Tech Roundup: Apple Anti-Tracking Policy, Verizon Tumblr Sale & More

[A recurring feature on the latest in Science & Technology.]

• Apple takes a hard stance on online privacy with a new anti-tracking policy in Safari that warns parties trying to circumvent its anti-tracking tech in Safari will be treated "with the same seriousness as exploitation of security vulnerabilities."
• China's internet regulator National Computer Network Emergency Response Technical Team calls for rectification measures for the over-collection of personal data (including asking for permissions to carry out tasks unrelated to their business), clamping down on the practice as the country's over 800 million mobile users increasingly shop and order services exclusively online.
• Facebook dropped plans to acquire Houseparty, a social networking app that lets multiple people video chat on their mobile phones at once, last December following fears that a deal would attract unwelcome government scrutiny. (Facebook — which has been knitting together its flagship social network, Instagram, and WhatsApp to make itself harder to break up — has sparked an antitrust investigation in the E.U. and the U.S.)
• Beijing-based ByteDance forays into mobile search with Toutiao Search as it moves beyond its core businesses in news and video and into work-place messaging and music streaming, competing with Tencent and other Chinese tech firms. (The search results from the web, like other search engines in China, are censored.)
• Facebook admits it's been collecting audio from voice chats on Messenger (sometimes with vulgar content) and hiring third-party contractors to review to and transcribe it and says it suspended the practice following scrutiny into Apple and Google; Ireland's Data Protection Commission opens enquiry on whether the company's processing of data is compliant with E.U. GDPR obligations.
• The report comes after it was found that Google, Apple, Microsoft, and Amazon all used human contractors to listen to audio obtained through their voice assistant products without being explicitly transparent with their users. The have come under fire for collecting audio snippets from consumer computing devices and subjecting those clips to human review, a practice that critics say invades privacy, as it's not explicitly stated in their data collection policies even if it's with the goal of improving the software. Microsoft, in response, has updated its privacy policy to explicitly say employees or contractors may listen to recordings from Cortana and Skype Translator.)
• Researchers disclose a security loophole in dating apps, including Grindr, Romeo, Recon and 3fun, that makes it easy to determine any user's location using the apps' public APIs if the username is known.
• iOS 13 location permission restrictions — allow applications access to location "just once," as opposed to having to give constant access when using an app or continuous background access (This can still be changed in the Privacy section in the Settings app, but the change makes app users more aware that the apps are tracking them on a continuous basis) — prompts third-party app developers to accuse Apple of being anticompetitive and having a "double standard" for how apps can use location data in its new operating system.
• WordPress.com owner Automattic acquires Tumblr from Verizon for less than US$ 3 million (Yahoo! had purchased the blogging platform for US$ 1.1 billion in 2013 before Verizon bought the erstwhile search giant for US$ 4.48 billion in 2017); to take on 200 staffers, but will continue the platform's ban on adult content to prevent child pornography from being circulated.

• The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, is discovered on a database connected to Suprema's Biostar 2 security platform.
• Unlike other breaches, this one is a little different in that it involves fingerprint and facial information. The data leak strikes at the heart of one of the big fears and criticisms about the increasing use of biometrics: You can change your username and password with a couple of clicks. But fingerprints and faces are unique and forever. We cannot reset our face the way we can reset our usernames and passwords.
• Google to allows Android phone users sign into their accounts without a password; to rely on Android’s built in FIDO2 passwordless mechanism to authenticate users with their fingerprints. Google already lets users sign in by leveraging the same technology to make Android phones functions as a 2FA security key, and follows Microsoft's announcement earlier this year to allow users sign in to their accounts using Windows Hello facial recognition login platform.
• India's Reliance Jio inks deal with Microsoft to expand Office 365, Azure to more businesses; unveils broadband, blockchain, and IoT platforms.
• Google employees sign a petition, saying they "refuse to be complicit" in a potential cloud computing contract for the US Customs & Border Protection agency that they say perpetrates human rights abuses at the border citing President Donald Trump's family separation policy; comes amid a rise in employee activism within the tech industry as they begin to question how their work contributions will be used — in the past year, Google employees have organised walkouts and other forms of protest to call attention to the company's handling of sexual harassment allegations, discriminatory labor practices, drone footage analysis program Project Maven, YouTube's policy decisions regarding homophobia, and its participation in Project Dragonfly, a censored search product targeted at the Chinese market, and has spread to Amazon and Microsoft, particularly as those two companies work with the U.S. government on defence projects and federal immigration enforcement.
• Cybersecurity firm Check Point Research discloses new vulnerability that makes DSLR susceptible to ransomware attacks by exploiting Picture Transfer Protocol to remotely install malware on a Canon E0S 80D digital DSLR camera; Canon issues a security advisory, urging users to avoid using unsecured Wi-Fi networks, to turn off its network functions when it's not being used, and to update and install a new security patch onto the camera itself.
• Search engine Ecosia confirms that it won't take part in Google's closed auction to become the default search provider on Android phones in Europe; calls on the internet giant to halt its "damaging monopolistic behaviour" that is "unethical and anti-competitive."
• Chinese tech major Huawei is developing a mapping service, according to China Daily, but is mainly for app/software developers for designing services that could potentially use its technology instead of building their own.
• Google Assistant correctly answers 93 percent of the 800 questions posed to the voice assistant in an annual study by Loup Ventures vs. Siri at 83 percent and Alexa at 80 percent, indicating all three of the leading digital assistants are getting better at responding to human questions.

• Facebook expands its third-party fact checking program to Instagram, starting with U.S.; will downplay posts deemed fake on its Explore and Hashtag pages.
• Amazon launches "Custom Interfaces," a new API that allows developers to connect gadgets and smart toys with Alexa-enabled devices to create new interactions.
• India-based Twitter-like platform ShareChat, which supports multiple regional languages, raises US$ 100 million round led by Twitter, sources say at US$ 600 million - US$ 650 million valuation.
• Apple Card, the iPhone maker's cash-rewards credit card, begins its official rollout in the U.S. (The service also marks yet another attempt from Apple to keep users locked into its ecosystem. It's also meant to work only with an iOS device, effectively making it inaccessible on the web or other platforms. In some part, this is a result of Apple's relatively unique, device-focused infrastructure. It's harder for Apple to make a web-based portal when it focuses so much effort on keeping data on discrete devices.)
• Ring, Amazon's home surveillance company, reportedly coaching law enforcement on different means to convince residents to share camera footage with them without a warrant; said to have briefly run a "Digital Neighbourhood Watch" program in 2017 that encouraged people to report "suspicious activity" in exchange for free or discounted Ring products.
• Web infrastructure provider Cloudflare files to go public, citing sites like 8chan as one risk factor; says it had revenues of US$ 192.7 million in 2018, up 43 percent YoY, and a net loss of US$ 87.2 million.
• Capital One hacker — who stole 106 million customers' personal information from the U.S. financial services firm — reportedly took "terabytes of data" from over 30 companies, educational institutions, and other entities, according to unsealed court documents.
• Google says data from its new "Password Checkup" Chrome extension shows that 1.5 percent of all website logins still use credentials that have already been compromised.
• Snap announces Spectacles 3 glasses with an updated design and a second HD camera to create depth perception, complete with capabilities to capture 3D Snaps, apply 3D augmented reality filters, and view in 3D through a stereoscopic viewer; to go on sale in November for US$ 380.
• Federal Trade Commission Chairman Joe Simons says he is ready to break up big tech companies to rein in dominant companies and restore competition; admits "it's not ideal because it's very messy. But if you have to you have to."
• 23 job search websites in Europe allege anti-competitive behaviour from Google in antitrust complaints to the European Union competition commissioner; accuse the search giant of pushing them down in search results (e.g. Zippia) and "using its dominance to attract users to its specialised search offering without the traditional marketing investments they have to make," thereby costing them profits and valuable traffic from users.
• Chinese handset maker Xiaomi emerges India's top smartphone seller for eight straight quarters, becoming a constant headache for Samsung in the world’s second largest smartphone market as sales decline worldwide.
• Google begins rolling out Chrome OS 76 update with support for virtual desktops, Android-style media controls, and more enhancements.
• Facebook simplifies Groups' privacy settings, to public and private; "secret" Groups are now private and hidden, while "closed" Groups are now private and visible. (For Facebook, whose future is private, the relabelling is more a corrective exercise aimed at clearing a misconception that a closed group is not necessarily hidden from non-members in searches.)
• Twitter tests new feature that allows users to follow specific topics of interest, as part of its ongoing attempts to rebrand itself as the go-to platform for news; begins automatically hiding direct messages that its automated systems think could be offensive.
• LGBTQ YouTube creators sue the video platform for allegedly discriminating against their videos by suppressing recommendations and making it difficult to earn ad revenue; allege YouTube uses "unlawful content regulation, distribution, and monetisation practices that stigmatise, restrict, block, demonetise, and financially harm the LGBT Plaintiffs and the greater LGBT Community."
• Devices powered by KaiOS hits 4.3 percent share in India as it continues to build a presence through critical partnerships with companies including Reliance Jio, Google, Facebook, Twitter, Orange, MTN, Qualcomm, and others; officially surpasses Apple's iOS market share (2.6 percent) as of July 2019, while Android remains unbeaten with over 91.5 percent share in the country.
• Coworking service provider WeWork files paperwork to raise US$ 1 billion in an initial public offering, as it reports a US$ 904 million net loss on around US$ 1.5 billion in revenue for the first half of 2019; to trade under ticker symbol "WE" and says its mission is to "elevate the world's consciousness." (whatever that means!)
• Apple faces a fresh class-action lawsuit in the U.S. for breach of contract and false advertising for failing to disclose its iCloud storage practices; accuses the company of not being transparent about the fact that it stores iCloud data on third-party storage services provided by the likes of Amazon Web Services or Google Cloud Platform.