Huawei launches AI-backed database to target enterprise customers

China’s Huawei is making a serious foray into the enterprise business market after it unveiled a new database management product on Wednesday, putting it in direct competition with entrenched vendors like IBM, Oracle and Microsoft.

The Shenzhen-based company, best known for making smartphones and telecom equipment, claims its newly minted database uses artificial intelligence capabilities to improve tuning performance, a process that traditionally involves human administrators, by over 60 percent.

Called the GaussDB, the database works both locally as well as on public and private clouds. When running on Huawei’s own cloud, GaussDB provides data warehouse services for customers across the board, from the financial, logistics, education to automotive industries.

The database launch was first reported by The Information on Tuesday citing sources saying it is designed by the company’s secretive database research group called Gauss and will initially focus on the Chinese market.

The announcement comes at a time when Huawei’s core telecom business is drawing scrutiny in the West over the company’s alleged ties to the Chinese government. That segment accounted for 40.8 percent of Huawei’s total revenues in 2018, according to financial details released by the privately-held firm.

Huawei’s consumer unit, which is driven by its fast-growing smartphone and device sales, made up almost a half of the company’s annual revenues. Enterprise businesses made up less than a quarter of earnings, but Huawei’s new push into database management is set to add new fuel to the segment.

Meanwhile, at Oracle, more than 900 employees, most of whom worked for its 1,600-staff research and development center in China, were recently let go amid a major company restructuring, multiple media outlets reported earlier this month.

Data provided to TechCrunch by Boss Zhipin offers clues to the layoff: The Chinese recruiting platform has recently seen a surge in newly registered users who work at Oracle China. But the door is still open for new candidates as the American giant is currently recruiting for more than 100 positions through Boss, including many related to cloud computing.

Announcing TechCrunch Sessions: Enterprise this September in San Francisco

Of the many categories in the tech world, none is more ferociously competitive than enterprise. For decades, SAP, Oracle, Adobe, Microsoft, IBM and Salesforce, to name a few of the giants, have battled to deliver the tools businesses want to become more productive and competitive. That market is closing in on $500 billion in sales per year, which explains why hundreds of new enterprise startups launch every year and dozens are acquired by the big incumbents trying to maintain their edge.

Last year alone, the top 10 enterprise acquisitions were worth $87 billion and included IBM’s acquiring Red Hat for $34 billion, SAP paying $8 billion for Qualtrics, Microsoft landing GitHub for $7.5 billion, Salesforce acquiring MuleSoft for $6.5 billion and Adobe grabbing Marketo for $4.75 billion. No startup category has made more VCs and founders wildly wealthy, and none has seen more mighty companies rise faster or fall harder. That technology and business thrill ride makes enterprise a category TechCrunch has long wanted to tackle head on.

TC Sessions: Enterprise (September 5 at San Francisco’s Yerba Buena Center) will take on the big challenges and promise facing enterprise companies today. TechCrunch’s editors, notably Frederic Lardinois, Ron Miller and Connie Loizos, will bring to the stage founders and leaders from established and emerging companies to address rising questions like the promised revolution from machine learning and AI, intelligent marketing automation and the inevitability of the cloud, as well as the outer reaches of technology, like quantum and blockchain.

We’ll enlist proven enterprise-focused VCs to reveal where they are directing their early, middle and late-stage investments. And we’ll ask the most proven serial entrepreneurs to tell us what it really took to build that company, and which company they would like to create next. All throughout the show, TechCrunch’s editors will zero in on emerging enterprise technologies to sort the hype from the reality. Whether you are a founder, an investor, enterprise-minded engineer or a corporate CTO / CIO, TC Sessions: Enterprise will provide a valuable day of new insights and great networking.

Tickets are now available for purchase on our website at the early-bird rate of $395. Want to bring a group of people from your company? Get an automatic 15% savings when you purchase four or more tickets at once. Are you an early-stage startup? We have a limited number of Startup Demo Packages available for $2,000, which includes four tickets to attend the event. Students are invited to apply for a reduced-price student ticket at just $245. Additionally, for each ticket purchased for TC Sessions: Enterprise, you will also be registered for a complimentary Expo Only pass to TechCrunch Disrupt SF on October 2-4.

Interested in sponsoring TC Sessions: Enterprise? Fill out this form and a member of our sales team will contact you.

Index Ventures, Stripe back bookkeeping service Pilot with $40M

Five years after Dropbox acquired their startup Zulip, Waseem Daher, Jeff Arnold and Jessica McKellar have gained traction for their third business together: Pilot.

Pilot helps startups and small businesses manage their back office. Chief executive officer Daher admits it may seem a little boring, but the market opportunity is undeniably huge. To tackle the market, Pilot is today announcing a $40 million Series B led by Index Ventures with participation from Stripe, the online payment processing system.

The round values Pilot, which has raised about $60 million to date, at $355 million.

“It’s a massive industry that has sucked in the past,” Daher told TechCrunch. “People want a really high-quality solution to the bookkeeping problem. The market really wants this to exist and we’ve assembled a world-class team that’s capable of knocking this out of the park.”

San Francisco-based Pilot launched in 2017, more than a decade after the three founders met in MIT’s student computing group. It’s not surprising they’ve garnered attention from venture capitalists, given that their first two companies resulted in notable acquisitions.

Pilot has taken on a massively overlooked but strategic segment — bookkeeping,” Index’s Mark Goldberg told TechCrunch via email. “While dry on the surface, the opportunity is enormous given that an estimated $60 billion is spent on bookkeeping and accounting in the U.S. alone. It’s a service industry that can finally be automated with technology and this is the perfect team to take this on — third-time founders with a perfect combo of financial acumen and engineering.”

The trio of founders’ first project, Linux upgrade software called Ksplice, sold to Oracle in 2011. Their next business, Zulip, exited to Dropbox before it even had the chance to publicly launch.

It was actually upon building Ksplice that Daher and team realized their dire need for tech-enabled bookkeeping solutions.

“We built something internally like this as a byproduct of just running [Ksplice],” Daher explained. “When Oracle was acquiring our company, we met with their finance people and we described this system to them and they were blown away.”

It took a few years for the team to refocus their efforts on streamlining back-office processes for startups, opting to build business chat software in Zulip first.

Pilot’s software integrates with other financial services products to bring the bookkeeping process into the 21st century. Its platform, for example, works seamlessly on top of QuickBooks so customers aren’t wasting precious time updating and managing the accounting application.

“It’s better than the slow, painful process of doing it yourself and it’s better than hiring a third-party bookkeeper,” Daher said. “If you care at all about having the work be high-quality, you have to have software do it. People aren’t good at these mechanical, repetitive, formula-driven tasks.”

Currently, Pilot handles bookkeeping for more than $100 million per month in financial transactions but hopes to use the infusion of venture funding to accelerate customer adoption. The company also plans to launch a tax prep offering that they say will make the tax prep experience “easy and seamless.”

“It’s our first foray into Pilot’s larger mission, which is taking care of running your companies entire back office so you can focus on your business,” Daher said.

As for whether the team will sell to another big acquirer, it’s unlikely.

“The opportunity for Pilot is so large and so substantive, I think it would be a mistake for this to be anything other than a large and enduring public company,” Daher said. “This is the company that we’re going to do this with.”

Hackers conquer Tesla’s in-car web browser and win a Model 3

A pair of security researchers dominated Pwn2Own, the annual high-profile hacking contest, taking home $375,000 in prizes including a Tesla Model 3 — their reward for successfully exposing a vulnerability in the electric vehicle’s infotainment system.

Tesla handed over its new Model 3 sedan to Pwn2Own this year, the first time a car has been included in the competition. Pwn2Own is in its 12th year and run by Trend Micro’s Zero Day Initiative. ZDI has awarded more than $4 million over the lifetime of the program.

The pair of hackers Richard Zhu and Amat Cam, known as team Fluoroacetate, “thrilled the assembled crowd” as they entered the vehicle, according to ZDI, which noted that after a few minutes of setup, they successfully demonstrated their research on the Model 3 internet browser.

The pair used a JIT bug in the renderer to display their message — and won the prize, which included the car itself. In the most simple terms, a JIT, or just-in-time bug, bypasses memory randomization data that normally would keep secrets protected.

Tesla told TechCrunch it will release a software update to fix the vulnerability discovered by the hackers.

“We entered Model 3 into the world-renowned Pwn2Own competition in order to engage with the most talented members of the security research community, with the goal of soliciting this exact type of feedback. During the competition, researchers demonstrated a vulnerability against the in-car web browser,” Tesla said in an emailed statement. “There are several layers of security within our cars which worked as designed and successfully contained the demonstration to just the browser, while protecting all other vehicle functionality. In the coming days, we will release a software update that addresses this research. We understand that this demonstration took an extraordinary amount of effort and skill, and we thank these researchers for their work to help us continue to ensure our cars are the most secure on the road today.”

Pwn2Own’s spring vulnerability research competition, Pwn2Own Vancouver, was held March 20 to 22 and  featured five categories, including web browsers, virtualization software, enterprise applications, server-side software and the new automotive category.

Pwn2Own awarded a total of $545,000 for 19 unique bugs in Apple Safari, Microsoft Edge and Windows, VMware Workstation, Mozilla Firefox, and Tesla.

Tesla has had a public relationship with the hacker community since 2014 when the company launched its first bug bounty program. And it’s grown and evolved ever since.

Last year, the company increased the maximum reward payment from $10,000 to $15,000 and added its energy products as well. Today, Tesla’s vehicles and all directly hosted servers, services and applications are now in scope in its bounty program

Zoom, a profitable unicorn, files to go public

Zoom, the video conferencing startup valued at $1 billion in early 2017, has filed to go public on the Nasdaq as soon as next month.

The company joins a growing list of tech unicorns making the leap to the public markets in 2019, but it stands out for one very important reason: It’s actually profitable.

Zoom was founded in 2011 by Eric Yuan, a co-founder of WebEx, which sold to Oracle for $3.2 billion in 2007. Before launching Zoom, he spent four years at Cisco as its vice president of engineering. In a conversation with TechCrunch last month, he said he would never sell another company again, hinting at his dissatisfaction at WebEx’s post-acquisition treatment being his motivation for taking Zoom public as opposed to selling.

Zoom, which raised a total of $145 million to date, posted $330 million in revenue in the year ending January 31, 2019, a remarkable 2x increase year-over-year, with a gross profit of $269.5 million. The company similarly more than doubled revenues from 2017 to 2018, wrapping fiscal year 2017 with $60.8 million in revenue and 2018 with $151.5 million.

The company’s losses are shrinking, from $14 million in 2017, $8.2 million in 2018 and just $7.5 million in the year ending January 2019.

Zoom is backed by Emergence Capital, which owns a 12.5 percent pre-IPO stake, according to the IPO filing. Other investors in the business include Sequoia Capital (11.4 percent pre-IPO stake); Digital Mobile Venture (9.8 percent), a fund affiliated with former Zoom board member Samuel Chen; and Bucantini Enterprises Limited (6.1 percent), a fund owned by Li Ka-shing, a Chinese billionaire and among the richest people in the world.

Morgan Stanley, JP Morgan and Goldman Sachs have been recruited to lead the offering.

Oracle adds more AI features to its suite of sales tools

As the biggest sales and marketing technology firms mature, they are all turning to AI and machine learning to advance the field. This morning it was Oracle’s turn, announcing several AI-fueled features for its suite of sales tools.

Rob Tarkoff, who had previous stints at EMC, Adobe and Lithium, and is now EVP of Oracle CX Cloud says that the company has found ways to increase efficiency in the sales and marketing process by using artificial intelligence to speed up previously manual workflows, while taking advantage of all the data that is part of modern sales and marketing.

For starters, the company wants to help managers and salespeople understand the market better to identify the best prospects in the pipeline. To that end, Oracle is announcing integration with DataFox, the company it purchased last fall. The acquisition gave Oracle the ability to integrate highly detailed company profiles into their Customer Experience Cloud, including information such as SEC filings, job postings, news stories and other data about the company.

DataFox company profile. Screenshot: Oracle

“One of the things that DataFox helps you you do better is machine learning-driven sales planning, so you can take sales and account data and optimize territory assignments,” he explained.

The company also announced an AI sales planning tool. Tarkoff says that Oracle created this tool in conjunction with its ERP team. The goal is to use machine learning to help finance make more accurate performance predictions based on internal data.

“It’s really a competitor to companies like Anaplan, where we are now in the business of helping sales leaders optimize planning and forecasting, using predictive models to identify better future trends,” Tarkoff said.

Sales forecasting tool. Screenshot: Oracle

The final tool is really about increasing sales productivity by giving salespeople a virtual assistant. In this case, it’s a chatbot that can help handle tasks like scheduling meetings and offering task reminders to busy sales people, while allowing them to use their voices to enter information about calls and tasks. “We’ve invested a lot in chatbot technology, and a lot in algorithms to help our bots with specific dialogues that have sales- and marketing-industry specific schema and a lot of things that help optimize the automation in a rep’s experience working with sales planning tools,” Tarkoff said.

Brent Leary, principal at CRM Essentials, says that this kind of voice-driven assistant could make it easier to use CRM tools. “The Smarter Sales Assistant has the potential to not only improve the usability of the application, but by letting users interact with the system with their voice it should increase system usage,” he said.

All of these enhancements are designed to increase the level of automation and help sales teams run more efficiently with the ultimate goal of using data to more sales and making better use of sales personnel. They are hardly alone in this goal as competitors like Salesforce, Adobe and Microsoft are bringing a similar level of automation to their sales and marketing tools

The sales forecasting tool and the sales assistant are generally available starting today. The DataFox integration will GA in June.

EU gov’t and public health sites lousy with adtech, study finds

A study of tracking cookies running on government and public sector health websites in the European Union has found commercial adtech to be operating pervasively even in what should be core not-for-profit corners of the Internet.

The researchers used searches including queries related to HIV, mental health, pregnancy, alcoholism and cancer to examine how frequently European Internet users are tracked when accessing national health service webpages to look for publicly funded information about sensitive concerns.

The study also found that most EU government websites have commercial trackers embedded on them, with 89 per cent of official government websites found to contain third party ad tracking technology.

The research was carried out by Cookiebot using its own cookie scanning technology to examine trackers on public sector websites, scanning 184,683 pages on all 28 EU main government websites.

Only the Spanish, German and the Dutch websites were found not to contain any commercial trackers.

The highest number of tracking companies were present on the websites of the French (52), Latvian (27), Belgian (19) and Greek (18) governments.

The researchers also ran a sub-set of 15 health-related queries across six EU countries (UK, Ireland, Spain, France, Italy and Germany) to identify relevant landing pages hosted on the websites of the corresponding national health service — going on to count and identify tracking domains operating on the landing pages.

Overall, they found a majority (52 per cent) of landing pages on the national health services of the six EU countries contained third party trackers.

Broken down by market, the Irish health service ranked worst — with 73 per cent of landing pages containing trackers.

While the UK, Spain, France and Italy had trackers on 60 per cent, 53 per cent, 47 per cent and 47 per cent of landing pages, respectively.

Germany ranked lowest of the six, yet they still found a third of the health service landing pages contained trackers.

Searches on publicly funded health service sites being compromised by the presence of adtech suggests highly sensitive inferences could be being made about web users by the commercial companies behind the trackers.

Cookiebot found a very long list of companies involved — flagging for example how 63 companies were monitoring a single German webpage about maternity leave; and 21 different companies were monitoring a single French webpage about abortion.

Vulnerable citizens who seek official health advice are shown to be suffering sensitive personal data leakage,” it writes in the report. “Their behaviour on these sites can be used to infer sensitive facts about their health condition and life situation. This data will be processed and often resold by the ad tech industry, and is likely to be used to target ads, and potentially affect economic outcomes, such as insurance risk scores.”

“These citizens have no clear way to prevent this leakage, understand where their data is sent, or to correct or delete the data,” it warns. 

It’s worth noting that Cookiebot and its parent company Cybot’s core business is related to selling EU data protection compliance services. So it’s not without its own commercial interests here. Though there’s no doubting the underlying adtech sprawl the report flags.

Where there’s some fuzziness is around exactly what these trackers are doing, as some could be used for benign site functions like website analytics.

Albeit, if/when the owner of the freebie analytics services in question is also adtech giant Google that still may not feel reassuring, from a privacy point of view.

100+ firms tracking EU public sector site users

Across both government and health service websites, Cookiebot says it identified a total of 112 companies using trackers that send data to a total of 131 third party tracking domains.

It also found 10 companies which actively masked their identity — with no website hosted at their tracking domains, and domain ownership (WHOIS) records hidden by domain privacy services, meaning they could not be identified. That’s obviously of concern. 

Here’s the table of identified tracking companies — which, disclosure alert, includes AOL and Yahoo which are owned by TechCrunch’s parent company, Verizon.

Adtech giants Google and Facebook are also among adtech companies tracking users across government and health service websites, along with a few other well known tech names — such as Oracle, Microsoft and Twitter.

Cookiebot’s study names Google “the kingpin of tracking” — finding the company performed more than twice as much tracking as any other, seemingly as a result of Google owning several of the most dominant ad tracking domains.

Google-owned YouTube.com, DoubleClick.net and Google.com were the top three tracking domains IDed by the study. 

“Through the combination of these domains, Google tracks website visits to 82% of the EU’s main government websites,” Cookiebot writes. “On each of the 22 main government websites on which YouTube videos have been installed, YouTube has automatically loaded a tracker from DoubleClick .net (Google’s primary ad serving domain). Using DoubleClick.net and Google.com, Google tracks visits to 43% of the scanned health service landing pages.”

 

Given its control of many of the Internet’s top platforms (Google Analytics, Maps, YouTube, etc.), it is no surprise that Google has greater success at gaining tracking access to more webpages than anyone else,” it continues. “It is of special concern that Google is capable of cross-referencing its trackers with its 1st party account details from popular consumer-oriented services such as Google Mail, Search, and Android apps (to name a few) to easily associate web activity with the identities of real people.”

Under European data protection law “subjective” information that’s associated with an individual — such as opinions or assessments — is absolutely considered personal data.

So tracker-fuelled inferences being made about site visitors are subject to EU data protection law — which has even more strict rules around the processing of sensitive categories of information like health data.

That in turn suggests that any adtech companies doing third-party-tracking of Internet users and linking sensitive health queries to individual identities would need explicit user consent to do so.

The presence of adtech trackers on sensitive health data pages certainly raises plenty of questions.

We asked Google for a response to the Cookiebot report, and a spokesperson sent us the following statement regarding sensitive category data specifically — in which it claims: “We do not permit publishers to use our technology to collect or build targeting lists based on users’ sensitive information, including health conditions like pregnancy or HIV.”

Google also claims it does not itself infer sensitive user interest categories.

Furthermore it said its policies for personalized ads prohibit its advertisers from collecting or using sensitive interest categories to target users. (Though saying you’re telling someone not to do something is not the same as that thing not being done. That would depend on the enforcement.)

Google’s spokesperson was also keen to point to its EU user consent policy — where it says it requires site owners that use its services to ensure they have correct disclosures and consents for personalised ads and cookies from European end users.

The company warns it may suspend or terminate a site’s use of its services if they have not obtained the right disclosures and consents. It adds there’s no exception for government sites.

On tags and disclosure generally, the Google spokesperson provided the following comment: “Our policies are clear: If website publishers choose to use Google web or advertising products, they must obtain consent for cookies associated with those products.”

Where Google Analytics cookies are concerned, Google said traffic data is only collected and processed per instructions it receives from site owners and publishers — further emphasizing that such data would not be used for ads or Google purposes without authorization from the website owner or publisher.

Albeit sloppy implementations of freebie Google tools by resource-strapped public sector site administrators might make such authorizations all too easy to unintentionally enable.

So, tl;dr — as Google tells it — the onus for privacy compliance is on the public sector websites themselves.

Though given the complex and opaque mesh of technology that’s grown up sheltering under the modern ‘adtech’ umbrella, opting out of this network’s clutches entirely may be rather easier said than done.

Cookiebot’s founder, Daniel Johannsen, makes a similar point to Google’s in the report intro, writing: “Although the governments presumably do not control or benefit from the documented data collection, they still allow the safety and privacy of their citizens to be compromised within the confines of their digital domains — in violation of the laws that they have themselves put in place.”

More than nine months into the GDPR [General Data Protection Regulation], a trillion-dollar industry is continuing to systematically monitor the online activity of EU citizens, often with the unintentional assistance of the very governments that should be regulating it,” he adds, calling for public sector bodies to “lead by example – at a minimum by shutting down any digital rights infringements that they are facilitating on their own websites”.

“The fact that so many public sector websites have failed to protect themselves and their visitors against the inventive methods of the tracking industry clearly demonstrates the educational challenge that the wider web faces: How can any organisation live up to its GDPR and ePrivacy obligations if it does not control unauthorised tracking actors accessing their website?”

Trackers creeping in by the backdoor

On the “inventive methods” front, the report flags how third party javascript technologies — used by websites for functions like video players, social sharing widgets, web analytics, galleries and comments sections — can offer a particularly sneaky route for trackers to be smuggled into sites and apps by the ‘backdoor’.

Cookiebot gives the example of social sharing tool, ShareThis, which automatically adds buttons to each webpage to make it easy for visitors to share information across social media platforms.

The ShareThis social plugin is used by Ireland’s public health service, the Health Service Executive (HSE). And there Cookiebot found it releases trackers from more than 20 ad tech companies into every webpage it is installed on.

“By analysing web pages on HSE.ie, we found that ShareThis loads 25 other trackers, which track users without permission,” it writes. “This result was confirmed on pages linked from search queries for “mortality rates of cancer patients” and “symptoms of postpartum depression”.”

“Although website operators like the HSE do control which 3rd parties (like ShareThis) they add to their websites, they have no direct control over what additional “4th parties” those 3rd parties might smuggle in,” it warns.

We’ve reached out to ShareThis for a response.

Another example flagged by the report is what Cookiebot dubs “YouTube’s Tracking Cover-Up”.

Here it says it found that even when a website has enabled YouTube’s so-called “Privacy-enhanced Mode”, in a bid to limit its ability to track site users, the mode “currently stores an identifier named “yt-remote-device -id” in the web browser’s “Local Storage”” which Cookiebot found “allows tracking to continue regardless of whether users click, watch, or in any other way interact with a video – contrary to Google’s claims”.

“Rather than disabling tracking, “privacy-enhanced mode” seems to cover it up,” they claim. 

Google did not provide an on the record comment regarding that portion of the report.

Instead the company sent some background information about “privacy-enhanced mode” — though its points did not engage at all with Cookiebot’s claim that tracking continues regardless of whether a user watches or interacts with a video in any way.

Overall, Google’s main point of rebuttal vis-a-vis the report’s conclusion — i.e. that even on public sector sites surveillance capitalism is carrying on business as usual — is that not all cookies and pixels are ad trackers. So it’s claim is a cookie ‘signal’ might just be harmless background ‘noise’.

(In additional background comments Google suggested that if a website is running an advertising campaign using its services — which presumably might be possible in a public sector scenario if an embedded YouTube video contains an ad (for example) — then an advertising cookie could be a conversion pixel used (only) to measure the effectiveness of the ad, rather than to track a user for ad targeting.

For DoubleClick cookies on websites in general, Google told us this type of cookie would only appear if the website specifically signed up with its ad services or another vendor which uses its ad services.

It further claimed it does not embed tracking pixels on random pages or via Google Analytics with Doubleclick cookies.)

The problem here is the lack of opacity in the adtech industry which requires users to take ad targeters at their word — and trust that an adtech giant like Google, which makes pots of money off of tracking web users to target them with ads, has nonetheless built perfectly privacy-respecting, non-leaky infrastructure that operates 100% as separately and cleanly as claimed, even as the entire adtech industry’s business incentives are pushing in the opposite direction.

Also a problem: Certain adtech giants having a long and storied history of bundling purposes for user data and manipulating consent in privacy-hostile ways.

And with trust in adtech at such a historic low — plus regulation having been rebooted in Europe to put the focus on enforcement (which is encouraging a cottage industry of GDPR ‘compliance’ services to wade in) — the industry’s preferred cloak of complex opacity is under attack on multiple front (including from policymakers) and does look to be on borrowed time.

And as more light shines in and risk steps up, sensitive public sector websites could just decide to nix using any of these freebie plugins.

In another “inventive” case study highlighted by the report, Cookiebot writes that it documented instances of Facebook using a first party cookie workaround for Safari’s intelligent tracker blocking system to harvest user data on two Irish and UK health landing pages.

So even though Apple’s browser natively purges third party cookies to enhance user privacy by default Facebook’s engineers appear to have managed to create a workaround.

Cookiebot says this works by Facebook’s new first party cookie — “_fbp” — storing a unique user ID that’s then forwarded as a URL parameter in the pixel tracker “tr” to Facebook.com — “thus allowing Facebook to track users after all”, i.e. despite Safari’s best efforts to prevent pervasive third party tracking.

“In our study, this combined tracking practice was documented on 2 Irish and UK landing pages featuring health information about HIV and mental illness,” it writes. “These types of workarounds of browser tracking prevention are highly intrusive as they undermine users’ attempts to protect their personal data – even when using browsers and extensions with the most advanced protection settings.”

Reached for a response to the Cookiebot report Facebook also did not engage with the case study of its Safari third party cookie workaround.

Instead, a spokesman sent us the following line: “[Cookiebot’s] investigation highlights websites that have chosen to use Facebook’s Business Tools — for example, the Like and Share buttons, or the Facebook pixel. Our Business Tools help websites and apps grow their communities or better understand how people use their services. For example, we could tell them that their site is most popular among people aged 20-25.”

In further information provided to us on background the company confirmed that data it receives from websites can be used for enhancing ad targeting on Facebook. (It said Facebook users can switch off ad personalization based on such signals — via the “Ads Based on Data from Partners” setting in Ad Preferences.)

It also said organizations that make use of its tools are subject to its Business Tools terms — which Facebook said require them to provide users with notice and obtain any required legal consent, including being clear with users about any information they share with it. 

Facebook further claimed it prohibits apps and websites from sending it sensitive data — saying it takes steps to detect and remove data that should not be shared with it.

ePrivacy Regulation needed to raise the bar

Commenting on the report in a statement, Diego Naranjo, senior policy advisor at digital rights group EDRi, called for European regulators to step up to defend citizens’ privacy.

For the last 20 years, Europe has fought to regulate the sprawling chaos of data tracking. The GDPR is a historical attempt to bring the information economy in line with our core civil liberties, securing the same level of democratic control and trust online as we take for granted in our offline world. Yet, as this study has provided evidence of, nine months into the new regulation, online tracking remains as hidden, uncontrollable, and plentiful as ever,” he writes in the report. “We stress that it is the duty of regulators to ensure their citizens’ privacy.”

Naranjo also warned that another EU privacy regulation, the ePrivacy Regulation — which is intended to deal directly with tracking technologies — risks being watered down.

In the wake of GDPR it’s become the focus of major lobbying efforts, as we’ve reported before.

“One of the great added values of the ePrivacy Regulation is that it is meant to raise the bar for companies and other actors who want to track citizens’ behaviour on the Internet. Regrettably, now we are seeing signs of the ePrivacy Regulation becoming watered out, specifically in areas concerning “legitimate interest” and “consent”,” he warns.

“A watering down of the ePrivacy Regulation will open a Pandora’s box of more and more sharing, merging and reselling of personal data in huge online commercial surveillance networks, in which citizens are being unwittingly tracked and micro-targeted with commercial and political manipulation. Instead, the ePrivacy Regulation must set the bar high in line with the wishes of the European Parliament, securing that the privacy of our fellow citizens does not succumb to the dominion of the ad tech industry.”

Google and IBM still trying desperately to move cloud market share needle

When it comes to the cloud market, there are few known knowns. For instance, we know that AWS is the market leader with around 32 percent of market share. We know Microsoft is far back in second place with around 14 percent, the only other company in double digits. We also know that IBM and Google are wallowing in third or fourth place, depending on whose numbers you look at, stuck in single digits. The market keeps expanding, but these two major companies never seem to get a much bigger piece of the pie.

Neither company is satisfied with that, of course. Google so much so that it moved on from Diane Greene at the end of last year, bringing in Oracle veteran Thomas Kurian to lead the division out of the doldrums. Meanwhile, IBM made an even bigger splash, plucking Red Hat from the market for $34 billion in October.

This week, the two companies made some more noise, letting the cloud market know that they are not ceding the market to anyone. For IBM, which is holding its big IBM Think conference this week in San Francisco, it involved opening up Watson to competitor clouds. For a company like IBM, this was a huge move, akin to when Microsoft started building apps for iOS. It was an acknowledgement that working across platforms matters, and that if you want to gain market share, you had better start thinking outside the box.

While becoming cross-platform compatible isn’t exactly a radical notion in general, it most certainly is for a company like IBM, which if it had its druthers and a bit more market share, would probably have been content to maintain the status quo. But if the majority of your customers are pursuing a multi-cloud strategy, it might be a good idea for you to jump on the bandwagon — and that’s precisely what IBM has done by opening up access to Watson across clouds in this fashion.

Clearly buying Red Hat was about a hybrid cloud play, and if IBM is serious about that approach, and for $34 billion, it had better be — it would have to walk the walk, not just talk the talk. As IBM Watson CTO and chief architect Ruchir Puri told my colleague Frederic Lardinois about the move, “It’s in these hybrid environments, they’ve got multiple cloud implementations, they have data in their private cloud as well. They have been struggling because the providers of AI have been trying to lock them into a particular implementation that is not suitable to this hybrid cloud environment.” This plays right into the Red Hat strategy, and I’m betting you’ll see more of this approach in other parts of the product line from IBM this year. (Google also acknowledged this when it announced a hybrid strategy of its own last year.)

Meanwhile, Thomas Kurian had his coming-out party at the Goldman Sachs Technology and Internet Conference in San Francisco earlier today. Bloomberg reports that he announced a plan to increase the number of salespeople and train them to understand specific verticals, ripping a page straight from the playbook of his former employer, Oracle.

He suggested that his company would be more aggressive in pursuing traditional enterprise customers, although I’m sure his predecessor, Diane Greene, wasn’t exactly sitting around counting on inbound marketing interest to grow sales. In fact, rumor had it that she wanted to pursue government contracts much more aggressively than the company was willing to do. Now it’s up to Kurian to grow sales. Of course, given that Google doesn’t report cloud revenue it’s hard to know what growth would look like, but perhaps if it has more success it will be more forthcoming.

As Bloomberg’s Shira Ovide tweeted today, it’s one thing to turn to the tried and true enterprise playbook, but that doesn’t mean that executing on that approach is going to be simple, or that Google will be successful in the end.

These two companies obviously desperately want to alter their cloud fortunes, which have been fairly dismal to this point. The moves announced today are clearly part of a broader strategy to move the market share needle, but whether they can or the market positions have long ago hardened remains to be seen.

Mixtape Podcast: Oracle’s alleged $400M issue with underrepresented groups

Screen time for kids, corporations allegedly not paying people from underrepresented groups and IBM offers some hope for the future of facial recognition technology: These are the topics that Megan Rose Dickey and I dive into on this week’s episode of Mixtape.

According to research by psychologists from the University of Calgary, spending too much time in front of screens can stung the development of toddlers. The study found that kids 2-5 years old who engage in more screen time received worse scores in developmental screening tests.” We talk a bit about this then wax nostalgically about “screen time” of yore.

We then turn to a filing against Oracle by the U.S. Department of Labor’s Office of Federal Contract Compliance Programs that states the enterprise company allegedly withheld upwards of $400 million to employees from underrepresented minority groups. The company initially declined to comment, but then thought better of itself and returned the very next day with its thoughts on the matter.

And finally, IBM is trying to make facial recognition technology a thing that doesn’t unfairly target people of color. Technology! The positive news comes a week after Amazon shareholders demanded that the company stop selling Rekognition, its very own facial recognition tech that it sells to law enforcement and government agencies.

Click play above to listen to this week’s episode. And if you haven’t subscribed yet, what are you waiting for? Find us on Apple PodcastsStitcherOvercastCastBox or whatever other podcast platform you can find.

Pentagon stands by finding of no conflict of interest in JEDI RFP process

A line in a new court filing by the Department of Defense suggests that it might reopen investigation into a possible conflict of interest interest in the JEDI contract RFP process involving a former AWS employee. The story has attracted a great deal of attention in major news publications including the Washington Post and Wall Street Journal, but a Pentagon spokesperson has told TechCrunch that nothing has changed.

In the document, filed with the court on Wednesday, the government’s legal representatives sought to outline its legal arguments in the case. The line that attracted so much attention stated, “Now that Amazon has submitted a proposal, the contracting officer is considering whether Amazon’s re-hiring Mr. Ubhi creates an OCI that cannot be avoided, mitigated, or neutralized.” OCI stands for Organizational Conflict of Interest in DoD lingo.

When asked about this specific passage, Pentagon spokesperson Heather Babb made clear the conflict had been investigated earlier and that Ubhi had recused himself from the process. “During his employment with DDS, Mr. Deap Ubhi recused himself from work related to the JEDI contract. DOD has investigated this issue, and we have determined that Mr. Ubhi complied with all necessary laws and regulations,” Babb told TechCrunch.

She repeated that statement when asked specifically about the language in the DoD’s filing. Ubhi did work at Amazon prior to joining the DoD and returned to work for them after he left.

The Department of Defense’s decade-long, $10 billion JEDI cloud contract process has attracted a lot of attention, and not just for the size of the deal. The Pentagon has said this will be a winner-take-all affair. Oracle and IBM have filed formal complaints and Oracle filed a lawsuit in December alleging among other things that there was a conflict of interest by Ubhi, and that they believed the single-vendor approach was designed to favor AWS. The Pentagon has denied these allegations.

The DoD completed the RFP process at the end of October and is expected to choose the winning vendor in April.