Yahoo spinout Altaba is selling its entire Alibaba stake and closing down

Bye bye, Altaba . The Yahoo spinout created to house Yahoo’s lucrative stake in Alibaba and Yahoo Japan, announced today that it will sell its lucrative stake in Alibaba and shut up shop.

The entity has long existed as a proxy to Alibaba — some might argue Yahoo was the same in its final years — and the sale is expected to net shareholders around $40 billion.

Altaba was formed following AOL’s 2017 acquisition of Yahoo to create Oath — disclaimer: that’s TechCrunch’s parent, and it is now called Verizon Media Group — to keep hold of the 15 percent stake in Alibaba and a 35.5 percent stake in Yahoo Japan that Yahoo owned.

Those Yahoo Japan shares were unloaded in September for over $4 billion, and now Altaba will shift its remaining Alibaba holdings — that’s around 11 percent of the company following a partial sale last year; Altaba is Alibaba’s second-largest stakeholder — and disappear from the world by Q4.

The sale is expected to generate a net return of around $40 billion for Altaba stockholders — the provided range is between $39.8 billion and $41.1 billion based on share prices and associated expenditure — and it’ll happen in two parts. The first will see up to 50 percent of the stake sold, the rest will be traded if Altaba receives approval from its stockholders.

Therein Altaba — and Yahoo’s long association — with Alibaba will be over. The reality is that this essentially happened following the Oath deal, Altaba was merely created to hold the asset and at some point that would mean liquidating it. That day is now confirmed and on its way.

“Since June of 2017 we have taken a series of aggressive actions designed to drive shareholder value and these have yielded measurable results as our trading discount has narrowed and our stock has meaningfully outperformed a composite of its underlying assets. The right next action for shareholders is the plan we are announcing today as it represents the most definitive step, generally within our control, that we could take to reduce the discount to net asset value at which our Shares trade,” said Altaba CEO Thomas J. McInerney in a statement.

“Stocks are for trading. Any shareholder has the right to deal stock anytime on the market, for any purpose. We’re happy to have had Yahoo invest in Alibaba in the past and to see it now collecting a strong return on its investment,” an Alibaba spokesperson told TechCrunch.

The story of Yahoo’s involvement with Alibaba is a legendary one.

Yahoo invested $1 billion for 30 percent Alibaba back in 2005 through a (now famous) story between Yahoo CEO Jerry Yang and Alibaba president Jack Ma. Ma, a former English teacher who was then a government employee, was assigned to accompany Yang on a planned trip to see the Great Wall of China and their relationship went from there.

Yahoo infamously sold half of its stake back to Alibaba in 2012 through a deal that valued the shares at $13. Just two years later, Alibaba went public in a record-breaking U.S. IPO. Shares were $68 at the bell, and today they are worth around $181 so Yahoo missed out on an even greater fortune.

Let’s block ads! (Why?)

Link to original source

Former Oath CEO Tim Armstrong is exiting Verizon with a payout worth more than $60 million

Tim Armstrong will leave Verizon Communications with an awards and benefits package worth more than $60 million. The Wall Street Journal calculated the total amount based on a securities filing from last Monday by combining Armstrong’s compensation in 2018, severance and a special incentive package he was given by Verizon when it acquired AOL in 2015. Armstrong was head of Oath (now called Verizon Media), which took a write down of $4.5 billion last year and laid off seven percent of its workforce as it struggled to compete with other digital media companies.

Oath, the company’s digital media unit, was created in 2017 by merging AOL and Yahoo, two companies acquired by Verizon Communications. (Disclosure: TechCrunch was part of AOL, then Oath and now Verizon Media).

Verizon Communications announced Oath’s $4.5 billion after-tax write down at the end of last year. It said the sum, which basically cancelled out the benefits of the merger, was due to increased competition in digital advertising and other market pressures last year had resulted in lower-than-expected 2018 results and that it expected those issues to continue.

The business unit also announced in late January that it would lay off seven percent of its workforce, or about 800 employees.

After months of rumors, Verizon Communications announced that Armstrong would be succeeded as CEO of Oath by Guru Gowrappan last September. Armstrong formally left the company at the end of 2018.

TechCrunch has contacted Verizon for comment.

Let’s block ads! (Why?)

Link to original source

EU gov’t and public health sites are lousy with adtech, study finds

A study of tracking cookies running on government and public sector health websites in the European Union has found commercial adtech to be operating pervasively even in what should be core not-for-profit corners of the Internet.

The researchers used searches including queries related to HIV, mental health, pregnancy, alcoholism and cancer to examine how frequently European Internet users are tracked when accessing national health service webpages to look for publicly funded information about sensitive concerns.

The study also found that most EU government websites have commercial trackers embedded on them, with 89 per cent of official government websites found to contain third party ad tracking technology.

The research was carried out by Cookiebot using its own cookie scanning technology to examine trackers on public sector websites, scanning 184,683 pages on all 28 EU main government websites.

Only the Spanish, German and the Dutch websites were found not to contain any commercial trackers.

The highest number of tracking companies were present on the websites of the French (52), Latvian (27), Belgian (19) and Greek (18) governments.

The researchers also ran a sub-set of 15 health-related queries across six EU countries (UK, Ireland, Spain, France, Italy and Germany) to identify relevant landing pages hosted on the websites of the corresponding national health service — going on to count and identify tracking domains operating on the landing pages.

Overall, they found a majority (52 per cent) of landing pages on the national health services of the six EU countries contained third party trackers.

Broken down by market, the Irish health service ranked worst — with 73 per cent of landing pages containing trackers.

While the UK, Spain, France and Italy had trackers on 60 per cent, 53 per cent, 47 per cent and 47 per cent of landing pages, respectively.

Germany ranked lowest of the six, yet they still found a third of the health service landing pages contained trackers.

Searches on publicly funded health service sites being compromised by the presence of adtech suggests highly sensitive inferences could be being made about web users by the commercial companies behind the trackers.

Cookiebot found a very long list of companies involved — flagging for example how 63 companies were monitoring a single German webpage about maternity leave; and 21 different companies were monitoring a single French webpage about abortion.

Vulnerable citizens who seek official health advice are shown to be suffering sensitive personal data leakage,” it writes in the report. “Their behaviour on these sites can be used to infer sensitive facts about their health condition and life situation. This data will be processed and often resold by the ad tech industry, and is likely to be used to target ads, and potentially affect economic outcomes, such as insurance risk scores.”

“These citizens have no clear way to prevent this leakage, understand where their data is sent, or to correct or delete the data,” it warns. 

It’s worth noting that Cookiebot and its parent company Cybot’s core business is related to selling EU data protection compliance services. So it’s not without its own commercial interests here. Though there’s no doubting the underlying adtech sprawl the report flags.

Where there’s some fuzziness is around exactly what these trackers are doing, as some could be used for benign site functions like website analytics.

Albeit, if/when the owner of the freebie analytics services in question is also adtech giant Google that still may not feel reassuring, from a privacy point of view.

100+ firms tracking EU public sector site users

Across both government and health service websites, Cookiebot says it identified a total of 112 companies using trackers that send data to a total of 131 third party tracking domains.

It also found 10 companies which actively masked their identity — with no website hosted at their tracking domains, and domain ownership (WHOIS) records hidden by domain privacy services, meaning they could not be identified. That’s obviously of concern. 

Here’s the table of identified tracking companies — which, disclosure alert, includes AOL and Yahoo which are owned by TechCrunch’s parent company, Verizon.

Adtech giants Google and Facebook are also among adtech companies tracking users across government and health service websites, along with a few other well known tech names — such as Oracle, Microsoft and Twitter.

Cookiebot’s study names Google “the kingpin of tracking” — finding the company performed more than twice as much tracking as any other, seemingly as a result of Google owning several of the most dominant ad tracking domains.

Google-owned YouTube.com, DoubleClick.net and Google.com were the top three tracking domains IDed by the study. 

“Through the combination of these domains, Google tracks website visits to 82% of the EU’s main government websites,” Cookiebot writes. “On each of the 22 main government websites on which YouTube videos have been installed, YouTube has automatically loaded a tracker from DoubleClick .net (Google’s primary ad serving domain). Using DoubleClick.net and Google.com, Google tracks visits to 43% of the scanned health service landing pages.”

 

Given its control of many of the Internet’s top platforms (Google Analytics, Maps, YouTube, etc.), it is no surprise that Google has greater success at gaining tracking access to more webpages than anyone else,” it continues. “It is of special concern that Google is capable of cross-referencing its trackers with its 1st party account details from popular consumer-oriented services such as Google Mail, Search, and Android apps (to name a few) to easily associate web activity with the identities of real people.”

Under European data protection law “subjective” information that’s associated with an individual — such as opinions or assessments — is absolutely considered personal data.

So tracker-fuelled inferences being made about site visitors are subject to EU data protection law — which has even more strict rules around the processing of sensitive categories of information like health data.

That in turn suggests that any adtech companies doing third-party-tracking of Internet users and linking sensitive health queries to individual identities would need explicit user consent to do so.

The presence of adtech trackers on sensitive health data pages certainly raises plenty of questions.

We asked Google for a response to the Cookiebot report, and a spokesperson sent us the following statement regarding sensitive category data specifically — in which it claims: “We do not permit publishers to use our technology to collect or build targeting lists based on users’ sensitive information, including health conditions like pregnancy or HIV.”

Google also claims it does not itself infer sensitive user interest categories.

Furthermore it said its policies for personalized ads prohibit its advertisers from collecting or using sensitive interest categories to target users. (Though saying you’re telling someone not to do something is not the same as that thing not being done. That would depend on the enforcement.)

Google’s spokesperson was also keen to point to its EU user consent policy — where it says it requires site owners that use its services to ensure they have correct disclosures and consents for personalised ads and cookies from European end users.

The company warns it may suspend or terminate a site’s use of its services if they have not obtained the right disclosures and consents. It adds there’s no exception for government sites.

On tags and disclosure generally, the Google spokesperson provided the following comment: “Our policies are clear: If website publishers choose to use Google web or advertising products, they must obtain consent for cookies associated with those products.”

Where Google Analytics cookies are concerned, Google said traffic data is only collected and processed per instructions it receives from site owners and publishers — further emphasizing that such data would not be used for ads or Google purposes without authorization from the website owner or publisher.

Albeit sloppy implementations of freebie Google tools by resource-strapped public sector site administrators might make such authorizations all too easy to unintentionally enable.

So, tl;dr — as Google tells it — the onus for privacy compliance is on the public sector websites themselves.

Though given the complex and opaque mesh of technology that’s grown up sheltering under the modern ‘adtech’ umbrella, opting out of this network’s clutches entirely may be rather easier said than done.

Cookiebot’s founder, Daniel Johannsen, makes a similar point to Google’s in the report intro, writing: “Although the governments presumably do not control or benefit from the documented data collection, they still allow the safety and privacy of their citizens to be compromised within the confines of their digital domains — in violation of the laws that they have themselves put in place.”

More than nine months into the GDPR [General Data Protection Regulation], a trillion-dollar industry is continuing to systematically monitor the online activity of EU citizens, often with the unintentional assistance of the very governments that should be regulating it,” he adds, calling for public sector bodies to “lead by example – at a minimum by shutting down any digital rights infringements that they are facilitating on their own websites”.

“The fact that so many public sector websites have failed to protect themselves and their visitors against the inventive methods of the tracking industry clearly demonstrates the educational challenge that the wider web faces: How can any organisation live up to its GDPR and ePrivacy obligations if it does not control unauthorised tracking actors accessing their website?”

Trackers creeping in by the backdoor

On the “inventive methods” front, the report flags how third party javascript technologies — used by websites for functions like video players, social sharing widgets, web analytics, galleries and comments sections — can offer a particularly sneaky route for trackers to be smuggled into sites and apps by the ‘backdoor’.

Cookiebot gives the example of social sharing tool, ShareThis, which automatically adds buttons to each webpage to make it easy for visitors to share information across social media platforms.

The ShareThis social plugin is used by Ireland’s public health service, the Health Service Executive (HSE). And there Cookiebot found it releases trackers from more than 20 ad tech companies into every webpage it is installed on.

“By analysing web pages on HSE.ie, we found that ShareThis loads 25 other trackers, which track users without permission,” it writes. “This result was confirmed on pages linked from search queries for “mortality rates of cancer patients” and “symptoms of postpartum depression”.”

“Although website operators like the HSE do control which 3rd parties (like ShareThis) they add to their websites, they have no direct control over what additional “4th parties” those 3rd parties might smuggle in,” it warns.

We’ve reached out to ShareThis for a response.

Another example flagged by the report is what Cookiebot dubs “YouTube’s Tracking Cover-Up”.

Here it says it found that even when a website has enabled YouTube’s so-called “Privacy-enhanced Mode”, in a bid to limit its ability to track site users, the mode “currently stores an identifier named “yt-remote-device -id” in the web browser’s “Local Storage”” which Cookiebot found “allows tracking to continue regardless of whether users click, watch, or in any other way interact with a video – contrary to Google’s claims”.

“Rather than disabling tracking, “privacy-enhanced mode” seems to cover it up,” they claim. 

Google did not provide an on the record comment regarding that portion of the report.

Instead the company sent some background information about “privacy-enhanced mode” — though its points did not engage at all with Cookiebot’s claim that tracking continues regardless of whether a user watches or interacts with a video in any way.

Overall, Google’s main point of rebuttal vis-a-vis the report’s conclusion — i.e. that even on public sector sites surveillance capitalism is carrying on business as usual — is that not all cookies and pixels are ad trackers. So it’s claim is a cookie ‘signal’ might just be harmless background ‘noise’.

(In additional background comments Google suggested that if a website is running an advertising campaign using its services — which presumably might be possible in a public sector scenario if an embedded YouTube video contains an ad (for example) — then an advertising cookie could be a conversion pixel used (only) to measure the effectiveness of the ad, rather than to track a user for ad targeting.

For DoubleClick cookies on websites in general, Google told us this type of cookie would only appear if the website specifically signed up with its ad services or another vendor which uses its ad services.

It further claimed it does not embed tracking pixels on random pages or via Google Analytics with Doubleclick cookies.)

The problem here is the lack of opacity in the adtech industry which requires users to take ad targeters at their word — and trust that an adtech giant like Google, which makes pots of money off of tracking web users to target them with ads, has nonetheless built perfectly privacy-respecting, non-leaky infrastructure that operates 100% as separately and cleanly as claimed, even as the entire adtech industry’s business incentives are pushing in the opposite direction.

Also a problem: Certain adtech giants having a long and storied history of bundling purposes for user data and manipulating consent in privacy-hostile ways.

And with trust in adtech at such a historic low — plus regulation having been rebooted in Europe to put the focus on enforcement (which is encouraging a cottage industry of GDPR ‘compliance’ services to wade in) — the industry’s preferred cloak of complex opacity is under attack on multiple front (including from policymakers) and does look to be on borrowed time.

And as more light shines in and risk steps up, sensitive public sector websites could just decide to nix using any of these freebie plugins.

In another “inventive” case study highlighted by the report, Cookiebot writes that it documented instances of Facebook using a first party cookie workaround for Safari’s intelligent tracker blocking system to harvest user data on two Irish and UK health landing pages.

So even though Apple’s browser natively purges third party cookies to enhance user privacy by default Facebook’s engineers appear to have managed to create a workaround.

Cookiebot says this works by Facebook’s new first party cookie — “_fbp” — storing a unique user ID that’s then forwarded as a URL parameter in the pixel tracker “tr” to Facebook.com — “thus allowing Facebook to track users after all”, i.e. despite Safari’s best efforts to prevent pervasive third party tracking.

“In our study, this combined tracking practice was documented on 2 Irish and UK landing pages featuring health information about HIV and mental illness,” it writes. “These types of workarounds of browser tracking prevention are highly intrusive as they undermine users’ attempts to protect their personal data – even when using browsers and extensions with the most advanced protection settings.”

Reached for a response to the Cookiebot report Facebook also did not engage with the case study of its Safari third party cookie workaround.

Instead, a spokesman sent us the following line: “[Cookiebot’s] investigation highlights websites that have chosen to use Facebook’s Business Tools — for example, the Like and Share buttons, or the Facebook pixel. Our Business Tools help websites and apps grow their communities or better understand how people use their services. For example, we could tell them that their site is most popular among people aged 20-25.”

In further information provided to us on background the company confirmed that data it receives from websites can be used for enhancing ad targeting on Facebook. (It said Facebook users can switch off ad personalization based on such signals — via the “Ads Based on Data from Partners” setting in Ad Preferences.)

It also said organizations that make use of its tools are subject to its Business Tools terms — which Facebook said require them to provide users with notice and obtain any required legal consent, including being clear with users about any information they share with it. 

Facebook further claimed it prohibits apps and websites from sending it sensitive data — saying it takes steps to detect and remove data that should not be shared with it.

ePrivacy Regulation needed to raise the bar

Commenting on the report in a statement, Diego Naranjo, senior policy advisor at digital rights group EDRi, called for European regulators to step up to defend citizens’ privacy.

For the last 20 years, Europe has fought to regulate the sprawling chaos of data tracking. The GDPR is a historical attempt to bring the information economy in line with our core civil liberties, securing the same level of democratic control and trust online as we take for granted in our offline world. Yet, as this study has provided evidence of, nine months into the new regulation, online tracking remains as hidden, uncontrollable, and plentiful as ever,” he writes in the report. “We stress that it is the duty of regulators to ensure their citizens’ privacy.”

Naranjo also warned that another EU privacy regulation, the ePrivacy Regulation — which is intended to deal directly with tracking technologies — risks being watered down.

In the wake of GDPR it’s become the focus of major lobbying efforts, as we’ve reported before.

“One of the great added values of the ePrivacy Regulation is that it is meant to raise the bar for companies and other actors who want to track citizens’ behaviour on the Internet. Regrettably, now we are seeing signs of the ePrivacy Regulation becoming watered out, specifically in areas concerning “legitimate interest” and “consent”,” he warns.

“A watering down of the ePrivacy Regulation will open a Pandora’s box of more and more sharing, merging and reselling of personal data in huge online commercial surveillance networks, in which citizens are being unwittingly tracked and micro-targeted with commercial and political manipulation. Instead, the ePrivacy Regulation must set the bar high in line with the wishes of the European Parliament, securing that the privacy of our fellow citizens does not succumb to the dominion of the ad tech industry.”

Let’s block ads! (Why?)

Link to original source

After more than 10 years, Flickr frees its login system from Yahoo

Oh joy, oh rapture, unsubdued, Flickr’s login is no longer tied to Yahoo. The photo-sharing platform announced today that it will roll out a new system to members over the next few weeks that doesn’t require a Yahoo ID. This is welcome news to long-time Flickr users who are still bitter over the requirement, introduced in 2007, two years after Yahoo acquired Flickr, that forced everyone to use Yahoo credentials to sign in. Flickr was acquired by SmugMug in April 2018 and since then, a new login has been “the single most requested feature by our community,” according to a post on the company’s blog.

Flickr may no longer have the same clout as it did in the pre-Instagram era, but many users (like me) have been uploading photos to it for years and still use it as an archive for images taken before smartphones became ubiquitous. The Yahoo login system, however, was a lot more tedious than it needed to be, especially if you did not use Yahoo Mail or its other services and constantly forgot your password. Two enormous data breaches of Yahoo accounts made users even more upset that they were tied into a system that they otherwise never used.

Users still have to use their Yahoo credentials until they get access to the new login process. When that happens, they will be allowed to pick a new login email address and new password. That address will be the only one used by their Flickr account for both authentication and emails from the company.

Let’s block ads! (Why?)

Link to original source

Bill Gates-backed Vicarious Surgical adds a virtual reality twist to robots in the operating room

In an operating room in rural Idaho, doctors prep a patient for surgery. They make a tiny, thumb-sized incision into the patient and insert a small robot while across the country a surgeon puts on a virtual reality headset, grabs their controllers, and prepares to operate.

While this scene may seem like science fiction now, a Charlestown, Mass.-based startup called Vicarious Surgical, is developing the technology to make that vision a reality.

The company’s co-founders, Adam Sachs and Sammy Khalifa, have been developing and refining the technology almost since they met at the Massachusetts Institute of Technology as undergraduates.

The 27 year-old Sachs said that he and Khalifa formally launched the company roughly five years ago when they graduated from MIT and have been working on it ever since.

“We’ve been working on ways to miniaturize robotics and put all of the motion of surgery into the abdominal cavity,” says Sachs. “If you put all of the motion inside the abdominal cavity you are not confined to motion around the incision sites.”

What really set the founders’ brains buzzing was the potential for combining their miniature robots with the ability to see inside the body using virtual reality headsets like the Oculus Rift.

“It wasn’t a ‘Eureka!’ moment, but more like two-or-three weeks as the vision came together,” says Sachs. “We can make robotics more human-like and virtual reality would give you that presence in the body.”

The two founders initially bootstrapped their startup and then raised a small seed round and then began steadily closing larger tranches of a rolling round from luminaries like Bill Gates through his Gates Frontier fund, Khosla Ventures, Eric Schmidt’s Innovation Endeavors, AME Cloud Ventures (investment firm from Yahoo founder Jerry Yang) Singularity Ventures investor Neil Devani and Salesforce founder, Marc Benioff.

In all, the company has raised some $31.8 million to support the development of its technology.

For Sachs and Khalifa, even though the technology was broadly applicable in areas that would yield faster results than healthcare, tackling the health market first was important, Sachs says.

A lot of people pointed out that our technology has a lot of applications. [But] healthcare for all of the reasons that people talk about really is meaningful to us,” says Sachs. “I have the luxury of being able to work on a project that’s fascinating from a technology standpoint and meaningful from a social good aspect.”

Vicarious Surgical chief medical officer Dr. Barry Greene, chief executive, Adam Sachs, and chief technology officer, Sammy Khalifa

Science and entrepreneurship runs in the Sachs family. Adam’s father, Eli Sachs, is a professor at MIT and one of the co-founders of the revolutionary three d printing company, Desktop Metal .

According to Sachs, a number of innovations in robotics has led the company to develop what Sachs calls tiny humanoid robots. 

Picture a very robotic version of a two human arms and a human head,” says Sachs. “Two robotic arms that have the same degrees of freedom and proportions of a human arms and a camera that is placed above the shoulders of the robot… it’s a few inches across.”

Using the motorized robot a surgeon can remotely control the robots movements to operate on a patient. “They can be in another room or they can be hundreds of miles away (with an excellent internet connection,” says Sachs. 

For surgeons using Vicarious’ technology the primary feedback is virtual, Sachs says. They look through the “eyes” of the robot and can look down and see the robot’s arms. “We track the surgeons’ arm motion and mimics their arms and hands. The primary feedback is to create the impression of presence of the surgeon as if they’d been shrunk down.”

Vicarious Surgical’s founders and its investors the mission is to drive down both the cost of higher impact surgeries and access to the best surgeons through remote technologies.

The market for medical robots is highly lucrative. Earlier today, Johnson and Johnson announced the $3.4 billion acquisition of Auris Health — a maker of robotic diagnostics and surgical tools. In all, estimates put the robotic surgery market at somewhere around $90 billion according to a report from Allied Market Research.

“We like to invest in things if they work they truly change the industry.. Minimally invasive surgeries and surgical robotics is definitely the future and it’s just getting started,” says Dror Berman, a managing director with Innovation Endeavors.

There were 900,000 surgeries done using surgical robotics out of a total of 313 million surgical procedures. It’s a low percentage and it’s very expensive to buy those… In general that’s not offered to the vast majority of patients. Vicarious is about democratizing that access… if it works it will open a huge market for people who can use much better procedures for much better surgeries,” Berman says. 

“One of the problems with that is that smaller hospitals can’t afford these $2 million robots,” says Sachs.  “By making the devices tiny and fitting the motion inside a patient we can expand access long-term and in smaller hospitals where a surgeon might be able to start a procedure.”

Later, as Vicarious is able to build up taxonomies of different surgical practices and methods, the hospitals could begin to automate more aspects of the procedures to the point where many of these surgeries may just be handled by the robot.

The company is currently testing its miniature robots in laboratories and would not comment on whether it was using animal subjects. Vicarious is also modeling the human abdomen and conducting as many virtual tests as possible.

The new funding, Sachs says, will take the company through its applications for the Food and Drug Administration.

“A lot of our long term vision is about growing and scaling our technology to the point where it’s accessible not just to big cities and major hospitals in the U.S. and also the small cities and towns in the rural U.S. and around the world as well,” says Sachs. “Long term it’s about the democratization of surgery that can come from surgical robotics.”

Let’s block ads! (Why?)

Link to original source