A selection of 13 links for you. Not represented on Facebook. I’m @charlesarthur on Twitter. Observations and links welcome.
Israel — which, despite having one of the world’s most competent and aggressive intelligence services, the Mossad — nearly missed the fact that North Korea was helping build a nuclear reactor in next-door Syria, a country long viewed by Israel as a dangerous threat.
The American CIA missed it, too, and now, 11 years after Israeli air force jets bombed the clandestine Syrian facility, Israel’s military censor is finally lifting the veil of secrecy and permitting locally based reporters to publish interviews with participants in the operation for the first time. We spoke with dozens of former cabinet ministers, including Prime Minister Ehud Olmert, as well as military and intelligence chiefs and commanders and even some of the pilots who took part in the operation. The codename for the Sept. 6, 2007, raid, conducted near the remote desert city of Deir ez-Zur: “Outside the Box.” Before today, Israel has never officially acknowledged its existence.
Years later, Israeli spooks are still raising bitter questions about the CIA’s intelligence failure. Former Mossad director Tamir Pardo asked in an interview with us: “Where were the Americans? North Korea is a highly important target for them. And it still isn’t clear whether [Syrian President Bashar] Assad was running the nuclear project, or was it the North Koreans?” The former spy chief added that he has some doubts that Syria was going to keep the plutonium, or perhaps it was going to be shipped to North Korea as a supply of which the West would be unaware. “This is a resounding failure by the Americans,” Pardo said.
Pardo’s questions raise another: If one of the best intelligence communities in the world, and certainly the most formidable in the Middle East, could be fooled by North Koreans and Syrians, what might the CIA be missing? That could be true in Korea, in Iran, or almost anywhere on Earth.
The full article details a litany of oversights and wrong assumptions. But the correct action in the end.
link to this extract
In this case, we already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people’s information in this way. But there’s more we need to do and I’ll outline those steps here:
First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.
Second, we will restrict developers’ data access even further to prevent other kinds of abuse. For example, we will remove developers’ access to your data if you haven’t used their app in 3 months. We will reduce the data you give an app when you sign in — to only your name, profile photo, and email address. We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.
Third, we want to make sure you understand which apps you’ve allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you’ve used and an easy way to revoke those apps’ permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.
Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.
I knew Facebook would say that this had all been fixed in 2014. (It’s all in the past…) But the new stuff? Signing contracts to ask for access? And he’s still describing it as a “platform”. That’s where the trouble began.
Also: sorry seems to be the hardest word. It doesn’t appear in his post.
link to this extract
Mark Zuckerberg says Facebook will audit thousands of apps after ‘breach of trust’ • The Washington Post
After the Tuesday meeting [which neither Zuckerberg nor Sandberg attended], employees posted on social media about how demoralized they felt. In an app for anonymously discussing the workplace, Blind, which requires a corporate email address to join, a Facebook employee posted, “Is this how the downfall of Myspace happened?” Another person wrote, “I just keep thinking about my stock going to zero with all of this.” Others asked for advice about whether they should sell their stock and said they would advise recruits against joining the company.
Behind the scenes, Facebook was in damage-control mode. Lobbyists made the rounds on Capitol Hill. Communications executives sent statements to journalists saying workers and executives, including Zuckerberg, were “outraged” about being deceived. (Little was said about Facebook’s responsibilities except to defend the legality of its actions.)
Meanwhile, Facebook users began to comment that there were no articles about Cambridge Analytica on Facebook’s trending-news feed, a feature that showcases news stories on the right-hand side of the Facebook website, until late Tuesday afternoon. (Articles about Uber and Amazon.com were on the feed for much of the day.) And business case studies about the company’s efforts to assist political campaigns such as those of Barack Obama and Sen. Bernie Sanders (I-Vt.) were no longer indexed on the company’s website.
Think about the kind of damage someone with ill-intent could do to you if they had all of this: Your name. Your location. All your friends. Your family. Your work history. Your schooling. Your birthday. Your checkins. Your events. Your hometown. Your likes, photos. Your relationships. Your religion and politics.
And not just for you, but for one a half billion other people. Target’s data breach [of the details of one-third of US adults, in 2013] isn’t even in the ballpark.
At least Target had the decency to attempt to secure their user data from those who wanted to use it in ways that were never intended it when it was given to them. Facebook didn’t even bother. They just gave it away.
But this raises another question: why? Why on earth was Facebook giving away what amounts to the crown jewels for an advertising business: the incredibly valuable user data that allows advertisers to target? If you’re the fastest growing advertising business in the world, it makes no sense.
I don’t believe it was obliviousness to the impact that it might have — although Zuckerberg has demonstrated plenty of that over the years.
Nor do I think it was inept management — though people do forget how strategically inept Facebook was until it was dragged, kicking and screaming, into the mobile era.
The biggest reason?
For the longest period of time, Facebook was an advertising business that dreamed of being something else other than an advertising business. It wanted to be a platform. It was probably driven in part by the fact that, in tech, advertising is a pretty dirty business. And a platform? That’s the gold standard.
And if those are the grand illusions that you’ve got, it’s not your proprietary data that you view as the secret to your success (which you only need to advertise). Instead, it’s developers, and getting them to build on top of your precious platform.
And so began the great five year Facebook data giveaway to developers: If you build your apps on our platform, we’ll give you more user data than you could possibly imagine.
And that’s what happened. As Ben Thompson wrote on Stratechery as far back as 2013, Facebook was so focused on being a platform rather than being an advertising business that it almost missed the boat on mobile. The shift to mobile gave Facebook no choice but to abandon its platform pretensions, and effectively saved the company from itself.
As he also points out, there were a ton of startups built around the idea of relying on access to the social graph data.
link to this extract
So what’s up with you, Mark Zuckerberg?
Thus far, the Facebook CEO and founder has kept himself out of public view. He didn’t surface at Tuesday’s meeting for Facebook employees, at which they were finally able to ask a company lawyer questions about what the world has learned over the past four days. Neither has he made any sort of public statement, even as Congress has been demanding that he answer for his company’s behavior. So what has Mark Zuckerberg been doing all this time?
According to Facebook the company, Zuck’s been “working around the clock to get all the facts and take the appropriate action moving forward, because they understand the seriousness of this issue.” According to Facebook the website, however, he’s been busy smashing that “like” button.
Thanks to Facebook’s powerful public search features, we were able to see that Zuckerberg hit the like button on a Saturday morning post [a photo captioned “Winter wonderland”] by Swedish billionaire Daniel Ek.
As well as a post by early Facebook investor Don Graham.
Then, on Monday, he engaged with some precious content once again.
So what has Mark Zuckerberg been up to? As of right now, the only thing we know definitively is that he’s been scrolling through his feed, liking pics of places he’d rather be.
Shameful. But the method of shaming is 👌
link to this extract
The proposed taxes are among Europe’s most-aggressive measures to target the perceived excesses of a small cadre of tech superpowers, including Facebook Inc. and Alphabet Inc.’s Google, potentially adding hundreds of millions of euros to some tech firms’ tax bills. The U.S. warned last week against imposing tax measures that single out digital companies.
On Wednesday, the European Commission, the bloc’s executive body, outlined an additional tax at 3% of revenue derived from certain digital activities by companies whose annual global revenue exceeds €750 million ($918 million). The tax, which is envisioned as temporary, would apply to services whose value is generated from user involvement, such as social media, ride-hailing or food-delivery platforms, and the selling of targeted ads.
Some U.S. tech giants rake in billions of euros via units in Europe, potentially exposing the firms to steep new taxes under the proposed new 3% levy on digital revenue.
The measure would expire once EU countries implement the commission’s proposal for long-term rules, which would tax profits companies make in countries where they have a significant number of users but might not have a physical presence. A company would have a “taxable digital presence” in a given country if it meets certain criteria, such as more than €7m in revenue or 100,000 users for the year…
…On average, the EU estimates that tech companies pay around 9.5% in tax on their profit on the continent, compared with 23.2% for traditional industries, though tech lobbyists dispute that figure.
All sounds groundbreaking, but an estimate is that this would only raise €4bn across the whole of the EU – which seems a tiny amount for such a dramatic move. Wouldn’t improving tax regimes – and making it harder for companies to shift revenues around – have a bigger effect without all the ructions?
link to this extract
[Cardiogram’s own neural network] DeepHeart has high accuracy [97% ±3%] on detecting atrial fibrillation in a hospital environment. The real world, however, is very different from a hospital bed. Motion, sweat, and sunscreen can cause inaccurate optical heart rate readings. Alcohol consumption and exercise can mask or be mistaken for arrhythmias. The task of detecting atrial fibrillation is much harder.
One measure of real world performance is discussed in the previous section: tuning accuracy on pseudo-ECG labels. In another branch of the experiment, DeepHeart was tasked with predicting self-reported persistent atrial fibrillation. This presented a more challenging task because the labels were not verified by an ECG, and so are less accurate. Furthermore, the task here is to predict users who suffer from atrial fibrillation, rather than to predict episodes of atrial fibrillation.
DeepHeart obtained a c-statistic of 71% (CI 0.64–0.78) on this validation set. This number demonstrates that DeepHeart is able to perform in a real world environment. The drop in c-statistic from 97% (Cardioversions) and 93% (Mobile ECG Tuning Set) to 71% is explained in part by imprecise labels: A patient may self-report atrial fibrillation even when he is not currently experiencing an episode.
In February of this year, we presented early results at the Association for the Advancement of Artificial Intelligence demonstrating that DeepHeart can predict diabetes with a c-statistic of 85%, high blood pressure at 81%, and sleep apnea at 83%. These results indicate that wearable devices can be used for large-scale, low-cost disease screening.
Imagine a world where diabetes can be caught early and reversed through behavioral change, where physicians are empowered by algorithms continuously analyzing troves of user data, and where everyone can benefit from low cost, non-invasive disease screening.
Very interesting – and now with clinical validation.
link to this extract
The then Chairman of American Airlines received Wall Street Journal front-page coverage for realizing people weren’t eating their olives in first class, so he ordered olives removed from the first class meals. He was cheered for saving $100K. But what folks missed was that he, and his peers leading the airlines, were systematically trying to figure out “how do we offer the least possible service.” By focusing on a strategy of lowering cost, and being doggedly determined in that strategy, soon nothing else mattered.
Today, there are no free meals in coach, and terrible meals in first class. Management angered employees into strikes and multi-year negotiations, beating down compensation and eliminating benefits leading to unhappiness so bad that in 2010 a Jet Blue flight attendant pulled the emergency exit and jumped out of the plane as he quit.
So, all the airlines in America stink. And, many domestic airlines in Europe, such as Ryan Air, have followed suit. The execs keep saying “all customers care about is price.” They use that excuse to create a culture so hostile to employees, and customers, that pretty soon employees are beating up customers and killing family pets (after charging extra to take the pet on the plane) and actually not caring.
Employees have become gestapos for the leadership – which has created a culture in which nobody wins. So flight attendants do as little as possible, because they don’t care about customers any more than leadership does. In 2017, a JetBlue attendant threw a family off flight because their toddler kicked the seat. When a woman complains about a child in seat next to her a Delta attendant throws her off the plane. And just last week when a 2 year old cries during boarding a Southwest attendant throws the child and her father off the plane.
Deregulation led to an oligopoly. Now, customers have no choice. Some of us fly almost every week on business, and it is pure hell. Nobody we deal with, from TSA to airport vendors to airline staff like customers. The culture has become “I’m abused, so you will be abused.” To fly is to succumb to being obsequious to ALL employees in your effort to not anger anyone, for fear they will deny you service. Or, worse, beat you up or kill your pet. But, honestly, there is nothing customers can do about it.
link to this extract
Stockpile, a website that lets people buy stock in the form of gift cards and purchase fractional shares in companies, is fielding a growing number of emails from customers asking when they can buy shares in music streaming service Spotify and software developer Dropbox, said Avi Lele, the start-up’s CEO.
Two-thirds of Stockpile’s account holders are under age 35, and among the most popular stocks for them to buy are Apple, Amazon, Alphabet, Facebook, Tesla and Netflix, Lele said. For Spotify and Dropbox, investors can use Stockpile to order shares when they begin trading, though the purchases won’t go through until the market close that day.
Based on what customers are telling him, Lele expects both offerings to resonate with his audience because they’re popular services that consumers use all the time.
“They’re perfect examples of buying what you know and what you use on a daily basis,” said Lele, who was a lawyer for 15 years before co-founding Stockpile in 2011. “There are a lot of stocks that go public that our audience, and people in general, aren’t that familiar with.”
Being familiar as a user with a company’s product doesn’t make it a good investment.
link to this extract
I arrived at the Walgreens on the morning of Nov. 4 and was met by two Theranos press representatives who would supervise my visit. I took out my recording equipment (the story was for NPR) and began approaching patients who were waiting in line to check in for testing. Some didn’t want to talk to a reporter, but others were open and gracious, sharing with me the reasons they had decided to give Theranos a try. One couple offered to let me come with them into the small testing room, set up to feel like a relaxing spa.
A pattern quickly emerged — none of the patients I talked to that day could get a finger-prick test, as promised. Instead, they received a regular venous blood draw, the same as I’d received on numerous occasions at my doctor’s office, though the phlebotomist said the needle was slightly smaller.
I asked the phlebotomist: Was this standard? Did most patients get the venous draw? She told me they “did more finger sticks than venous draws,” but couldn’t give me a number. One of the PR people approached me — I was not authorized to talk to the phlebotomist, he said — and asked me to erase the audio I had recorded. I declined.
I asked him: Why were none of the patients getting a finger prick? Just bad luck and timing, he said. This wasn’t how it usually was, he promised. And wouldn’t I just rather get a finger prick myself and report on the experience, as so many other journalists had agreed to do?
I said no. I needed an actual patient to make a compelling radio story. So, I continued waiting for other patients.
Soon, the two Theranos representatives approached me again — with a third on the phone, who said she wanted to talk to me. They were getting complaints about my asking patients questions, she told me. The main Theranos office had gotten several calls from people who had been in the Walgreens that morning, she claimed, complaining that a reporter was bothering them.
I hadn’t pressured anyone. The patients I’d interviewed had all been perfectly friendly and willing. I’ve also been a health reporter for 10 years, and never have I been told I was pushing patients to do something that made them uncomfortable.
Then things got weirder.
link to this extract
At Cannes, you’ll be demonstrating what this research can reveal about individual users. Can you give a hint of what we might expect?
So the first generation of user understanding for Spotify had been about knowing what people like at a very high level, in terms of their affinity for certain genres and artists. If you start from that premise—that we have best-in-class (and always-improving) understanding of music taste and now want to go deeper—then the next thing to look at is: How does that taste change in time and space?
One thing that’s really interesting to understand is how much a user forms routine. Are there times in the day, for a certain individual, where a certain kind of music, or a certain kind of listening, is really important to them? Are they the the kind of person who has a very specific weekday behavior, so Sunday is noticeably different than the rest of the week? For the first time, we’re really starting to see these musical journeys at an individual level.
How does the research benefit Spotify as a product? And how can it benefit brands and marketers?
Within the product, we are working to set the standard for state-of-the-art personalization. That doesn’t mean just getting a general sense of your taste spot on—it means being able to truly soundtrack your life in a profoundly meaningful way. This takes us to another level in making the product experience more relevant to our users.
Of course, as the product is more relevant to our users, it becomes ever more valuable to brands. They can use Spotify to interact with those users in moments that could be mutually beneficial to both the brand and the user. That’s sort of the Holy Grail of advertising.
What all of this data affords Spotify is the opportunity to create a level of ad personalization that is quite unprecedented. It stems from what we can learn about our users, and what we can express to brands anonymously, so they can craft the right strategy and creative, and present the right message to the right user at the right time.
But we’re all concerned about companies capturing data now, correct?
link to this extract
YouTube has tried to sell its users paid music services in the past, with little to show for it. Most of those efforts predate [new Google global head of music Lyor] Cohen, who joined YouTube in 2016 after about 30 years in the record business, including stints as a road manager for Run-DMC and a senior executive at Warner Music Group.
This time will be different, Cohen says. The new service, which is already being used by thousands of Google employees, will “frustrate and seduce” users of YouTube’s free service. It will include exclusive videos, playlists and other offerings that will appeal to die-hard music fans. YouTube has already been funding the production of videos, taking fans behind-the-scenes with artists like rapper G-Eazy and Cuban-American singer Camila Cabello.
The new approach marks a big cultural shift for YouTube and its parent. Google, a division of Alphabet Inc., has sustained the most popular video site and search engine in the world by prioritizing free, easy-to-use services.
Cohen said he prevailed upon his colleagues and bosses to make some changes to “be good partners” to the music industry. They will “smoke out” people who can afford to pay for a subscription and shepherd them to the new service.
“There’s a lot more people in our funnel that we can frustrate and seduce to become subscribers,” Cohen said. “Once we do that, trust me, all that noise will be gone and articles people write about that noise will be gone.”
This comes after years and years of criticism from the music business that YouTube was effectively letting people listen for free to music (via gigantic playlists of videos) but with a colossally low payout rate compared to streaming services.
Be very interested to see (a) whether it works (b) what numbers Google releases about it. The music industry should see any effect: it’ll be clear from royalty payments.
link to this extract
Signal looks and works a lot like other basic messaging apps, so it’s easy to get started. It’s especially convenient if you have friends and family overseas because, like iMessage and WhatsApp, Signal lets you sidestep expensive international SMS fees. It also supports voice and video calls, so you can cut out Skype and FaceTime. Sure, you don’t get fancy stickers or games like some of the competition, but you can still send pictures, videos, and documents. It’s available on iOS, Android, and desktop.
But plenty of apps have all that stuff. The thing that actually makes Signal superior is that it’s easy to ensure that the contents of every chat remain private and unable to be read by anyone else. As long as both parties are using the app to message each other, every single message sent with Signal is encrypted. Also, the encryption Signal uses is available under an open-source license, so experts have had the chance to test and poke the app to make sure it stays as secure as what’s intended.
If you’re super concerned about messages being read by the wrong eyes, Signal lets you force individual conversations to delete themselves after a designated amount of time. Signal’s security doesn’t stop at texts. All of your calls are encrypted, so nobody can listen in. Even if you have nothing to hide, it’s nice to know that your private life is kept, you know, private.
Yes, this list of features sounds a lot like WhatsApp. It’s true, the Facebook-owned messaging app has over a billion users, offers most of the same features, and even employs Signal’s encryption to keep chats private. But WhatsApp raises a few concerns that Signal doesn’t. First, it’s owned by Facebook, a company whose primary interest is in collecting information about you to sell you ads. That alone may steer away those who feel Facebook already knows too much about us. Even though the content of your WhatsApp messages are encrypted, Facebook can still extract metadata from your habits, like who you’re talking to and how frequently.
Still, if you use WhatsApp, chances are you already know a lot of other people who are using it. Getting all of them to switch to Signal is highly unlikely. And you know, that’s OK—WhatsApp really is the next-best option to Signal.
Signal is definitely a good app. It became the de facto comms tool for the Clinton campaign – which, unlike John Podesta’s personal email inbox, wasn’t hacked.
link to this extract
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.