All posts by Paul Stradling

News

Tech News : Apple Issues Patch To Stop iPhone ‘Zero-Click’ Spyware

Apple has issued a security update following the discovery of a zero-day, zero-click “spyware” that could infect iPhones and iPads.

Discovered By Researchers

The threat was discovered by independent researchers from the University of Toronto’s Citizen Lab while they were analysing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware.

What Is It?

The Citizen Lab has described the threat as a zero-day (unknown, or known but with no patch yet), zero-click “spyware”. This is spying malware that doesn’t need users to click on a link or file to launch it. The Citizen Lab, which has identified the threat as being “in the wild” (already in circulation), says that a “maliciously crafted” PDF file could lead to arbitrary code execution. The threat uses malicious Adobe PDF files disguised to look like GIF (files with the “.gif” extension). The exploit has been dubbed “FORCEDENTRY” and, is believed to target Apple’s image rendering library, and works by exploiting an integer overflow vulnerability in Apple’s image rendering library (CoreGraphics).

iOS, MacOS, and WatchOS Devices At Risk

The researchers found the threat to be effective against Apple iOS, MacOS, and WatchOS devices, and that it has been used by a mercenary spyware company called “NSO Group” to remotely exploit and infect the latest Apple devices with the Pegasus spyware.

Patch Issued In Response

After The Citizen Lab passed the details of its findings to Apple, the tech giant released a patch/security update. Apple issued iOS 14.8 and iPadOS 14.8 patches for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). Apple says that it is “aware of a report that this issue may have been actively exploited”.

Bad Timing

The news of the discovery of the exploit, which may have been in use since at least February this year, came at a bad time for Apple as the company prepared to unveil its new devices, including its new iPhones and updates to its AirPods and Apple Watch, at its annual launch event (Tuesday).

What Does This Mean For Your Business?

The Citizen Lab researchers have blamed the Israel-based NSO Group for selling technology that is being used as “despotism-as-a-service” by unaccountable government security agencies. Even though this is a real threat to iPhones, iPads, and Apple watches, security commentators say that the vast majority of iPhone owners don’t need to be too concerned because this type of attack is usually highly targeted. Nevertheless, the discovery has come at an unfortunate moment for Apple which has been busy trying to promote the benefits of its new products while competitors like Microsoft have announced the launch of a new, secure, passwordless login system.

News

Featured Article: Charging Electric Vehicles – What You Need to Know

In this article, we look at the different types and locations of EV charging in the UK, plus the challenges and legislation relating to it.

How Many Electric Cars In The UK?

By the end of August 2021, there were more than 600,000 plug-in vehicles, and nearly 300,000 BEVs (Battery-Powered Electric Vehicles) and 300,000 PHEVs (Plug-in Hybrid Electric Vehicle ) registered in the UK. Electric vehicles are often simply referred to as EVs.

Charging EVs

Electronic vehicles contain batteries that need charging. Although hybrid EVs are powered by an internal combustion engine and electric motor (which uses energy stored in batteries), they can’t be plugged in to charge the battery (the engine and regenerative braking charge the battery).

For normal EVs, three main types of charging are available (rapid, fast, and slow). These represent the power outputs (measured in kilowatts kW) and charging speeds. Each charger type has a different type of connector for low or high-power use, and for AC or DC charging.

Rapid chargers, using tethered cables, are the fastest way to charge an EV, and they supply high power as direct or alternating current (DC or AC). Typically (depending on the model), rapid charging can recharge EV batteries to 80 per cent in around 20 minutes. Types of rapid chargers include rapid DC chargers (providing power at 50 kW/125A, ultra-rapid DC chargers providing power at 100 kW or more, Tesla’s own Supercharger network providing rapid DC charging (using the Tesla Type 2 connector or a Tesla CCS connector) up to 150 kW, and rapid AC chargers providing power at 43 kW.

Fast chargers (mostly AC charging) can typically recharge an EV with a 40-kWh battery in 4-6 hours using a 7-kW charger, or in 1-2 hours using a 22-kW charger. Most fast chargers are 7 kW and untethered (a cable that is not permanently fixed to the charge point connects the EV with the charge point). Some home and workplace units have cables attached.

Slow chargers are mostly untethered, and a 3-kW unit typically takes 6-12 hours to fully charge a car battery.

Different Connectors for Charging

Connectors (to the car from the charging point) differ depending on the charger type (socket) and the vehicle’s inlet port. For example, rapid chargers use CHAdeMO, CCS (Combined Charging Standard) or Type 2 connectors, whereas fast and slow units tend to use Type 2, Type 1, Commando, or 3-pin plug outlets.

Where?

The choices of where EV owners can charge their vehicles include vary. For example, there are 20+ EV charging networks are currently available in the UK. Examples of these networks include the ESB Energy public network (rapid charge points, London, and Coventry plus charge points for taxi drivers), Osprey (formerly Engenie) with its UK-wide network of rapid chargers, and bp pulse (formerly Polar) which is one of the UK’s largest public charging networks.

EV charger types and their location typically include:

– Rapid chargers, which can be found (typically) at motorway services and near main travel routes.

– Fast chargers, found (typically) at car parks, supermarkets, and leisure centres.

– Slow Charging points are mainly used outside private homes (for charging overnight), at workplaces, and in some other public places. Slow public chargers tend to be older devices.

Paying

Different networks offer different payment methods for using their chargers. Payment methods include Zap-Pay (an app-based, pay-as-you-go credit or debit card system), contactless credit or debit card payments, MFG app contactless payments, subscription memberships, and more.

Most Use Public Chargers

A Zap-Map survey (of 2,200 people) found that 90 per cent use public chargers when they’re out. Supermarkets are the most popular public charging place (48 per cent of respondents), followed by motorway service stations (47 per cent) and public car parks (32 per cent).

Ultra-Rapid Charging Point Growth

Recent figures have also shown a growth in ultra-rapid charge points with 16 per cent of EV owners now using them. This trend has been helped by more cars being able to take higher charge rates as well as an almost doubling of the number of ultra-rapid charge points available.

The UK Law

In the UK, the Automated and Electric Vehicles Act 2018 (AEV Act), was essentially designed to ensure that the UK’s infrastructure and insurance system could cope with the large-scale switch from petrol/diesel to electronic vehicles. Whereas the first part of the Act is mainly concerned with how insurers deal with claims related to operating EVs in automated technology mode and keeping the software up to date, the second part deals with the EV charging infrastructure (availability, compatibility vehicle types, reliability standards and standardising how they are paid for).

Government Consultation

In 2019, the UK government held a consultation with stakeholders in response to the introduction of the Act. Some of the key points in the responses include:

– The time of day at which Electric Vehicle (EV) charging occurs could have significant implications for the electricity system. With more people getting home charging points, this could lead to most EVs being charged at peak times (between 5pm and 7pm), this could mean that greater investment is needed in the charging networks, and in and in electricity generation capacity to meet increased demand.

– Shifting EV charging to a different time of day (e.g. overnight) when there is lower demand on the electricity system, or to times of high renewable energy generation, could help reduce the need for costly electricity network reinforcement to meet increased demand, and could give consumers savings on their energy bills.

– The AEV Act 2018 gives the UK Government powers through secondary legislation to mandate that all EV charge points sold and installed in the UK have smart functionality and meet minimum device-level requirements.

Peak Times?

Due to the increased demand and possible disruptive effect on the UK energy supply from EV owners all charging their cars at the same time, there have been concerns that new EV chargers could be preset to turn off for nine hours a day, and automatically set to not function at ‘peak times.’ However, public chargers and rapid chargers (e.g. on motorways) are exempt from peak times. Smart charge points may, however, come pre-set to prevent automatic charging during peak times (8 am to 11 am, 4 pm to 10 pm weekdays) but the legislation specifies time windows instead of an off-peak period.

Although the UK government requires smart EV charger makers to include a function that randomly delays the start time of any load control action (to delay EV charging when there is grid instability), they have also said that users should be allowed to override this delay function.

New Build Homes and Offices Must Include EV Chargers

One of the big challenges to getting people to buy an EV vehicle is whether they can have charging points available at home (or at work). The UK government is therefore introducing legislation later this year that will require all newly built homes and offices in England to feature EV chargers.

What Does This Mean For Your Business?

Having a charging network that is widespread, effective, easy, and cheap to use, and having home and/or office charging points as well as public charging points are of major importance in influencing more people to make the switch to EV ownership. There is, however, still some confusion in the marketplace about charging options which is one of the reasons why The Department for Transport (DfT) has introduced contactless payment at charge points, forcing operators to provide a 24/7 call helpline for drivers and making location data, power rating and price information more accessible, with the hope of reassuring motorists that charging EV’s can be easier than refuelling with petrol or diesel. Also, the government needs to be able to ensure that the energy infrastructure is capable of dealing with the demands of EV charging (e.g. home charging) on a large scale, and that this will not disrupt/destabilise the grid, especially at peak times, hence the government’s consultation. This is a challenge that must be tackled soon due to legislation coming in to require all new homes and offices to have a charging point. The EV charging network market is also likely to expand, thereby providing more new opportunities for energy companies and charging network suppliers. How the situation is balanced and managed as EV ownership takes off is a critical matter for government, businesses, and individuals over the next few years.

News

Tech Insight : What Is A Solid State Battery?

In this tech-insight, we take a brief look at what solid-state batteries are, their benefits and challenges, and how why they hold a great deal of promise for use in electric vehicles in the near future.

Solid State

A solid-state battery is a battery that has solid electrodes and solid electrolytes to transfer ions from the cathode to the anode when charging (and vice versa when discharging).  This differs from lithium-ion/ lithium polymer batteries which have a liquid or polymer gel as the electrolyte.

The Benefits of Solid-State Batteries

Some of the main benefits of solid-state batteries are:

– Longer battery run time in relation to the battery size due to higher energy density.

– Safety. There’s no risk of explosion or fire, as there is with some batteries with liquid electrolytes.

– Better use of space and lower costs (compared to lithium-ion batteries) because there is no need for (fire/explosion) safety components.

– Increased battery capacity due to the better use of space, allowing for the inclusion of more active materials.

– Compact/small and light, therefore giving flexibility in where they can be used.

– Longer lifespans, plus solid-state batteries can be charged more times than lithium-ion batteries.

– Fast charging time, better performance over time, a longer life cycle, and better recycling potential than lithium-ion batteries.

Disadvantages and Challenges

Some of the disadvantages and challenges of solid state batteries include:

– Expensive to manufacture because it’s an emerging technology, so the economies of scale aren’t in place, and electrolytes are expensive to produce (and are prone to cracking).

– Uncertainty about the best chemical and atomic composition for a solid electrolyte between metallic anodes and cathodes.

– Difficult to manufacture at scale.

Applications of Solid-State Batteries

Some of the current places where solid-state batteries are used include within pacemakers, smartwatches/wearable devices, and RFID tags (in industry).

Electric Vehicles

Factors such as the high energy density per unit area (providing a higher capacity and longer run time) have made solid-state batteries a very promising prospect for the EV market, with many automobile and tech companies investing in moving solid-state technology forwards.  For example, Samsung’s Advanced Institute of Technology (SAIT) claims to have made a breakthrough in solid electrolyte technology which has enabled the size of a solid-state battery to be halved.  This could, in theory, double the range of today’s first-generation EVs on one charge. Many tech commentators are predicting that solid-state batteries may take over from lithium-ion batteries.

What Does This Mean For Your Business?

Smaller, more powerful, longer-lasting batteries that offer the promise of greater sustainability are surely an attractive prospect in many industries, particularly the emerging EV industry. All the major car companies are now committed to electric vehicle production and how well a battery performs is an important value-adding factor for motorists to consider as they buy their first electric vehicles. There are still several challenges to overcome with solid-state batteries (e.g. finding the best composition and manufacturing at scale) but momentum is now building towards making the breakthroughs that could see solid-state batteries delivering benefits in more industries.

News

Tech Tip – A Quick Look At Your Desktop

If you’re browsing the Internet or working on file in Windows 10 but you need a fast look at your desktop here’s how:

– While in a browser or working on a Microsoft Office file e.g., Word, find the tiny vertical line to the far, right hand-side of the bottom taskbar.

– Click on the line. Everything will be minimised so you can see your desktop.

– Click on the same line again to restore your Windows.

Alternatively, you can:

– Right-mouse click over the line (far right of the taskbar) and select ‘Show desktop’.

OR

– Right-mouse click over the line (far right of the taskbar) and select ‘Peek at desktop’. Clicking on it will make a checkmark will appear to its left.

– If you hover your cursor over the “Show Desktop” button, you will see a quick peek at the desktop.

News

Featured Article: Guess What Most Web Traffic Is Made Up Of?

In this article, we look at how a surprisingly large proportion of Internet traffic is made up of bots, how many of these can be ‘bad bots’, and what businesses can do to keep enjoying the benefits of good bots while guarding against the threats of bad bots.

Two-Thirds of Internet Traffic is Bots

The recent Barracuda Networks ‘Top Threats and Trends’ report found that Bots make up nearly two-thirds (64 percent) of internet traffic although other surveys have put this number closer to 50 percent.  ‘Bots’ generally refers to the software apps that run automated tasks (scripts) over the Internet, performing tasks that are simple, repetitive, and that wouldn’t be viable for humans to perform.  For example, popular bots include search engine crawlers, social network bots, aggregator crawlers, shop bots, and monitoring bots.  These could be regarded as ‘good bots’ because they serve a practical (rather than a deliberately malicious) purpose and are helpful to businesses and other Internet users.  Good bots obey the website owner’s rules (e.g. as specified in the robots.txt file to dictate what is indexed). They also publish the methods of validating them so it’s clear they’re what they say they are, and they don’t overload the websites and apps they visit.

Bad/malicious bots include, for example, Distributed Denial-of-Service (DDoS)/ botnets which use other malware-infected devices (zombies) to bombard a server with bots to the point where it becomes overwhelmed and is rendered out-of-action. Other ways in which bots are used for nefarious purposes include web and price scraping, inventory hoarding, account takeover attacks, Intelligence harvesting (for fraud), auction sniping (for last-minute bids), spam relay, click fraud, fake vulnerability scanners, and more.  Most ‘bad bot’ traffic comes from the US (67 percent) and mostly from two large public clouds (AWS and Microsoft Azure).

Percentage of Good/Bad Bots

The Barracuda Networks report, for example, suggests that 25 percent of Internet traffic is made up of good bots, but 39 percent of Internet traffic is made up of bad bots.

Worst Hit Industries

Those industries worst hit by bad bots (Imperva figures, 2020) are Telecom & ISPs (45.7 percent, Computing & IT (41.1 percent), Sports (33.7 percent), News (33 percent), and Business Services (29.7 percent).

The Challenges

One of the key challenges that all website owners have is ensuring protection is in place that can distinguish between good and bad bots (bad bots are often disguised as good) and filter out the bad ones. Also, bad bots are now increasingly prevalent because they are easily built and can be purchased for very little money.

Cost, Threats, and Damage

Bad bots can be a real threat to businesses as they can exploit vulnerabilities in (often outdated) software in your system, be used to deliver malware in a number of ways (trojans, software, email attachments), or in concentrated attacks such as DDoS.  The damage caused can be very costly to businesses in terms of damage to networks/systems, disruption of the business/business continuity, reputational damage and worse. The growth of the IoT and its vulnerabilities such as default passwords have further fuelled the popularity of bad bots.

Beating The Bad Bots

With nearly 40 percent of your web traffic being made up of bad bots, it’s important to know how to protect your business from them.  Examples of ways to keep bad bots at bay include:

– Investing in WAF/WAF-as-a-Service offerings / Web Application and API Protection (WAAP) technology. WAF means web application firewall.

– Check and make sure that chosen company security solution offers anti-bot protection.

– Use ‘machine learning’ security solutions.

– Make sure credential stuffing protection is in place.

Upstream and Downstream Traffic

Computer and Internet traffic is often categorised in different ways and the terms upstream or downstream are often used. Broadly speaking (as a basic definition), upstream traffic is that data sent from a computer or network (e.g. sending e-mails, uploading files), while downstream traffic is data received by a computer or network (e.g. traffic that’s downloaded onto your PC). For example, this could be receiving e-mail messages, downloading files, visiting Web pages, Zoom calls (data, video, and audio) and more.

One Third Human Traffic, or More?

According to the Barracuda Networks report, bots/automated traffic makes up two-thirds of Internet traffic.  This suggests that human traffic makes up the remaining third.  Other surveys provide different figures.  For example, the 8th Annual Bad Bot Report from Imperva suggests that human traffic actually made up 60 percent of all website traffic in 2020.

Monitoring and Measuring

If we accept that one-third to around one-half of Internet traffic is automated/bots, this has implications for how accurate your web analytics program and paid ad stats are.  Stats/analytic programs, therefore, tend to have known bot filtering options. For example, Google Analytics has an automatic filter for known bots and spiders (a check box in the settings). You can also set up filters for certain host-names if you notice spikes from certain sources (spikes can be a sign of bots).

What Does This Mean For Your Business?

Good bots undoubtedly save overheads and time and help to make the Internet work as smoothly as it does. However, realising that anywhere between one-third and one half of web traffic is automated (bots) and that the majority of these bots are malicious, and furthermore that this appears to be an upward trend, should make businesses want to take a closer look at just how their cyber-security defences are set up to tackle the threat of bad bots. The risk and potential costs of ignoring the fact that automated threats are likely to be constant, more sophisticated, and are being fuelled by the seemingly unstoppable growth of a less than secure IoT, and the ease by which attackers can obtain and execute bot-based attack methods should motivate businesses to make security a top priority. AI and machine learning provide some hope in identifying potential bot threats but for most businesses, as outlined above in this article, there are basic precautions that can and should be taken to protect the business right now.

News

Tech Insight : Carbon-Free Travel – What Is Hyperloop?

In this tech-insight, we look at what hyperloop technology is, how it has been tested and used to date, and whether it could be a viable form of carbon-free travel for the future.

What Is Hyperloop Technology?

First invented by mechanical engineer George Medhurst in the 18th century, the idea which became the ‘atmospheric railway’, envisioned conveying people in a vehicle along the inside of pressurised, evacuated tubes using uses differential air pressure to provide power for propulsion. This ‘hyperloop’ idea of almost frictionless travel (not touching rails) inside a tube, where huge speeds could be reached and travel times dramatically cut was the dream that formed the basis of the 1960s and 1970s ‘Hovertrain’. Although the project ended in 1975, a test version of this ‘hyperloop’ train managed to reach 104 mph in 1973, but the ‘Hypertrain’ was never put into production.

How The ‘Hovertrain’ Hyperloop Worked

The 70s Hypertrain acted rather like a land-based hovercraft that hovered on a cushion of air above a monorail-type concrete track and was propelled along by a linear induction motor (LIM) which used magnetic fields to produce thrust and, therefore, contactless (and frictionless) propulsion.

Although the focus today may be on developing a hyperloop transport method that is carbon-free as well as fast, this early Hypertrain had to use large, bulky induction motors and fans that needed to be permanently running to keep the Hypertrain in the air, therefore, making it rather environmentally unfriendly.

The Airlink Shuttle – Maglev Technology

The next use of hyperloop of note was in the Birmingham Airport AirLink shuttle (1984 to 1995) which was a train floating on magnets (known as ‘maglev’ technology), propelled along by a LIM.

Other hyperloop maglev trains have been used to connect JFK International Airport to Queens in New York City, in Shanghai, China, and in Japan in 2015, where a manned test train reached 370mph.

Elon Musk’s Hyperloop

Fast forward, and PayPal / Tesla founder, and SpaceX boss Elon musk wrote a much-publicised paper in 2013 about his idea for a “Hyperloop Alpha” travel system which could use magnetic pods levitating (using maglev) inside a tube and travelling at more than 1,000 km per hour, making it faster than a Boeing 747 jet aircraft!

Virgin Hyperloop Test

Fast forward yet further and, in November 2020, a two-seat Virgin Hyperloop prototype is reported to have travelled 500 metres, reaching 172 km per hour in only 6.25 seconds.

Challenges

There are, of course, many challenges to testing, building, and creating a new hyperloop infrastructure (underground or overground tubes, stations and more) and it could take decades to introduce a system across a country at scale.

Would Hyperloop Bring Carbon-Free Travel?

With a world climate crisis, environmental targets to reach, and the need to find a way to drastically reduce carbon emissions from industry, transport systems and more, would hyperloop offer carbon-free travel?

A recent US Department of Transportation (DOT) study, for example, estimated that Hyperloop routes could be up to six times more energy efficient than air travel (on short routes).  Also, researchers at Hamburg’s Helmut Schmidt University looked at the effects of building a 300km, (mainly solar-powered) hyperloop route for freight in Northern Germany.  They concluded that replacing thousands of road-based trucks with a hyperloop could reduce air and noise pollution, and reduce greenhouse gas emissions, as well as the knock-on benefits of reducing congestion and road accidents.

Unfortunately, the linear induction motors are used (LIM) for powering hyperloop tend to have high power consumption and are less efficient than permanent magnet linear motors.

What Does This Mean For Your Business?

The idea of creating an incredibly fast transport system for freight and passengers that could use electric motors and solar power would, of course, be hugely attractive to businesses in terms of time and cost savings (e.g. for supplies and distribution), as well as in reducing environmental impact. Fast, clean transport/travel by hyperloop could also have huge benefits for many other industries (e.g. travel and leisure) and could benefit city businesses of all kinds as cities and transport hubs would most likely be the first ones linked together. That said, there is a long way to go and many challenges to overcome before mainstream hyperloop travel becomes a reality.

News

Tech News : Google Risks Lawsuit Over Market Monopoly

It has been reported that the Justice Department (DOJ) may soon issue a second monopoly lawsuit against Alphabet Inc (Google) over its giant’s digital advertising business.

Other Lawsuit

Back in July, Google was issued with an antitrust lawsuit by 38 US states over allegations relating to how it may have been abusing its position of power in relation to Android app distribution and competition, and for (allegedly) abusing its market power to make its search engine as dominant inside cars, TVs, and speakers as it has been in phones.

This Possible New Lawsuit

Reports that a new DOJ lawsuit may be on the way seems credible since Google was sued under former Attorney General William Barr over its search business, and then faced another antitrust complaint filed with many state attorneys alleging that Google had illegally monopolised the digital advertising market.  It is claimed that Google (allegedly) reached an illegal agreement with Facebook Inc., the purpose of which was to manipulate online auctions where advertisers and website publishers buy and sell ad space.

More Lawsuits

Google has faced other lawsuits in recent times, such as when Epic Games sued the $1 trillion tech giant over the removal of Fortnite from the Play Store last year (it was also removed from the iOS App Store).

Joe Biden Big Tech Crackdown

In more potentially bad news for Google (and other tech giants), in July this year, US President Joe Biden signed a new executive order to try and crack-down on anti-competitive practices in big tech. The executive order highlights how big players in the tech sector may be using their market power to box out smaller competitors and exploit consumers’ personal information.

Criticism Over Plans To Block Cookies

Back in March, U.S. Justice Department investigators were reported to have been concerned that Google’s plans to ban some cookies in its Chrome browser (which Google said would increase user privacy) could be a way for Google to hobble its smaller rival ad companies by stopping them from tracking users.

Although Google said that it planned not to simply remove third-party cookies but to phase them out over two years (to allow time to develop workarounds that address the needs of users), businesses, publishers, advertisers and critics noted that this may give Google a couple of years in which to be in control and to dominate other advertisers even more.

What Does This Mean For Your Business?

Clearly, following on from the Trump administration’s attacks on big tech, it seems that Joe Biden is also keen to tackle the tech giants, particularly on matters relating to competition and how they may be using their market power, and how this may be adversely affecting their smaller competitors. Google, Facebook and other big advertising platforms (particularly Google), are very much in the investigation (and lawsuit) firing lines. For Google, legislation, government regulation, and lawsuits are clearly something it would like to delay and avoid, but it looks as though Joe Biden’s administration intends to keep the pressure on. For business advertisers, being able to reach as many members of their target markets in the best and cheapest way possible (maximising ROI) is the key concern, and it remains to be seen how this would be affected if anti-competition action could be and was taken. For the time being, however, using lawsuits (and the bad publicity they generate) plus the threat of regulation are likley to be the only main leverage that governments have for bringing the very powerful, wealthy tech giants to account.

News

Tech News : WhatsApp Handed Massive GDPR Fine

Following an investigation into WhatsApp Ireland Ltd, the Irish data regulator (DPC) has issued Facebook’s popular WhatsApp chat app with the second-largest GDPR fine of €225m.

Long Investigation

The eye-watering fine of €225 million follows an investigation that started way back on 10 December 2018.

Big Fine

The DPC had submitted a draft decision to all Concerned Supervisory Authorities (CSAs) under Article 60 GDPR in December 2020. After objections from eight CSAs, the DPC was able to start the dispute resolution process (Article 65 GDPR) on 3 June 2021 and on 28 July 2021, the European Data Protection Board (EDPB) decided to impose the fine on WhatsApp under Article 65(1)(a) GDPR.

..And a Reprimand

In addition to the fine, the DPC has imposed a reprimand along with an order for WhatsApp to bring its processing into compliance by taking a range of specified remedial actions.

Transparency

The DPC has said that the investigation, which led to the fine, related to WhatsApp’s GDPR transparency obligations regarding the provision of information and the transparency of that information to both users and non-users of WhatsApp’s service. This included information provided to data subjects about the processing of information between WhatsApp and other Facebook companies.

The problem with WhatsApp’s consumer services (not WhatsApp for Business), which is ‘explained’ in an 89-page document, appears to be that the descriptions of who ‘interests’ are, in relation to other business services and partners, are that they are not described in a transparent and intelligible form. In other words, it seems that the EDPB thought that WhatsApp may not have supplied enough information to users about how their data is processed, and that its privacy policies (which have been subject to several updates), may not be clear enough.

WhatsApp Says…

WhatsApp has said that it disagrees with the decision about the transparency it provided to users in 2018 and has described the penalties as “entirely disproportionate”.

Not The Only One

Even though this is a bad-break for WhatsApp, it is not the only big tech company to have found itself in trouble with data regulators.  For example, in July, Amazon received a staggering $885 million fine over data privacy, and in 2020, Twitter was fined €450,000 after a GDPR infringement.

Data Sharing For EU Users

Back in January, WhatsApp announced that in a change to its privacy policy (from February 8, 2021), users outside of Europe would have to agree to share their personal information with WhatsApp’s owner Facebook or leave the app.

An in-app notice is informing WhatsApp users of the terms of service and privacy policy changes, which were an extension of changes announced in July last year and were the result of discussions with the Irish Data Protection Commission and other Data Protection Authorities in Europe.

What Does This Mean For Your Business?

Even though one of the attractions of WhatsApp is its security and privacy, due to its end-to-end encryption, this fine indicates that there appears to have been, in 2018, a bit of grey area in terms of how user-data is processed and some of the meaning in the app’s privacy policies.  The problem appears to have been serious enough to warrant (according to the EDPB) the second biggest GDPR fine ever.  The news comes on the back of EU WhatsApp users having to accept their data being shared with Facebook (from February this year).  All this may be making WhatsApp users, particularly those who use WhatsApp for business, nervous about their privacy on the app in terms of details about their business and the passing on of their data (for targeted advertising).  Also, Facebook has faced significant trust issues with users since the Cambridge Analytica unauthorised data-sharing scandal plus having to share data with Facebook may be off-putting and may make them think about looking around for other possible secure comms apps. This fine represents some very poor publicity for WhatsApp at a time when it has been trying to compete with the likes of Snapchat and Apple, while nevertheless getting some good headlines too by announcing new features like its ‘View Once’ feature for photos and videos, and its ‘disappearing messages’ feature.

News

Tech Tip – Boost Your Security Protection In Google Chrome

With so many browser-based security threats, here’s a fast and easy way to activate 2 settings in Google Chrome browser to protect you from the popular threats of phishing and untrusted browser extensions:

– Open the Chrome browser, click on the 3 dots (top-right) and select ‘Settings’.

– Click on ‘privacy and security’ (left hand-side).

– Click on ‘Security and Privacy Centre’.

– Turn the toggles to the ‘on’ position for ‘Extension Guard’ and ‘Anti Phishing’.

News

Tech News : Microsoft Price Hikes

Microsoft has announced that from March 1st 2022, it will increase the prices of its Microsoft 365 and Office 365 subscription plans.

How Much?

Microsoft says that the price rises, which could be as much as 25 percent, will affect its commercial products in the following ways:

Microsoft 365 Business Basic, will rise from $5 to $6 per user (£3.63 to £4.36)

Microsoft 365 Business Premium will rise from $20 to $22 (£14.53 to £15.98)

Office 365 E1 will rise from $8 to $10 (£5.81 to £7.26)

Office 365 E3 will rise from $20 to $23 (£14.53 to £16.71)

Office 365 E5 will rise from $35 to $38 (£25.43 to £27.61)

Microsoft 365 E3 will rise from $32 to $36 (£23.25 to £26.15).

Microsoft points out that this will be “the first substantive pricing update since we launched Office 365 a decade ago”.

Why?

Microsoft says that the price rises reflect the increased value that it has delivered to its customers over the past 10 years. This includes its continuous re-investment in improving its products, the addition of 24 apps to its suites, the addition of 1,400 new features and capabilities. Also, four years ago, Microsoft launched 365 to bring together the best of Office, Windows, and Enterprise Mobility and Security (EMS) for its customers, and (the same year) it added Microsoft Teams as “the only integrated solution where you can meet, chat, call, collaborate, and automate business processes—right in the flow of work”.

The tech giant points to its innovative products and addition of value for customers in the three key areas communication and collaboration, security and compliance, and AI and automation as justification for next year’s price rise.

Something New Too

Microsoft is also using the introduction of its new unlimited dial-in for Microsoft Teams meetings across enterprise, business, frontline, and government suites as an extra justification for the price rises. Unlimited dial-in (available with subscription in over 70 countries and with interactive support in 44 languages and dialects) should eliminate difficulties in joining Teams meetings due to connectivity/patchy internet connection problems, thereby making it easier for users to join their Microsoft Teams meeting from virtually any device regardless of location.

What Does This Mean For Your Business?

This represents a considerable (and unwelcome) price hike for businesses in only 6 months-time, particularly for small businesses that have not been able to benefit from the bulk discounts that larger businesses have enjoyed over the years. With the Microsoft Office line being its biggest seller, bringing its revenue mostly from business customers who have used the products to help adapt to remote and hybrid working, Microsoft know that this price increase will now give a considerable boost to its revenue and profits and will allow it to expand its Office cloud business even more.