Facebook is to be sued in Europe over the major leak of user data that dates back to 2019 but which only came to light recently after information on more than 533 million accounts was found posted for free download on a hacker forum.
Today Digital Rights Ireland (DRI) announced it’s commencing a “mass action” to sue Facebook, citing the right to monetary compensation for breaches of personal data that’s set out in the European Union’s General Data Protection Regulation (GDPR).
Article 82 of the GDPR provides for a “right to compensation and liability” for those affected by violations of the law. Since the regulation came into force, in May 2018, related civil litigation has been on the rise in the region.
The Ireland-based digital rights group is urging Facebook users who live in the European Union or European Economic Area to check whether their data was breached — via the haveibeenpwned website (which lets you check by email address or mobile number) — and sign up to join the case if so.
Information leaked via the breach includes Facebook IDs, location, mobile phone numbers, email address, relationship status and employer.
Facebook has been contacted for comment on the litigation. Update: A Facebook spokesperson said:
We understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without our permission more difficult and go after the people behind it. As LinkedIn and Clubhouse have shown, no company can completely eliminate scraping or prevent data sets like these from appearing. That’s why we devote substantial resources to combat it and will continue to build out our capabilities to help stay ahead of this challenge.
The tech giant’s European headquarters is located in Ireland — and earlier this week the national data watchdog opened an investigation, under EU and Irish data protection laws.
A mechanism in the GDPR for simplifying investigation of cross-border cases means Ireland’s Data Protection Commission (DPC) is Facebook’s lead data regulator in the EU. However it has been criticized over its handling of and approach to GDPR complaints and investigations — including the length of time it’s taking to issue decisions on major cross-border cases. And this is particularly true for Facebook.
With the three-year anniversary of the GDPR fast approaching, the DPC has multiple open investigations into various aspects of Facebook’s business but has yet to issue a single decision against the company.
(The closest it’s come is a preliminary suspension order issued last year, in relation to Facebook’s EU to U.S. data transfers. However, that complaint long predates GDPR; and Facebook immediately filed to block the order via the courts. A resolution is expected later this year after the litigant filed his own judicial review of the DPC’s processes.)
Since May 2018 the EU’s data protection regime has — at least on paper — baked in fines of up to 4% of a company’s global annual turnover for the most serious violations.
Again, though, the sole GDPR fine issued to date by the DPC against a tech giant (Twitter) is very far off that theoretical maximum. Last December the regulator announced a €450,000 (~$ 547,000) sanction against Twitter — which works out to around just 0.1% of the company’s full-year revenue.
That penalty was also for a data breach — but one which, unlike the Facebook leak, had been publicly disclosed when Twitter found it in 2019. So Facebook’s failure to disclose the vulnerability it discovered and claims it fixed by September 2019, which led to the leak of 533 million accounts now, suggests it should face a higher sanction from the DPC than Twitter received.
However, even if Facebook ends up with a more substantial GDPR penalty for this breach the watchdog’s caseload backlog and plodding procedural pace makes it hard to envisage a swift resolution to an investigation that’s only a few days old.
Judging by past performance it’ll be years before the DPC decides on this 2019 Facebook leak — which likely explains why the DRI sees value in instigating class action-style litigation in parallel to the regulatory investigation.
“Compensation is not the only thing that makes this mass action worth joining. It is important to send a message to large data controllers that they must comply with the law and that there is a cost to them if they do not,” DRI writes on its website.
It also submitted a complaint about the Facebook breach to the DPC earlier this month, writing then that it was “also consulting with its legal advisors on other options including a mass action for damages in the Irish Courts”.
It’s clear that the GDPR enforcement gap is creating a growing opportunity for litigation funders to step in in Europe and take a punt on suing for data-related compensation damages — with a number of other mass actions announced last year.
In the case of DRI its focus is evidently on seeking to ensure that digital rights are upheld. But it told RTE that it believes compensation claims which force tech giants to pay money to users whose privacy rights have been violated is the best way to make them legally compliant.
Facebook, meanwhile, has sought to play down the breach it failed to disclose in 2019 — claiming it’s “old data” — a deflection that ignores the fact that people’s dates of birth don’t change (nor do most people routinely change their mobile number or email address).
Plenty of the “old” data exposed in this latest massive Facebook leak will be very handy for spammers and fraudsters to target Facebook users — and also now for litigators to target Facebook for data-related damages.
Facebook’s self-styled and handpicked “Oversight Board” will make a decision on whether or not to overturn an indefinite suspension of the account of former president Donald Trump within “weeks”, it said in a brief update statement on the matter today.
The high-profile case appears to have attracted major public interest, with the FOB tweeting that it’s received more than 9,000 responses so far to its earlier request for public feedback.
It added that its commitment to “carefully reviewing all comments” after an earlier extension of the deadline for feedback is responsible for the extension of the case timeline.
The board’s statement adds that it will provide more information “soon”.
(2/2): The Board’s commitment to carefully reviewing all comments has extended the case timeline, in line with the Board’s bylaws. We will share more information soon.
— Oversight Board (@OversightBoard) April 16, 2021
Trump’s indefinite suspension from Facebook and Instagram was announced by Facebook founder Mark Zuckerberg on January 7, after the then-president of the U.S. incited his followers to riot at the nation’s Capitol — an insurrection that led to chaotic and violent scenes and a number of deaths as his supporters clashed with police.
However, Facebook quickly referred the decision to the FOB for review — opening up the possibility that the ban could be overturned in short order as Facebook has said it will be bound by the case review decisions issued by the board.
After the FOB accepted the case for review it initially said it would issue a decision within 90 days of January 21 — a deadline that would have fallen next Wednesday.
However, it now looks like the high-profile, high-stakes call on Trump’s social media fate could be pushed into next month.
It’s a familiar development in Facebook-land. Delay has been a longtime feature of the tech giant’s crisis PR response in the face of a long history of scandals and bad publicity attached to how it operates its platform. So the tech giant is unlikely to be uncomfortable that the FOB is taking its time to make a call on Trump’s suspension.
After all, devising and configuring the bespoke case review body — as its proprietary parody of genuine civic oversight — is a process that has taken Facebook years already.
In related FOB news this week, Facebook announced that users can now request the board review its decisions not to remove content — expanding the board’s potential cases to include reviews of “keep ups” (not just content takedowns).
This report was updated with a correction: The FOB previously extended the deadline for case submissions; it has not done so again as we originally stated.
Pakistan has banned TikTok again in the country after reviewing a complaint that said the popular video app hosted immoral and objectionable content.
A high court in the city of Peshawar on Thursday ordered the nation’s telecom authority — Pakistan Telecom Authority (PTA) — to ban TikTok.
In a statement Thursday evening, Pakistan Telecom Authority said it was complying with the order and had “issued directions to the service providers to immediately block access to the TikTok app.”
TikTok had about 33 million users in Pakistan last month, according to mobile insight firm App Annie (data of which an industry executive shared with TechCrunch). There are about 100 million internet users in the South Asian nation.
The Peshawar High Court’s Chief Justice Qaiser Rashid Khan described some videos on TikTok as “unacceptable for Pakistaini society,” and said these videos were “peddling vulgarity,” according to local media reports.
TikTok did not immediately respond to a request for comment.
This isn’t the first time ByteDance’s app has been banned by Pakistan. PTA had briefly banned TikTok in the country last year, saying at the time that the Chinese social app hadn’t addressed concerns about the nature of some videos on its platform despite warnings spanning several months.
Pakistan’s move follows its neighboring nation, India, also banning TikTok last year. New Delhi banned TikTok — and eventually 200 additional apps with links to China — over cybersecurity concerns. Prior to the ban, India was the biggest international market for TikTok, which had amassed over 200 million users in the world’s second largest internet market.
Like India, the government in Pakistan has also sought to assume more control over content on digital services operating in the country in recent years.
While global tech giants, most of which count India as a key overseas market, haven’t made much fuss about New Delhi’s new rules for social media, they banded together in Pakistan late last year and threatened to leave the country over rules proposed by Islamabad.
Through a group called the Asia Internet Coalition (AIC), the tech firms said in November that they were “alarmed” by the scope of Pakistan’s new law targeting internet firms.” In addition to Facebook, Google and Twitter, AIC represents Apple, Amazon, LinkedIn, SAP, Expedia Group, Yahoo, Airbnb, Grab, Rakuten, Booking.com, Line and Cloudflare.
In 2017, Ironclad founder and CEO Jason Boehmig was looking to raise a Series A. As a former lawyer, Boehmig had a specific process for fundraising and an ultimate goal of finding the right investors for his company.
Part of Boehmig’s process was to ask people in the San Francisco Bay Area about their favorite place to work. Many praised RelateIQ, a company founded by Steve Loughlin who had sold it to Salesforce for $ 390 million and was brand new to venture at the time.
“I wanted to meet Steve and had kind of put two and two together,” said Boehmig. “I was like, ‘There’s this founder I’ve been meaning to connect with anyways, just to pick his brain, about how to build a great company, and he also just became an investor.’”
On this week’s Extra Crunch Live, the duo discussed how the Ironclad pitch excited Loughlin about leading the round. (So excited, in fact, he signed paperwork in the hospital on the same day his child was born.) They also discussed how they’ve managed to build trust by working through disagreements and the challenges of pricing and packaging enterprise products.
As with every episode of Extra Crunch Live, they also gave feedback on pitch decks submitted by the audience. (If you’d like to see your deck featured on a future episode, send it to us using this form.)
- The pitch — 2:30
- How they operate — 23:00
- The problem of pricing — 29:00
- Pitch deck teardown — 35:00
When Boehmig came in to pitch Accel, Loughlin remembers feeling ambivalent. He had heard about the company and knew a former lawyer was coming in to pitch a legal tech company. He also trusted the reference who had introduced him to Boehmig, and thought, “I’ll take the meeting.”
Then, Boehmig dove into the pitch. The company had about a dozen customers that were excited about the product, and a few who were expanding use of the product across the organization, but it wasn’t until the ultimate vision of Ironclad was teased that Loughlin perked up.
Loughlin realized that the contract can be seen as a core object that could be used to collaborate horizontally across the enterprise.
“That was when the lightbulb went off and I realized this is actually much bigger,” said Loughlin. “This is not a legal tech company. This is core horizontal enterprise collaboration in one of the areas that has not been solved yet, where there is no great software yet for legal departments to collaborate with their counterparts.”
He listed all the software that those same counterparts had to let them collaborate: Salesforce, Marketo, Zendesk. Any investor would be excited to hear that a potential portfolio company could match the likes of those behemoths. Loughlin was hooked.
“There was a slide that I’m guessing Jason didn’t think much of, as it was just the data around the business, but I got pretty excited about it,” said Loughlin. “It said, for every legal user Ironclad added, they added nine other users from departments like sales, marketing, customer service, etc. It was evidence that this theory of collaboration could be true at scale.”
Global internet companies Facebook, Google and Twitter and others have banded together and threatened to leave Pakistan after the South Asian nation granted blanket powers to local regulators to censor digital content.
Earlier this week, Pakistan Prime Minister Imran Khan granted the Pakistan Telecommunication Authority the power to remove and block digital content that pose “harms, intimidates or excites disaffection” toward the government or in other ways hurt the “integrity, security, and defence of Pakistan.”
Through a group called the Asia Internet Coalition (AIC), the tech firms said that they were “alarmed” by the scope of Pakistan’s new law targeting internet firms.” In addition to Facebook, Google and Twitter, AIC represents Apple, Amazon, LinkedIn, SAP, Expedia Group, Yahoo, Airbnb, Grab, Rakuten, Booking.com, Line and Cloudflare.
If the message sounds familiar, it’s because this is not the first time these tech giants have publicly expressed their concerns over the new law, which was proposed by Khan’s ministry in February this year.
After the Pakistani government made the proposal earlier this year, the group had threatened to leave, a move that made the nation retreat and promise an extensive and broad-based consultation process with civil society and tech companies.
That consultation never happened, AIC said in a statement on Thursday, reiterating that its members will be unable to operate in the country with this law in place.
“The draconian data localization requirements will damage the ability of people to access a free and open internet and shut Pakistan’s digital economy off from the rest of the world. It’s chilling to see the PTA’s powers expanded, allowing them to force social media companies to violate established human rights norms on privacy and freedom of expression,” the group said in a statement.
“The Rules would make it extremely difficult for AIC Members to make their services available to Pakistani users and businesses. If Pakistan wants to be an attractive destination for technology investment and realise its goal of digital transformation, we urge the Government to work with industry on practical, clear rules that protect the benefits of the internet and keep people safe from harm.”
Under the new law, tech companies that fail to remove or block the unlawful content from their platforms within 24 hours of notice from Pakistan authorities also face a fine of up to $ 3.14 million. And like its neighboring nation, India — which has also proposed a similar regulation with little to no backlash — Pakistan now also requires these companies to have local offices in the country.
The new rules comes as Pakistan has cracked down on what it deems to be inappropriate content on the internet in recent months. Earlier this year, it banned popular mobile game PUBG Mobile and last month it temporarily blocked TikTok.
Countries like Pakistan and India contribute little to the bottom line for tech companies. But India, which has proposed several protectionist laws in recent years, has largely escaped any major protest from global tech companies because of its size. Pakistan has about 75 million internet users.
By contrast, India is the biggest market for Google and Facebook by users. “Silicon Valley companies love to come to India because it’s an MAU (monthly active users) farm,” Kunal Shah, a veteran entrepreneur, said in a conference in 2018.
Starting a new phone brand in 2018 might seem too late in an already crowded market, but Sky Li was convinced that consumers between 18-25 years old were largely underserved — they needed something that was both affordable and cool.
A few months after Li founded Realme in May that year, the smartphone company organized a product launch at a college campus in India, the world’s second-largest smartphone market. It brought its own production crew, built a makeshift stage and invited local rappers to grace the event.
“I was amazed. No one was sitting down and it felt like a carnival, a big disco party,” Chase Xu, Realme’s 31-year-old chief marketing officer, told me at the firm’s headquarters in Shenzhen.
“No foreign company had ever entered the campus. They didn’t think it was possible. Why would a university let you do a launch event there?” Xu, clad in a minimalist, chic black jacket from a domestic brand, recounted with enthusiasm and pride.
“Realme became widely known thanks to the event. People found it very interesting that it was mixing with students. It didn’t just launch a product. It was showing off a youthful, flamboyant attitude.”
Within nine quarters, Realme has shipped 50 million handsets around the world, with India as its biggest market, even larger than China. The target this year is to double last year’s target to 50 million units, a goal that’s “nearly complete” according to Xu. It’s now the world’s seventh biggest smartphone brand, trailing only after those that have been around for much longer — Samsung, Huawei, Xiaomi, Apple, Oppo and Vivo, according to a Q3 report from research firm Canalys.
Realme didn’t accomplish all that from scratch. It’s yet another smartphone brand rooted in BBK Group, the mystic electronics empire that owns and supports some of the world’s largest phone makers (Vivo, Oppo, OnePlus and now Realme).
In 2018, former Oppo vice president and head of overseas business Sky Li announced he was resigning from Oppo to start Realme as an independent brand, similar to how OnePlus started in 2013. Today, Realme, OnePlus and Oppo all belong to the same holding group. That entity, together with Vivo, sits under BBK, which started out in 1998 selling electronic dictionaries in south China and has been diversifying its portfolio ever since.
While Realme and OnePlus operate independently, they get access to Oppo’s supply chain, a model that has allowed them to have lighter assets and consequently fewer costs.
“Realme has an advantage because we share a supply chain with Oppo. We are able to get very good resources from the supply end, stay ahead globally and obtain what we should have,” said Xu.
For instance, the nascent phone maker was among the first to get Qualcomm’s new Snapdragon 865 chips and put four cameras into a handset. Priority isn’t always guaranteed, however, because “there is definitely competition between us and our peers to fight to be the first,” Xu admitted. “Of course, it also depends on the progress of each team’s research and development.”
The light-asset strategy also means Realme is able to offer competitive technologies at relatively low prices. In India, its 8GB RAM, 128GB phone cost less than 1,000 yuan ($ 152) and its notch screen model was less than 1,500 yuan ($ 228).
Realme isn’t concerned about increasing margin in the “growth stage,” Xu said, and the firm has “been profitable from the outset.” On the other hand, the phone maker is also introducing a slew of IoT gadgets like smart TVs and earphones, categories with higher markups.
The smartphone-plus-IoT strategy is certainly not unique, as its siblings in the BBK family, as well as Xiaomi and Huawei, have the same vision: smartphones and smart devices from the same brand will form a nicely interconnected ecosystem, driving sales and data collection for each other.
Another way to cut costs, according to Xu, is to avoid extravagant outdoor advertising. The company prefers more subtle, word-of-mouth promotion like working with influencers, throwing campus music festivals and fostering an online fan community. And the strategy seems to be clicking with the young generation who like to interact with the brand they like and even be part of its creative process.
The most enthusiastic users would sometimes message Xu with pencil sketching of what they envisioned Realme’s next products should look like. “They have very interesting and excellent ideas. This is a great generation,” the executive said.
Chinese brands go global
Realme’s India chief executive Madhav Sheth is equally adored by the country’s young consumers. A former distribution partner of Realme, he made an impression on Realme founder Li, who “understands the Indian market very well despite not speaking fluent English,” according to Xu.
“Sheth is very charismatic and good at public speaking. He knows how to excite people.” Xu spoke highly of Sheth, who is an avid Twitter user and has garnered some 280,000 followers since he joined in the spring of 2018.
The Indian boss’s job is getting trickier as India becomes more wary of Chinese influence. In June, the Indian government banned TikTok and dozens of other Chinese apps over potential national security risks, not long after it added more scrutiny on Chinese investments. Anti-China sentiment has also soared as border tensions heightened recently.
Against all odds, Realme is seeing robust growth in India. In Q3, it grew 4% from the previous quarter and currently ranks fourth in India with a 10% market share, according to research firm Counterpoint.
“During the start of the quarter, we witnessed some anti-China consumer sentiments impacting sales of brands originating from China. However, these sentiments have subsided as consumers are weighing in different parameters during the purchase as well,” the researcher wrote in the report.
“Of course the India-China conflict is not something we want to see. It’s a problem of international relationships. Realme doesn’t take part in politics,” Xu assured. “There will always be extremist users. What we can do is to expand our fan base, give them what they want, and leave the extremists alone.”
Next year, Realme is looking to ramp up expansion in Europe, Russia and its home market China. None will be a small feat as they are much-coveted markets for all major phone makers.
Part of Realme’s effort to associate itself with what Gen Z around the world considers “cool” is to work with prominent designers. Xu’s eyes lit up, raising his hand in the air as if he was holding a ball. He was mirroring Naoto Fukasawa, the renowned Japanese industrial designer who came up with the onion-inspired color and pattern of the Realme X model.
“The afternoon sunlight slanted through the large windows. [Fukasawa] gave me a playful look, took an onion from beneath the table, and told me that was his inspiration,” Xu recalled. “He slowly turned the onion in the sun. I was dumbfounded. The veins, the pink, gold color, the texture. It was so beautiful. You wouldn’t think it was an onion. You’d think it was craftwork.”
Former presidential advisor and right-wing pundit Steve Bannon had his show suspended from Twitter and an episode removed by YouTube after calling for violence against FBI director Christopher Wray and the government’s leading pandemic expert, Dr. Anthony Fauci.
Bannon, speaking with co-host Jack Maxey, was discussing what Trump should do in a hypothetical second term. He suggested firing Wray and Fauci, but then went further, saying “I’d actually like to go back to the old times of Tudor England, I’d put the heads on pikes, right, I’d put them at the two corners of the White House as a warning to federal bureaucrats.”
This may strike one at first as mere hyperbole — one may say “we want his head on a platter” and not really be suggesting they actually behead anyone. But the conversation continued and seemed to be more in earnest than it first appeared:
Maxey: Just yesterday there was the anniversary of the hanging of two Tories in Philadelphia. These were Quaker businessmen who had cohabitated, if you will, with the British while they were occupying Philadelphia. These people were hung. This is what we used to do to traitors.
Bannon: That’s how you won the revolution. No one wants to talk about it. The revolution wasn’t some sort of garden party, right? It was a civil war. It was a civil war.
Whether one considers this only nostalgia for the good old days of mob justice or an actual call to bring those days back, the exchange seems to have been enough for moderators at YouTube and Twitter to come down hard on the pair’s makeshift broadcast.
Twitter confirmed that it has “permanently suspended” (i.e. it can be appealed but won’t be restored automatically) the account for violating the rule against glorifying violence.
Social media election takedowns
- TikTok takes down some hashtags related to election misinformation, leaves others
- Facebook blocks hashtags for #sharpiegate, #stopthesteal election conspiracies
- TikTok takes down election misinformation aimed at younger users
- Facebook and Instagram notifications warn US users there’s no winner yet in presidential election
- Twitter restricts Trump’s tweet claiming that foes would ‘steal’ the election
- YouTube removes ads from, but won’t pull, ‘Trump Won’ video following backlash
- Twitter hides Trump tweet attacking Supreme Court’s decision on Pennsylvania ballots
YouTube removed the episode from “Steve Bannon’s War Room” channel Wednesday afternoon after it was brought to their attention. A representative for the platform said “We’ve removed this video for violating our policy against inciting violence. We will continue to be vigilant as we enforce our policies in the post-election period.”
Online platforms have struggled with finding the line between under and over-moderation. Facebook, Twitter, YouTube, TikTok, Instagram and others have all taken different measures, from preemptively turning off features to silently banning hashtags. Facebook today took down a group with more than 300,000 members that was acting as an amplifier for misinformation about the election.
While the platforms have been vigorous in at least some ways in the labeling and isolation of misinformation, it’s more difficult for video platforms. Just minutes ago Trump took to YouTube to detail a variety of unfounded conspiracy theories about mail-in voting, but the platform can’t exactly do a live fact-check of the president and shut down his channel. More than with text-based networks, video tends to spread before it is caught and flagged due to the time it takes to review it.
The class action lawsuit alleges that the video game company hasn’t done enough to address a known problem with its controllers.
Feed: All Latest
- Once VMware is free from Dell, who might fancy buying it?
- Facebook faces ‘mass action’ lawsuit in Europe over 2019 breach
- Chinese hardware makers turn to crowdfunding as they look to go global
- Core Web Vitals & Preparing for Google’s Page Experience Update
- Conversion modeling through Consent Mode in Google Ads