ve just met would be comfortable with their photo being taken every 30 seconds. It could be terribly obtrusive during business meetings. And I’m guessing even friends you know really well would sometimes ask that you ditch the camera.

Kalmaru said Memoto has carefully considered this and has made the camera “pretty visible,” despite its small size. “We didn’t design it like it was some sort of spy camera. That was really important for us,” he said.

He also said the final version of the camera — which currently doesn’t have an on/off button — will turn off when you place the Memoto face down.

Which might be a good thing to do as you’re headed into the bathroom.

]]> http://allthingsd.com/20130312/how-one-person-captured-10000-photos-at-sxsw/feed/ 12 http://allthingsd.com/20130312/google-settles-with-38-states-over-street-view-privacy-like-we-said/ http://allthingsd.com/20130312/google-settles-with-38-states-over-street-view-privacy-like-we-said/#comments Tue, 12 Mar 2013 17:22:37 +0000 Liz Gannes http://allthingsd.com/?p=302766 The attorneys general of 38 U.S. states today announced they had settled with Google over the company’s collection of private information over unsecured Wi-Fi networks by its Street View cars between 2008 and 2010.

The company is paying a $7 million fine split between the states, exactly as we had reported on Friday.

Google also has to conduct employee training program on protecting consumer information, and run a national advertising campaign on the topic.

Each state gets $192,000, making this another fine that will slide off Google’s back and not materially affect the people to whom it’s being paid. The participating states are Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Hawaii, Illinois, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Rhode Island, South Carolina, Tennessee, Texas, Vermont, Virginia and Washington.

Today’s Google statement on the matter is more upfront about the company’s shortcomings than it has been over the years, which saw a series of denials and “no harm, no foul” statements, followed by revelations that the Wi-Fi payload system was purposefully built by an engineer working on the project and approved by superiors.

“We work hard to get privacy right at Google. But in this case we didn’t, which is why we quickly tightened up our systems to address the issue. The project leaders never wanted this data, and didn’t use it or even look at it. We’re pleased to have worked with Connecticut Attorney General George Jepsen and the other state attorneys general to reach this agreement.”

The settlement with the states is only the latest conclusion in the case. According to the Electronic Privacy Information Center, which tracks the “Wi-Spy” matter around the world, at least 12 countries have investigated the issue, and at least nine of them have found Google guilty of violating their laws.

Surprise, surprise — privacy advocates are already upset with the settlement.

“Consumers are growing tired of seeing Google apologize time and time again, pay a small fine and make vague promises in settlements with one agency or another, only later to engage in the same behavior,” said American Consumer Institute president Steve Pociask in an emailed statement. “Until violations are treated more seriously, bad actors will continue to be indifferent toward the law and the protection of consumer privacy in general.”

]]> http://allthingsd.com/20130312/google-settles-with-38-states-over-street-view-privacy-like-we-said/feed/ 0 http://allthingsd.com/20130307/microsoft-backs-school-privacy-bill-taking-aim-at-google/ http://allthingsd.com/20130307/microsoft-backs-school-privacy-bill-taking-aim-at-google/#comments Thu, 07 Mar 2013 12:08:54 +0000 Jacob Gershman and Shira Ovide http://allthingsd.com/?p=301270 Massachusetts lawmakers could soon consider a bill that would restrict the commercial use of data gathered while children use computers at public schools.

Its stated purpose is protecting privacy. An unnamed focus of the bill — backed by Microsoft Corp. — is Google Inc.

Read the rest of this post on the original site »

]]> http://allthingsd.com/20130307/microsoft-backs-school-privacy-bill-taking-aim-at-google/feed/ 0 http://allthingsd.com/20130306/viral-privacy-startup-really-mypermissions-raises-funds/ http://allthingsd.com/20130306/viral-privacy-startup-really-mypermissions-raises-funds/#comments Wed, 06 Mar 2013 16:00:54 +0000 Liz Gannes http://allthingsd.com/?p=300911 MyPermissions, which helps people track and manage how their personal data is used by various online apps, has raised $1 million.

“The same way antivirus and firewalls protect, someone needs to protect your cloud,” CEO Olivier Amar told me earlier this week. “We’re that firewall.”

The idea is surprisingly viral. When at the beginning of 2012 the company invited users to get the year off to a fresh start by checking their permissions, 150,000 signed up in a matter of days. All it was? A simple HTML page that had direct links to the application authorization pages for Facebook, Twitter and other sites.

In the past year, MyPermissions has added all sorts of useful stuff, like browser extensions and iOS and Android apps, monitoring and alerts, and the option to disconnect all applications in one fell swoop.

So, I, for instance, can see that MyPermissions has flagged 13 applications that access my inbox or contacts, 175 applications that have 24/7 access to my info even when I’m not using them, and 164 applications that access my content or files.

At that stage, 40 percent of MyPermissions users opt to remove all apps at once, according to Amar. “We get comments all the time of people telling us ‘I had no idea.’”

But all that authorization information is only for Facebook. For Twitter, Google, Yahoo, LinkedIn, Dropbox and other systems, the only option is still to click through to visit those sites directly. MyPermissions has a lot left to do.

To that end, the Tel Aviv-based company now has $1 million in funding from Lool Ventures, 500 Startups, 2B Angels, Plus Ventures and Robby Hilkowitz.

]]> http://allthingsd.com/20130306/viral-privacy-startup-really-mypermissions-raises-funds/feed/ 0 http://allthingsd.com/20130306/jimmy-iovine-explains-his-60-million-music-plan/ http://allthingsd.com/20130306/jimmy-iovine-explains-his-60-million-music-plan/#comments Wed, 06 Mar 2013 14:42:28 +0000 Peter Kafka http://allthingsd.com/?p=300857 Hey, Jimmy Iovine! You just got $60 million to launch a new subscription music service!

What are you going to do with it?

The legendary music producer, executive and headphone marketer hasn’t spelled out all of his plans just yet. We’ll have to wait until later this year to see exactly what he’s going to roll out to compete with the likes of Apple, Spotify, Pandora and perhaps Google (x2).

But last month at D: Dive Into Media, he gave Walt Mossberg a pretty good sense of what he’s working on — a highly curated service, as opposed to the robot+friends approach most of his competitors use — as well as a history lesson on the rise and fall of the music industry.

Here’s the entire interview:

]]> http://allthingsd.com/20130306/jimmy-iovine-explains-his-60-million-music-plan/feed/ 0 http://allthingsd.com/20130226/exclusive-paypal-co-founder-levchin-launches-new-payments-startup-affirm/ http://allthingsd.com/20130226/exclusive-paypal-co-founder-levchin-launches-new-payments-startup-affirm/#comments Tue, 26 Feb 2013 21:35:46 +0000 Kara Swisher http://allthingsd.com/?p=298650

High-profile Silicon Valley entrepreneur Max Levchin is launching a new mobile payments startup today called Affirm.

It’s the first project emerging from Levchin’s San Francisco tech incubator Hard, Valuable, Fun (HVF), which he started after selling his last company — Slide — to Google and then eventually leaving the search giant. Previous to that, Levchin and investor Peter Thiel had sold PayPal to eBay.

While it might seem at first as if Affirm is in direct competition with other mobile payments-focused companies such as Square and Stripe, it seems to be aimed at another layer of the value chain in an effort to improve conversion for mobile payments.

In fact, Stripe — in which Levchin is an investor, too — will be processing credit card payments on the back end.

But it will be an uphill battle for Levchin in the current payments arena, with a range of challenges from a multitude of rivals to regulatory scrutiny to the risks associated with credit in general.

Its most similar competitor, for example, is Klarna, a hugely funded company based in Sweden that offers payment solutions for a wide range of online storefronts across Europe that did $200 million in revenue last year. Klarna, which means “clear” in Swedish, is likely to be eying the U.S. market and has well-regard VC Mike Moritz of Sequoia Capital on its board.

As part of its effort, Affirm will use Facebook for authentication of consumers, and also use a number of other social and data signals to assess risk. It will then guarantee payment to merchants — who will pay Affirm a fee — after this check.

“We are trying to get as close as possible to one-click, which has always been the case on the desktop,” said Levchin in an interview today. “In mobile, it has become an imperative to be able to buy it now or you lose a customer quickly.”

Levchin described Affirm as a digital charge card rather than a credit card, trying to be valuable to merchants by lowering the abandonment rate of mobile transactions. Affirm’s beta launch retail partner is 1-800-Flowers.

“You will essentially be putting a purchase on a digital tab, and we are going to make it work for us by looking at all available data to determine if you are someone who will pay it back,” said Levchin.

Like an American Express or other charge card, consumers will have about 30 days to settle bills, although Affirm will not be making any money from them.

As to why he decided to enter the increasingly competitive online payment space — which is also rife with regulatory and fraud issues — Levchin said that his efforts at PayPal did not go far enough.

“Payments online are still too hard — we started the revolution with PayPal and democratized payments for small businesses, but we stopped short of changing the system,” he said. “The world is now awash in data and we can see consumers in a lot clearer ways.”

In addition, he added, the “overwhelming transformation of everything toward mobile changes all the fundamentals.”

Relying on Facebook could be an issue, of course, opening up a thicket of privacy issues and also worrisome reliance on the social networking giant. But Levchin said that Affirm’s system depends on the company for confirming identity more than anything else and there will eventually be a number of ways to do that.

Other data Affirm will be using, he said, range from incomes per zip code and even a user’s mobile device ID.

Affirm has been funded by Levchin and a group of friends in the “low-digit millions,” he said, with only a few dozen employees compared to bigger mobile payments efforts from others.

He said he knows the risk of entering the space, especially given that there are only so many solutions and a limited retailer attention.

Still, Levchin noted: “I just think there is so much more to do. Technology has come a long way since PayPal.”

]]> http://allthingsd.com/20130226/exclusive-paypal-co-founder-levchin-launches-new-payments-startup-affirm/feed/ 0