Potential threats to the free flow of GIFs continue to trouble the UK’s competition watchdog.

Facebook’s $400M purchase of Giphy, announced last year, is now facing an in-depth probe by the CMA after the regulator found the acquisition raises competition concerns related to digital advertising. It now has until September 15 to investigate and report.

The watchdog took a first look at the deal last summer. It kept on looking into 2021. And then last week the CMA laid out its concerns — saying the (already completed) Facebook-Giphy acquisition could further reduce competition in the digital advertising market where the former is already a kingpin player (with over 50% share of the display advertising market).

The regulator said it had found evidence that, prior to the acquisition, Giphy had planned to expand its own digital advertising partnerships to other countries, including the UK.

“If Giphy and Facebook remain merged, Giphy could have less incentive to expand its digital advertising, leading to a loss of potential competition in this market,” it wrote a week ago.

The CMA also said it was worried a Facebook-owned Giphy could harm social media rivals were the tech giant were to squeeze the supply of animated pixels to others — or require rivals to sign up to worse terms (such as forcing them to hand over user data which it might then use to further fuel its ad targeting engines, gaining yet more market power).

On March 25 the companies were given five days by the regulator to address its concerns — by offering legally binding proposals intended to allay concerns.

An in-depth ‘phase 2’ investigation could have been avoided if concessions were offered which were acceptable to the regulator but that is evidently not the case as the CMA has announced the phase 2 referral today. And given the announcement has come just five working days after the last notification it appears no concessions were offered.

We’ve reached out to Facebook and the CMA for comment.

A Facebook spokesperson said: “We will continue to fully cooperate with the CMA’s investigation. This merger is good for competition and in the interests of everyone in the UK who uses Giphy and our services — from developers to service providers to content creators.”

While Facebook has already completed its acquisition of Giphy, the CMA’s investigation continues to put a freeze on its ability to integrate Giphy more deeply into its wider business empire.

Albeit, given Facebook’s dominant position in the digital advertising space, its business need to move fast via product innovation is a lot less pressing than years past — when it was building its market dominance free from regulatory intervention.

In recent years, the CMA has been paying close mind to the digital ad market. Back in 2019 it reported report substantial concerns over the power of the adtech duopoly, Google and Facebook. Although in its final report it said it would wait for the government to legislate, rather than make an intervention to address market power imbalances itself.

The UK is now in the process of setting up a pro-competition regulator with a dedicated focus on big tech — in response to concerns about the ‘winner takes all’ dynamics seen in digital markets. This incoming Digital Market Unit will oversee a “pro-competition” regime for Internet platforms that will see fresh compliance requirements in the coming years.

In the meanwhile, the CMA continues to scrutinize tech deals and strategic changes — including recently opening a probe of Google’s plan to depreciate support for third party cookies in Chrome after complaints from other industry players.

In January it also announced it was taking a look at Uber’s plan to acquire Autocab. However on Monday it cleared that deal, finding only “limited indirect” competition between the pair, and not finding evidence to indicate Autocab was likely to become a significant and more direct competitor to Uber in the future.

The regulator also considered whether Autocab and Uber could seek to put Autocab’s taxi company customers that compete against Uber at a disadvantage by reducing the quality of the booking and dispatch software sold to them, or by forcing them to pass data to Uber. But its phase 1 probe found other credible software suppliers and referral networks that the CMA said these taxi companies could switch to if Uber were to act in such a way — leading to it to clear the deal.

Google tries out new ad targeting technology, PayPal adds cryptocurrency support and Substack raises additional funding. This is your Daily Crunch for March 30, 2021.

The big story: Google starts testing its cookie alternative

Google announced today that it has begun rolling out a new technology called Federated Learning of Cohorts (FLoC) in a developer trial. FLoC is meant to serve as an alternative to personally identifiable cookies (which are being phased out by Google and other platforms), with Google analyzing your web browsing behavior and grouping you with other people who have similar interests, for ad-targeting purposes.

The trial is starting out in a number of geographies, including the United States — but not in Europe, where there are concerns about compliance with Europe’s GDPR privacy regulations.

The tech giants

YouTube tests hiding dislike counts on videos — The company says it will run a “small experiment” with different designs that hide dislike counts, but not the “dislike” button itself.

Ballot counting for Amazon’s historic union vote starts today — Amazon’s warehouse in Bessemer, Alabama has become ground zero for one of the most import labor efforts in modern American history.

PayPal’s new feature allows US consumers to check out using cryptocurrency — The feature expands on PayPal’s current investments in the cryptocurrency market.

Startups, funding and venture capital

Celebrity video request site Cameo reaches unicorn status with $100M raise — Cameo has been building a good deal of steam in recent years, but it also got a major boost amidst the pandemic.

Substack confirms $65M raise, promises to ‘rapidly’ expand its financial backing of newly independent writers — Substack did not provide material new growth metrics, instead saying that it has “more than half a million people” paying for writers on its network.

NFT art marketplace SuperRare closes $9M Series A — SuperRare launched its art platform in 2018, since then it has differentiated by maintaining a closed early access platform, closely curating the art that’s sold.

Advice and analysis from Extra Crunch

The Tonal EC-1 — Remember our deep dives into the history, businesses and growth of Patreon, Niantic, Roblox, Kobalt and Unity? We’re bringing the format back with an in-depth, multi-part look at fitness startup Tonal.

Is Substack really worth $650M? — More thoughts on Substack’s finances.

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

Everything else

A trove of imported console games vanish from Chinese online stores — A handful of grey market videogame console vendors on Taobao stopped selling and shipping this week.

Applications for Startup Battlefield at TC Disrupt 2021 are now open — TechCrunch is on the hunt for game-changing and ground-breaking startups from around the globe to feature in Startup Battlefield during TechCrunch Disrupt 2021 this fall.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

Google today announced that it is rolling out Federated Learning of Cohorts (FLoC), a crucial part of its Privacy Sandbox project for Chrome, as a developer origin trial.

FLoC is meant to be an alternative to the kind of cookies that advertising technology companies use today to track you across the web. Instead of a personally identifiable cookie, FLoC runs locally and analyzes your browsing behavior to group you into a cohort of like-minded people with similar interests (and doesn’t share your browsing history with Google). That cohort is specific enough to allow advertisers to do their thing and show you relevant ads, but without being so specific as to allow marketers to identify you personally.

This “interest-based advertising,” as Google likes to call it, allows you to hide within the crowd of users with similar interests. All the browser displays is a cohort ID and all your browsing history and other data stay locally.

Image Credits: Google / Getty Images

The trial will start in the U.S., Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand and the Philippines. Over time, Google plans to scale it globally. As we learned earlier this month, Google is not running any tests in Europe because of concerns around GDPR and other privacy regulations (in part, because it’s unclear whether FLoC IDs should be considered personal data under these regulations).

Users will be able to opt out from this origin trial, just like they will be able to do so with all other Privacy Sandbox trials.

Unsurprisingly, given how FLoC upends many of the existing online advertising systems in place, not everybody loves this idea. Advertisers obviously love the idea of being able to target individual users, though Google’s preliminary data shows that using these cohorts leads to similar results for them and that advertisers can expect to see “at least 95% of the conversions per dollar spent when compared to cookie-based advertising.”

Google notes that its own advertising products will get the same access to FLoC IDs as its competitors in the ads ecosystem.

But it’s not just the advertising industry that is eyeing this project skeptically. Privacy advocates aren’t fully sold on the idea either. The EFF, for example, argues that FLoC will make it easier for marketing companies that want to fingerprint users based on the various FLoC IDs they expose, for example. That’s something Google is addressing with its Privacy Budget proposal, but how well that will work remains to be seen.

Meanwhile, users would probably prefer to just browse the web without seeing ads (no matter what the advertising industry may want us to believe) and without having to worry about their privacy. But online publishers continue to rely on advertising income to fund their sites.

With all of these divergent interests, it was always clear that Google’s initiatives weren’t going to please everyone. That friction was always built into the process. And while other browser vendors can outright block ads and third-party cookies, Google’s role in the advertising ecosystem makes this a bit more complicated.

“When other browsers started blocking third-party cookies by default, we were excited about the direction, but worried about the immediate impact,” Marshall Vale, Google’s product manager for Privacy Sandbox, writes in today’s announcement. “Excited because we absolutely need a more private web, and we know third-party cookies aren’t the long-term answer. Worried because today many publishers rely on cookie-based advertising to support their content efforts, and we had seen that cookie blocking was already spawning privacy-invasive workarounds (such as fingerprinting) that were even worse for user privacy. Overall, we felt that blocking third-party cookies outright without viable alternatives for the ecosystem was irresponsible, and even harmful, to the free and open web we all enjoy.”

It’s worth noting that FLoC, as well as Google’s other privacy sandbox initiatives, are still under development. The company says the idea here is to learn from these initial trials and evolve the project accordingly.

Ketch, a startup aiming to help businesses navigate the increasingly complex world of online privacy regulation and data compliance, is announcing that it has raised $23 million in Series A funding.

The company is also officially coming out of stealth. I actually wrote about Ketch’s free PrivacyGrader tool last year, but now it’s revealing the broader vision, as well as the products that businesses will actually be paying for.

The startup was founded by CEO Tom Chavez and CTO Vivek Vaidya. The pair previously founded Krux, a data management platform acquired by Salesforce in 2016, and Vaidya told me that Ketch is the answer to a question that they’d begun to ask themselves: “What kind of infrastructure can we build that will make our former selves better?”

Chavez said that Ketch is designed to help businesses automate the process of remaining compliant with data regulations, wherever their visitors and customers are. He suggested that with geographically specific regulations like Europe’s GDPR in place, there’s a temptation to comply globally with the most stringent rules, but that’s not necessary or desirable.

“It’s possible to use data to grow and to comply with the regulations,” Chavez said. “One of our customers turned off digital marketing completely in order to comply. This has got to stop […] They are a very responsible customer, but they didn’t know there are tools to navigate this complexity.”

Image Credits: Ketch

The pair also suggested that things are even more complex than you might think, because true compliance means going beyond the “Hollywood facade” of a privacy banner — it requires actually implementing a customer’s requests across multiple platforms. For example, Vaidya said that when someone unsubscribes to your email list, there’s “a complex workflow that needs to be executed that to ensure that the email is not going to continue … and make sure the customer’s choices are respected in a timely manner.”

After all, Chavez noted, if a customer tells you, “I want to delete my data,” and yet they keep getting marketing emails or targeted ads, they’re not going to be satisfied if you say, “Well, I’ve handled that in the four walls of my own business, that’s an issue with my marketing and email partners.”

Chavez also said that Ketch isn’t designed to replace any of a business’ existing marketing and customer data tools, but rather to “allow our customers to configure how they want to comply vis-a-vis what jurisdiction they’re operating in.” For example, the funding announcement includes a statement from Patreon’s legal counsel Priya Sanger describing Ketch as “an easily configurable consent management and orchestration system that was able to be deployed internationally” that “required minimal engineering time to integrate into our systems.”

As for the Series A, it comes from CRV, super{set} (the startup studio founded by Chavez and Vaidya), Ridge Ventures, Acrew Capital and Silicon Valley Bank. CRV’s Izhar Armony and Acrew’s Theresia Gouw are joining Ketch’s board of directors.

And if you’d like to learn more about the product, Ketch is hosting a webinar at 11am Pacific today.

Early this month Google quietly began trials of ‘Privacy Sandbox’: Its planned replacement adtech for tracking cookies, as it works toward phasing out support for third party cookies in the Chrome browser — testing a system to reconfigure the dominant web architecture by replacing individual ad targeting with ads that target groups of users (aka Federated Learning of Cohorts, or FLoCs), and which — it loudly contended — will still generate a fat upside for advertisers.

There are a number of gigantic questions about this plan. Not least whether targeting groups of people who are non-transparently stuck into algorithmically computed interest-based buckets based on their browsing history is going to reduce the harms that have come to be widely associated with behavioral advertising.

If your concern is online ads which discriminate against protected groups or seek to exploit vulnerable people (e.g. those with a gambling addiction), FLoCs may very well just serve up more of the abusive same. The EFF has, for example, called FLoCs a “terrible idea”, warning the system may amplify problems like discrimination and predatory targeting.

Advertisers also query whether FLoCs will really generate like-for-like revenue, as Google claims.

Competition concerns are also closely dogging Google’s Privacy Sandbox, which is under investigation by UK antitrust regulators — and has drawn scrutiny from the US Department of Justice too, as Reuters reported recently.

Adtech players complain the shift will merely increase Google’s gatekeeper power over them by blocking their access to web users’ data even as Google can continue to track its own users — leveraging that first party data alongside a new moat they claim will keep them in the dark about what individuals are doing online. (Though whether it will actually do that is not at all clear.)

Antitrust is of course a convenient argument for the adtech industry to use to strategically counter the prospect of privacy protections for individuals. But competition regulators on both sides of the pond are concerned enough over the power dynamics of Google ending support for tracking cookies that they’re taking a closer look.

And then there’s the question of privacy itself — which obviously merits close scrutiny too.

Google’s sales pitch for the ‘Privacy Sandbox’ is evident in its choice of brand name — which suggests its keen to push the perception of a technology that protects privacy.

This is Google’s response to the rising store of value being placed on protecting personal data — after years of data breach and data misuse scandals.

A terrible reputation now dogs the tracking industry (or the “data industrial complex”, as Apple likes to denounce it) — as a result of high profile scandals like Kremlin-fuelled voter manipulation in the US but also just the demonstrable dislike web users have of being ad-stalking around the Internet. (Very evident in the ever increasing use of tracker- and ad-blockers; and in the response of other web browsers which have adopted a number of anti-tracking measures years ahead of Google-owned Chrome).

Given Google’s hunger for its Privacy Sandbox to be perceived as pro-privacy it’s perhaps no small irony, then, that it’s not actually running these origin tests of FLoCs in Europe — where the world’s most stringent and comprehensive online privacy laws apply.

AdExchanger reported yesterday on comments made by a Google engineer during a meeting of the Improving Web Advertising Business Group at the World Wide Web Consortium on Tuesday. “For countries in Europe, we will not be turning on origin trials [of FLoC] for users in EEA [European Economic Area] countries,” Michael Kleber is reported to have said.

TechCrunch had a confirm from Google in early March that this is the case. “Initially, we plan to begin origin trials in the US and plan to carry this out internationally (including in the UK / EEA) at a later date,” a spokesman told us earlier this month.

“As we’ve shared, we are in active discussions with independent authorities — including privacy regulators and the UK’s Competition and Markets Authority — as with other matters they are critical to identifying and shaping the best approach for us, for online privacy, for the industry and world as a whole,” he added then.

At issue here is the fact that Google has chosen to auto-enrol sites in the FLoC origin trials — rather than getting manual sign ups which would have offered a path for it to implement a consent flow.

And lack of consent to process personal data seems to be the legal area of concern for conducting such online tests in Europe where legislation like the ePrivacy Directive (which covers tracking cookies) and the more recent General Data Protection Regulation (GDPR), which further strengthens requirements for consent as a legal basis, both apply.

Asked how consent is being handled for the trials Google’s spokesman told us that some controls will be coming in April: “With the Chrome 90 release in April, we’ll be releasing the first controls for the Privacy Sandbox (first, a simple on/off), and we plan to expand on these controls in future Chrome releases, as more proposals reach the origin trial stage, and we receive more feedback from end users and industry.”

It’s not clear why Google is auto-enrolling sites into the trial rather than asking for opt-ins — beyond the obvious that such a step would add friction and introduce another layer of complexity by limiting the size of the test pool to only those who would consent. Google presumably doesn’t want to be so straightjacketed during product dev.

“During the origin trial, we are defaulting to supporting all sites that already contain ads to determine what FLoC a profile is assigned to,” its spokesman told us when we asked why it’s auto-enrolling sites. “Once FLoC’s final proposal is implemented, we expect the FLoC calculation will only draw on sites that opt into participating.”

He also specified that any user who has blocked third-party cookies won’t be included in the Origin Trial — so the trial is not a full ‘free-for-all’, even in the US.

There are reasons for Google to tread carefully. Its Privacy Sandbox tests were quickly shown to be leaking data about incognito browsing mode — revealing a piece of information that could be used to aid user fingerprinting. Which obviously isn’t good for privacy.

“If FloC is unavailable in incognito mode by design then this allows the detection of users browsing in private browsing mode,” wrote security and privacy researcher, Dr Lukasz Olejnik, in an initial privacy analysis of the Sandbox this month in which he discussed the implications of the bug.

“While indeed, the private data about the FloC ID is not provided (and for a good reason), this is still an information leak,” he went on. “Apparently it is a design bug because the behavior seems to be foreseen to the feature authors. It allows differentiating between incognito and normal web browsing modes. Such behavior should be avoided.”

Google’s Privacy Sandbox tests automating a new form of browser fingerprinting is not ‘on message’ with the claimed boost for user privacy. But Google is presumably hoping to iron out such problems via testing and as development of the system continues.

(Indeed, Google’s spokesman also told us that “countering fingerprinting is an important goal of the Privacy Sandbox”, adding: “The group is developing technology to protect people from opaque or hidden techniques that share data about individual users and allow individuals to be tracked in a covert manner. One of these techniques, for example, involves using a device’s IP address to try and identify someone without their knowledge or ability to opt out.”)

At the same time it’s not clear whether or not Google needs to obtain user consent to run the tests legally in Europe. Other legal bases do exist — although it would take careful legal analysis to ascertain whether or not they could be used. But it’s certainly interesting that Google has decided it doesn’t want to risk testing if it can legally trial this tech in Europe without consent.

Likely relevant is the fact that the ePrivacy Directive is not like the harmonized GDPR — which funnels cross border complaints via a lead data supervisor, shrinking regulatory exposure at least in the first instance.

Any EU DPA may have competence to investigate matters related to ePrivacy in their national markets. To wit: At the end of last year France’s CNIL skewered Google with a $120M fine related to dropping tracking cookies without consent — underlining the risks of getting EU law on consent wrong. And a privacy-related fine for Privacy Sandbox would be terrible PR. So Google may have calculated it’s simply less risky to wait.

Under EU law, certain types of personal data are also considered highly sensitive (aka ‘special category data’) and require an even higher bar of explicit consent to process. Such data couldn’t be bundled into a site-level consent — but would require specific consent for each instance. So, in other words, there would be even more friction involved in testing with such data.

That may explain why Google plans to do regional testing later — if it can figure out how to avoid processing such sensitive data. (Relevant: Analysis of Google’s proposal suggests the final version intends to avoid processing sensitive data in the computation of the FLoC ID — to avoid exactly that scenario.)

If/when Google does implement Privacy Sandbox tests in Europe “later”, as it has said it will (having also professed itself “100% committed to the Privacy Sandbox in Europe”), it will presumably do so when it has added the aforementioned controls to Chrome — meaning it would be in a position to offer some kind of prompt asking users if they wish to turn the tech off (or, better still, on).

Though, again, it’s not clear how exactly this will be implemented — and whether a consent flow will be part of the tests.

Google has also not provided a timeline for when tests will start in Europe. Nor would it specify the other countries it’s running tests in beside the US when we asked about that.

At the time of writing it had not responded to a number of follow up questions either but we’ll update this report if we get more detail.

The (current) lack of regional tests raises questions about the suitability of Privacy Sandbox for European users — as the New York Times’ Robin Berjon has pointed out, noting via Twitter that “the market works differently”.

“Not doing origin tests is already a problem… but not even knowing if it could eventually have a legal basis on which to run seems like a strange position to take?” he also wrote.

Google is surely going to need to test FLoCs in Europe at some point. Because the alternative — implementing regionally untested adtech — is unlikely to be a strong sell to advertisers who are already crying foul over Privacy Sandbox on competition and revenue risk grounds.

Ireland’s Data Protection Commission (DPC), meanwhile — which, under GDPR, is Google’s lead data supervisor in the region — confirmed to us that Google has been consulting with it about the Privacy Sandbox plan.

“Google has been consulting the DPC on this matter and we were aware of the roll-out of the trial,” deputy commissioner Graham Doyle told us today. “As you are aware, this has not yet been rolled-out in the EU/EEA. If, and when, Google present us with detail plans, outlining their intention to start using this technology within the EU/EEA, we will examine all of the issues further at that point.”

The DPC has a number of investigations into Google’s business triggered by GDPR complaints — including a May 2019 probe into its adtech and a February 2020 investigation into its processing of users’ location data — all of which are ongoing.

But — in one legacy example of the risks of getting EU data protection compliance wrong — Google was fined $57M by France’s CNIL back in January 2019 (under GDPR but when its EU users hadn’t yet come under the jurisdiction of Ireland’s DPC) for, in that case, not making it clear enough to Android users how it processes their personal information.

Digital advertising company Kargo is launching a new product and new business unit called Fabrik.

Founder and CEO Harry Kargman explained that Fabrik is a content management system designed for publishers’ modern needs and integrated with Kargo’s advertising technology.

Kargman suggested that he sees this as part of Kargo’s broader mission of “saving publishing.” That might seem like a tall order for an ad business, but he said the company has tried to do that “by driving extraordinary ad experiences and monetization.” And yet, he’s come to realize, “That’s not enough.”

In particular, Kargman came to realize that many websites have “too much weight” and load far too slowly (to illustrate his point, he loaded the TechCrunch homepage, and it was indeed slower than I would like). This drives readers away and also has a detrimental effect on Google search rankings.

So the goal with Fabrik is to create a “lightning fast” web experience, which you can see for yourself on the OK Magazine website. Fabrik says that one of the key steps to achieving this speed is by eliminating the need for third-party trackers and plugins — in fact, Kargman described plugins as “the death of the internet” and told me he often asks publishers, “Do you want to make money, or do you want to have a lot of plugins?”

“We built it for Google’s best practices and the core Web Vitals,” added COO Michael Shaughnessy. “We’re very strategic about how we load items that would really slow us down.”

This launch comes as many publishers are exploring business models beyond advertising, such as subscriptions and memberships. Shaughnessy suggested that Fabrik is complementary to those efforts, because it’s “simplifying the foundation,” thus freeing teams to focus on new commercial initiatives.

As for the advertising side, Kargman said, “We think we’ve built our adtech directly into Fabrik in a way that there’s absolutely no reason not to use Kargo — but certainly, it doesn’t require you to exclusively use Kargo. We expect publishers to monetize their own sites, to cut branded entertainment deals, to do all the good things that they do.”

And as previously mentioned, the plan is for Fabrik to be a separate business unit under the Kargo’s corporate umbrella, with its own customers and its own CEO — Kargman said he’s talking to a potential hire, but it’s “not quite ready yet to announce.”

Ahead of another big tech vs Congress ‘grab your popcorn’ grilling session, scheduled for March 25 — when US lawmakers will once again question the CEOs of Facebook, Google and Twitter on the unlovely topic of misinformation — a coalition of organizations across the privacy, antitrust, consumer protection and civil rights spaces has called for a ban on “surveillance advertising”, further amplifying the argument that “big tech’s toxic business model is undermining democracy”.

The close to 40-strong coalition behind this latest call to ban ‘creepy ads’ which rely on the mass tracking and profiling of web users in order to target them with behavioral ads includes the American Economic Liberties Project, the Campaign for a Commercial Free Childhood, the Center for Digital Democracy, the Center for Humane Technology, Epic.org, Fair Vote, Media Matters for America, the Tech Transparency Project and The Real Facebook Oversight Board, to name a few.

“As leaders across a broad range of issues and industries, we are united in our concern for the safety of our communities and the health of democracy,” they write in the open letter. “Social media giants are eroding our consensus reality and threatening public safety in service of a toxic, extractive business model. That’s why we’re joining forces in an effort to ban surveillance advertising.”

The coalition is keen to point out that less toxic non-tracking alternatives (like contextual ads) exist, while arguing that greater transparency and oversight of adtech infrastructure could help clean up a range of linked problems, from junk content and rising conspiracism to ad fraud and denuded digital innovation.

“There is no silver bullet to remedy this crisis – and the members of this coalition will continue to pursue a range of different policy approaches, from comprehensive privacy legislation to reforming our antitrust laws and liability standards,” they write. “But here’s one thing we all agree on: It’s time to ban surveillance advertising.”

Barely more than seven months after its most recent funding announcement, Yotpo is revealing that it has raised another $230 million in a Series F round that values the company at $1.4 billion (post-money).

“Our round, in my eyes, it’s all about celebrating the future of e-commerce,” co-founder and CEO Tomer Tagrin told me. “Brands don’t need to worry about connecting the marketing stack anymore.”

Where success in traditional retail has been determined by “location, location, location,” Tagrin said e-commerce is “all about consumer attention.” To capture that attention, he estimated the average brand is using 10 to 14 different marketing applications, creating a “pretty horrible experience.” So Yotpo — founded in 2011 and headquartered in New York City — aims to provide all of a brand’s e-commerce marketing needs in a single, integrated platform.

To illustrate this, Tagrin described a marketer wanting to create a customized offer just for users who had both purchased a product in the past 90 days and left a five-star review. Yotpo allows them to do that with “just the click of a button,” whereas “that experience was just not feasible before Yotpo,” he said.

The platform currently consists of four main products — Yotpo SMS Marketing, Yotpo Loyalty & Referrals, Yotpo Reviews and Yotpo Visual UGC — which integrate with each other, as well as with e-commerce platforms such as Shopify, Salesforce Commerce Cloud, Adobe-owned Magento and BigCommerce.

Yotpo CEO Tomer Tagrin

Tagrin said Yotpo still had money leftover from the last round but it decided to raise additional money to continue investing in product and marketing, as well for strategic acquisitions. (The company acquired SMSBump at the beginning of 2020 and Tagrin said it’s “70% of the way there” towards full integration.) Among other things, the company is planning to launch new products around customer communication and measuring a customer’s lifetime value.

Yotpo also says that it has now exceeded $100 million in annual recurring revenue, with the SMS marketing product growing revenue by 170% last year, while the loyalty product saw its revenue nearly double. Big brands like Patagonia and Steve Madden use the platform, but Tagrin pointed out that it’s also used by newer direct-to-consumer businesses like Princess Polly and has 30,000 paying customers over all.

“I like to say that Victoria’s Secret will die by a thousand cuts,” he said. “These are the mini-brands … the up-and-comer brands that are going to replace the incumbents.”

Yotpo has now raised more than $400 million in total funding, according to Crunchbase. The round was led by by Bessemer Venture Partners and Tiger Global, with participation from Claltech Investment, Coin Ventures, Hanaco, Vertex Ventures, Vintage Investment Partners, Capital Group and others.

“Tiger Global has long been bullish on eCommerce as the future of retail, having invested in disruptor brands like Warby Parker and Peloton, giants like JD.com, and best-in-class SaaS companies like Stripe and Twilio,” said Tiger’s John Curtius in a statement. “We are excited by Yotpo’s approach to provide a unified marketing tech stack and the value it provides to brands and online shoppers in the process.”

Facebook is expanding its monetization options for video creators. For anyone watching videos posted by those creators, that probably means you’ll see more ads.

Facebook App Monetization Director Yoav Arnstein wrote in a blog post that creators will now be able to include in-stream ads in videos that are as short as one minute — previously, the minimum was three minutes. Those ads will usually play after 30 seconds of a shorter video.

“Looking ahead, we’re exploring in-stream ad formats that increase engagement through rewards or product interaction — intending to help content creator payouts grow while providing a good viewing experience for people and a way for advertisers to reach relevant audiences,” Arnstein wrote, adding that the company is “especially focused on short-form video monetization” and will be testing a way to include ads that look like stickers to Facebook Stories.

Facebook splits the revenue from these ads with the video creators, and it says it’s also updating the program criteria. To participate, Facebook Pages must  nowhave 600,000 minutes of viewing time across all videos (previously only videos of three minutes or longer had counted) for the last 60 days and five or more active or Live videos.

On the Live side, Arnstein wrote that Facebook is moving its in-stream advertising program out of invite-only mode, allowing creators with 60,000 minutes of Live viewing in the last 60 days to participate. And it will be investing $7 million to encourage the adoption of Stars (a virtual currency that fans can use to support creators) by offering free Stars.

Non-advertising products are also continuing their international rollout. Arnstein wrote that paid online events (launched last summer) are available in 20 countries, with plans to expand to 24 more (including Argentina, Hong Kong and Ireland) in the coming weeks, while fan subscriptions are available in more than 25 countries and will be introduced in another 10 (Austria, Belgium, Denmark, Finland, Ireland, New Zealand, Norway, Sweden, Switzerland and Turkey).

Trufan, a startup selling tools helping marketers analyze their social followings and collect audience data, announced today that it has raised a $2.3 million seed round.

Despite raising a relatively small amount of funding ($4.1 million total), Trufan has already made two notable acquisitions. First, it acquired the SocialRank product and business in 2019, allowing it to offer capabilities like showing brands their most valuable social media followers. Then last year, it acquired Playr.gg, which marketers use to run giveaways that consumers enter by providing information such as their email addresses.

Across its products, Trufan says it has more than 10,000 free users and more than 600 paying customers, including Netflix, NBA, NFL, Sony Music and United Talent Agency.

Next up, the startup plans to integrate the two main products and launch a consolidated, privacy-compliant customer data and audience engagement platform with new branding and pricing. Co-founder and CEO Swish Goswami told me that the platform should be particularly attractive as regulators introduce new privacy regulations, Apple and Google add new restrictions to ad targeting based on third-party data and as consumers become more sensitive to how their data is used.

Trufan founders Aanikh Kler and Swish Goswami. Image Credits: Trufan

“People do not want to be tracked anonymously,” Goswami said. “People do not want their data taken away, but most of those people are attracted to the idea of data sharing if they get something in exchange.”

He added that it’s particularly important for brands to build up first-party customer data given the limitations of social networks: “You can have 50 million followers, but every time you post you don’t reach 50 million people.” If you’ve got 50 million email or phone numbers, on the other hand, you might actually reach most of those inboxes or phones.

The new funding comes from Moneta Ventures, with Moneta partner Sabya Das joining Trufan’s board of directors. GP Ventures, Protocol Ventures and Athlete Technology Group also participated, as did angel investors including Innovative Fitness founder Curtis Christophersen, Utah Jazz forward Derrick Favors and Chicago Bulls forward Thaddeus Young.

“Trufan is miles ahead in recognizing and removing roadblocks in the customer data space,” Das said in a statement. “We are excited to be backing them because they truly are all-star founders with an incredible team alongside them, and we believe in their conviction and ability to solve the first-party data problem.” 

Google says it’s focusing on privacy-friendly approaches to ad targeting, Okta acquires Auth0 and a flying taxi startup raises $241 million. This is your Daily Crunch for March 3, 2021.

The big story: Google swears off ad-tracking

While Google had already announced it would be phasing out support for third-party cookies in Chrome, it went further today by declaring that “once third-party cookies are phased out, we will not build alternate identifiers to track individuals as they browse across the web, nor will we use them in our products.”

In fact, Google’s David Temkin argued in a blog post that attempts to build alternative approaches to ad-tracking will not “meet rising consumer expectations for privacy, nor will they stand up to rapidly evolving regulatory restrictions, and therefore aren’t a sustainable long term investment.” Instead, he pointed to Google technologies like its interest-based Federated Learning of Cohorts.

The tech giants

Okta acquires cloud identity startup Auth0 for $6.5B — With Auth0, Okta gets a cloud identity company that helps developers embed identity management into applications.

Netflix launches ‘Fast Laughs,’ a TikTok-like feed of funny videos — This feature (now rolling out on iOS) allows users to watch, react to or share the short clips as well as add the show or movie to a Netflix watchlist.

Facebook’s Oversight Board already ‘a bit frustrated,’ and it hasn’t made a call on Trump ban yet — Board member and former Guardian editor Alan Rusbridger implied that the binary choices the board has at its disposal aren’t as nuanced as he’d like.

Startups, funding and venture capital

‘Flying taxi’ startup Volocopter picks up another $241M, says service is now two years out — Alongside its vertical takeoff and landing aircraft, Volocopter has also been building a business case in which its vessels will be used in a taxi-style fleet in urban areas.

Identiq, a privacy-friendly fraud prevention startup, secures $47M at Series A — Identiq takes a different, more privacy-friendly approach to fraud prevention, without having to share a customer’s data with a third party.

After 200% ARR growth in 2020, CourseKey raises $9M to digitize trade schools — CourseKey’s B2B platform is designed to work with organizations that teach some of our most essential workers.

Advice and analysis from Extra Crunch

Eleven words and phrases to cut from your VC pitch deck — Weeks or even months of working on your pitch deck could come down to the 170 seconds (on average) that investors spend looking at it.

Create a handbook and integrate AI to onboard remote employees — Professionals have adapted to remote working, but the systems they use are still playing catch-up.

First impressions of AppLovin’s IPO filing — AppLovin’s filing tells the story of a rapidly growing company that has managed to scale adjusted profit as it has grown.

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

Everything else

Cables could help soft robots transform into harder structures — The sub-category of soft robotics has transformed the way many think about the field.

Dear Sophie: Can you demystify the H-1B process and E-3 premium processing? — The latest edition of “Dear Sophie,” the advice column that answers immigration-related questions about working at technology companies.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

While we’ve written about attempts to build alternatives to cookies that track users across websites, Google says it won’t be going down that route.

The search giant had already announced that it will be phasing out support for third-party cookies in its Chrome browser, but today it went further, with David Temkin (Google’s director of product management for ads privacy and trust) writing in a blog post that “once third-party cookies are phased out, we will not build alternate identifiers to track individuals as they browse across the web, nor will we use them in our products.”

“We realize this means other providers may offer a level of user identity for ad tracking across the web that we will not — like [personally identifiable information] graphs based on people’s email addresses,” Temkin continued. “We don’t believe these solutions will meet rising consumer expectations for privacy, nor will they stand up to rapidly evolving regulatory restrictions, and therefore aren’t a sustainable long term investment.”

This doesn’t mean ads won’t be targeted at all. Instead, he argued that thanks to “advances in aggregation, anonymization, on-device processing and other privacy-preserving technologies,” it’s no longer necessary to “track individual consumers across the web to get the performance benefits of digital advertising.”

As an example, Temkin pointed to a new approach being tested by Google called Federated Learning of Cohorts (FLoC), which allows ads to be targeted at large groups of users based on common interests. He said Google will begin testing FLoCs with advertisers in the second quarter of this year.

Temkin pointed out that these changes are focused on third-party data and don’t affect the ability of publishers to track and target their own visitors: “We will continue to support first-party relationships on our ad platforms for partners, in which they have direct connections with their own customers.”

It’s worth noting, however, that the Electronic Frontier Foundation has described FLoCs as “the opposite of privacy-preserving technology” and compared them to a “behavioral credit score.”

And while cookies seem to be on the way out across the industry, the U.K.’s Competition and Markets Authority is currently investigating Google’s cookie plan over antitrust concerns, with critics suggesting that Google is using privacy as an excuse to increase its market power. (A similar criticism has been leveled against Apple over upcoming privacy changes in iOS.)