Wikipedia blames malicious DDOS attack after site goes down across Europe, Middle East – gpgmail


Wikipedia was forced offline in several countries Friday after a cyber attack hit the global encyclopedia.

Users across Europe and parts of the Middle East experienced outages shortly before 7pm, BST, according to downdetector.com.

Wikimedia’s German Twitter account posted: “The Wikimedia server…is currently being paralysed by a massive and very broad DDOS [distributed denial of service] attack.”

The site issued the following statement:

Today, Wikipedia was hit with a malicious attack that has taken it offline in several countries for intermittent periods. The attack is ongoing and our Site Reliability Engineering team is working hard to stop it and restore access to the site.

As one of the world’s most popular sites, Wikipedia sometimes attracts “bad faith” actors. Along with the rest of the web, we operate in an increasingly sophisticated and complex environment where threats are continuously evolving. Because of this, the Wikimedia communities and Wikimedia Foundation have created dedicated systems and staff to regularly monitor and address risks. If a problem occurs, we learn, we improve, and we prepare to be better for next time.

We condemn these sorts of attacks. They’re not just about taking Wikipedia offline. Takedown attacks threaten everyone’s fundamental rights to freely access and share information. We in the Wikimedia movement and Foundation are committed to protecting these rights for everyone.

Right now, we’re continuing to work to restore access wherever you might be reading Wikipedia in the world. We’ll keep you posted.”

The site was reported to be down in large parts of the UK as well as Poland, France, Germany and Italy.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

PrimaryBid closes $8.6M round for its platform aimed to help retail investors – gpgmail


PrimaryBid, a UK-regulated platform connecting publicly listed companies with everyday investors for discounted share issuances has previously raised $3M. It’s now upped those stakes with an $8.6M funding round, led by UK VCs Pentech and Outward VC with participation from new and existing investors. Craig Anderson, a partner at Pentech, will join the PrimaryBidBoard of Directors with Outward VC having a Board Observer seat.

This investment is representative of the trend towards unpacking complex financial investment products for the average person, especially in the UK.

The FCA-regulated platform recently made a long-term commercial agreement with Euronext, the leading pan-European exchange in the Eurozone. The partnership gives the company access to nine new geographies, with the first new site launching in France later this year.

Commenting, Anand Sambasivan, co-founder and CEO of PrimaryBid, said: “Everyday investors are a vital part of the stock market and yet unable to buy discounted share deals – a longstanding imbalance in the public markets. This is true whether it is a government selling down its holding in a large company or a quoted company is raising growth capital. Our platform addresses this challenge, giving small investors the same access as traditionally afforded to large institutional investors.”

Investors can tap into PrimaryBid’s centralizing infrastructure that allows access to everyday investors as part of a share issuance, including block sales. The inclusion of retail investors can improve pricing and liquidity outcomes for their clients. The company’s solution allows private investors to participate, at the same time and the same price, delivering open access regardless of the size of their investment. The service is free of charge for investors, from £100 upwards.

PrimaryBid doesn’t have competitors because Retail investors have not previously had access to discounted equity offerings run by investment banks. This is because the retail investment market is too fragmented, and these deals are highly time-sensitive. As a result, only clients of Investment Banks (i.e. institutional investors) could previously access these attractive deals.

So now, listed companies that want to raise more capital on the stock exchange by issuing new shares can now connect with retail investors and offer these retail investors these shares at the same discounted rates as those offered to institutional investors. “In the past, these retail investors just couldn’t access these attractive deals for these new shares,” explains Sambasivan.

Craig Anderson of Pentech said: “We believe equity capital markets infrastructure is dominated by an institutional focus and is not geared for retail investors, which unfairly restricts consumer access to the primary equity markets. PrimaryBid addresses this problem by using technology to democratize the equity capital markets to provide a new asset class to retail investors.”

Kevin Chong of Outward VC said: “By bringing publicly listed companies directly to ordinary investors, PrimaryBid addresses increasing frustrations felt by equity issuers and potentially expands global equity markets to the benefit of all players – investors, issuers and investment bank advisers.”

Pentech previously invested in Nutmeg (which recently closed a £45m funding round led by Goldman Sachs) . Outward VC has previously backed Monese, Curve and Bud.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

SoftBank-backed Getaround is raising $200M at a $1.5B+ valuation – gpgmail


Getaround, a used car marketplace and winner of gpgmail Disrupt New York Battlefield 2011, will enter the unicorn club with a roughly $200 million equity financing.

The deal values Getaround, founded in 2009, at $1.7 billion, according to an estimate provided by PitchBook. Getaround declined to comment, citing internal policy on “funding speculation.”

“Getaround and our investors work closely together on our growth strategy, and we’ll definitely plan to share more when we’re ready,” a spokesperson said in response to gpgmail’s inquiry Thursday morning.

The news follows the company’s $300 million acquisition of Drivy, a Paris-headquartered car-sharing startup that operates in 170 European cities.

Getaround closed a Series D funding of $300 million last year, a round led by SoftBank with participation from Toyota Motor Corporation. Existing investors in the business, which allows its some 200,000 members to rent and unlock vehicles from their mobile phones at $5 per hour, include Menlo Ventures and SOSV.

Assuming an upcoming $200 million infusion, Getaround has raised more than $600 million in equity funding to date.

Whether SoftBank has participated in Getaround’s latest financing is unknown. The business is an active investor in the carsharing market, with investments in Chinese ride-hailing business Didi Chuxing, Uber and autonomous driving company Cruise. We’ve reached out to SoftBank for comment.

In conversation with gpgmail last year, Getaround co-founder Sam Zaid emphasized SoftBank’s capabilities as a mobility investor: “What we really liked about [SoftBank] was they take a really long view on things,” he said. “So they were very good about thinking about the future of mobility, and we have a common kind of vision of every car becoming a shared car.”

Getaround was expected to expand into international markets with its previous fundraise. Indeed, the company has moved into France, Germany, Spain, Austria, Belgium and the U.K. where it operates under the brand “Drivy by Getaround,” and in Norway under the “Nabobil” brand.

The business initially launched its car-sharing service in 2011, relying on gig workers, who can list their car on the Getaround marketplace for $500 to $1,000 a month in payments, depending on how often their car is rented.

Since Getaround entered the market, however, a number of competitors have entered the space with similar business models. Turo and Maven, for example, have both emerged to facilitate car rental with backing from top venture capital funds.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Mental health websites in Europe found sharing user data for ads – gpgmail


Research by a privacy rights advocacy group has found popular mental health websites in the EU are sharing users’ sensitive personal data with advertisers.

Europeans going online to seek support with mental health issues are having sensitive health data tracked and passed to third parties, according to Privacy International’s findings — including depression websites passing answers and results of mental health check tests direct to third parties for ad targeting purposes.

The charity used the open source Webxray tool to analyze the data gathering habits of 136 popular mental health web pages in France, Germany and the UK, as well as looking at a small sub-set of online depression tests (the top three Google search results for the phrase per country).

It has compiled its findings into a report called Your mental health for sale.

“Our findings show that many mental health websites don’t take the privacy of their visitors as seriously as they should,” Privacy International writes. “This research also shows that some mental health websites treat the personal data of their visitors as a commodity, while failing to meet their obligations under European data protection and privacy laws.”

Under Europe’s General Data Protection Regulation (GDPR), there are strict rules governing the processing of health data — which is classified as special category personal data.

If consent is being used as the legal basis to gather this type of data the standard that must be obtained from the user is “explicit” consent.

In practice that might mean a pop-up before you take a depression test which asks whether you’d like to share your mental health with a laundry list of advertisers so they can use it to sell you stuff when you’re feeling low — also offering a clear ‘hell no’ penalty-free choice not to consent (but still get to take the test).

Safe to say, such unvarnished consent screens are as rare as hen’s teeth on the modern Internet.

But, in Europe, beefed up privacy laws are now being used to challenge the ‘data industrial complex’s systemic abuses and help individuals enforce their rights against a behavior-tracking adtech industry that regulators have warned is out of control.

Among Privacy International’s key findings are that —

  • 76.04% of the mental health web pages contained third-party trackers for marketing purposes
  • Google trackers are almost impossible to avoid, with 87.8% of the web pages in France having a Google tracker, 84.09% in Germany and 92.16% in the UK
  •  Facebook is the second most common third-party tracker after Google, with 48.78% of all French web pages analysed sharing data with Facebook; 22.73% for Germany; and 49.02 % for the UK.
  • Amazon Marketing Services were also used by many of the mental health web pages analysed (24.39% of analyzed web pages in France; 13.64 % in Germany; and 11.76% in the UK)
  • Depression-related web pages used a large number of third-party tracking cookies which were placed before users were able to express (or deny) consent. On average, PI found the mental health web pages placed 44.49 cookies in France; 7.82 for Germany; and 12.24 for the UK

European law around consent as a legal basis for processing (general) personal data — including for dropping tracking cookies — requires it to be informed, specific and freely given. This means websites that wish to gather user data must clearly state what data they intend to collect for what purpose, and do so before doing it, providing visitors with a free choice to accept or decline the tracking.

Dropping tracking cookies without even asking clearly falls foul of that legal standard. And very far foul when you consider the personal data being handled by these mental health websites is highly sensitive special category health data.

It is exceedingly difficult for people to seek mental health information and for example take a depression test without countless of third parties watching,” said Privacy International technologist Eliot Bendinelli in a statement. “All website providers have a responsibility to protect the privacy of their users and comply with existing laws, but this is particularly the case for websites that share unusually granular or sensitive data with third parties. Such is the case for mental health websites.”

Additionally, the group’s analysis found some of the trackers embedded on mental health websites are used to enable a programmatic advertising practice known as Real Time Bidding (RTB). 

This is important because RTB is subject to multiple complaints under GDPR.

These complaints argue that the systematic, high velocity trading of personal data is, by nature, inherently insecure — with no way for people’s information to be secured after it’s shared with hundreds or even thousands of entities involved in the programmatic chain, because there’s no way to control it once it’s been passed. And, therefore, that RTB fails to comply with the GDPR’s requirement that personal data be processed securely.

Complaints are being considered by regulators across multiple Member States. But this summer the UK’s data watchdog, the ICO, essentially signalled it is in agreement with the crux of the argument — putting the adtech industry on watch in an update report in which it warns that behavioral advertising is out of control and instructs the industry it must reform.

However the regulator also said it would give players “an appropriate period of time to adjust their practices”, rather than wade in with a decision and banhammers to enforce the law now.

The ICO’s decision to opt for an implied threat of future enforcement to push for reform of non-compliant adtech practices, rather than taking immediate action to end privacy breaches, drew criticism from privacy campaigners.

And it does look problematic now, given Privacy International’s findings suggest sensitive mental health data is being sucked up into bid requests and put about at insecure scale — where it could pose a serious risk to individuals’ rights and freedoms.

Privacy International says it found “numerous” mental health websites including trackers from known data brokers and AdTech companies — some of which engage in programmatic advertising. It also found some depression test websites (namely: netdoktor.de, passeportsante.net and doctissimo.fr, out of those it looked at) are using programmatic advertising with RTB.

“The findings of this study are part of a broader, much more systemic problem: The ways in which companies exploit people’s data to target ads with ever more precision is fundamentally broken,” adds Bendinelli. “We’re hopeful that the UK regulator is currently probing the AdTech industry and the many ways it uses special category data in ways that are neither transparent nor fair and often lack a clear legal basis.”

We’ve reached out to the ICO with questions.

We also asked the Internet Advertising Bureau Europe what steps it is taking to encourage reform of RTB to bring the system into compliance with EU privacy law. At the time of writing the industry association had not responded.

The IAB recently released a new version of what it refers to as a “transparency and consent management framework” intended for websites to embed to collect consent from visitors to processing their data including for ad targeting purposes — legally, the IAB contends.

However critics argue this is just another dose of business as usual ‘compliance theatre’ from the adtech industry — with users offered only phoney choices as there’s no real control over how their personal data gets used or where it ends up.

Earlier this year Google’s lead privacy regulator in Europe, the Irish DPC, opened a formal investigation into the company’s processing of personal data in the context of its online Ad Exchange — also as a result of a RTB complaint filed in Ireland.

The DPC said it will look at each stage of an ad transaction to establish whether the ad exchange is processing personal data in compliance with GDPR — including looking at the lawful basis for processing; the principles of transparency and data minimisation; and its data retention practices.

The outcome of that investigation remains to be seen. (Fresh fuel has just today been poured on with the complainant submitting new evidence of their personal data being shared in a way they allege infringes the GDPR.)

Increased regulatory attention on adtech practices is certainly highlighting plenty of legally questionable and ethically dubious stuff — like embedded tracking infrastructure that’s taking liberal notes on people’s mental health condition for ad targeting purposes. And it’s clear that EU regulators have a lot more work to do to deliver on the promise of GDPR.




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Mobile gaming is a $68.5 billion global business, and investors are buying in – gpgmail


By the end of 2019, the global gaming market is estimated to be worth $152 billion with 45% of that, $68.5 billion, coming directly from mobile games. With this tremendous growth (10.2% YoY to be precise) has come a flurry of investments and acquisitions, everyone wanting a cut of the pie. In fact, over the last 18 months, the global gaming industry has seen $9.6 billion in investments and if investments continue at this current pace, the amount of investment generated in 2018-19 will be higher than the 8 previous years combined.

What’s interesting is why everyone is talking about games and who in the market is responding to this and how.

The gaming phenomenon 

Today, mobile games account for 33% of all app downloads, 74% of consumer spend, and 10% of all time spent in-app. It’s predicted that in 2019, 2.4 billion people will play mobile games around the world – that’s almost one third of the global population. In fact, 50% of mobile app users play games, making this app category as popular as music apps like Spotify and Apple Music and second only to social media and communications apps in terms of time spent.

In the US, time spent on mobile devices has also officially outpaced that of television – with users spending 8 more minutes per day on their mobile devices. By 2021, this number is predicted to increase to over 30 minutes. Apps are the new primetime and games have grabbed the lion’s share.

Accessibility is the highest it’s ever been as barriers to entry are virtually non-existent. From casual games to the recent rise of the wildly popular hyper-casual genre of games which are quick to download, easy to play, and lend themselves to being played in short sessions throughout the day, games are played by almost every demographic stratum of society. Today, the average age of a mobile gamer is 36.3 (compared with 27.7 in 2014), the gender split is 51% female, 49% male, and one-third of all gamers are between the ages of 36-50. A far cry from the traditional stereotype of a ‘gamer’.

With these demographic, geographic, and consumption sea-changes in the mobile ecosystem and entertainment landscape, it’s no surprise that the game space is getting increased attention and investment, not just from within the industry, but more recently from traditional financial markets and even governments. Let’s look at how the markets have responded to the rise of gaming.

Image courtesy of David Maung/Bloomberg via Getty Images

Games on Games 

The first substantial investments in mobile gaming came from those who already had a stake in the industry. Tencent invested $90M in Pocket Gems and$126M in Glu Mobile (for a 14.6% stake), gaming powerhouse Supercell invested $5M in mobile game studio Redemption Games, Boom Fantasy raised $2M from ESPN and the MLB and Gamelynx raised $1.2M from several investors – one of which was Riot Games. Most recently, Ubisoft acquired a 70% stake in Green Panda Games to bolster its foot in the hyper-casual gaming market.

Additionally, bigger gaming studios began to acquire smaller ones. Zynga bought Gram Games, Ubisoft acquired Ketchapp, Niantic purchased Seismic Games, and Tencent bought Supercell (as well as a 40% stake in Epic Games). And the list goes on.

Wall Street wakes up

Beyond the flurry of investments and acquisitions from within the game industry, games are also generating huge amounts of revenue. Since launch, Pokemon Go has generated $2.3B in revenue and Fortnite has amassed some 250M players. This is catching the attention of more traditional financial institutions, like private equity firms and VCs, who are now looking at a variety of investment options in gaming – not just of gaming studios, but all those who had a stake in or support the industry.

In May 2018, hyper-casual mobile gaming studio Voodoo announced a $200M investment from Goldman Sachs’ private equity investment arm. For the first time ever, a mobile gaming studio attracted the attention of a venerable old financial institution. The explosion of the hyper-casual genre and the scale its titles are capable of achieving, together with the intensely iterative, data-driven business model afforded by the low production costs of games like this, were catching the attention of investors outside of the gaming world, looking for the next big growth opportunity.

The trend continued. In July 2018, private equity firm KKR bought a $400M minority stake in AppLovin and now, exactly one year later Blackstone announced their plan to acquire mobile ad-network Vungle for a reported $750M. Not only is money going into gaming studios, but investments are being made into companies whose technology supports the mobile gaming space. Traditional investors are finally taking notice of the mobile gaming ecosystem as a whole and the explosive growth it has produced in recent years. This year alone mobile games are expected to generate $55B in revenue so this new wave of investment interest should really come as no surprise.

A woman holds up her cell phone as she plays the Pokemon Go game in Lafayette Park in front of the White House in Washington, DC, July 12, 2016. (Photo: JIM WATSON/AFP/Getty Images)

Government intervention

Most recently, governments are realizing the potential and reach of the gaming industry and making their own investment moves. We’re seeing governments establish funds that support local gaming businesses – providing incentives for gaming studios to develop and retain their creatives, technology, and employees locally – as well as programs that aim to attract foreign talent.

As uncertainty looms in England surrounding Brexit, France has jumped on the opportunity with “Join the Game”. They’re painting France as an international hub that is already home to many successful gaming studios, and they’re offering tax breaks and plenty of funding options – for everything from R&D to the production of community events. Their website even has an entire page dedicated to “getting settled in France”, in English, with a step-by-step guide on how game developers should prepare for their arrival.

The UK Department for International Trade used this year’s Game Developers Conference as a backdrop for the promotion of their games fund – calling the UK “one of the most flourishing game developing ecosystems in the world.” The UK Games Fund allows for both local and foreign-owned gaming companies with a presence in the UK to apply for tax breaks. And ever since France announced their fund, more and more people have begun encouraging the British government to expand their program saying that the UK gaming ecosystem should be “retained and enhanced”. But, not only does the government take gaming seriously, the Queen does as well. In 2008, David Darling the CEO of hyper-casual game studio Kwalee was made a Commander of the Order of the British Empire (CBE) for his services to the games industry. CBE is the third-highest honor the Queen can bestow on a British citizen.

Over to Germany, and the government has allocated 50M euros of its 2019 budget for the creation of a games fund. In Sweden, the Sweden Game Arena is a public-private partnership that helps students develop games using government-funded offices and equipment. It also links students and startups with established companies and investors. While these numbers dwarf the investment of more commercial or financial players, the sudden uptick in interest governments are paying to the game space indicate just how exciting and lucrative gaming has become.

Support is coming from all levels

The evolution of investment in the gaming space is indicative of the stratospheric growth, massive revenue, strong user engagement, and extensive demographic and geographic reach of mobile gaming. With the global games industry projected to be worth a quarter of a trillion dollars by 2023, it comes as no surprise that the diverse players globally have finally realized its true potential and have embraced the gaming ecosystem as a whole.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

France’s Solar Road Is a Complete Failure


This site may earn affiliate commissions from the links on this page. Terms of use.

Remember solar roads? Five years ago, the idea of building insanely expensive solar panels on the ground and driving pollution-spewing vehicles over them was all the rage. Scientists pointed out the obvious flaws. A flat surface that can’t tilt or move to capture sunlight doesn’t hit very high-efficiency targets. Driving pollution-spewing vehicles over the solar panels in question would inevitably hurt their ability to gather sunlight as pollution built up on the surface. Putting solar panels on the ground and then driving over them is an excellent way to smash said solar panels to flinders. In short, the grand push for solar roadways left a lot of very smart people wondering why we didn’t just put the same amount of money into building conventional solar panels and wiring them up in the normal fashion.

Naysayers, all of them. The campaigns to build various solar-powered roads took off. The Dutch, at least, saw reason in one regard and deployed them as part of a bike path rather than attempting to craft a workable system from running pollution-spewing vehicles over a surface that gathers energy from sunlight.

Now, some years after the first solar roads opened for business, they’re… well, an abysmal failure. According to French newspaper Le Monde, the roadway-building effort failed in part because the builders didn’t consider how robust the construction would actually need to be. The “Wattway,” as the French solar road installation is known, is disintegrating much more quickly than its builders anticipated.

This is a fairly common issue. One reason the US highway system requires so much more maintenance than its builders ever anticipated is that the weight of the vehicles we’ve allowed to travel on the highways has increased so much. Roadway damage rises as the fourth power of axle weight, which means an 18,000-pound truck does 3,000 times more damage to the pavement than a 2,000-pound car. French vehicle weights are going to be different and farm tractors aren’t going to weigh as much as a semi. But the point stands: These roads weren’t built to the required standard, even though the manufacturer, Colas, promised that the resin would withstand the weight of 18-wheeler trucks.

According to this report, the proposed benefits of the Wattway (above, translation via Google) did not materialize.

The problems, however, go deeper than just vehicle weight. Thunderstorms have damaged the road. Rotting leaves clogged it. Pale splinters of resin have broken off the surface and the end of the road is now truncated. It’s described as “pale with its ragged joints,” with solar panels “that peel off the road,” and splinters of enamel resin falling from the panels they were intended to protect. Total power production has fallen every year the road was in service. The roadway targeted 790kWh per day but managed just 409kWh/day in its first year of operation. It fell sharply thereafter due to damage, producing 215kWh/day in 2018 and has slipped down to ~200kWh/day in 2019.

The French government invested a relatively small amount of money in the project (5 million euros), but the efficiency problems with the design were fully apparent before ground was broken. “Our system is not mature for inter-urban traffic,” Etienne Gaudin, Colas’ chief executive of Wattway, told Le Monde.

The problem is not the system. The problem is the concept. There is no known manufacturing method that would allow for the construction of cost-effective solar roads that can both withstand the weight and strain of daily driving and deliver acceptably efficient power. Actions taken to improve the efficiency of a road for gathering energy — like tilting the roadbed to match the sun’s travel across the sky and cleaning oil, dirt, and grime from the panels — would make it a less-effective road. Creating a more effective road by using better protective coatings or cheaper manufacturing materials would make the road a less-effective solar panel. Given that solar roads are already far less effective at producing energy than conventional solar installations, one wonders why we don’t leave the roads for driving and optimize the power infrastructure for the specific job it’s good at.

There are lots of great flavors that go together. Chocolate and peanut butter. Salt and vinegar. Butter and popcorn. Ham and cheese. There are also a number of flavors that don’t go well together at all, like steak and tetrachlorodibenzodioxin. We submit that solar roads are much closer to the latter than the former. The idea might not be completely without merit if evaluated in very sunny areas where people primarily bike or walk, but it’s never going to match the efficiency of a conventional array. Outside of specialized applications, it’s time to turn the light off on this idea.

Now Read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Most EU cookie ‘consent’ notices are meaningless or manipulative, study finds – gpgmail


New research into how European consumers interact with the cookie consent mechanisms which have proliferated since a major update to the bloc’s online privacy rules last year casts an unflattering light on widespread manipulation of a system that’s supposed to protect consumer rights.

As Europe’s General Data Protection Regulation (GDPR) came into force in May 2018, bringing in a tough new regime of fines for non-compliance, websites responded by popping up legal disclaimers which signpost visitor tracking activities. Some of these cookie notices even ask for consent to track you.

But many don’t — even now, more than a year later.

The study, which looked at how consumers interact with different designs of cookie pop-ups and how various design choices can nudge and influence people’s privacy choices, also suggests consumers are suffering a degree of confusion about how cookies function, as well as being generally mistrustful of the term ‘cookie’ itself. (With such baked in tricks, who can blame them?)

The researchers conclude that if consent to drop cookies was being collected in a way that’s compliant with the EU’s existing privacy laws only a tiny fraction of consumers would agree to be tracked.

The paper, which we’ve reviewed in draft ahead of publication, is co-authored by academics at Ruhr-University Bochum, Germany, and the University of Michigan in the US — and entitled: (Un)informed Consent: Studying GDPR Consent Notices in the Field.

The researchers ran a number of studies, gathering ~5,000 of cookie notices from screengrabs of leading websites to compile a snapshot (derived from a random sub-sample of 1,000) of the different cookie consent mechanisms in play in order to paint a picture of current implementations.

They also worked with a German ecommerce website over a period of four months to study how more than 82,000 unique visitors to the site interacted with various cookie consent designs which the researchers’ tweaked in order to explore how different defaults and design choices affected individuals’ privacy choices.

Their industry snapshot of cookie consent notices found that the majority are placed at the bottom of the screen (58%); not blocking the interaction with the website (93%); and offering no options other than a confirmation button that does not do anything (86%). So no choice at all then.

A majority also try to nudge users towards consenting (57%) — such as by using ‘dark pattern’ techniques like using a color to highlight the ‘agree’ button (which if clicked accepts privacy-unfriendly defaults) vs displaying a much less visible link to ‘more options’ so that pro-privacy choices are buried off screen.

And while they found that nearly all cookie notices (92%) contained a link to the site’s privacy policy, only a third (39%) mention the specific purpose of the data collection or who can access the data (21%).

The GDPR updated the EU’s long-standing digital privacy framework, with key additions including tightening the rules around consent as a legal basis for processing people’s data — which the regulation says must be specific (purpose limited), informed and freely given for consent to be valid.

Even so, since May last year there has been an outgrown in cookie ‘consent’ mechanisms popping up or sliding atop websites that still don’t offer EU visitors the necessary privacy choices, per the research.

“Given the legal requirements for explicit, informed consent, it is obvious that the vast majority of cookie consent notices are not compliant with European privacy law,” the researchers argue.

“Our results show that a reasonable amount of users are willing to engage with consent notices, especially those who want to opt out or do not want to opt in. Unfortunately, current implementations do not respect this and the large majority offers no meaningful choice.”

The researchers also record a large differential in interaction rates with consent notices — of between 5 and 55% — generated by tweaking positions, options, and presets on cookie notices.

This is where consent gets manipulated — to flip visitors’ preference for privacy.

They found that the more choices offered in a cookie notice, the more likely visitors were to decline the use of cookies. (Which is an interesting finding in light of the vendor laundry lists frequently baked into the so-called “transparency and consent framework” which the industry association, the Internet Advertising Bureau (IAB), has pushed as the standard for its members to use to gather GDPR consents.)

“The results show that nudges and pre-selection had a high impact on user decisions, confirming previous work,” the researchers write. “It also shows that the GDPR requirement of privacy by default should be enforced to make sure that consent notices collect explicit consent.”

Here’s a section from the paper discussing what they describe as “the strong impact of nudges and pre-selections”:

Overall the effect size between nudging (as a binary factor) and choice was CV=0.50. For example, in the rather simple case of notices that only asked users to confirm that they will be tracked, more users clicked the “Accept” button in the nudge condition, where it was highlighted (50.8% on mobile, 26.9% on desktop), than in the non-nudging condition where “Accept” was displayed as a text link (39.2% m, 21.1% d). The effect was most visible for the category-and vendor-based notices, where all checkboxes were pre-selected in the nudging condition, while they were not in the privacy-by-default version. On the one hand, the pre-selected versions led around 30% of mobile users and 10% of desktop users to accept all third parties. On the other hand, only a small fraction (< 0.1%) allowed all third parties when given the opt-in choice and around 1 to 4 percent allowed one or more third parties (labeled “other” in 4). None of the visitors with a desktop allowed all categories. Interestingly, the number of non-interacting users was highest on average for the vendor-based condition, although it took up the largest part of any screen since it offered six options to choose from.

The key implication is that just 0.1% of site visitors would freely choose to enable all cookie categories/vendors — i.e. when not being forced to do so by a lack of choice or via nudging with manipulative dark patterns (such as pre-selections).

Rising a fraction, to between 1-4%, who would enable some cookie categories in the same privacy-by-default scenario.

“Our results… indicate that the privacy-by-default and purposed-based consent requirements put forth by the GDPR would require websites to use consent notices that would actually lead to less than 0.1 % of active consent for the use of third parties,” they write in conclusion.

They do flag some limitations with the study, pointing out that the dataset they used that arrived at the 0.1% figure is biased — given the nationality of visitors is not generally representative of public Internet users, as well as the data being generated from a single retail site. But they supplemented their findings with data from a company (Cookiebot) which provides cookie notices as a SaaS — saying its data indicated a higher accept all clicks rate but still only marginally higher: Just 5.6%.

Hence the conclusion that if European web users were given an honest and genuine choice over whether or not they get tracked around the Internet, the overwhelming majority would choose to protect their privacy by rejecting tracking cookies.

This is an important finding because GDPR is unambiguous in stating that if an Internet service is relying on consent as a legal basis to process visitors’ personal data it must obtain consent before processing data (so before a tracking cookie is dropped) — and that consent must be specific, informed and freely given.

Yet, as the study confirms, it really doesn’t take much clicking around the regional Internet to find a gaslighting cookie notice that pops up with a mocking message saying by using this website you’re consenting to your data being processed how the site sees fit — with just a single ‘Ok’ button to affirm your lack of say in the matter.

It’s also all too common to see sites that nudge visitors towards a big brightly colored ‘click here’ button to accept data processing — squirrelling any opt outs into complex sub-menus that can sometimes require hundreds of individual clicks to deny consent per vendor.

You can even find websites that gate their content entirely unless or until a user clicks ‘accept’ — aka a cookie wall. (A practice that has recently attracted regulatory intervention.)

Nor can the current mess of cookie notices be blamed on a lack of specific guidance on what a valid and therefore legal cookie consent looks like. At least not any more. Here, for example, is a myth-busting blog which the UK’s Information Commissioner’s Office (ICO) published last month that’s pretty clear on what can and can’t be done with cookies.

For instance on cookie walls the ICO writes: “Using a blanket approach such as this is unlikely to represent valid consent. Statements such as ‘by continuing to use this website you are agreeing to cookies’ is not valid consent under the higher GDPR standard.” (The regulator goes into more detailed advice here.)

While France’s data watchdog, the CNIL, also published its own detailed guidance last month — if you prefer to digest cookie guidance in the language of love and diplomacy.

(Those of you reading gpgmail back in January 2018 may also remember this sage plain english advice from our GDPR explainer: “Consent requirements for processing personal data are also considerably strengthened under GDPR — meaning lengthy, inscrutable, pre-ticked T&Cs are likely to be unworkable.” So don’t say we didn’t warn you.)

Nor are Europe’s data protection watchdogs lacking in complaints about improper applications of ‘consent’ to justify processing people’s data.

Indeed, ‘forced consent’ was the substance of a series of linked complaints by the pro-privacy NGO noyb, which targeted T&Cs used by Facebook, WhatsApp, Instagram and Google Android immediately GDPR started being applied in May last year.

While not cookie notice specific, this set of complaints speaks to the same underlying principle — i.e. that EU users must be provided with a specific, informed and free choice when asked to consent to their data being processed. Otherwise the ‘consent’ isn’t valid.

So far Google is the only company to be hit with a penalty as a result of that first wave of consent-related GDPR complaints; France’s data watchdog issued it a $57M fine in January.

But the Irish DPC confirmed to us that three of the 11 open investigations it has into Facebook and its subsidiaries were opened after noyb’s consent-related complaints. (“Each of these investigations are at an advanced stage and we can’t comment any further as these investigations are ongoing,” a spokeswoman told us. So, er, watch that space.)

The problem, where EU cookie consent compliance is concerned, looks to be both a failure of enforcement and a lack of regulatory alignment — the latter as a consequence of the ePrivacy Directive (which most directly concerns cookies) still not being updated, generating confusion (if not outright conflict) with the shiny new GDPR.

However the ICO’s advice on cookies directly addresses claimed inconsistencies between ePrivacy and GDPR, stating plainly that Recital 25 of the former (which states: “Access to specific website content may be made conditional on the well-informed acceptance of a cookie or similar device, if it is used for a legitimate purpose”) does not, in fact, sanction gating your entire website behind an ‘accept or leave’ cookie wall.

Here’s what the ICO says on Recital 25 of the ePrivacy Directive:

  • ‘specific website content’ means that you should not make ‘general access’ subject to conditions requiring users to accept non-essential cookies – you can only limit certain content if the user does not consent;
  • the term ‘legitimate purpose’ refers to facilitating the provision of an information society service – ie, a service the user explicitly requests. This does not include third parties such as analytics services or online advertising;

So no cookie wall; and no partial walls that force a user to agree to ad targeting in order to access the content.

It’s worth point out that other types of privacy-friendly online advertising are available with which to monetize visits to a website. (And research suggests targeted ads offer only a tiny premium over non-targeted ads, even as publishers choosing a privacy-hostile ads path must now factor in the costs of data protection compliance to their calculations — as well as the cost and risk of massive GDPR fines if their security fails or they’re found to have violated the law.)

Negotiations to replace the now very long-in-the-tooth ePrivacy Directive — with an up-to-date ePrivacy Regulation which properly takes account of the proliferation of Internet messaging and all the ad tracking techs that have sprung up in the interim — are the subject of very intense lobbying, including from the adtech industry desperate to keep a hold of cookie data. But EU privacy law is clear.

“[Cookie consent]’s definitely broken (and has been for a while). But the GDPR is only partly to blame, it was not intended to fix this specific problem. The uncertainty of the current situation is caused the delay of the ePrivacy regulation that was put on hold (thanks to lobbying),” says Martin Degeling, one of the research paper’s co-authors, when we suggest European Internet users are being subject to a lot of ‘consent theatre’ (ie noisy yet non-compliant cookie notices) — which in turn is causing knock-on problems of consumer mistrust and consent fatigue for all these useless pop-ups. Which work against the core aims of the EU’s data protection framework.

“Consent fatigue and mistrust is definitely a problem,” he agrees. “Users that have experienced that clicking ‘decline’ will likely prevent them from using a site are likely to click ‘accept’ on any other site just because of one bad experience and regardless of what they actually want (which is in most cases: not be tracked).”

“We don’t have strong statistical evidence for that but users reported this in the survey,” he adds, citing a poll the researchers also ran asking site visitors about their privacy choices and general views on cookies. 

Degeling says he and his co-authors are in favor of a consent mechanism that would enable web users to specify their choice at a browser level — rather than the current mess and chaos of perpetual, confusing and often non-compliant per site pop-ups. Although he points out some caveats.

“DNT [Do Not Track] is probably also not GDPR compliant as it only knows one purpose. Nevertheless  something similar would be great,” he tells us. “But I’m not sure if shifting the responsibility to browser vendors to design an interface through which they can obtain consent will lead to the best results for users — the interfaces that we see now, e.g. with regard to cookies, are not a good solution either.

“And the conflict of interest for Google with Chrome are obvious.”

The EU’s unfortunate regulatory snafu around privacy — in that it now has one modernized, world-class privacy regulation butting up against an outdated directive (whose progress keeps being blocked by vested interests intent on being able to continue steamrollering consumer privacy) — likely goes some way to explaining why Member States’ data watchdogs have generally been loath, so far, to show their teeth where the specific issue of cookie consent is concerned.

At least for an initial period the hope among data protection agencies (DPAs) was likely that ePrivacy would be updated and so they should wait and see.

They have also undoubtedly been providing data processors with time to get their data houses and cookie consents in order. But the frictionless interregnum while GDPR was allowed to ‘bed in’ looks unlikely to last much longer.

Firstly because a law that’s not enforced isn’t worth the paper it’s written on (and EU fundamental rights are a lot older than the GDPR). Secondly, with the ePrivacy update still blocked DPAs have demonstrated they’re not just going to sit on their hands and watch privacy rights be rolled back — hence them putting out guidance that clarifies what GDPR means for cookies. They’re drawing lines in the sand, rather than waiting for ePrivacy to do it (which also guards against the latter being used by lobbyists as a vehicle to try to attack and water down GDPR).

And, thirdly, Europe’s political institutions and policymakers have been dining out on the geopolitical attention their shiny privacy framework (GDPR) has attained.

Much has been made at the highest levels in Europe of being able to point to US counterparts, caught on the hop by ongoing tech privacy and security scandals, while EU policymakers savor the schadenfreude of seeing their US counterparts being forced to ask publicly whether it’s time for America to have its own GDPR.

With its extraterritorial scope, GDPR was always intended to stamp Europe’s rule-making prowess on the global map. EU lawmakers will feel they can comfortably check that box.

However they are also aware the world is watching closely and critically — which makes enforcement a very key piece. It must slot in too. They need the GDPR to work on paper and be seen to be working in practice.

So the current cookie mess is a problematic signal which risks signposting regulatory failure — and that simply isn’t sustainable.

A spokesperson for the European Commission told us it cannot comment on specific research but said: “The protection of personal data is a fundamental right in the European Union and a topic the Juncker commission takes very seriously.”

“The GDPR strengthens the rights of individuals to be in control of the processing of personal data, it reinforces the transparency requirements in particular on the information that is crucial for the individual to make a choice, so that consent is given freely, specific and informed,” the spokesperson added. 

“Cookies, insofar as they are used to identify users, qualify as personal data and are therefore subject to the GDPR. Companies do have a right to process their users’ data as long as they receive consent or if they have a legitimate interest.”

All of which suggests that the movement, when it comes, must come from a reforming adtech industry.

With robust privacy regulation in place the writing is now on the wall for unfettered tracking of Internet users for the kind of high velocity, real-time trading of people’s eyeballs that the ad industry engineered for itself when no one knew what was being done with people’s data.

GDPR has already brought greater transparency. Once Europeans are no longer forced to trade away their privacy it’s clear they’ll vote with their clicks not to be ad-stalked around the Internet too.

The current chaos of non-compliant cookie notices is thus a signpost pointing at an underlying privacy lag — and likely also the last gasp signage of digital business models well past their sell-by-date.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Auto supplier Continental shifts gears — and its capital — to an electric future – gpgmail


Continental AG, a global auto-parts supplier, will no longer invest in parts used in internal combustion engines, the latest sign that the automotive industry is being forced to respond to increasingly strict emissions laws.

Instead, the company said it will put more focus and capital on the electric powertrain, which it believes is the “future of mobility.”

“Our customers are increasingly and consistently turning to the electrification of combustion engines through hybrid drives as well as to pure battery-powered vehicles,” said Andreas Wolf, head of Continental’s Powertrain division, which in the future will operate under the name Vitesco Technologies with Wolf as CEO.

This shift toward electrification is being driven by tighter regulations around the world. Cities are clamping down on the use of diesel- and gas-powered cars, trucks and SUVs in urban centers and states like California are tightening rules to meet air quality and emissions targets to combat climate change. China has placed restrictions on gas-powered vehicles and provides incentives to electric ones. France wants to end the sale of fossil fuel-powered cars by 2040.

And automakers are following. Volvo, VW and others have announced plans over the past two years to increase sales of electric vehicles and move toward more electrification throughout their portfolios of existing vehicles. Electrification can mean hybrid, plug-in or all-electric vehicles.

There has been plenty of speculation and attempts to predict exactly when — not so much if — a tectonic shift to electric powertrains would occur. Suppliers have grappled with the “when” part. Putting too much capital too soon toward developing automotive parts can saddle a supplier with inventory and mounting costs.

What’s happening at Continental is starting to play out within the rest of the industry. If companies like Continental want to survive and keep up with the demands of automakers, they have to act. But not wildly. Development costs for powertrains are, after all, no small matter.

Continental is making specific choices on what exactly it pursues. The company, for instance, will not consider producing solid-state battery cells in the future. Apparently the company was open to making an investment in battery cell production. But now the company believes the market no longer offers any attractive economic prospects for battery cell production for Continental, Wolf said.

What Continental is going to do is reduce investment in its hydraulic components business, which includes parts like injectors and pumps for gasoline and diesel engines.

“Investments in research and development and in production capacity for innovations are becoming less profitable,” says Wolf, explaining the reasoning behind this decision.

Continental will fulfill existing orders. New orders will “play an increasingly marginal role.”

This shift within Continental will likely extend over a number of years, as combustion engines essentially serve as the basic drivers for hybrid solutions, Wolf said. The company will also review its business in components for exhaust-gas after treatment and fuel delivery.

All of this translates into big changes within the company, including the technologies it decides to invest in, jobs and even locations of some of its operations. Continental said it will also consider partnerships.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Google’s Titan security keys come to Japan, Canada, France and the UK – gpgmail


Google today announced that its Titan Security Key kits are now available in Canada, France, Japan and the UK. Until now, these keys, which come in a kit with a Bluetooth key and a standard USB-A dongle, were only available in the U.S.

The keys provide an extra layer of security on top of your regular login credentials. They provide a second authentication factor to keep your account safe and replace more low-tech two-factor authentication systems like authentication apps or SMS messages. When you use those methods, you still have to type the code into a form, after all. That’s all good and well until you end up on a well-designed phishing page. Then, somebody could easily intercept your code and quickly reuse it to breach your account — and getting a second factor over SMS isn’t exactly a great idea to begin with, but that’s a different story.

Authentication keys use a number of cryptographic techniques to ensure that you are on a legitimate site and aren’t being phished. All of this, of course, only works on sites that support hardware security keys, though that number continues to grow.

The launch of Google’s Titan keys came as a bit of a surprise, given that Google had long had a good relationship with Yubico and previously provided all of its employees with that company’s keys. The original batch of keys also featured a security bug in the Bluetooth key. That bug was hard to exploit, but nonetheless, Google offered free replacements to all Titan Key owners.

In the U.S., the Titan Key kit sells for $50. In Canada, it’ll go for $65 CAD. In France, it’ll be €55, while in the UK it’ll retail for £50 and in Japan for ¥6,000. Free delivery is included.

 


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something