A network of ‘camgirl’ sites exposed millions of users and sex workers

A number of popular “camgirl” sites have exposed millions of sex workers and users after the company running the sites left the back-end database unprotected.

The sites, run by Barcelona-based VTS Media, include amateur.tv, webcampornoxxx.net, and placercams.com. Most of the sites’ users are based in Spain and Europe, but we found evidence of users across the world, including the United States.

According to Alexa traffic rankings, amateur.tv is one of the most popular in Spain.

The database, containing months-worth of daily logs of the site activities, was left without a password for weeks. Those logs included detailed records of when users logged in — including usernames and sometimes their user-agents and IP addresses, which can be used to identify users. The logs also included users’ private chat messages with other users, as well as promotional emails they were receiving from the various sites. The logs even included failed login attempts, storing usernames and passwords in plaintext. We did not test the credentials as doing so would be unlawful.

The exposed data also revealed which videos users were watching and renting, exposing kinks and private sexual preferences.

In all, the logs were detailed enough to see which users were logging in, from where, and often their email addresses or other identifiable information — which in some cases we could match to real-world identities.

Not only were users affected, the “camgirls” — who broadcast sexual content to viewers — also had some of their account information exposed.

The database was shut off last week, allowing us to publish our findings.

The “camgirl” site, which exposed millions of users’ and sex workers’ account data by failing to protect a backend database with a password. (Image: TechCrunch)

Researchers at Condition:Black, a cybersecurity and internet freedom firm, discovered the exposed database.

“This was a serious failure from a technical and compliance perspective,” said John Wethington, founder of Condition:Black. “After reviewing the sites’ data privacy policy and terms and conditions, it’s clear that users likely had no idea that their activities being monitored to this level of detail.”

“Users should always take into consideration the implications of their data leaking but especially where the implications could be life altering,” he said.

Data exposures — where companies inadvertently leave their own systems open for anyone to access — have become increasingly common in recent years. Dating sites are among those with some of the most sensitive data. Earlier this year, a group dating site 3Fun exposed over a million users’ data, allowing researchers to view users’ real-time locations without permission. These security lapses can be extremely damaging to their users, exposing private sexual encounters and preferences known only to the users themselves. The fallout following the 2016 hack of affair-focused site Ashley Madison resulted in families breaking up and several reports of suicides connected to the breach.

An email to VTS Media bounced over the weekend and could not be reached for comment.

Given both the company and its servers are located in Europe, the exposure of sexual preferences would fall under the “special categories” of GDPR rules, which require more protections. Companies can be fined up to 4% of their annual turnover for GDPR violations.

A spokesperson for the Spanish data protection authority (AEPD) did not respond to a request for comment outside business hours.


Got a tip? You can send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send PGP email with the fingerprint: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Github removes Tsunami Democràtic’s APK after a takedown order from Spain

Microsoft-owned Github has removed the APK of an app for organizing political protests in the autonomous community of Catalonia — acting on a takedown request from Spain’s military police (aka the Guardia Civil).

As we reported earlier this month supporters of independence for Catalonia have regrouped under a new banner — calling itself Tsunami Democràtic — with the aim of rebooting the political movement and campaigning for self-determination by mobilizing street protests and peaceful civil disobedience.

The group has also been developing bespoke technology tools to coordinate protest action. It’s one of these tools, the Tsunami Democràtic app, which was being hosted as an APK on Github and has now been taken down.

The app registers supporters of independence by asking them to communicate their availability and resources for taking part in local protest actions across Catalonia. Users are also asked to register for protest actions and check-in when they get there — at which point the app asks them to abide by a promise of non-violence (see point 3 in this sample screengrab):

image1 2 1

Users of the app see only upcoming protests relevant to their location and availability — making it different to the one-to-many broadcasts that Tsunami Democràtic also puts out via its channel on the Telegram messaging app.

Essentially, it’s a decentalized tool for mobilizing smaller, localized protest actions vs the largest demos which continue to be organized via Telegram broadcasts (such as a mass blockade of Barcelona airport, earlier this month).

A source with knowledge of Tsunami Democràtic previously told us the sorts of protests intended to be coordinated via the app could include actions such as go-slows to disrupt traffic on local roads and fake shopping sprees in supermarkets, with protestors abandoning carts filled with products in the store.

In a section of Github’s site detailing government takedowns the request from the Spanish state to remove the Tsunami Democràtic app sits alongside folders containing historical takedown requests from China and Russia.

“There is an ongoing investigation being carried out by the National High Court where the movement Tsunami Democràtic has been confirmed as a criminal organization driving people to commit terrorist attacks. Tsunami Democràtic’s main goal is coordinating these riots and terrorist actions by using any possible mean,” Spain’s military police write in the letter sent to Github.

We’ve reached out to Microsoft for comment on Github’s decision to remove the app APK.

In a note about government takedowns on Github’s website it writes:

From time to time, GitHub receives requests from governments to remove content that has been declared unlawful in their local jurisdiction. Although we may not always agree with those laws, we may need to block content if we receive a valid request from a government official so that our users in that jurisdiction may continue to have access to GitHub to collaborate and build software.

“GitHub does not endorse or adopt any assertion contained in the following notices,” it adds in a further caveat on the page.

The trigger for the latest wave of street demonstrations in Catalonia were lengthy jail sentences handed down to a number of Catalan political and cultural leaders by Spain’s Supreme Court earlier this month.

These were people involved in organizing an illegal independence referendum two years ago. The majority of these Catalan leaders were convicted for sedition. None were found guilty of the more serious charge of rebellion — but sentences ran as long as 13 years nonetheless.

This month Spanish judges also reissued a European arrest warrant seeking to extradite the former leader of the Catalan government, Carles Puigdemont, from Brussels to Spain to face trial.  Last year a court in Germany refused his extradition to Spain on charges of rebellion or sedition — only allowing it on lesser grounds of misuse of public funds. A charge which Spain did not pursue.

Puigdemont fled Catalonia in the wake of the failed 2017 independence bid and has remained living in exile in Brussels. He has also since been elected as an MEP but has been unable to take up his seat in the EU parliament after the Spanish state moved to block him from being recognized as a parliamentarian.

Shortly after the latest wave of pro-independence demonstrations took off in Catalonia the Tsunami Democràtic movement’s website was taken offline — also as a result of a takedown request by the Spanish state.

The website remains offline at the time of writing.

While the Tsunami Democràtic app could be accused of encouraging disruption, the charge of “terrorism” is clearly overblown. Unless your definition of terrorism extends to harnessing the power of peaceful civil resistance to generate momentum for political change. 

And while there has been unrest on the streets of Barcelona and other Catalan towns and cities this month, with fires being lit and projectiles thrown at police, there are conflicting reports about what has triggered these clashes between police and protestors — including criticism of the police response as overly aggressive vs what has been, in the main, large but peaceful crowds of pro-democracy demonstrators.

The police response on the day of the 2017 referendum was also widely condemned as violently disproportionate, with scenes of riot gear clad police officers beating up people as they tried to cast a vote.

Local press in Catalonia has reported the European Commission response to Spain’s takedown of the Tsunami Democràtic website — saying the pan-EU body said Spain has a responsibility to find “the right balance between guaranteeing freedom of expression and upholding public order and ensuring security, as well as protecting [citizens] from illegal content”.

Asked what impact the Github takedown of the Tsunami Democràtic app’s APK will have on the app, a source with knowledge of the movement suggested very little — pointing out that the APK is now being hosted on Telegram.

Similarly, the content that was available on the movement’s website is being posted to its 380,000+ subscribers on Telegram — a messaging platform that’s itself been targeted for blocks by authoritarian states in various locations around the world. (Though not, so far, in Spain.)

Another protest support tool that’s been in the works in Catalonia — a live-map for crowdsourcing information about street protests which looks similar to the HKlive.maps app used by pro-democracy campaigners in Hong Kong — is still in testing but expected to launch soon, per the source.

Duffel raises $30M led by Index Ventures to disintermediate legacy travel platforms

Huge travel platforms that run airline booking systems like Sabre and Amadeus were invented eons ago and are so large and cumbersome that innovating with them is no easy feat. In the same way that challenger banks have come along to re-invent the banking software Starck, UK startup Duffel has done the same in the travel market, linking up airlines directly with travel agents with a 21st Century platform.

Today it’s announced a $30m Series B funding round from investors Index Ventures, and they were joined by existing investors Benchmark Capital and Blossom Capital . Its airline partners already include American Airlines, British Airways, Lufthansa Group, Aegean Airlines, Vueling, and Iberia.

Duffel will use the new funds to hire more engineers and increase its broader team. It is focusing on expanding in North America and Europe, with its first customers drawn from the US, UK, Canada, France, Germany and Spain.

Duffel enables travel agencies to plug in directly to airlines’ reservation systems via an API so that they can pull real-time flight offers, make bookings, access live seat availability, and buy extra services. This means new digital and mobile app-based travel agencies – Duffel’s target market – can bypass the long lead times and high costs associated with the legacy flight booking systems. They are then able to see live seat availability from some of the world’s biggest airlines, as well as additional offers on in-flight meals or luggage allocations.

Steve Domin, co-founder and CEO of Duffel, said: “A new breed of online agencies want to access reservation systems quickly and seamlessly. By reinventing the underwiring between online agents and airlines we can transform the world of travel booking and reduce barriers to entry for innovative new companies that are offering travelers a whole new way of creating a holiday or trip.”

In the same way that banking systems have been opened up by deregulation, the International Air Transport Association (IATA) created a new industry standard, known as New Distribution Capability (NDC), which transformed the way air products are retailed through the use of modern XML technology. The problem was, the legacy platforms didn’t take much interest. Duffel has obviously come along to take advantage of that.

Jan Hammer, partner at Index Ventures, said: “We are incredibly impressed by the Duffel team, who we have supported since the days of their seed funding. There is an opportunity here to transform the booking experience for travelers and ease many of the pain points in the industry. From the launch of budget airlines to sharing economy businesses like Airbnb, travel has changed and Duffel will provide the tools, built from the ground up, that make the next wave of innovation possible.”

Speaking to TechCrunch, Domin said: “Historically it’s been very hard to sell travel products to agencies. Integrations are hard. There is too much complexity. We are bundling it all into a very simple API and 2 hours later you can have it running on a site or a mobile app.”

“We are connecting directly to airlines’ reservation systems. If you go on a site that uses Duffel, we will forward – to the airline – the right search request, and the airline generates the offer in real-time.”

“Airlines were trying to modernize their booking systems with Amadeus and Sabre but they have not moved quickly on adapting to what the airlines wanted. When the IATA came up with its new XML platform, no-one wanted to use it. So we did.”

Is Duffel a threat to the legacy platforms? “Potentially,” he says, “but I don’t think they see it that way. They don’t see the benefit of engineering and developer experience. In a way, I hope we will be a threat but I don’t think we are right now.”

He said Duffel has future plans to expand to other products like trains and hotels.

Spanish startup Elma gets $3.2M for a digital-first health insurance play

Insurtech startup Elma has closed a €3 million (~$3.2M) Series A funding round led by Mangrove Capital partners to build out a digital-first health insurance business starting with Spain, its domestic market.

Also investing in the Series A are a number of unnamed local investors focused on the healthcare space, along with Barcelona-based investor and company builder Antai Venture Builder (AVB), Arroba Capital, and US VC Joyance Capital Partners. 

Elma’s co-founders — Miguel Ángel Antón (CEO), Albert Malagarriga (CPO), and Miguel Vicente and Gerard Olivé (also co-founders of its investor, AVB) — have a background in digital industries and startups, building “user centric experiences”, as Antón puts it.

Healthcare experience in the founding team comes via the COO who we’re told spent 12 years at a C-level position at one of the largest health insurers in Spain (now owned by Bupa). Elma also has a chief medical officer — who Antón touts as bringing a wealth of experience in “digital care”.

Since 2017 the team has been building a number of digital healthcare tools that can be accessed via an app. The idea is to entice subscribers to Elma’s healthcare cover with the promise of tech-enabled convenience and a shorter wait time vs Spain’s (free) public healthcare service for remote chats with doctors.

It’s also hoping to disrupt legacy health insurance giants by offering slicker digital tools and services.

“Few companies or entities have had the opportunity to think about patient journeys and build and articulate a product that optimizes healthcare outcomes while controlling costs,” argues Antón. “We believe insurers have a privileged position to do that, yet they seem to have little incentive to innovate and adopt digital tools to make it happen given their legacy. We want to build a digital health subscription to better healthier, that includes insurance and is (finally) user centric.”

Among the tools Elma will offer subscribers initially is a telehealth service that lets members talk to a doctor via video call and chat, providing remote primary care and digital prescription (it has a team of seven doctors to serve that from launch) — and a doctor search engine for finding a medical professional to deal with a specific condition (it has a pool of 23,000 doctors in Spain for in-person healthcare).

“We are currently working on a booking feature and integration with test providers to make getting blood tests, scans and so on much easier and interconnected,” adds Antón.

“We are one of the few insurers that provide a full online, comprehensive quoting system for people to understand our products and buy entirely online. These are just a few features that we are releasing with, but our vision is to pursue the digitalization of the industry to fulfil our mission. Prevention, promotion of good habits, digital therapies, are coming up next.” 

On the prevention front, this being an insurtech startup, Elma’s roadmap includes linking insurance premiums to healthier lifestyles — via some form of behavior tracking.

“Healthier people should benefit from their good habits and we are already testing tools that identify people’s habits,” Antón confirms, adding: “Other features in our roadmap for next year are integration with wearables, care plans, skin prevention plans, etc.”

The team will be launching its first health insurance product in Spain next month.

Its website already lists pricing for a range of plans “con copago” (which means there’s a monthly fee to pay for the insurance cover plus an additional fee when you access healthcare services).

“We will have a full “sin copago” product in two weeks but we are believers of insurance with copayment,” Antón tells TechCrunch. “Being healthy makes you reduce visits to the doctor so you can keep your premium low and pay per use which will be best for our customers. We really love copayments…. Best way to pay less.”

The Series A will be put towards scaling in Spain, which is the firm focus for Elma for the foreseeable future given a large addressable local market.

Some 10M+ people (~23% of the population) pay for healthcare, according to Antón, who says this is on account of long wait time for the free public service. A majority of those (60%) pay for health insurance via their employer — so Elma is focusing on selling in to corporates to provide cover for their staff.

“We have an agreement with [insurance broker] Willis Towers Watson who will allow us to quote the most relevant companies in Spain,” he says, adding that it’s already signed agreements with listed companies  (such as Masmovil, Red Electrica Española); startups (eCooltra); and state owned companies (Ferrocarrils de la Generalitat).

“Healthcare is very country specific, that’s why its really hard to scale this type of company [to other markets]. So far we want to concentrate in Spain. The market here is huge, growing 5%-7% a year and needs a lot of digitalization,” he adds.

“We want to became leader in our market. In the future we will look for markets where our product fits the best, and it may be countries with or without a strong public health system. What we believe is true is if we make it here, where we are competing with an excellent service which is for free (Spanish public healthcare system), we can probably make it anywhere.”

In terms of app-focused competition, on Elma’s home turf there’s MediQuo, another Barcelona-based startup that promises to put a doctor in your pocket — via an app where users can chat to a medical “amigo”. While it’s not a fully fledged health insurance play pricing is low enough that users could combine it with legacy health insurance elsewhere — augmenting their usual cover with an up-to-date app supplement.

Pan-European VC fund Target Global is opening an office in Barcelona

Hola Barcelona. Target Global, a pan-European VC firm with €700 million under management and a broad investment canvas spanning SaaS, marketplaces, fintech, insurtech and mobility, is opening an office in the Catalan capital.

Investor director, Lina Chong, will lead the expansion into Spain, having relocated to Barcelona from the fund’s Berlin headquarters. They’re setting up in a co-working space on Avenue Diagonal in the center of the city. 

Target Global backs early and growth stages startups, as well as doing some seed investing. The firms tells us it’s expecting to do between one and three deals per year out of the Barcelona office, envisaging the same mix of investments in terms of early and growth stage.

“We’ve been seeing decent deals in both stages. Definitely. Across Spain,” says Chong. “There is just more — by numbers — way more early stage seed than A. I think that’s just the maturity of the ecosystem here.”

Dialling up a local presence across Europe means Target Global can pitch founders on being able to connect talent and expertise across key regional startup hubs, while also plugging into a wider international network. (It also has offices in London, Tel Aviv and Moscow.)

From a VC perspective opening local offices is of course about deal flow. Being on the ground to take more meetings widens the pipe, increasing the chance of an early shot at the next high growth business.

That’s important because Europe’s startups have many more options for early stage funding than in years past, and founders are getting smarter about choosing their investors. Boots on the ground means more time for all important relationship building.

Target Global describes itself as something of a startup — it was founded in 2012 — which means it’s competing for deals with VCs that have more established brands and networks. Becoming a familiar face in the room looks like a solid strategy to growth hack its own network.

We are a global or a pan-European fund but for an entrepreneur here we want them to feel that we’re local; we understand the ecosystem; that we have deep rooted connections; that we’re committed; that we show up,” general partner Shmuel Chafets tells TechCrunch.

“It’s all a function of time and effort. Just being here and having breakfast with people, lunch with people and helping out even the people we don’t invest. You get more connected and then you start to see more deal flow.”

This is the second local office it’s opened in Europe this year, after adding a London base in April — making it a flattering pick for Barcelona. Plenty of other European hubs are being passed over in the city’s favor this time, be it Madrid, Lisbon, Paris or Stockholm. 

Chafets says the firm looked at five or six other cities but settled on Barcelona for now, though he won’t rule out opening more offices in future. “Never say never,” he quips. 

Having been a regular visitor to Barcelona for a number of years he talks enthusiastically about the creative energy motivating entrepreneurs — saying the city’s ecosystem reminds him of how Berlin felt a few years ago. “It looks like it’s just about to happen,” he reckons. 

“From what I’ve seen Barcelona is sort of strong in creative. It’s a very creative city. It’s always pretty strong in mobile, historically. It had more mobile successes… SaaS, particular smb SaaS, is pretty good here. I think it would be harder to find enterprise sales companies and companies building these very deep tech stuff right now. But definitely in the marketplace, smb SaaS space, mobile space you see great stuff here. 

“That ties into the creativity, because it’s a product driven environment — not a tech driven environment. I think Berlin is a very operationally driven environment, Tel Aviv is a very tech driven environment, this is a very product driven environment — which actually complements well our other hubs.”

“There’s some pent-up energy here,” agrees Chong, who says they’ve already come across a “surprising” amount of deal flow. “Again it’s very similar to Berlin where there’s a lot of willingness and there’s a lot of dreaming but there’s not a lot going on. So I think the younger people here they’re creating that.”

Target Global has been testing the water prior to formalizing its commitment to Barcelona, and has four local portfolio companies which it’s ploughed around €20M into over the past 12 months.

Its biggest regional investment to date is in business trip booking SaaS, TravelPerk. It’s also backed flatmate matching platform Badi; online doctor booking platform, Doc Planner (which relocated from Warsaw, Poland after merging with local startup Doctoralia); and medical chat app MediQuo.

From a wider perspective, Barcelona’s tech ecosystem has been gathering momentum for years, helped by the annual presence of the world’s biggest mobile tradeshow (MWC) — as well as more specific pull factors for startups such as a relatively low cost of living and an attractive Mediterranean location. 

“It’s a great place to live and you can’t ignore that,” says Chafets. “In Europe if you’re a team and you’re an international team there are very few places you can live.”

This combination means Barcelona is now home to a growing number of high growth startups, including Target Global’s portfolio firm TravelPerk — as well as the likes of on-demand delivery platform Glovo; and RedPoints, which sells a SaaS to brands for detecting and acting against the sale of fake goods online, to name two other notable examples.

Other local startups grabbing attention and investment in recent years include 21Buttons, Holded, Housfy, Typeform and Verse. While hyper local mobile marketplace startup Wallapop — which was on a growth tear in an earlier wave of ecoystem growth — remains the go-to classified app on every local’s phone (though it merged with a US rival back in 2015).

The city even has its own youthful scooter startup (Reby) which has refused to be put off by some tough regulations controlling rentals — and has recently been applying AI to try to make like a good citizen by automatically detect poor parking.  

Mobility is a major area of focus for Target Global — which last year announced a dedicated fund (with an initial raise of $100M) for startups working to disrupt transportation. Although, when it comes to stand-up e-scooters the firm is already invested in Berlin-based Circ so will presumably be looking to spend elsewhere on that front.

“Barcelona is the perfect city for scooters,” says Chafets. “Scooters can really change the way the city works. It’s also small and has relatively good public transportation from outwards in — but they need to be regulated. You need to really make sure that [they aren’t a misused nuisance].”

He notes that European regulators have been relatively quick to spot the risks of shared mobility, and close off the antisocial expansionist playbook that played out in some US cities during the first wave of scooter startups — when people trolled Bird by hanging scooters in trees (or, well, worse) — but he sees that as good news for building a sustainable future for alternative mobility. 

“It’s a great challenge and it will be a huge money maker — that’s where we want to be right, multiple trillion dollar businesses!”

Away from disruptive developments on the ground in Barcelona and the other local tech hubs that Target Global is intending to explore from its new base in Catalonia, it also views Spain as a low risk gateway to opportunities on the other side of the Atlantic. 

“There’s a decent local domestic market and there is a natural second market in South America,” says Chafets. “Actually in the US too — because Spanish is the second most commonly spoken language in America so when you start a company here you have that second market built in. Which is very important — you can scale it.”

“Latin America is a fascinating market right now, it’s a fascinating time,” he adds. “So in a way it’s a way for us to make a side bet on Latin America without going out of Europe and investing far.”

We’ll share a full interview with Chafets and Chong on Extra Crunch.

Lookiero closes $19M led by MMC Ventures to be the Stitch Fix for Europe

Lookiero, the online personal shopping service for clothes and accessories, has closed a $19 million funding round led by London-based VC MMC Ventures with support from existing investor All Iron Ventures, and new investors Bonsai Partners, 10x and Santander Smart. The company will use the backing to expand in its main markets of Spain, France and the UK. In June last year it closed a funding round of €4 million led by All Iron Ventures.

The startup applies algorithms to a database of personal stylists and customer profiles to thus provide a personalized online shopping experience to its customers. It then delivers a selection of five pieces of clothing or accessories curated by a personal shopper to fit the customer’s individual size, style, and preferences. Customers then decide which items to keep or return (at no additional cost), allowing Lookiero to learn more about the customer’s tase before starting the whole process again.

By generating look-a-like profiles and analyzing previous customer interactions with each item, Lookiero says it can predict how likely a user is going to keep a certain item from a range of more than 150 European brands from a warehousing system that will ship more than 3 million items of clothing this year to seven European countries.

It’s not unlike the well—worn Birchbox model. Lookiero’s main competitor is Stitch Fix (US), which has upwards of $1.5bn in annual revenues and IPO’d November 2017.

Founded in 2015 by Spanish entrepreneur Oier Urrutia, the company says it now has over 1 million registered users and has grown revenue by over 200% from 2017 to 2018.

In a statement Urrutia said: “This investment round provides us with the necessary capital to further increase the accuracy of our technology, which is really exciting. It will allow us to offer the best possible experience for our users and to continue expanding across Europe.”

Simon Menashy, Partner, MMC Ventures, said: “The migration of fashion brands online has improved consumers’ access to clothing, and there is now an almost overwhelming amount of choice. At the same time, it can still be really hard to find exactly what is right for you, especially with high street retail stores in decline. Lookiero provides the best of both worlds, giving every customer a hand-picked selection from their personal stylist.”

Ander Michelena, co-founding partner of All Iron Ventures, said: “Even if what Oier and his team have achieved to date is remarkable, we believe that Lookiero still has great potential to continue expanding internationally and to become a player of reference in a market segment where there is still a lot to do in terms of innovation and user satisfaction”.

SoftBank-backed Getaround is raising $200M at a $1.5B+ valuation

Getaround, a used car marketplace and winner of TechCrunch Disrupt New York Battlefield 2011, will enter the unicorn club with a roughly $200 million equity financing.

The deal values Getaround, founded in 2009, at $1.7 billion, according to an estimate provided by PitchBook. Getaround declined to comment, citing internal policy on “funding speculation.”

“Getaround and our investors work closely together on our growth strategy, and we’ll definitely plan to share more when we’re ready,” a spokesperson said in response to TechCrunch’s inquiry Thursday morning.

The news follows the company’s $300 million acquisition of Drivy, a Paris-headquartered car-sharing startup that operates in 170 European cities.

Getaround closed a Series D funding of $300 million last year, a round led by SoftBank with participation from Toyota Motor Corporation. Existing investors in the business, which allows its some 200,000 members to rent and unlock vehicles from their mobile phones at $5 per hour, include Menlo Ventures and SOSV.

Assuming an upcoming $200 million infusion, Getaround has raised more than $600 million in equity funding to date.

Whether SoftBank has participated in Getaround’s latest financing is unknown. The business is an active investor in the carsharing market, with investments in Chinese ride-hailing business Didi Chuxing, Uber and autonomous driving company Cruise. We’ve reached out to SoftBank for comment.

In conversation with TechCrunch last year, Getaround co-founder Sam Zaid emphasized SoftBank’s capabilities as a mobility investor: “What we really liked about [SoftBank] was they take a really long view on things,” he said. “So they were very good about thinking about the future of mobility, and we have a common kind of vision of every car becoming a shared car.”

Getaround was expected to expand into international markets with its previous fundraise. Indeed, the company has moved into France, Germany, Spain, Austria, Belgium and the U.K. where it operates under the brand “Drivy by Getaround,” and in Norway under the “Nabobil” brand.

The business initially launched its car-sharing service in 2011, relying on gig workers, who can list their car on the Getaround marketplace for $500 to $1,000 a month in payments, depending on how often their car is rented.

Since Getaround entered the market, however, a number of competitors have entered the space with similar business models. Turo and Maven, for example, have both emerged to facilitate car rental with backing from top venture capital funds.

Heat waves bring record-breaking temperatures on a geological scale

From Alaska to Europe the world has spent the past few weeks roasting under temperatures never before seen in recorded history.

In Alaska, all-time high record temperatures were set across the state on July 4th, according to the National Weather Service. In Anchorage, the mercury soared to highs of 90 degrees, the highest temperature since recording began in 1952.

Temperatures in Alaska have reached 90 degrees in other cities around the state before, but this is the first time that the thermometer hit that mark in Anchorage.

Meanwhile, hot winds blowing North from the Sahara set temperatures in Europe soaring to record highs, according to data released by the Copernicus Climate Change Service.

It was Europe’s record three degree temperature spike that brought global temperatures to their recorded-history highs.

Screen Shot 2019 07 05 at 12.16.41 PM

“Although local temperatures may have been lower or higher than those forecast, our data show that the temperatures over the southwestern region of Europe during the last week of June were unusually high,” said Jean-Noël Thépaut, head of the Copernicus Climate Change Service. “Although this was exceptional, we are likely to see more of these events in the future due to climate change.”

According to data from Copernicus, the temperature spikes across Europe was the highest on record for the month.

Compared for the same five-day period during the last thirty year climatological reference period, six to ten degree Celsius temperature spikes happened in most of France and Germany, throughout northern Spain, northern Italy, Switzerland, Austria and the Czech Republic.

As these events become common, the need for technologies that can reduce carbon emissions because more pressing.

Increasingly, businesses and investors are returning to the once-shunned market of clean technology and renewable energy to back new electric vehicle manufacturers, new energy efficient construction technologies, the rehabilitation of outdated infrastructure and consumer goods that have a smaller carbon footprint or reduce waste.

Data from Bloomberg New Energy Finance published earlier this year indicated that venture investments into what was once called clean technology hit $9.2 billion in 2018. That’s the highest cumulative investment in the sector since 2009. Much of those deals were in Chinese electric vehicle manufacturers who attracted some $3.3 billion in venture capital and private equity dollars.

That’s critical because global carbon emissions have increased over the past two years, according to estimates from the Global Carbon Project.

“We thought, perhaps hoped, emissions had peaked a few years ago,” said Rob Jackson, a professor of Earth system science in Stanford’s School of Earth, Energy & Environmental Sciences (Stanford Earth). “After two years of renewed growth, that was wishful thinking.”

In the U.S. specifically, climate related pressures (a warmer summer and a colder winter) led to increasing demand along with an uptick in gasoline consumption as demand for bigger vehicles fueled higher gas consumption.

“We’re driving more miles in bigger cars, changes that are outpacing improvements in vehicle fuel efficiency,” Jackson explained.

LaLiga fined $280k for soccer app’s privacy violating spy mode

Spanish soccer’s premier league, LaLiga, has netted itself a €250,000 (~$280k) fine for privacy violations of Europe’s General Data Protection Regulation (GDPR) related to its official app.

As we reported a year ago, users of the LaLiga app were outraged to discover the smartphone software does rather more than show minute-by-minute commentary of football matches — but can use the microphone and GPS of fans’ phones to record their surroundings in a bid to identify bars which are unofficially streaming games instead of coughing up for broadcasting rights.

Unwitting fans who hadn’t read the tea leaves of opaque app permissions took to social media to vent their anger at finding they’d been co-opted into an unofficial LaLiga piracy police force as the app repurposed their smartphone sensors to rat out their favorite local bars.

The spy mode function is not mentioned in the app’s description.

El Diaro reports the fine being issued by Spain’s data protection watchdog, the AEPD. A spokesperson for the watchdog confirmed the penalty but told us the full decision has not yet been published.

Per El Diaro’s report, the AEPD found LaLiga failed to be adequately clear about how the app recorded audio, violating Article 5.1 of the GDPR — which requires that personal data be processed lawfully, fairly and in a transparent manner. It said LaLiga should have indicated to app users every time the app remotely switched on the microphone to record their surroundings.

If LaLiga had done so that would have required some form of in-app notification once per minute every time a football match is in play, being as — once granted permission to record audio — the app does so for five sections every minute when a league game is happening.

Instead the app only asks for permission to use the microphone twice per user (per LaLiga’s explanation).

The AEPD found the level of notification the app provides to users inadequate — pointing out, per El Diaro’s reports, that users are unlikely to remember what they have previously consented each time they use the app.

It suggests active notification could be provided to users each time the app is recording, such as by displaying an icon that indicates the microphone is listening in, according to the newspaper. 

The watchdog also found LaLiga to have violated Article 7.3 of the GDPR which stipulates that when consent is being used as the legal basis for processing personal data users should have the right to withdraw their consent at any time. Whereas, again, the LaLiga app does not offer users an ongoing chance to withdraw consent to its spy mode recording after the initial permission requests.

LaLiga has been given a month to correct the violations with the app. However in a statement responding to the AEPD’s decision the association has denied any wrongdoing — and said it plans to appeal the fine.

“LaLiga disagrees deeply with the interpretation of the AEPD and believes that it has not made the effort to understand how the technology [functions],” it writes. “For the microphone functionality to be active, the user has to expressly, proactively and on two occasions grant consent, so it can not be attributed to LaLiga lack of
transparency or information about this functionality.”

“LaLiga will appeal the decision in court to prove that has acted in accordance with data protection regulations,” it adds.

A video produced by LaLiga to try to sell the spy mode function to fans following last year’s social media backlash claims it does not capture any personal data — and describes the dual permission requests to use the microphone as “an exercise in transparency”.

Clearly, the AEPD takes a very different view.

LaLiga’s argument against the AEPD’s decision that it violated the GDPR appears to rest on its suggestion that the watchdog does not understand the technology it’s using — which it claims “neither record, store, or listen to conversations”.

So it looks to be trying to push its own self-serving interpretation of what is and isn’t personal data. (Nor is it the only commercial entity attempting that, of course.)

In the response statement, which we’ve translated from Spanish, LaLiga writes:

The technology used is designed to generate exclusively a specific sound footprint (fingerprint acoustic). This fingerprint only contains 0.75% of the information, discarding the remaining 99.25%, so it is technically impossible to interpret the voice or human conversations.

This fingerprint is transformed into an alphanumeric code (hash) that cannot be reversed to recreate the original sound. The technology’s operation is backed by an independent expert report, that among other arguments that favor our position, concludes that it “does not allow LaLiga to know the contents of any conversation or identify potential speakers”. Furthermore, it adds that this fraud control mechanism “does not store the information captured from the microphone of the mobile” and “the information captured by the microphone of the mobile is subjected to a complex transformation process that is irreversible”.

In comments to El Diaro, LaLiga also likens its technology to the Shazam app — which compares an audio fingerprint to try to identify a song also being recorded in real-time via the phone’s microphone.

However Shazam users manually activate its listening feature, and are shown a visual ‘listening’ icon during the process. Whereas LaLiga has created an embedded spy mode that systematically switches itself after a couple of initial permissions. So it’s perhaps not the best comparison to try to suggest.

LaLiga’s statement adds that the audio eavesdropping on fans’ surroundings is intended to “achieve a legitimate goal” of fighting piracy. 

“LaLiga would not be acting diligently if it did not use all means and technologies at its fingertips to fight against piracy,” it writes. “It is a particularly relevant task taking into account the enormous magnitude of fraud in the marketing system, which is estimated at approximately 400 million euros per year.”

LaLiga also says it will not be making any changes to how the app functions because it already intends to remove what it describes to El Diario as “experimental” functionality at the end of the current football season, which ends June 30.

Revolut adds Apple Pay support in 16 markets

Fintech startup Revolut has expanded its support for Apple Pay, confirming that from today the payment option is available for users in 16 European markets.

The list of supported markets is: UK, France, Poland, Germany, Czech Republic, Spain, Italy, Switzerland, Ireland, Belgium, Austria, Sweden, Denmark, Norway, Finland and Iceland.

Press reports last month suggested the UK challenger bank had inked Apple Pay agreements in markets including the UK, France, Germany and Switzerland.

It’s not clear what took Revolut so long to join the Apple Pay party.

Customers in the supported markets can add their Revolut card to Apple Pay via the Revolut app or via Apple’s Wallet app. Those without a plastic card can add a virtual card to Apple Wallet via the Revolut app and are able to start spending immediately, without having to wait for the physical card to arrive in the post.

Commenting in statement, Arthur Johanet, product owner for card payments at Revolut, said: “Revolut’s ultimate goal is to give our customers a useful tool to manage every aspect of their financial lives, and the ability to make payments quickly, conveniently and securely is vital to achieving this. Our customers have been requesting Apple Pay for a long time, so we are delighted to kick off our rollout, starting with our customers in 16 markets. This is a very positive step forward in enabling our customers to use their money in the way that they want to.”