The EU Parliament, Council negotiators and lawmakers have agreed new rules under the Digital Markets Act (DMA) that will limit the market power of the big technology companies and open up the market for competitors.

What Is The Digital Markets Act? 

The Digital Markets Act (DMA) from the European Commission has been designed to ensure a higher degree of competition within the European Digital Markets, by preventing large companies from abusing their market power and by allowing fresh players to enter the market. The idea is to create more of a level playing field for businesses which the EC believes could help to foster innovation, growth, and competitiveness.

Applies To Gatekeepers 

The DMA will apply to “gatekeeper” businesses, and the EC has another initiative called the Digital Services Act (DSA) which will be used help protect the rights of users of digital services.

Who / What Are The “Gatekeepers”? 

The “gatekeepers” that the DMA rules will apply to are the companies providing “core platform services” who are “most prone to unfair business practices.” Gatekeepers, such as social networks or search engines, are “digital platforms with a systemic role in the internal market that function as bottlenecks between businesses and consumers for important digital services.” These companies are defined by the EU as having a market capitalisation of at least 75 billion euro or an annual turnover of 7.5 billion, and providing certain services such as browsers, messengers, or social media, which have at least 45 million monthly end users in the EU, and 10,000 annual business users. Gatekeepers could also be described as having a strong economic position and significant impact on the internal market, being active in multiple EU countries, and having a strong intermediation position, i.e. they link a large user base to many businesses. Also, gatekeepers are those big tech companies with an entrenched, durable market.

The New Rules 

The new DMA rules will mean that:

– The largest messaging services – WhatsApp, Facebook Messenger or iMessage- will have to open up and interoperate with smaller messaging platforms, if they so request. This should mean that users of small or big platforms could exchange messages, send files, or make video calls across messaging apps, thus giving them more choice.

– The interoperability obligation for social networks / interoperability provisions will be assessed at a later date.

– Combining personal data for targeted advertising will only be allowed with explicit consent to the gatekeeper.

– Users must be allowed to freely choose their browser, virtual assistants, or search engines.

– Companies won’t be allowed to rank their own products or services higher than those of others in online search results or reuse data collected from different services.

Punishment For Non-Compliance 

The European Parliament says that if a gatekeeper does not comply with the rules, the Commission can impose fines of up to 10 per cent of its total worldwide turnover in the preceding financial year, and 20 per cent in case of repeated infringements. For systematic infringements, the Commission has threatened to ban gatekeepers from acquiring other companies for a certain period of time.

A New Era of Tech Regulation 

Rapporteur from the EU Parliament’s Internal Market and Consumer Protection Committee, Andreas Schwab (EPP, DE), said of the new rules, “The agreement ushers in a new era of tech regulation worldwide. The Digital Markets Act puts an end to the ever-increasing dominance of Big Tech companies. From now on, they must show that they also allow for fair competition on the internet. The new rules will help enforce that basic principle. Europe is thus ensuring more competition, more innovation, and more choice for users.” 

The Tech Companies Say… 

Apple has been reported as saying that parts of the DMA “will create unnecessary privacy and security vulnerabilities for our users while others will prohibit us from charging for intellectual property in which we invest a great deal.”  

Google has been reported as saying that, while it supports many of the DMA’s ambitions, it is “concerned that some of the rules could reduce innovation and the choice available to Europeans.” 

What Does This Mean For Your Business? 

The EU has launched a lot of antitrust investigations and introduced many new rules in recent years designed to stop the big tech companies being too powerful and to stop the use of some technologies (AI) surging ahead of regulation. The behaviour of the big tech companies has led many to call for tougher regulations and the formalised new rules of the DMA have been agreed upon quite quickly (less than 18 months), emphasising the EU’s determination to act. Clearly, it’s likely to be unwelcome news for the big tech “gatekeepers” who have been enjoying huge market dominance and profits. For smaller digital companies operating in the EU area, the DMA is likely to be a welcome step, allowing them more of a chance to compete and gain more share in a market dominated by giants for so long. For users, it could provide greater choice, and greater convenience, e.g. with the interoperability of messaging platforms. It is only likely to really work, however, if the penalties are severe enough and if action is taken quickly to send the message that the EU is really serious about the matter.

In this insight, we look at how Stephen Wilhite invented the GIF file, and how his invention has endured while the Internet has undergone vast changes.

Who Was Stephen Wilhite? 

Stephen Wilhite is regarded as one of the inventors who changed the face of the Internet. White worked at CompuServe in the 1980s. Founded in 1969, Ohio-based Compuserve was the first major online service provider in the US and is the oldest of the Big Three information services (along with AOL and Prodigy).

Stephen Wilhite worked as part of a team at CompuServe managed by former chief technical officer Alexander “Sandy” Trevor, but Stephen Wilhite invented the GIF by himself, at home, and then brought the new file format into Compuserve to be worked on by the team. Stephen Wilhite retired in 2000 and is reported to have spent much of his time traveling, camping, and building model trains in his basement.

In 2013, Stephen Wilhite was given a Lifetime Achievement Award at the Webby Awards in New York for the invention of the GIF and his contribution to internet culture.

Died March 14, 2022 

Sadly, Stephen Wilhite died of Covid on March 14, just days after his 74th birthday, leaving a wife, four stepchildren, a son, 11 grandchildren and three great-grandchildren.

What Is A GIF? 

Graphics interchange format, commonly known is GIF (pronounced ‘jiff’, according to Wilhite) is a type of compressed file for images. Invented by White in 1987, while he was at Compuserve, a GIF allowed image transfers across the slow modem connections that were available at the time. GIFs allowed for colour, replacing the black-and-white run-length encoding format (RLE), and offered lossless compression, i.e. no degradation of pixels to make the image smaller, as with JPG files.  GIFs are one of the oldest images used online and the first GIF created is thought to be clip art picture of an airplane in the sky.

Extensible – Animated 

Wilhite is also credited with having the foresight to make GIFs extensible, enabling developers to add their own custom information and leading to the creation of animated GIFs in 1995. The Netscape Navigator browser is often credited with helping to boost the popularity of GIFs as it supported the .GIF format, including animated GIFs.

Although, after a relatively brief period of popularity, GIFs were largely phased out in favour of other compressed file formats for static pictures. However, GIFs remained, largely because, unlike other formats, they provided a fast, easy way to create animated images.

Popularity Again

Animated GIFs have had a resurgence in popularity recent years thanks to users on platforms like 4chan and Reddit creating inventive and funny ‘memes’ (from the Greek word for “imitated”) using the animated GIF format. These files have also been widely shared and popularised through other big social media platforms. GIFs have also been used recently for as a compact, universally accepted form of low-fidelity video.

It has been reported that Wilhite’s favourite was the first popular digital meme, ‘the dancing baby’ from 1996.

What Does This Mean For Your Business? 

Time has proven the value of the invention of the GIF which has stayed around and fulfilled a continuing need and filled a gap in an area which has seen massive, fast, and continuous changes – the Web. GIFs have evolved to enable creativity expression (memes), keeping them relevant, and it’s likely that they’ll be around a lot longer yet. It’s amazing that one man could simply invent this type of file at home, and it was truly an innovation that has been valuable around the world. With the death of Stephen Wilhite, the world has lost another of the great Internet pioneers.

It is believed that a string of hacks carried out on identity and access management company Okta, were the work of teenage cyber-gang Lapsus$, believed to be led by a UK-based 16 year-old. The hacks are thought to have resulted in the theft of confidential information, which could affect thousands of companies. Lapsus$, which is reported to have previously breached Microsft’s defences, is known for extortion, and it is likely that the motivation for the attack was money and reputation-building.

Freeing-up space and getting rid of junk files can help a PC perform faster and better. Here’s how to use the built-in Window ‘Disk Cleanup’ tool to find and delete those old junk files:

– In the Start menu, search for Disk Cleanup, and select Disk Cleanup.

– Wait for Disk Cleanup to analyse the selected drive.

– In the Disk Cleanup window, choose the files you’d like to remove from your computer, and select OK at the bottom.

– Select Delete Files in the prompt that appears.

– You may not want to delete ESD files because although it will free-up lots of space, these files are important for resetting a PC to factory settings.

Microsoft is building a new data centre region in Finland that will use the clean heat from its server cooling processes to heat local homes and businesses.

Microsoft and Fortum 

The project, which will see Microsoft working in collaboration with local state-owned utility provider Fortum Corporation, requires Microsoft to build a new data centre region in the Helsinki metropolitan area of Finland.

World’s Largest Collaboration To Heat Homes 

Fortum has described the recycling project to heat homes, services and businesses with sustainable waste heat from the new data centre region as the “world’s largest collaboration to heat homes”.

100 Per Cent Emission-Free Electricity 

The new data centres will 100 provide per cent emission-free electricity and Microsoft’s project partner Fortum will transfer the clean heat from the server cooling process to the homes, services and business premises that are connected to its existing, huge district heating system.

900 km Of Underground Pipes 

District heating, which generates and captures heat and distributes it to buildings on a large scale is the most popular method of heating premises in Finland.

The district heating infrastructure to be utilised in the project with Microsoft is the second largest in Finland for heat capture and distribution, with 900 km of underground pipes. These pipes can transfer heat to around 250,000 users in the cities of Espoo and Kauniainen, and the municipality of Kirkkonummi.

Climate-Friendly Waste Heat From Data Centres 

It is anticipated that once the new data centre region’s waste heat capture system has been built, 60 per cent of the district’s heating will come from climate-friendly waste heat. Fortum says that 40 per cent of this total will come from the new data centre region.

Microsoft Says.. 

Cindy Rose, President of Microsoft Western Europe, said about the plans for the project: “We are incredibly proud of the novel way this datacentre will sustainably power Finnish digital transformation, while also heating Finnish homes and businesses and helping cities achieve their emissions targets. In this unique collaboration, Microsoft and Fortum combine their world leading expertise in cloud computing and sustainable energy solutions, transforming the design thinking of datacentres of the future.” 

Positive Comments From Finland 

There have also been some very positive comments about the project from Finland. For example, Sanna Marin, Prime Minister of Finland said: “The decision to invest in a datacentre region that also provides surplus heat to our cities and homes is a win-win. It will accelerate Finland’s digital growth while making our energy system greener. I also hope that this collaboration can serve as a model to other countries and cities looking to achieve the double transformation of climate neutrality and digital competitiveness.” 

What Does This Mean For Your Organisation? 

We have heard about the challenges of cooling servers in data centres in the US, e.g. by immersing them in liquid, but this project shows that far from simply removing heat, it could be recycled and used to provide greener energy to homes in businesses. Finland’s existing system of district heating and its large infrastructure of insulated pipes makes it particularly well suited to this new idea. If the project is able, as expected, to provide a large amount of sustainable heating to whole cities, this could serve as a workable example and transform thinking about how datacentres of the future are designed. It could also be used to help reduce reliance upon other less-green sources of heating. There is still, however, the issue of providing power to data centres in the first place, how green this power is, and how much can be offset.

Deepfake videos of both Russian President Vladimir Putin and Ukrainian President Volodymr Zelensky have appeared online this week, both with quite different messages.

What Are Deepfake Videos?  

Deepfake videos are made using deep learning technology and use manipulated images of target individuals (found online), often celebrities, politicians, and other well-known people to create very convincing videos of the subjects saying and doing whatever the video-maker wants them to.

President Volodymr Zelensky’s Deepfake – “Childish Provocation”  

A deepfake video of President Zelensky was posted on his official Instagram account last week. The obviously fake video of President Zelensky, which was so poor that it prompted much ridicule from Ukranian viewers, gave a false message that President Zelensky was thinking about surrendering to Russia. The poor-quality video was dismissed by President Zelensky as “Childish Provocation”.  

However, the posting of the video prompted a warning from the Ukrainian Centre for Strategic Communications that Putin’s government may use more deepfakes to convince Ukrainians to surrender.

Removed By Meta  

The fake video of President Zelensky talking about surrender had been posted on Meta (Facebook) and its Russian counterpart VKontakte. Meta quickly removed the video from its platform for breaking its rules relating to “manipulated media”.

Warning In March  

It had been anticipated that deepfakes may be one of the weapons used in the cyber war against Ukraine which has accompanied the physical attacks. Earlier this month, for example, Ukraine’s Centre for Strategic Communications warned that that Russia may use altered videos of President Zelensky in order to distort public perception of the invasion.

Putin Video  

The Putin deepfake video, posted on Twitter, showed the Russian president announcing the surrender of Russia and asking Russian troops to drop their weapons and go home. A close examination of the video revealed that it had been made using clips from an address delivered by Putin on Feb 21.

What Does This Mean For Your Business?  

Deepfakes are now becoming more common and the case of these two videos shows how deepfakes are likley to be used and weaponised in future conflicts, elections, and other campaigns as a propaganda tool. Although, as in the case of the President Zelensky video, the quality may be poor, these videos are likely to improve in future to the point where they could be convincing to many viewers and could be widely shared, thereby successfully influencing some opinion. Deepfake videos are part of the wider challenge of fake news that today’s social media platforms are facing and, in this case, Meta’s rules on manipulated media could be used as a legitimate reason to remove the video from its platform.

Germany’s Federal Office for Information Security (BSI) has warned that Russia-based Kaspersky’s anti-virus software could be used for spying or launching cyber-attacks.

Russian Companies Forced To Launch Cyber-Attacks?  

The warning was aimed at Russian IT businesses who, claims the BSI, could be used via the software to carry out offensive operations, or forced against their will to attack target systems, or be spied upon. The warning also suggests that Kaspersky’s anti-virus products could be used as a tool for attacks against an IT company’s own customers.

Politically Motivated 

It is no surprise that Kaspersky has defended the safety of its products and stated that the BSI’s claims have been made purely on political grounds and not on any technical assessment of its products. Kaspersky has also denied any ties to any government, including Russia’s.

Sponsorship Dropped  

The warning by the BSI led to Eintracht Frankfurt football club dropping its sponsorship agreement with Kaspersky.

History of Accusations  

There have been many well-publicised accusations in the past against Kaspersky centring around the allegation of a possible close tie with the Russian state and, therefore, a possible security risk. For example:

In December 2017, following a warning in a letter by Director of the UK National Cyber Security Centre (NCSC), Ciaran Martin, to Whitehall chiefs about the danger of Russian software, Barclays bank has emailed its online banking customers to say that it would no longer be offering Kaspersky Russian anti-virus because of possible security risks.

Also in December 2017, then US President Donald Trump banned the use of Kaspersky Lab within the U.S. government as part of a broader defence policy spending bill. The ban reinforced a directive from September that year that civilian agencies should remove Kaspersky Lab software within 90 days. Both the earlier directive and the ban were based on security fears over Kaspersky’s possible links with the Russian State.

Kaspersky Says…  

In reply to the latest allegations from Germany, Kaspersky has issued a statement which explains that its “data processing infrastructure was relocated to Switzerland in 2018”, and that “the security and integrity of our data services and engineering practices have been confirmed by independent third-party assessment”.  

Kaspersky says that “We believe this decision is not based on a technical assessment of Kaspersky products – that we continuously advocated for with the BSI and across Europe – but instead is being made on political grounds.”  

What Does This Mean For Your Business?  

Suspicions about Kaspersky’s possible links to the Russian state have been the subject of several warnings from UK, US, and other nations’ security agencies over the past few years. It is not surprising, therefore, that with anti-Russian state feelings running high and sanctions being imposed that Kaspersky would again be in the frame. With a warning coming from such a credible and official source as Gemany’s Federal Office for Information Security (BSI), and with clear evidence of Russian cyber-attacks already (against Ukraine) it is not surprising that the warning has had an immediate commercial effect, i.e. dropped sponsorship by a major football club. It is unlikely that Kaspersky’s assurances will be heard at this time and more commercial pain for the company is likely to follow. The warning is part of an expanding surface of pressure and sanctions being applied in a bid to force an end to Putin’s war being waged against Ukraine.

With so many smart devices now all around us in homes and offices, we look here at ways to minimise the risk of having your privacy invaded.

The Internet of Things (IoT) 

IoT devices are those devices that are now present in most offices and homes that have a connection to the Internet and are, therefore, ‘smart’ and inter-connected. These devices, each of which has an IP address, could be anything from white goods, smart thermostats, digital assistants (Amazon Echo) to CCTV cameras, medical implants, industrial controllers, building entry systems, and even the car. There are now even smart malls and cities in some parts of the world. IoT devices transmit and collect data which can be processed in datacentres or the cloud and uses several different communications standards and protocols to communicate with other devices (Wi-Fi, Bluetooth, ZigBee or message queuing telemetry transport (MQTT).

Privacy Risks   

Although the smart element of these devices can be used to improve their performance, it can also represent a risk to privacy and security. For example, smart security cameras and smart assistants are essentially cameras and microphones in the home. Also, W-Fi routers, smart lightbulbs and other gadgets and wearables collect and transmit personal data. The risk is that the private data collected by IoT devices and shared over the internet could be vulnerable to hackers around the world. This, in turn, can compromise security as well as privacy as the hacked/intercepted data is used for cybercrime and physical crime (e.g. burglary) using information gained from CCTV cameras. Other risks include:

– Hackers remotely taking control of devices to misuse them and spy.

– Some IoT devices have pre-set, default unchangeable passwords, which, if discovered by cyber-criminals, can enable the device to be taken over and misused.

– IoT devices are prevalent and are often overlooked in security planning, leaving them unguarded and vulnerable to hacks and attacks.

– IoT devices are deployed in many systems that link to (and are supplied by) major utilities, e.g. smart meters in homes. This means that a large-scale attack on these IoT systems could affect the economy.

– “Shadow IoT” devices (i.e. connected to corporate networks without the knowledge of IT teams) also now pose a threat to organisations by allowing attackers a way to get into a corporate network. These devices can include fitness trackers, smartwatches and medical devices.

Protecting Privacy   

Actions that can be taken to retain privacy and limit the potential risks posed by IoT devices include:

– Securing your router by changing the default settings, i.e. the change the default administrative username, password, network name, and avoid using login names or passwords that contain your name, address, or router brand. Also, enable encryption and check for hardware and software updates.

– Changing the default username and password on IoT devices that connect to the router, using two-factor authentication (2FA).

– Not sharing passwords between devices.

– Taking time to understand what a device collects and how. Users may then make informed choices such a turning smart speakers or cameras off occasionally for privacy.

– Regularly updating each device’s firmware.

– Taking advantage of any extra security features on a device, e.g. enabling encryption or setting up a passcode lockout (“three strikes, and you’re out”).

– Disabling any data collection that is not seen as necessary on a device and disabling or disconnecting any devices that are not in regular use.

IoT Security

The threat of the IoT being used for cybercrime has prompted many businesses to start investing in IoT security solutions. According to a recent report by Meticulous Research®, the IoT Security Market could be worth as much $59.16 Billion by 2029.

What Does This Mean For Your Business?  

The IoT brings many advantages to businesses in terms of cost savings, the gathering of valuable data, monitoring and management. For consumers, smart devices deliver new levels of value-adding functionality and looking ahead, towns and cities will begin to rely even more on the benefits of IoT devices and systems. However, smart devices come with a privacy and security risk if certain steps are not taken such updating firmware, changing default passwords, and disconnecting them when they’re not needed. For businesses, IoT security has become an important issue and demand for it has increased in many industries and organisations. This demand is being driven by an increasing number of ransomware attacks on IoT devices, and an increase in the number of IoT security regulations. The risk may be even greater now in the light of the war waged by Russia on Ukraine. Businesses, therefore, need to take an audit of which IoT devices are in use and make sure appropriate measures are taken to maximise security and privacy.

A recent revision to the (draft) Online Safety Bill could mean that executives who don’t comply with the regulator’s information request could start facing penalties such as jail just two months after the bill becomes law.

The Online Safety Bill 

The UK government’s Online Safety Bill, published in May 2021 and now introduced to parliament, is (draft) legislation that’s designed to place a ‘duty of care’ on internet companies which host user-generated content to limit the spread of illegal content and “legal but harmful” content on these services.

The idea of the Online Safety Bill is essentially to prevent the spread of illegal content and activity (e.g. images of child abuse, terror material, and hate crimes), as well as to protect children from harmful material, and to protect adults from legal but harmful content.

The Bill applies to social media platforms, video-sharing platforms, search engines plus other tech services and requires them to put in place systems and processes to remove illegal content as soon as they become aware of it. The Bill also requires these services to take additional proactive measures with regards to the most harmful ‘priority’ forms of online illegal content.

Ofcom’s Expanded Role 

The Bill, which is due to be introduced as law later this year, will use Codes of Practice to regulate the behaviour of social media companies and will be enforced by the media and communications regulator, Ofcom. The regulator will have the powers to fine rule-breakers as much as 10 per cent of their global annual turnover! Also, Ofcom will have the powers to force companies failing to comply to improve their practices and even to block non-compliant sites.

Dame Melanie Dawes, Ofcom Chief Executive, said of the introduction of the Bill to Parliament (March 17): “Today marks an important step towards creating a safer life online for the UK’s children and adults. Our research shows the need for rules that protect users from serious harm, but which also value the great things about being online, including freedom of expression. We’re looking forward to starting the job”. 

Punishing Named Executives 

One recent aspect of the debate around the Online Safety Bill, in line with the idea of bringing about a new era of accountability, has been the naming and punishing of specific individuals/executives within offending companies to make them more accountable. The draft Bill, for example, already included the ability to impose criminal sanctions of named tech executives.

Was 2 Years – Could Be Two Months! 

These sanctions (i.e. prison sentences) were originally due to be delayed for two years (a grace period) after the laws are passed but some UK MPs have been asking the government to remove this long grace period before criminal sanctions can be faced.

Digital Secretary Nadine Dorries, who has personal experience of having been targeted by trolls, was recently reported to have favoured a six months timeline (grace period) before the imposition of prison terms for those tech execs who fail to remove “harmful algorithms”.

The most recent revisions to the Bill, however, mean that when it becomes law, the time frame for being able to apply criminal liability powers against senior executives in social media and tech companies could be down to as little as two months.

In a recent press release (March 17), the government said: “Today the government is announcing that executives whose companies fail to cooperate with Ofcom’s information requests could now face prosecution or jail time within two months of the Bill becoming law, instead of two years as it was previously drafted.” 

The punishment for not cooperating with Ofcom (including falsifying or destroying data) could see offenders facing up to two years in prison, or a substantial fine.

Offences 

The kinds of priority offences listed in the draft bill are terrorism, child sexual abuse, and exploitation. The Department for Digital, Culture, Media and Sport’s Secretary of State also has powers to add further priority offences (with Parliament’s approval) via secondary legislation once the bill becomes law.

As it stands now, the Bill has been written to tackle online safety in areas such as protecting children from harmful online content, limiting user’s exposure to illegal content and requiring online platforms where users can post their own content ensure they ‘protect children, tackle illegal activity and uphold their terms and conditions’.

More recent additions to areas covered by the Bill include:

– Making social media platforms tackle ‘legal but harmful’ content (as defined by Parliament).

– Tackling paid-for-scam adverts on social media and search engines.

– Ensuring that there are 18+ age verification checks on pornography-hosting sites.

Also written into the Bill are measures to address anonymous trolls online, and the criminalisation of cyber flashing.

What Does This Mean For Your Business? 

With the Bill being strengthened in recent months to bring about greater accountability among executives of social media companies, the hope is that this will make them take it more seriously and make compliance a priority. The treat of possible prison terms for executives, has now been backed up with a dramatically reduced ‘grace period’ – two months instead of two years. The hope that this will really drive the message home that the UK government now intends to get tougher about online safety and how social media platforms offer protection to users. The Bill is now being debated in Parliament which is a signal that it could soon become law. Social media platforms, freedom and rights groups, child safety organisations, law firms, and tech and safety commentators will now be watching closely to see what aspects of the Bill will make it into law and what changes will need to be made by tech businesses to comply.

It has been reported that hackers have been using CAPTCHA verification tests to get around automated spam scanners and trick them into letting their phishing emails through, hiding hide malicious links in HTML files. This technique has been used before and the advice is to not open or click on links in any unsolicited and suspicious-looking emails.