Confusion over WhatsApp’s new T&Cs triggers privacy warning from Italy

Confusion over an update to Facebook-owned chat platform WhatsApp’s terms and conditions has triggered an intervention by Italy’s data protection agency.

The Italian GPDP said today it has contacted the European Data Protection Board (EDPB) to raise concerns about a lack of clear information over what’s changing under the incoming T&Cs.

In recent weeks WhatsApp has been alerting users they must accept new T&Cs in order to keep using the service after February 8.

A similar alert over updated terms has also triggered concerns in India — where a petition was filed today in the Delhi High Court alleging the new terms are a violation of users’ fundamental rights to privacy and pose a threat to national security.

In a notification on its website the Italian agency writes that it believes it is not possible for WhatsApp users to understand the changes that are being introduced under the new terms, nor to “clearly understand which data processing will actually be carried out by the messaging service after February 8”.

Screengrab of the T&Cs alert being shown to WhatsApp users in Europe (Image credit: TechCrunch)

For consent to be a valid legal basis for processing personal data under EU law the General Data Protection Regulation (GDPR) requires that users are properly informed of each specific use and given a free choice over whether their data is processed for each purpose.

The Italian agency adds that it reserves the right to intervene “as a matter of urgency” in order to protect users and enforce EU laws on the protection of personal data.

We’ve reached out to the EDPB with questions about the GPDP’s intervention. The steering body’s role is typically to act as a liaison between EU DPAs. But it also issues guidance on the interpretation of EU law and can step in to cast the deciding vote in cases where there is disagreement on cross-border EU investigations.

Earlier this week Turkish antitrust authorities also announced they are investigating WhatsApp’s updated T&Cs — objecting to what they claimed are differences in how much data will be shared with Facebook under the new terms in Europe and outside.

While, on Monday, Ireland’s Data Protection Commission — which is WhatsApp’s lead data regulator in the EU — told us the messaging app has given it a commitment EU users are not affected by any broader change to data-sharing practices. So Facebook’s lead regulator in the EU has not raised any objections to the new WhatsApp T&Cs.

WhatsApp itself has also claimed there are no changes at all to its data sharing practices anywhere in the world under this update.

Clearly there’s been a communications failure somewhere along the chain — which makes the Italian objection to a lack of clarity in the wording of the new T&Cs seem reasonable.

Reached for comment on the GDPD’s intervention, a WhatsApp spokesperson told us:

We are reviewing the Garante’s announcement regarding WhatsApp’s Privacy Policy update. We want to be clear that the policy update does not affect the privacy of your messages with friends or family in any way or require Italian users to agree to new data-sharing practices with Facebook. Instead, this update provides further transparency about how we collect and use data, as well as clarifying changes related to messaging a business on WhatsApp, which is optional. We remain committed to providing everyone in Italy with private end-to-end encrypted messaging.

How exactly the Italian agency could intervene over the WhatsApp T&Cs is an interesting question. (And, indeed, we’ve reached out to the GPDP with questions.)

The GDPR’s one-stop-shop mechanism means cross-border complaints get funnelled through a lead data supervisor where a company has its main regional base (Ireland in WhatsApp’s case). But as noted above, Ireland has — thus far — said it doesn’t have a problem with WhatsApp’s updated T&Cs.

However under the GDPR, other DPAs do have powers to act off their own bat when they believe there is a pressing risk to users’ data.

Such as, in 2019, when the Hamburg DPA ordered Google to stop manual reviews of snippets of Google Assistant users’ audio (which it had been reviewing as part of a grading program).

In that case Hamburg informed Google of its intention to use the GDPR’s Article 66 powers — which allows a national agency to order data processing to stop if it believes there is “an urgent need to act in order to protect the rights and freedoms of data subjects” — which immediately led to Google suspending human reviews across Europe.

The tech giant later amended how the program operates. The Hamburg DPA didn’t even need to use Article 66 — just the mere threat of the order to stop processing was enough.

Some 1.5 years later and there are signs many EU data protection agencies — outside a couple of key jurisdictions which oversee the lion’s share of big tech — are becoming frustrated by perceived regulatory inaction against big tech.

So there may be an increased willingness among these agencies to resort to creative procedures of their own to protect citizens’ data. (And it’s certainly interesting to note that France’s CNIL recently slapped Amazon and Google with big fines over cookie consents — acting under the ePrivacy Directive, which does not include a GDPR-style one-stop-shop mechanism.)

In related news this week, an opinion by an advisor to the EU’s top court also appears to be responding to concern at GDPR enforcement bottlenecks.

In the opinion Advocate General Bobek takes the view that the law allows national DPAs to bring their own proceedings in certain situations — including in order to adopt “urgent measures” or to intervene “following the lead data protection authority having decided not to handle a case”.

The CJEU ruling on that case is still pending but the court tends to align with the position of its advisors so it seems likely we’ll see data protection enforcement activity increasing across the board from EU DPAs in the coming years, rather than being stuck waiting for a few DPAs to issue all the major decisions.

Digital road freight forwarder Sennder raises $160M Series, plans European expansion

Sennder, a large digital road freight forwarder based out of Germany, has raised $160m in Series D financing. The round was led by an unnamed party, but round participants included Accel, Lakestar, HV Capital, Project A and Scania. To date, Sennder has raised more than $260m, allowing it to lay claim to a potential $1bn valuation.

Sennder directly connects enterprise shippers with trucking companies, thus disintermediating the traditional freight model. It says it will move over 1 million truckloads this year. So far it’s concentrated on the lucrative European market. In June 2020 it merged with French competitor Everoad and acquired Uber Freight’s European business last September. The European logistics and freight sector has a market size of $427bn.

Sennder competes with large incumbents like Wincanton and CH Robinson as well as other startups such as OnTrac in Spin, and Instafreight.

The whole digital freight forwarding market is booming. Only last November, Germany’s Forto, a digital freight forwarder raised another $50 million in funding taking its total raised to $103 million. And in 2018 FreightHub, another European digital freight forwarder, raised $30 million in Series B financing.

Sennder’s new investment will mean it can expand in European markets. It already partners with Poste Italiane in Italy, as well as Scania and Siemens, and is now supplying transport services to over 10 organizations listed in the German DAX 30, and 11 companies comprising the Euro Stoxx 50.

Since its founding in 2015 by David Nothacker, Julius Köhler and Nicolaus Schefenacker, the company has grown to 800 employees and seven international offices.

David Nothacker, CEO and Co-Founder of Sennder, said: “We are now an established industry player on equal terms with other more traditional sector pioneers, but have maintained our founding spirit. As a data-driven company, we contribute to making the logistics industry fit for a sustainable future; ensuring transparency, flexibility and efficiency in the distribution of goods. The COVID-19 pandemic has demonstrated the importance of a digitalized logistics industry.

Sonali De Rycker, Partner at Accel commented: “It is always fantastic to see a portfolio company reach such a significant milestone. 2020 highlighted the value that Sennder’s innovative digital offering brings to the freight industry.”

US says India, Italy, and Turkey digital taxes are discriminatory, but won’t take any actions for now

Digital services taxes adopted by India, Italy, and Turkey in the past years discriminate against U.S. companies, the U.S. Trade Representative said on Wednesday.

USTR, which began investigations into the three nation’s digital services taxes in June last year, said it found them to be inconsistent with international tax principles, unreasonable, and burdening or restricting U.S. commerce.

In its detailed reports, which the office has made public, USTR studied how these digital taxes affected companies including Amazon, Google, Facebook, Airbnb, and Twitter. USTR said it conducted these investigations on the ground of Section 301 of the U.S. Trade Act of 1974.

India, which has become the largest market for Silicon Valley giants Google and Facebook, introduced digital taxes in 2016 to target foreign firms. Last year, the world’s second largest internet market expanded the scope of its levy to cover a range of additional categories.

USTR investigation found (PDF) that New Delhi was taxing “numerous categories of digital services that are not leviable under other digital services taxes adopted around the world” and that the aggregate tax bill for U.S. companies could exceed $30 million per year.  It also took issue with India not levying similar taxes on local companies.

Despite the strong findings on three nations’ digital services taxes, USTR said it is not taking any specific actions “at this time” but will “continue to evaluate all available options.”

U.S. tech companies have in the past supported terms brokered by the Organisation for Economic Co-operation and Development. But OECD, which is currently in the middle of working out technical details for agreements for over a 100 nations, doesn’t expect to finish the work until mid-2021. In the absence of OECD agreements, various countries are moving forward with their own versions of the taxes.

Since June last year, USTR has initiated investigations into digital services tax instituted — or proposed to be put in place – by a number of countries including Austria, Brazil, the Czech Republic, the European Union, Indonesia, Spain, the United Kingdom, and France, which resumed collecting digital services tax from US companies late last year.

In retaliation, USTR had set a January 6 deadline for levying a 25% tariff on a range of French imported goods including cosmetics and handbags.

USTR did not say whether the tariff had been enforced, but in a statement said it expects to announce the progress or completion of additional investigations in the near future.

Italian court rules against ‘discriminatory’ Deliveroo rider ranking algorithm

A court in Italy has dealt a blow to unalloyed algorithmic management after a legal challenge brought by three unions. The Bologna court ruled that a reputational ranking algorithm used by on-demand food delivery platform Deliveroo discriminated against gigging delivery workers by breaching local labor laws.

The ruling, reported earlier in the Italian press, found Deliveroo’s ranking algorithm discriminated against delivery couriers because it did not distinguish between legally protection reasons for withholding labour — namely not working because a rider was sick; or exercising their protected right to strike — and more trivial reasons for not being as productive as they’d indicated they would be.

In a statement, the Italian General Confederation of Labour (CGIL) called the Bologna court ruling “an epochal turning point in the conquest of trade union rights and freedoms in the digital world”.

Deliveroo has been contacted for comment on the ruling.

The court ordered Deliveroo to pay €50,000 per affected rider and publish the ruling on its website, according to Ansa.it — which has obtained a statement from Matteo Sarzana, general manager of Deliveroo Italy, who told it the company notes the judge’s decision but does not agree with it, as well as confirming that the shift reservation system linked to the algorithmic ranking is no longer in use in the market.  

“The fairness of our old system is confirmed by the fact that not a single case of objective and real discrimination emerged in the course of the trial. The decision is based exclusively on a hypothetical and potential evaluation without concrete evidence,” Sarzana added in the statement [which we’ve translated from Italian].

The on-demand delivery app has faced down a number of legal challenges on home turf — related to its classification of gig workers (as self employed couriers) and its opposition to collective bargaining rights for riders.

Although a 2018 inquiry led by UK MP Frank Field likened its ‘flexible’ labor model to 20th century dockyards — saying the dual labor market that Deliveroo generates works very well for some riders but very poorly for others.

The Bologna court ruling is also notable in light of a number of legal challenges against other gig platforms’ use of algorithms to manage large ‘self-employed’ workforces which have been filed in Europe in recent months.

This includes a group of Uber drivers who filed a challenge to Uber’s automated decision-making in the Netherlands last summer — making reference to pan-EU data protection law.

While ride-hailing company Ola is facing a similar challenge to its use of technological surveillance and data as a management tool to control a self-employed workforce.

Rulings on those cases are still pending.

At the same time, EU lawmakers have proposed new laws that would require large online platforms to provide regulators with information about how their algorithmic ranking systems function — with the aim of enabling wider societal oversight of AI-fuelled giants.

The move to enable oversight and accountability of platforms’ algorithms comes in response to concerns about a lack of transparency and the potential for automated decisions to scale bias, discrimination and exploitation. 

Google expands its cloud with new regions in Chile, Germany and Saudi Arabia

It’s been a busy year of expansion for the large cloud providers, with AWS, Azure and Google aggressively expanding their data center presence around the world. To cap off the year, Google Cloud today announced a new set of cloud regions, which will go live in the coming months and years. These new regions, which will all have three availability zones, will be in Chile, Germany and Saudi Arabia. That’s on top of the regions in Indonesia, South Korea, the U.S. (Last Vegas and Salt Lake City) that went live this year — and the upcoming regions in France, Italy, Qatar and Spain the company also announced over the course of the last twelve months.

Image Credits: Google

In total, Google currently operates 24 regions with 73 availability zones, not counting those it has announced but that aren’t live yet. While Microsoft Azure is well ahead of the competition in terms of the total number of regions (though some still lack availability zones), Google is now starting to pull even with AWS, which currently offers 24 regions with a total of 77 availability zones. Indeed, with its 12 announced regions, Google Cloud may actually soon pull ahead of AWS, which is currently working on six new regions.

The battleground may soon shift away from these large data centers, though, with a new focus on edge zones close to urban centers that are smaller than the full-blown data centers the large clouds currently operate but that allow businesses to host their services even closer to their customers.

All of this is a clear sign of how much Google has invested in its cloud strategy in recent years. For the longest time, after all, Google Cloud Platform lagged well behind its competitors. Only three years ago, Google Cloud offered only 13 regions, for example. And that’s on top of the company’s heavy investment in submarine cables and edge locations.

Apple on the hook for €10M in Italy, accused of misleading users about iPhone water resistance

Apple’s marketing of iPhones as ‘water resistant’ without clarifying the limits of the feature and also having a warranty that excludes cover for damage by liquids has got the company into hot water in Italy.

The Italian competition authority (AGCM) has informed the tech giant of an intent to fine it €10 million for commercial practices related to the marketing and warranty of a number of iPhone models since October 2017, starting with the iPhone 8 through to the iPhone 11, following an investigation into consumer complaints related to its promotion of water resistance and subsequent refusal to cover the cost of repairs caused by water damage.

In a document setting out the AGCM’s decision dated towards the end of October — which was made public today (via Reuters) — the regulator concludes Apple violated the country’s consumer code twice because of what it characterizes as “misleading” and “aggressive” commercial practices.

Its investigation found Apple’s iPhone marketing tricked consumers into believing the devices were impermeable to water, rather than merely water resistant — with the limitations of the feature not given enough prominence in ads. While a disclaimer stating that Apple’s warranty excludes damage by liquids was deemed an aggressive attempt to circumvent consumer rights obligations — given its heavy promotion of the devices as water resistant.

Apple places a liquid contact indicator inside iPhones, which changes from white or silver to red on contact with liquid, and checking the indicator is a standard step undertaken by its repair staff.

The AGCM report cites examples of consumers who’s iPhone had taken a “short dive” in the sea being refused cover. Another complainant had been washing their device under the tap — which Apple deemed improper use.

A third reported that their one-month old iPhone XR stopped working after coming into contact with water. Apple told them they must buy a new device — albeit at a subsidized price.

While an iPhone XS user, with a one-year old handset who reported it had never come into contact with water was refused coverage by Apple support who said it had, complained to the regulator there’s no way for a consumer to prove their device was not immersed in water for more than the length of time and depth to which Apple’s small print specifies it has water resistance.

We’ve reached out to Apple for comment on the AGCM’s findings.

The tech giant has 60 days from the date it was notified of the regulator’s intent to fine to appeal the decision.

The size of the penalty is well under half of the operating profit the regulator says Apple’s Italian operation made in the year September 2018 to September 2019, when it note it recorded revenues on its sales and services of €58,652,628; and an operating profit of €26,918,658.

Two years ago Italy’s competition watchdog also fined Apple and Samsung around $15M for forcing updates on consumers that may slow or break their devices. While, this February, France fined Apple $27 million for capping the OS performance of iPhones with older batteries.

Apple has also faced much larger penalties from competition authorities elsewhere in Europe — including being notified of a $1.2BN fine by France’s competition authority in March this year, which accused the tech giant of operating a reseller cartel along with two wholesale distribution partners, Ingram Micro and Tech Data.

Apple also had to stump up as much as €500M in back taxes demanded by French authorities last year.

While some $15BN from Apple’s European HQ is sitting in an escrow account to cover a 2016 European Commission ‘State Aid’ charge that it illegally benefited from corporate tax arrangements in Ireland between 2003 and 2014.

In July Apple and Ireland won the first round of an appeal against the charge. But the Commission filed an appeal in September — meaning the case will go up to the CJEU, likely adding years more of legal wrangling.

EU lawmakers are continuing to work on pushing for global reform of digital taxation, while some Member States push on with their own digital taxes.

Ride Vision raises $7M for its AI-based motorcycle safety system

Ride Vision, an Israeli startup that is building an AI-driven safety system to prevent motorcycle collisions, today announced that it has raised a $7 million Series A round led by crowdsourcing platform OurCrowd. YL Ventures, which typically specializes in cybersecurity startups but also led the company’s $2.5 million seed round in 2018, Mobilion VC and motorcycle mirror manufacturer Metagal also participated in this round. The company has now raised a total of $10 million.

In addition to this new funding round, Ride Vision also today announced a new partnership with automotive parts manufacturer Continental .

“As motorcycle enthusiasts, we at Ride Vision are excited at the prospect of our international launch and our partnership with Continental,” Uri Lavi, CEO and co-founder of Ride Vision, said in today’s announcement. “This moment is a major milestone, as we stride toward our dream of empowering bikers to feel truly safe while they enjoy the ride.”

The general idea here is pretty straightforward and comparable with the blind-spot monitoring system in your car. Using computer vision, Ride Vision’s system, the Ride Vision 1, analyzes the traffic around a rider in real time. It provides forward collision alerts and monitors your blind spot, but it can also tell you when you’re following another rider or car too closely. It can also simply record your ride and, coming soon, it’ll be able to make emergency calls on your behalf when things go awry.

As the company argues, the number of motorcycles (and other motorized two-wheeled vehicles) has only increased during the pandemic, as people started avoiding public transport and looked for relatively affordable alternatives. In Europe, sales of two-wheeled vehicles increased by 30% during the pandemic.

The hardware on the motorcycle itself is pretty straightforward. It includes two wide-angle cameras (one each at the front and rear), as well as alert indicators on the mirrors, as well as the main computing unit. Ride Vision has patents on its human-machine warning interface and vision algorithms.

It’s worth noting that there are some blind-spot monitoring solutions for motorcycles on the market already, including those from Innovv and Senzar. Honda also has patents on similar technologies. These do not provide the kind of 360-degree view that Ride Vision is aiming for.

Ride Vision says its products will be available in Italy, Germany, Austria, Spain, France, Greece, Israel and the U.K. in early 2021, with the U.S., Brazil, Canada, Australia, Japan, India, China and others following later.

The new Chromecast adds a remote and the new Google TV interface for $49

It’s been a while since Google gave its Chromecast line a proper bit of love — perhaps not surprising for a fairly mature device now marking its seventh year. At today’s big Launch Night In event, however, the company’s bringing the popular TV dongle a much-needed refresh by way of Chromecast with Google TV.

The new version of the streaming product looks pretty similar to its predecessor, though the perfectly circular shape has been stretched out in something more oblong, dangling off the end of an HDMI cable. The biggest change from a hardware standpoint is the addition of — reportedly — the product’s most requested features: a remote.

Image Credits: Brian Heater

Long and slim (perfect for wedging between the couch cushions), the remote features a navigation wheel surrounding a selection button up top and devoted buttons for YouTube and Hulu. There’s also a Google Assistant button and a microphone flanked by the power and input buttons, which allows for voice control. It runs on a pair of AAA batteries, included in the box.

The other big addition here is Google TV. I’ve detailed the offering here, but the short version of it is that it’s a new interface from the company designed to offer a more streamlined viewing experience. It pulls together into a single spot movies, TV shows and live television programming — similar to what you get with something like Fire TV and Apple TV.

Image Credits: Brian Heater

The new dongle can support 4K HDR video at rates up to 60 frames a second. It also supports Dolby Vision, the company’s image optimization format. The system supports 6,500 apps and live and on-demand TV from 85 networks, as well as key streaming services like Disney+, HBO Max, Netflix and, of course, YouTube. Peacock support is on the way — as is support for Google’s Stadia gaming offering, which is set to arrive in the first half of next year.

The dongle is available for sale in the U.S. starting today, priced at $50. Customers in Australia, Canada, France, Germany, Ireland, Italy, Spain and the U.K. can pre-order it today, as well.

Dear Sophie: How can I get my 2-year foreign residency requirement for my J-1 waived?

Here’s another edition of “Dear Sophie,” the advice column that answers immigration-related questions about working at technology companies.

“Your questions are vital to the spread of knowledge that allows people all over the world to rise above borders and pursue their dreams,” says Sophie Alcorn, a Silicon Valley immigration attorney. “Whether you’re in people ops, a founder or seeking a job in Silicon Valley, I would love to answer your questions in my next column.”

“Dear Sophie” columns are accessible for Extra Crunch subscribers; use promo code ALCORN to purchase a one- or two-year subscription for 50% off.


Dear Sophie:

I’m entering my second year in the U.S. under a five-year J-1 research visa from Italy. When we came we thought it would be temporary, but our plans have changed and now we want to try to stay in the U.S. My husband started his own company here on his J-2 visa work permit, and our daughter was born here. However, we’re supposed to return to Italy for two years. How can we get a 212(e) waiver?

—Positive in Palo Alto

Dear Positive:

Congrats on your accomplishments — the birth of your daughter, your research position and your husband’s startup. Happy to share about the J-1 visa, the two-year home residency requirement (a section of the law called “212(e)”) and obtaining a waiver so you can seek a green card or another type of visa. For more background, check out my podcast on the two-year foreign residency requirement and filing a waiver and last weeks’ Dear Sophie column with an overview of the types of J-1 visas. The earlier you begin preparing your waiver application, the better.

The J-1 Educational and Cultural Exchange Visa is intended for people from around the globe to work or study in the U.S. and then take their newly acquired knowledge and skills back to their home country. Given that, it is not a direct path if you decide after your arrival to remain longer term in the U.S. I recommend working with an experienced immigration lawyer to devise a strategy for reaching your goals beyond getting a waiver. I also recommend talking with your employer to assess whether they can later sponsor you for a green card.

Tarform unveils Luna e-moto for folks who may not like motorcycles

Brooklyn-based EV startup Taform unveiled its Luna electric motorcycle in New York last week—a model designed for an audience that may not actually like motorcycles.

Tarform’s first street legal entrant, the Luna, starts at $24,000, does 0-60 mph in 3.8 seconds, has a city range of 120 miles, top-speed of 120 mph, and charges to 80% in 50 minutes—according to company specs.

The model was hatched out of the company’s mission to meld aesthetic design and craftsmanship to environmental sustainability in two-wheeled electric vehicles.

To that end, the Luna incorporates a number of unique, eco-design features. The bodywork is made from a flax seed weave and the overall motorcycle engineering avoids use of plastics. The Luna’s seat upholstery is made out of biodegradable vegan leather. Tarform is also testing methods to avoid paints and primers on its motorcycles, instead using a mono-material infused with algae and iron based metallic pigments.

The company was founded by Swede Taras Kravtchouk—an industrial design specialist, former startup head, and passionate motorcyclist. The Luna launch follows the debut of two concept e-motos in 2018.

Image Credits: Jake Bright

On Tarform’s target market, he explained the startup hopes to attract those who may be turned off by the very things that have turned people on to motorcycling over the last 50 years—namely gas, chrome, noise, and fumes.

“It’s more for people who want a custom bike and the techies: people who wanted to have a motorcycle but didn’t want to be associated with the whole stigmatized motorcycle lifestyle,” Kravtchouk told TechCrunch.

Tarform enters the EV arena with competition from several e-moto startups—and on OEM—that are attempting to convert gas riders to electric and attract a younger generation to motorcycling.

One of the leaders is California company Zero Motorcycles, with 200 dealers worldwide. Zero introduced a its $19,000 SR/F in 2019, with a 161-mile city range, one-hour charge capability and a top speed of 124 mph. Italy’s Energica is expanding distribution of its high-performance e-motos in the U.S.

In 2020, Harley Davidson became the first of the big gas manufacturers to offer a street-legal e-motorcycle for sale in the U.S., the $29,000 LiveWire.

And Canadian startup Damon Motors debuted its 200 mph, $24,000 Hypersport this year, which offers proprietary safety and ergonomics tech for adjustable riding positions and blind-spot detection.

On how Tarform plans to compete with these e-motorcycle players, Kravtchouk explained that’s not the company’s priority. “We’re not even close in production to Zero or the other big guys, but that’s not our intention. Think of the [Luna] as a custom production bike,” he said.

“We did not set out to build a bike that is fastest or has the longest range,” Kravtchouk added. “We set out to build a bike that completely revises the manufacturing and supply chain of e-motorcycles in a way where we ethically source our materials and create an ethical supply-chain.”

For this mission, Tarform has obtained funding from several family offices and angel investors, including LA based M13. The Brooklyn based e-motorcycle company is taking pre-orders on its new Luna and pursuing a Series-A funding round for 2021, according to CEO Taras Kravtchouk.