All posts in “Social”

SmugMug acquires Flickr

Two photo-sharing services are teaming up, as SmugMug buys Flickr from Verizon’s digital media subsidiary Oath.

USA Today broke the news and interviewed SmugMug CEO Don MacAskill, who said he hopes to revitalize Flickr .

At the same time, he said he’s still figuring out his actual plans: “It sounds silly for the CEO to not to totally know what he’s going to do, but we haven’t built SmugMug on a master plan either. We try to listen to our customers and when enough of them ask for something that’s important to them or to the community, we go and build it.”

Flickr was founded in 2004 and sold to Yahoo a year later. Yahoo, in turn, was acquired by Verizon, which brought it together with AOL to create a new subsidiary called Oath.

Over the past couple of months, Oath (which owns TechCrunch) has been selling off some of its AOL and Yahoo properties, including Moviefone (sold to the company behind MoviePass, which Oath now has a stake in) and Polyvore (assets sold to Ssense).

In an FAQ about the deal, SmugMug says it will continue to operate Flickr as a separate site, with no merging of user accounts or photos: “Over time, we’ll be migrating Flickr onto SmugMug’s technology infrastructure, and your Flickr photos will move as a part of this migration — but the photos themselves will remain on Flickr.”

The company also uses the FAQ to describe its vision for the combined services:

SmugMug and Flickr represent the world’s most influential community of photographers, and there is strength in numbers. We want to provide photographers with both inspiration and the tools they need to tell their stories. We want to bring excitement and energy to inspire more photographers to share their perspective. And we want to be a welcome place for all photographers: hobbyist to archivist to professional.

The financial terms were not disclosed.

Twitter banned Russian security firm Kaspersky Lab from buying ads

The U.S. government isn’t the only one feeling skittish about Kaspersky Lab. On Friday, the Russian security firm’s founder Eugene Kaspersky confronted Twitter’s apparent ban on advertising from the company, a decision it quietly issued in January.

“In a short letter from an unnamed Twitter employee, we were told that our company ‘operates using a business model that inherently conflicts with acceptable Twitter Ads business practices,’” Kaspersky wrote.

“One thing I can say for sure is this: we haven’t violated any written – or unwritten – rules, and our business model is quite simply the same template business model that’s used throughout the whole cybersecurity industry: We provide users with products and services, and they pay us for them.”

He noted that the company has spent around than €75,000 ($93,000 USD) to promote its content on Twitter in 2017.

Kaspersky called for Twitter CEO Jack Dorsey to specify the motivation behind the ban after failing to respond to an official February 6 letter from his company.

More than two months have passed since then, and the only reply we received from Twitter was the copy of the same boilerplate text. Accordingly, I’m forced to rely on another (less subtle but nevertheless oft and loudly declared) principle of Twitter’s – speaking truth to power – to share details of the matter with interested users and to publicly ask that you, dear Twitter executives, kindly be specific as to the reasoning behind this ban; fully explain the decision to switch off our advertising capability, and to reveal what other cybersecurity companies need to do in order to avoid similar situations.

In a statement about the incident, Twitter reiterated that Kaspersky Lab’s business model “inherently conflicts with acceptable Twitter Ads business practices.” In a statement to CyberScoop, Twitter pointed to the late 2017 Department of Homeland Security directive to eliminate Kaspersky software from Executive Branch systems due to the company’s relationship with Russian intelligence.

“The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS asserted in the directive at the time.

Twitter is down again for some [Update: It’s Back]

Rough week to be in Twitter support. Three days after the site experienced downtime across the globe, the site was hit by another outage. Status.io’s service site is currently listing an “active incident,” leaving many users unable to tweet. In other cases, the site isn’t loading at all, instead serving up internal server errors or messages stating that the service is “over capacity.”

Here in the States, at least, the issue doesn’t appear to be quite as widespread as Tuesday’s incident. We’ve reached out to Twitter for comment and will update as soon as we hear more.

Update: Twitter says it’s resolved the momentary outage, telling TechCrunch in a statement, “Earlier today, people were unable to send Tweets for about 30 minutes. We’ve resolved the internal issue and we’re sorry for the disruption.”

Facebook starts its facial recognition push to Europeans

Facebook users in Europe are reporting that the company has started giving them the option to turn on its controversial facial recognition technology.

Jimmy Nsubuga, a journalist at Metro, is among several European Facebook users who have reporting getting notifications asking if they want to turn on face recognition technology.

Facebook has previously said an opt-in option would be pushed out to all European users, and also globally, as part of changes to its T&Cs and consent flow.

In Europe the company is hoping to convince users to voluntarily allow it to deploy the privacy-hostile tech — which was turned off in the bloc after regulatory pressure, back in 2012, when Facebook began using facial recognition to offer features such as automatically tagging users in photo uploads.

But under impending changes to its T&Cs — ostensibly to comply with the EU’s incoming GDPR data protection standard — the company has crafted a manipulative consent flow that tries to sell people on giving it their data; including filling in its own facial recognition blanks by convincing Europeans to agree to it grabbing and using their biometric data after all.

Users who choose not to switch on facial recognition still have to click through a ‘continue’ screen before they get to the off switch. On this screen Facebook attempts to convince them to turn it on — using manipulative examples of how the tech can “protect” them.

As another Facebook user who has also already received the notifications — journalist, Jennifer Baker — points out, what it’s doing here is incredibly disingenuous — because it’s using fear to try to manipulate people’s choices.

Under the EU’s incoming data protection framework Facebook cannot automatically opt users into facial recognition — it has to convince people to switch the tech on themselves. So it is emphasizing that users can choose whether or not to enable the technology.

But data protection experts we spoke to earlier this week do not believe Facebook’s approach to consent will be legal under GDPR.

Essentially, this is big data-powered manipulation of human decision-making — until the ‘right’ answer (for Facebook’s business) is ‘selected’ by the user. In other words, not freely given, informed consent at all.

Legal challenges are certain at this point.

A Facebook spokeswoman confirmed to TechCrunch that any European users who are being asked about the tech now, ahead of the May 25 GDPR deadline, are part of its rollout of platform changes intended to comply with the incoming standard.

“The flow is not a test, it is part of a rollout we are doing across the EU,” she said. “We are asking people for opt-in consent for three things — third party data for ads, facial recognition and the permission to process their sensitive data.”

She also confirmed that Facebook did run a test of “a very similar version of this flow to a small percentage of users in the EU back in March”, adding: “The flow + wording was broadly the same. At all times it was opt-in.”

The problem is, given Facebook controls the entire consent flow, and can rely on big data insights gleaned from its own platform (of 2BN+ users), this is not even remotely a fair fight. Manipulated acceptance is not consent.

But legal challenges take time. And in the meanwhile Facebook users are being socially engineered, with selective examples and friction, into agreeing with things that align with the company’s data-harvesting business interests — handing over sensitive personal data without understanding the full implications of doing so.

It’s not clear exactly how many Facebook users were part of the earlier flow test. It’s likely the company used the aforementioned variations in wording to determine — via an A/B testing process — which consent screens were most successful at convincing people to accept the highly privacy-hostile technology.

Last month — when Facebook said it would be rolling out “a limited test of some of the additional choices we’ll ask people to make as part of GDPR” — it also said it would start “by asking only a small percentage of people so that we can be sure everything is working properly”.

Interestingly it did not put a number on how many people were involved in that test. And Facebook’s spokeswoman did not provide an answer when we asked.

The company was likely hoping the test would not attract too much attention — given how much GDPR news is flowing through its PR channels, and how much attention the topic is generally sucking up.

But depending on how successful those tests prove to be at convincing Europeans to let it have and use their facial biometric data, millions of additional Facebook users could soon be providing the company with fresh streams of sensitive data — and having their fundamental rights trampled on, yet again, thanks to a very manipulative consent flow.

This article was updated with a series of corrections after Facebook confirmed the notifications are in fact the rollout of its new consent flow, not part of the earlier tests. It has also told us categorically that no users were auto-enrolled in facial recognition tech in Europe — even in the test. So we’ve updated this article accordingly. 

Twitter doesn’t care that someone is building a bot army in Southeast Asia

Facebook’s lack of attention to how third parties are using its service to reach users ended with CEO Mark Zuckerberg taking questions from congressional committees. With that in mind, you’d think that others in the social media space might be more attentive than usual to potentially malicious actors on their platforms.

Twitter, however, is turning the other way and insisting all is normal in Southeast Asia, despite the emergence of thousands of bot-like accounts that have followed prominent users in the region en masse over the past month.

Scores of reporters and Twitter users with large followers — yours truly included — have noticed swarms of accounts with generic names, no profile photo, no bio and no tweets that have followed them over the past month.

These accounts might be evidence of a new “bot farm” — the creation of large numbers of accounts for sale or usage on-demand, which Twitter has cracked down on — or the groundwork for more nefarious activities, it’s too early to tell.

In what appears to be the first regional Twitter bot campaign, a flood of suspicious new followers has been reported by users across Southeast Asia and beyond, including Thailand, Myanmar Cambodia, Hong Kong, China, Taiwan and Sri Lanka among other places.

While it is true that the new accounts have done nothing yet, the fact that a large number of newly created accounts have popped up out of nowhere with the aim of following the region’s most influential voices should be enough to concern Twitter. Especially since this is Southeast Asia, a region where Facebook is beset with controversies — from its role inciting ethnic hatred in Myanmar, to allegedly assisting censors in Vietnam, witnessing users jailed for violating lese majeste in Thailand and aiding the election of controversial Philippines leader Duterte.

Then there are governments themselves. Vietnam has pledged to build a cyber army to combat “wrongful views,” while other regimes in Southeast Asia have clamped down on social media users.

Despite that, Twitter isn’t commenting.

The U.S. company issued a no comment to TechCrunch when we asked for further information about this rush of new accounts, and what action Twitter will take.

A source close to the company suggested that the sudden accumulation of new followers is “a pretty standard sign-up, or onboarding, issue” that is down to new accounts selecting to follow the suggested accounts that Twitter proposes during the new account creation process.

Twitter is more than 10 years old, and since this is the first example of this happening in Southeast Asia that explanation already seems inadequate at face value. More generally, the dismissive approach seems particularly naive. Twitter should be looking into the issue more closely, even if for now the apparent bot army isn’t being put to use yet.

Facebook is considered to be the internet by many in Southeast Asia, and the social network is considerably more popular than Twitter in the region, but there remains a cause for concern here.

“If we’ve learned anything from the Facebook scandal, it’s that what can at first seem innocuous can be leveraged to quite insidious and invasive effect down the line,” Francis Wade, who recently published a book on violence in Myanmar, told the Financial Times this week. “That makes Twitter’s casual dismissal of concerns around this all the more unsettling.”