Techdirt Lite.
(Click here for full version)

Some Thoughts On The EU's Latest $5 Billion Google Antitrust Fine (Innovation)

by Mike Masnick

from the what's-best-for-innovation? dept on Wednesday, July 18th, 2018 @ 3:38PM

As was widely expected, earlier today, the EU Commission brought down its latest antitrust fine against Google, this time for an eye-popping $5 billion. The number gets the attention, but it's worth looking at the underlying details here. This was the result of a two year investigation, specifically into certain bundling practices that Google used concerning Android and some of its apps. When Competition Commissioner Margrethe Vestager first announced the investigation in April of 2016, she more or less explained where they were headed:

The Commission's preliminary view is that Google has implemented a strategy on mobile devices to preserve and strengthen its dominance in general internet search. First, the practices mean that Google Search is pre-installed and set as the default, or exclusive, search service on most Android devices sold in Europe. Second, the practices appear to close off ways for rival search engines to access the market, via competing mobile browsers and operating systems. In addition, they also seem to harm consumers by stifling competition and restricting innovation in the wider mobile space.

And... that's more or less exactly what the Commission found in today's announcement.

Commissioner Margrethe Vestager, in charge of competition policy, said: "Today, mobile internet makes up more than half of global internet traffic. It has changed the lives of millions of Europeans. Our case is about three types of restrictions that Google has imposed on Android device manufacturers and network operators to ensure that traffic on Android devices goes to the Google search engine. In this way, Google has used Android as a vehicle to cement the dominance of its search engine. These practices have denied rivals the chance to innovate and compete on the merits. They have denied European consumers the benefits of effective competition in the important mobile sphere. This is illegal under EU antitrust rules."

In particular, Google:

  • has required manufacturers to pre-install the Google Search app and browser app (Chrome), as a condition for licensing Google's app store (the Play Store);
  • made payments to certain large manufacturers and mobile network operators on condition that they exclusively pre-installed the Google Search app on their devices; and
  • has prevented manufacturers wishing to pre-install Google apps from selling even a single smart mobile device running on alternative versions of Android that were not approved by Google (so-called "Android forks").

I've been critical of some antitrust activity and supportive of others over the years, and I think it's important to take a step back and look at whether or not this actually will likely lead to greater innovation -- no matter what the reasoning is (and, it should be noted, many European officials have made it clear they think EU antitrust activities should be used to harm American companies because they're big and American, rather than for any principled reason concerning competition or innovation). And, of course, there are some people who simply hate big tech companies and will cheer on any attack on them whether it's for good or bad reasons.

Just to set some signposts for the discussion: I believe, and have argued strongly over the years, that competition is the key to innovation and innovation is an important component of making everyone's lives better. You are free to disagree with those claims, but then we're having a very different discussion. This is the lens through which I view this entire discussion. Based on that, antitrust activities are useful when they are used to stop truly harmful monopolistic practices that hold back competition and innovation. But, antitrust activities for other reasons, or which don't seem likely to result in greater competition and innovation tend to be wasteful and silly. So... where does this latest fine from the EU come down?

As I noted when the investigation was first announced, it seemed that only one of the three "prongs" of the investigation really seemed like a big issue: the preventing manufacturers from selling phones with alternative versions of Android. There is a non-nefarious reason why Google might want this -- because if those non-Google Android versions are poorly done, it could confuse people and reflect poorly on Google... but this condition could clearly be used to stifle competition and innovation in the space. There's a reasonable argument that this was always a step too far, and Google never should have gone down that path in the first place.

The other reasons given for the fine remain... a lot less compelling. First, there's the issue of tying Google search and Chrome to offering Google Play as a pre-installed app. First off, the EU admits (oddly) that this is unfair because everyone expects the Google Play store to be pre-installed:

As part of the Commission investigation, device manufacturers confirmed that the Play Store is a "must-have" app, as users expect to find it pre-installed on their devices (not least because they cannot lawfully download it themselves).

Okay, fair enough. But you know what that very same Play Store lets you do? Download other browsers and search apps. I don't use Chrome on my phone (I use Firefox, Firefox Focus -- which is fantastic, or Brave). I've even used alternative app stores in the past, but eventually shifted back to the Play Store, mainly because Google seemed to do a much better job of stopping dangerous or crappy apps from getting on my phone. And, as Google has suggested, part of the reason for requiring Chrome to be installed is that tons of other apps actually use Chrome components as part of how they work. So not installing Chrome with the Play Store would actually lead to a lot of apps not working properly.

The other issue for which Google was dinged was the payments to device manufacturers to make Google search the "exclusive" pre-installed search on those devices. Now, I could totally see a valid antitrust complaint on this point if Google were forcing manufacturers into this agreement against their will, and were able to force them to do so. But... here it's about Google doing a business deal to pay manufacturers to be the exclusive. As we pointed out at the beginning of the investigation, how is that different than when Google paid Mozilla to be the default search engine in Firefox? Then Microsoft outbid Google and Bing became the default.

Either way, on this issue, Google stopped doing this practice entirely in 2014.

Google says it's going to appeal this decision, and Google CEO Sundar Pichai is hinting that if the ruling is upheld, Google may no longer be able to offer Android for free in the EU. Google also argues that the way its designed its Android business has created a tremendous amount of choice -- including providing smart phone / tablet / other devices that are available at price points and in markets where Google's main competitor in this space, Apple, refuses to make any real offerings. And that's a fairly compelling point.

The bigger question, again, though is what will be the real impact on innovation for end users of all of this. I'm not convinced (should this hold up) that it will have much of an impact either way. I doubt making any of the required changes will really harm Google that much (as noted, in at least one case, it already gave up the practice four years ago). But I also don't see how any of the required changes really helps competitors or app developers in any significant way. It doesn't make any of them more likely to get more users, or provide a better way for them to get their services out there.

One of the issues with anything having to do with innovation is that it's impossible to envision the "innovation that would have occurred" in the counterfactual scenario in which the supposed antitrust violations never occurred. But looking over these issues, I'm hard pressed to think of how anything would have developed all that differently if Google hadn't done these things in the first place. Perhaps Amazon's Fire devices would have a larger market? Perhaps we'd have seen more innovation with other third parties building out their own versions of Android with their own playstores. But it seems unlikely that it would have materially changed how the search market and browser market developed.

Of course, it should be noted that there is some amount of karma here. Back during the Microsoft antitrust fight, Google stepped up in 2006 to complain to the EU Commission about Microsoft's bundling and default practices. Specifically, Microsoft's browser at the time included a built in search box that defaulted to Microsoft's own search (at the time, called MSN search). And Google didn't like that.

"The market favors open choice for search, and companies should compete for users based on the quality of their search services," said Marissa Mayer, the vice president for search products at Google. "We don't think it's right for Microsoft to just set the default to MSN. We believe users should choose."

And, amusingly, Microsoft's own response to that criticism was nearly identical to Google's today, saying that "the user is in control" and it's easy to change the defaults. So there's absolutely some hypocrisy in how Google has acted through this whole thing.

However, in the end, I'm still hard pressed to see how today's fine will actually change anything in a way that improves innovation and what the public gets to do. Google is competing with lots of companies on a variety of different fronts these days. Earlier this year we had a podcast exploring how companies might disrupt Google, and I don't see how these moves make any of what we discussed any easier at all. Instead, it seems to be fighting the last fight, over mobile UI, rather than the next real competitive and innovative fights on different kinds of services.


French Pirates Are Increasingly Buying Through Legal Options (Copyright)

by Timothy Geigner

from the c'est-la-vie dept on Wednesday, July 18th, 2018 @ 1:34PM

Do you guys remember Hadopi? This French version of a law designed to kick copyright infringers off of the internet essentially ended in 2016, after all kinds of reports showed the program to be an inefficient, unreasonably harsh failure that actually resulted in more infringement rather than less. Well, this travesty probably seems altogether silly here in 2018, given that Hadopi largely targeted filesharing infringement, while the majority of "piracy" these days takes the form of streaming content online rather than downloading it. Those enforcing Hadopi have no real way to track that kind of "piracy", making the whole thing useless.

But the French government appears to want to see if it can repeat its mistakes all over again, with reports that it will institute a streaming site blacklist, which will be every bit as effective as Hadopi. Making all of this especially odd is that it comes at a time when so-called pirates in France are increasingly turning to legal offerings and spending gobs of money on them.

A new report published by consultancy firm EY reveals that the number of French pirates has dropped by 8%, from 11.6 million in 2016, to 10.6 million last year. The remaining pirates also downloaded and streamed less infringing content than the year before, with consumption dipping 4%.

In fact, it appears that pirates are increasingly “going legal.” This doesn’t mean that they have quit their copyright infringing habits completely, but they are more likely to pay for access too. In the span of a year, the number of pirates without a video on demand subscription dropped by nearly 30%. The result is that more than half of all pirates also pay for a legal movie streaming service now.

The reasons why someone might simultaneously pirate content and pay for it through legit services have been covered here many times in the past. It ends up coming down to some combination of content-availability, not wanting to work through the silos content-providers have erected around what customers want, and reasonable pricing models for that content. What data like this ultimately shows is that so-called pirates are perfectly willing to pay for content if its offered to them in a convenient and reasonable way with few mental transactions needed. You know, how all of commerce works.

And, yet, for some reason the French government has decided to try to censor streaming sites -- which it is guaranteed to do badly -- in the face of this optimistic data. Instead, it should be working with content producers and streaming providers alike to make that content as widely available as possible.

“Netflix has managed to reel in pirate consumers who weren’t signed up with a legal service before. In 2017, there were 20% more pirate consumers paying for a Netflix subscription than the year before,” EY’s report states.

This suggests that the main goal of movie studios and other content providers is to make sure that their work is widely available on legal streaming platforms. Ideally, without any delays and at a reasonable price.

Giving the customer what they want, how they want it, at reasonable prices. What a completely novel and hard to grasp idea.


'Smart' TVs Remain The Poster Child For Dismal Privacy, Transparency & Security Standards ((Mis)Uses of Technology)

by Karl Bode

from the watching-you-watching-me dept on Wednesday, July 18th, 2018 @ 11:58AM

The dumpster fire that passes for security and privacy standards in the internet of things space is by now pretty well understood. It's also pretty clear that in this sector, "smart TV" vendors have been among the laziest sectors around in terms of making sure private consumer data is adequately encrypted, and that consumers understand that their viewing habits and even some in-room conversations are being hoovered up and monetized, usually sloppily.

Recent studies have found that upwards of 90% of smart TVs can be compromised remotely, and leaked documents have made it clear that intelligence agencies have been having a field day with the lack of security in such sets, easily exploiting paper-mache grade protections in order to use TV microphones to monitor targets without anybody being the wiser.

Meanwhile, set vendors and viewing tracking firms continue to do a pretty dismal job clearly explaining to the end user what data is being collected and monetized. The New York Times, for example, recently did a profile piece on a company named SambaTV, whose viewer-tracking software is now collects viewing data from 13.5 million smart TVs in the United States. Owners of these sets will find Samba's Interactive TV software already installed, and are told that the software simply lets you receive handy recommendations and experience TV "in a whole new way":

"Interact with your favorite shows. Get recommendations based on the content you love. Connect your devices for exclusive content and special offers. By cleverly recognizing onscreen content, Samba Interactive TV lets you engage with your TV in a whole new way."

But at no point during set up does the company really make it obvious just how much data is being collected or how it's used:

"Once enabled, Samba TV can track nearly everything that appears on the TV on a second-by-second basis, essentially reading pixels to identify network shows and ads, as well as programs on HBO and even video games played on the TV. Samba TV has even offered advertisers the ability to base their targeting on whether people watch conservative or liberal media outlets and which party’s presidential debate they watched."

That's certainly something that would never be abused, right? Especially since we keep seeing story after story after story about how anonymized data isn't really "anonymous", such data isn't particularly well protected, and consumers don't actually have the faintest understanding of what's being collected and monetized in the first place. Consumer advocates say that transparency about what data is collected remains utterly lacking, as most users of this software have zero understanding it can potentially even track their political leanings:

“It’s still not intuitive that the box maker or the software embedded by the box maker is going to be doing this,” said Justin Brookman, director of consumer privacy and technology policy at the advocacy group Consumers Union and a former policy director at the Federal Trade Commission. “I’d like to see companies do a better job of making that clear and explaining the value proposition to consumers."

The FTC last year fined TV vendor Vizio $2.2 million for hoovering up the viewing data on 11 million consumer TVs without consumers’ knowledge or consent. But FTC enforcement is inconsistent, and is often slow to address how companies now use numerous devices in concert (your smart phone, your home assistant, and your TV) to deepen in-home surveillance capabilities further. The rabbit hole gets deeper still when you consider that your ISP is also cashing in on your IOT device usage without much transparency or oversight thanks to the recent attacks on privacy rules and FCC authority over ISPs.

Quite often, such data hoovering systems are actively misrepresented as being of ambiguous benefit to the end user. And because users can technically dig through Samba's 4,000 word privacy policy and 6,500 word terms of use to discover what's actually happening (something companies know users won't do and may not even understand if they did), they're technically adhering to the law. Eventually we'll get around to working together on modernizations of the law, but pretty clearly not before years and dozens of additional privacy and security scandals drive the point home.


Biggest Voting Machine Maker Admits -- Ooops -- That It Installed Remote Access Software After First Denying It ((Mis)Uses of Technology)

by Mike Masnick

from the you-guys-are-soooooooo-bad-at-this dept on Wednesday, July 18th, 2018 @ 10:44AM

We've been covering the mess that is electronic voting machines for nearly two decades on Techdirt, and the one thing that still flummoxes me is how are they so bad at this after all these years? And I don't mean "bad at security" -- though, that's part of it -- but I really mean "bad at understanding how insecure their machines really are." For a while everyone focused on Diebold, but Election Systems and Software (ES&S) has long been a bigger player in the space, and had just as many issues. It just got less attention. There was even a brief period of time where ES&S bought what remained of Diebold's flailing e-voting business before having to sell off the assets to deal with an antitrust lawsuit by the DOJ.

What's incredible, though, is that every credible computer security person has said that it is literally impossible to build a secure fully electronic voting system -- and if you must have one at all, it must have a printed paper audit trail and not be accessible from the internet. Now, as Kim Zetter at Motherboard has reported, ES&S -- under questioning from Senator Ron Wyden -- has now admitted that it installed remote access software on its voting machines, something the company had vehemently denied to the same reporter just a few months ago. That was then:

In a statement, ES&S said, ‘‘None of the employees who reviewed this response, including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software.’’

This is now:

In a letter sent to Sen. Ron Wyden in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had "provided pcAnywhere remote connection software … to a small number of customers between 2000 and 2006," which was installed on the election-management system ES&S sold them.

This should be a massive scandal considering the potential impact on our democracy, but considering all the other scandals going on right now with the potential to impact our democracy, expect this one to not get nearly enough attention. Wyden's own comment on this is noteworthy:

Wyden told Motherboard that installing remote-access software and modems on election equipment “is the worst decision for security short of leaving ballot boxes on a Moscow street corner.”

As for the pcAnywhere software ES&S had installed on those voting machines, well...

In 2006, the same period when ES&S says it was still installing pcAnywhere on election systems, hackers stole the source code for the pcAnyhere software, though the public didn’t learn of this until years later in 2012 when a hacker posted some of the source code online, forcing Symantec, the distributor of pcAnywhere, to admit that it had been stolen years earlier. Source code is invaluable to hackers because it allows them to examine the code to find security flaws they can exploit. When Symantec admitted to the theft in 2012, it took the unprecedented step of warning users to disable or uninstall the software until it could make sure that any security flaws in the software had been patched.

Around this same time, security researchers discovered a critical vulnerability in pcAnywhere that would allow an attacker to seize control of a system that had the software installed on it, without needing to authenticate themselves to the system with a password.

So... that's disturbing.

Anyway, elections are a very tricky problem to do securely. It is a nearly impossible task. But there are lots of things that you clearly should not do, and for some reason, the e-voting manufacturers seem to want to do all of them, and don't seem particularly apologetic about any of it. And, while in the past the idea of hacking an election may have seemed far fetched and conspiracy-minded, these days... not so much. This is a key issue concerning our democracy, and the most incredible thing is how flippant many people are about all of this. Computer security professor Matt Blaze, who knows more about any of this than anyone reading this points out that "in the more than quarter century I've been doing computer security, I've never encountered a problem space nearly as difficult or complex as civil elections."

And yet, we're letting people who don't understand even the slightest bit of the problems and challenges run the show. What a mess.


Daily Deal: SKEYE Nano 2 Camera Drone (Deals)

by Daily Deal

from the good-deals-on-cool-stuff dept on Wednesday, July 18th, 2018 @ 10:38AM

SKEYE Nano 2 is the world's smallest camera drone, and boasts an unrivaled flying experience, streaming a real-time first person view of the tightest spaces directly to your smartphone. With adjustable gyro sensitivity and 6-axis flight control system, this tiny drone is easy to control for even the most novice pilots. Heck, if you're just controller-averse, you can even use your phone as a remote control thanks to on-board WiFi. It's on sale for $29. The skies are waiting!

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.


Older Stories >>