Days ahead of the Italian general election, the country’s privacy watchdog has sent Facebook’s parent (Meta) an urgent request for information, asking the social media giant to clarify measures it’s taking around Sunday’s election.

The risk of election interference via social media continues to be a major concern for regulators after years of rising awareness of how disinformation is seeded, spread and amplified on algorithmic platforms like Facebook, and with democratic processes continuing to be considered core targets for malicious influence ops.

Privacy regulators in the European Union are also watchful of how platforms are processing personal data — with data protection laws in place that regulate the processing of sensitive data such as political opinions.

In a press release about its request yesterday, the Garante points back to a previous $1.1M sanction it imposed on Facebook for the Cambridge Analytica scandal, and for the “Candidates” project Facebook launched for Italy’s 2018 general election, writing [in Italian; translated here using machine translation] that it’s “necessary to pay particular attention to the processing of data suitable for revealing the political opinions of the interested parties and to respect the free expression of thought”.

“Facebook will have to provide timely information on the initiative undertaken; on the nature and methods of data processing on any agreements aimed at sending reminders and the publication of information ‘stickers’ (also published on Instagram — part of the Meta Group); on the measures taken to ensure, as announced, that the initiative is brought to the attention only of persons of legal age,” the watchdog adds.

The move follows what it describes as “information campaign” by Meta, targeted at Italian users, which is said to be aimed at countering interference and removing content that discourages voting — and involving the use of a virtual Operations Center to identity potential threats in real-time, as well as collaboration with independent fact-checking organizations.

The Garante said the existence of this campaign was made public by Meta publishing “promemoria” (memos). However a page on Meta’s website which provides an overview of information about its preparations for upcoming elections only currently offers downloadable documents detailing its approach for the US midterms and for Brazil’s elections. There is no information here about Meta’s approach to Italy’s general election — or any information about the information campaign it is (apparently) running locally.

A separate page on Meta’s website — entitled “election integrity” — includes a number of additional articles about its preparations for elections elsewhere, including Kenya’s 2022 general election; the 2022 Philippines’ general election; and for Ethiopia’s — 2021 — general election. Plus earlier articles for State elections in India; and an update on the Georgia runoff elections from the end of 2020, among others.

But, again, Meta does not appear to have provided any information here about its preparations for Italy’s General Election.

The reason for this oversight — which is presumably what it is — could be related to the Italian election being a snap election, called following a government crisis and the resignation of prime minister Mario Draghi, i.e. rather than a long-programmed and timetabled general election.

However the gap in Meta’s election integrity information hub on measures it’s taking to protect Italy’s general election from disinformation suggests there are limitations to its transparency in this crucial area — suggesting it’s unable to provide consistent transparency in response to what can often be dynamically changing democratic timelines.

The Italian parliament was dissolved on July 21 — which was when the president called for new elections. Which means that Meta, a company with a market cap of hundreds of billions of dollars, has had two months to make upload details of the election integrity measures it’s taking in the country to relevant hubs on its website — yet it does not appear to have done so.

We reached out to Meta yesterday with questions about what it’s doing in Italy to protect the election from interference but at the time of writing the company had not responded.

It will of course have to respond to Italy’s watchdog’s request for information. We’ve reached out to the regulator with questions.

The Garante continues to be an active privacy watchdog in policing tech giants operating on its turf in spite of not being the lead supervisor for such companies under the one-stop-shop (OSS) mechanism in the EU’s General Data Protection Regulation (GDPR), which has otherwise led to bottlenecks around GDPR enforcement. But the regulation provides some wiggle room for concerned DPAs to act on pressing matters on their own turf without having to submit to the OSS.

Yesterday’s urgent request to Meta for information by Italy’s watchdog follows a number of other proactive interventions in recent years — including a warning to TikTok this summer over a controversial privacy policy switch (which TikTok ‘paused’ soon after); a warning to WhatsApp in January 2021 over another controversial privacy policy and T&Cs update (while stemming from a wider complaint, WhatsApp went on to be fined $267M later that year over GDPR transparency breaches); and a warning to TikTok over underage users, also in January 2021 (TikTok went on remove over half a million accounts that it was unable to confirm did not belong to children and commit to other measures).

So a comprehensive answer to the question of whether the GDPR is working to regulate Big Tech requires a broader view than totting up fines or even fixing on final GDPR enforcement decisions.

Italy fires Meta urgent request for info re: election interference measures by Natasha Lomas originally published on TechCrunch

DocuSign announced today that it has hired Allan Thygesen as its next CEO, effective October 10. Thygesen was most recently at Google where he was president of the Americas and global partners.

He was in charge of Google’s $100 billion advertising business in the Americas, a rather significant business by any measure, and a position that should prepare him for his new job.

He joins a company that continues to lead the e-signature business, but one where the stock price has taken a significant beating, dropping 80% over the past year and 65% year-to-date.

For the most recent earnings report, the company reported healthy revenue of $622 million, a 22% increase over the prior year. This is a company on a run rate of almost $2.5 billion, certainly the bones of a healthy business.

Those stock losses, however, are numbers that make boards and investors want to take action, and former CEO Dan Springer, who had been with the company for the previous five years, stepped down in June, likely seeing the writing on the wall.

Maggie Wilderotter, who has served as interim CEO since Springer’s departure, sees Thygesen as a person with the experience to help the company move forward. “He is a customer-focused innovator with deep experience in e-commerce, the digitalization of business, and leading high-growth scale organizations. The Board believes that Allan is the right leader to help DocuSign continue to capture the massive market opportunity that lies ahead,” she said in a statement.

Certainly DocuSign is a company that is built for the digital age, removing a lot of the friction around signing and moving documents through a workflow. The company recently announced end-to-end contract lifecycle management inside of Slack. Earlier this year, it announced document signing inside of Zoom.

Both of these moves should help increase the use of the product inside popular enterprise SaaS products, and should bode well for the future of the company.

According to data from Deloitte, DocuSign is the clear e-signature market leader, with 75% market share. Competitors include Adobe Sign, HelloSign from Dropbox and Box Sign.

Wilderotter will return to her previous position when Thygessen starts on October 10.

DocuSign has hired former Google ad exec Allan Thygesen as its new CEO by Ron Miller originally published on TechCrunch

This TechCrunch Live event opens on September 28 at 11:30 a.m. PDT/2:30 p.m. EDT with networking. The interview begins at 12:00 p.m. PDT followed by the TCL Pitch Practice at 12:30 p.m. PDT.

Apply for TCL Pitch Practice by completing this application.

If you haven’t joined us before on Grip — our TCL online platform — click here to register for free and gain access to all TechCrunch Live events, including TechCrunch Live, City Spotlight, Startup Pitch Practice, Networking and other TechCrunch community events, with just one registration.

Already part of the TechCrunch Live on Grip community? Click this link to add this session to your agenda!

TechCrunch Live records weekly on Wednesdays at 11:30 a.m. PDT/2:30 p.m. EDT. Join us!

Fundraise for network access with Sapphire Ventures and Medable by Matt Burns originally published on TechCrunch

Heading into the final days of the third quarter, I am looking forward to more than just a new sheaf of data concerning venture capital flows around the world.

When September wraps, we’ll start a countdown for earnings reports from consumer-serving fintech giants, data that will help us understand present-day market appetite for trading and investing products; given the sheer number of fintech startups that touch at least a part of that operating space, we have our eyes open.

In late 2020 and 2021, companies offering consumers savings, investing and trading products were hot shit. Coinbase, Robinhood, M1 and others grew rapidly; hell, startups were born and scaled that offered other companies the ability to bake services like equity trading into their platforms!

The Exchange explores startups, markets and money.

Read it every morning on TechCrunch+ or get The Exchange newsletter every Saturday.

We all know what happened next: 2022 brought a change in market conditions and consumer interest — or, perhaps, ability — to save, invest and trade declined. This led to Coinbase, to pick a well-known entity in the consumer fintech market, rapidly flipping from impressive profits to stiff losses in the space of a few quarters. Robinhood saw its market value fall sharply, and M1 laid off staff.

A quick checkup on consumer fintech activity ahead of Q3 data by Alex Wilhelm originally published on TechCrunch

Weeks after Twitter’s ex-security chief accused the company of cybersecurity mismanagement, Twitter has now informed its users of a bug that didn’t close all of a user’s active logged-in sessions on Android and iOS after an account’s password was reset. This issue could have implications for those who had reset their password because they believed their Twitter account could be at risk, perhaps because of a lost or stolen device, for instance.

Assuming whoever had possession of the device could access its apps, they would have had full access to the impacted user’s Twitter account.

In a blog post, Twitter explains that it had learned of the bug that had allowed “some” accounts to stay logged in on multiple devices after a user reset their password voluntarily.

Typically, when a password reset occurs, the session token that keeps a user logged into the app is also revoked — but that didn’t take place on mobile devices, Twitter says. Web sessions, however, were not impacted and were closed appropriately, it noted.

Twitter explains the bug came about after a change it made last year to the systems that powered its password resets, meaning the bug has existed for a number of months undetected. To address the issue, Twitter has now directly informed the affected users, proactively logged them out of their open sessions across devices and prompted them to log in again. The company didn’t detail how many people were impacted, however.

“We take our responsibility to protect your privacy very seriously and it is unfortunate this happened,” Twitter wrote in its announcement, where it also encouraged users to review their active open sessions regularly from the app’s settings.

The issue is the latest in a long line of security incidents at the company in recent years, though it is not as severe as some in the past — like the bug reported last month that had exposed at least 5.4 million Twitter accounts. In that case, a security vulnerability had allowed threat actors to compile information on Twitter users’ accounts, which were then listed for sale on a cybercrime forum.

This past May, Twitter was also forced to pay $150 million in a settlement with the Federal Trade Commission for using personal information provided by users to secure their accounts, like emails and phone numbers, for ad targeting purposes. And in 2019, Twitter disclosed a bug that had shared some users’ location data to partners, and another which also led to user data being shared with partners. Plus, it faced an issue where a security researcher had used a flaw in the Android app to match 17 million phone numbers with Twitter user accounts.

While it’s helpful that Twitter is transparent about the bugs it finds and the fixes it makes, the company’s overall cybersecurity issues are now under increased scrutiny following the whistleblower complaint filed by its former head of security, Peiter “Mudge” Zatko in August.

Zatko alleged the company has been negligent in securing its platform, citing issues including a lack of employee device security, lack of protections around the Twitter source code, overbroad employee access to sensitive data and the Twitter service, a number of unpatched vulnerabilities, lack of data encryption for some stored data, an overly high number of security incidents, and more, as well as threats to national security.

In this context, even lesser bugs like the one disclosed this week may not be considered one-off missteps by a company, but rather yet another example of broader security issues at Twitter that deserve more attention.

Twitter discloses it wasn’t logging users out of accounts after password resets by Sarah Perez originally published on TechCrunch

Spain’s homegrown on-demand delivery app, Glovo — which since the end of last year has been majority owned by Germany’s Delivery Hero — has been fined €79 million (~$79M) for breaches of labor laws related to the employment classification of couriers, local press reported yesterday.

El Pais reported that the record sanction for the company was issued for a finding that the startup had 10,614 workers falsely classed as “autónomos” (aka self employed) in Barcelona and Valencia, after the Department of Labour found the couriers were in an employment relationship with the company.

Labor minister, Yolanda Díaz, accused Glovo of harming the rights of workers and obstructing the Department’s inspection, El Pais reported. A minute part of the fine was issued for this obstruction — with the bulk (€63.2M) pertaining to misclassified couriers working in Barcelona (where more than 8,300 riders were found to have been falsely classed as self employed), and a smaller chunk (€15.7M) issued over the close to 2,300 misclassified riders in Valencia.

The total size of the penalty was equivalent to over 13% of Glovo’s 2021 revenue, per the newspaper.

Glovo has previously been sanctioned smaller amounts for similar labor infractions following inspections in other regions in Spain, including Tarragona, Girona, Lleida and Seville.

A self employment classification means riders would not receive the full sweep of benefits provided to employees. Autónomos are also typically required to make payments to the state to contribute towards social security coverage — payments Glovo would otherwise have to make had these tens of thousands of riders been classed as employees.

Spain has seen regular protests over ‘precarious’ work on platforms like Glovo since they started operating in the country. And last year, the government passed a reform of labor laws that applies specifically to delivery couriers on platforms — aka, the Riders Law — which recognizes couriers as employees in a bid to combat bogus classifications of self-employment.

However the breaches Glovo has been sanctioned for now pre-date that law coming into force, according to Glovo.

A spokeswomen for the company sent the following statement in which it confirmed it intends to challenge the penalty:

Glovo was notified of Spanish Labour inspection proposals for retrospective social security payments and a fine of up to EUR 79 million for the years 2018 to 2021, based on the grounds that Glovo’s rider employment model during this timeframe was not legally compliant.

These inspections occurred prior to the introduction of Spain’s Riders’ Law, which is why Glovo intends to challenge the proposal and expects a judgment only in the coming years. Glovo remains fully committed to complying with Spanish labour regulations and the new Riders’ Law.

Glovo’s spokeswoman also specified that the penalty relates to inspections carried out between May 2018 and August, 11 2021. (While Spain’s Riders Law came into force on August 12, 2021.)

It also claimed that the cited amount of the fine is not final — saying it accounts for “potential Social Security contributions”, as well as penalties — implying that if it’s able to successfully challenge the Department’s assessment by convincing a court that all (or some) of these riders were not incorrectly classified it could, presumably, reduce the size of the penalty.

However Glovo has had mixed fortunes in the courts defending its model against labor classification challenges prior to the labor law reform.

In September 2020, Spain’s Supreme Court rejected its classification of delivery couriers as self employed — finding them to be in a laboral relationship with the platform. So it remains to be seen how much success it will have in trying to unpick the government’s sanction via the courts.

We reached out to the Department of Labour to ask for more details about the penalty but at the time of writing it had not responded.

The Spanish government is bullish about its labor reforms — with Díaz recently rebutting criticism in parliament from the far right Vox party by saying the country now has more workers with stable, permanent contracts than ever before.

However since the Rider Law came into force Glovo has continued to operate with self employed couriers, rather than switching all riders to employees — claiming it has adapted the model to ensure it complies. Its stance has led to complaints from rival, Uber Eats, which initially switched to a subcontractor model — but, last month, it was reported to be exploring a revised self employment model. (Deliveroo left the Spanish market entirely last year.)

Inspections of compliance with the Rider Law law clearly take time — so it could be years before any such ‘revised’ self-employment models are found to be in breach (or otherwise), leaving the platforms free to operate in the meanwhile (if under the threat of future fines).

Hence there have been calls by riders rights groups for the wording of the law to be tightened up to prevent platforms arriving at self-serving interpretations and simply kicking off fresh cycles of multi-year litigation over employment classification decisions.

At the same time, the European Union is in the process of hammering out agreement on draft legislation to establish a pan-EU framework aimed at tackling bogus self employment on digital platforms — by introducing a rebuttable presumption of employment. So free-riding gig platforms whose models depend upon swerving workers rights do look to be operating on borrowed time in the EU.

Glovo and its parent company, Delivery Hero, meanwhile, have a separate matter on their plate too — after being targeted for antitrust inspections by the European Union this summer.

It’s not clear whether the preliminary antitrust inspections will lead to a full blown investigation or not.

Glovo fined $78M for labor breaches in Spain by Natasha Lomas originally published on TechCrunch

It was around this time last year that we reported on Immunefi – one of the emerging bug bounty and security services platforms for DeFi – had raised $5.5 million in funding. Given that almost $2 billion has been lost to hacks and scams in crypto so far this year, it would seem this was a pretty low investment.

And sure enough, it was. Because Immunefi has now raised $24 million as part of its Series A. The round was led by Framework Ventures. Other investors include Samsung Next, Electric Capital, and Polygon Ventures. That bring its total now raises to $29.5 million.

Immunefi connects Web3 projects that need their code checked and secured with whitehat hackers who report vulnerabilities and claim monetary rewards. Sometimes these rewards can go as high as $10 million – somewhat unsurprising when so much crypto currency can be at stake. Most tech companies, including Apple and Microsoft, use a similar bug bounty methodology, but the practice was less well employed in Web3, in part because Hackers can sometimes be far more incentivised to steal the money rather than report the bug, especially when millions of might be dollars might be on offer.

Launched in December 2020, Immunefi says it has paid out $60 million to whitehat hackers and claims to have saved more than $25 billion in funds from being hacked.

But bug payouts in crypto have to work differently than in Web2. A $5,000 payout when $100 million in funds might be at stake is a risk is a paltry amount. So Immunefi developed a bug bounty standard which scales, to encourage projects to pay rewards for big vulnerabilities at a rate equivalent to 10% of the funds at potential risk.

This means some enormous bug bounties – such as the $10 million paid out for a vulnerability discovered in Wormhole, a generic cross-chain messaging protocol, and $6 million for a vulnerability discovered in Aurora, a bridging and scaling solution for Ethereum. This contrasts with the largest conventional bug bounty offered by Apple for $2 million.

CEO and founder Mitchell Amador said in a statement: “Open code and directly monetizable exploits have made Web3 the most adversarial software development space in the world. By shifting incentives towards whitehats, Immunefi has already saved billions of dollars of user funds. Projects across crypto are rapidly realizing that it’s better to use Immunefi than publicly begging hackers to return funds or pay a ransom. We’re using this raise to scale our team to meet this massive challenge”.

Immunefi does have competitors, however, HackerOne switched from web2 to web3, and Safeheron recently raised $7 million to make private keys safer.

Web3 bug-bounty platform Immunefi raises $24M for its Series A funding round by Mike Butcher originally published on TechCrunch

In recent years there has been a flurry of startup activity aimed at commercializing blood glucose biosensors — aka, wearable tech that was originally developed for diabetes management. These continuous glucose monitors (CGMs) transmit near real-time data on glucose levels, providing instant feedback (via a companion mobile app) on how the body metabolizes different foods or responds to lifestyle decisions around exercise and sleep.

The biowearables, which are semi-invasive — typically worn on the arm with a sensing filament inserted just under the skin — were originally developed for diabetics and pre-diabetics who have a medical need to track their blood sugar because of insulin resistance. But the startup gambit is that opening access to CGMs more generally can offer broad health utility by giving all sorts of people a dynamic window onto what’s going on with their metabolism.

Some of these startups are selling the idea that ‘biohacking’ by tracking blood glucose can help people optimize athletic performance, or configure a healthy diet and lifestyle — including weight management. But the startup strategy has often fixed on opening up the ‘data window’ first as a tactic to build product utility while they acquire (and structure) users’ metabolic and lifestyle data — tracking glucose responses to food and lifestyle inputs and, they hope, spotting positive and negative patterns that they can use to synthesize a fitness or healthy lifestyle program.

Limbo, a New York, London and Cork-based startup which is announcing a $6M seed raise today, is in this growing pack commercializing CGM tech — in its case building a subscription weight management business to target the obesity crisis. But it claims to be bringing a distinct approach with a product that’s not just a data-mining work in progress; rather, they say, the program is based on some three decades of research undertaken by one of the co-founders — chief research officer, Tony Martin, who is a physiologist and coach.

“[Martin] essentially worked out the secret of how blood glucose regulated the body and how energy in the body is mediated through blood glucose,” says co-founder and CEO, Rurik Bradbury, discussing the startup in a call with TechCrunch. “How if you control it in a certain way then you can have very dramatic weight loss results — based on biodata.”

Martin is not affiliated with any research institutions, nor has he published any scientific papers on his work so it’s private research — and results he was able to obtain using this private methodology with his own clients — that Limbo is drawing on for its product.

“The big breakthrough came over the last 5-6 years when CGMs came out… which allowed him to test a number of hypotheses,” explains Bradbury. “Both on himself and on his weight loss clients. And what he found was a number of patterns and a number of effects which he could replicate to do with the balance of different macronutrients essentially, and how the body can regulate itself if you reduce carbs and sugars.

“There’s nothing hugely secret about that — about what’s essentially a Keto[ogenic diet] type program. There are many, many different variants of it and what he did was work out the right balance for people on a more individualized basis so it could be implemented as a program with a CGM to steer them in real time.”

“Now we’ve got — kind of — the recipe for how to make this work for people as a platform as opposed to a person by person system,” he adds.

Limbo’s other co-founder — Pat Phelan, whose name may be familiar to long-time TechCrunch readers as he exited his ecommerce fraud protection startup Trustev to TransUnion for $44M back in 2015 — has also put himself through the program.

Indeed, the inspiration for Limbo began with Phelan’s personal weight loss journey — after years of jetsetting startup life had not been kind to his health. And it was in looking for help to address his obesity problem that he met Martin who suggested he try his ‘homebrew’ blood glucose tracking method with a CGMv — and then Phelan’s success with the regime (which he discusses in this video on the startup’s website) led to the trio of founders coming together to establish a startup to productize Martin’s program (with Phelan and Bradbury bringing the tech experience gleaned from years working in startups).

Limbo was founded in fall 2020 — so it’s very much a pandemic health tech startup, with the first private beta users starting on the program at the end of 2020.

Target users are people looking to lose 10-15% of their body weight, per Bradbury. While typical customers so far are 35-55 in age range.

The team doesn’t have any efficacy studies published quantifying the impact of the weight loss program by, for example, comparing Martin’s method to other weight management approaches. But Bradbury argues early results speak for themselves — with members seeing an average weigh loss of 12% after three months of use. (Phelan himself lost 36kg/81 pounds over 9 months using the prototype.)

The 12% stat was based on an initial paying cohort of 50 users. Limbo now has around 2,000, per Bradbury, who says they’re hoping to have “tens of thousand” signed up over the coming 12 months.

The program is a subscription service — costing £1,300 for three months’ access, so it’s definitely premium level pricing.

Connected hardware

As well as a supply of CGM sensors to track their blood glucose, Limbo members are sent two additional devices: A wearable wristband that tracks a range of health data (including heart rate, steps, skin and body temperature, blood oxygen); and a smart scale which can measure body fat and muscle mass in different areas of the body — so it’s triangulating a range of signals in order to assess the healthiness (or otherwise) of the user’s diet and lifestyle; and to track their progress towards their weight goals.

“We started with an off the shelf piece of tech [for the wristband]. But we have a customized one built to our specs,” says Bradbury, discussing its hardware mix. “We have the person who used to run Apple in Asia — Rory Sexton — on our board, and he was one of the first investors. And he became interested because you’ve probably seen the rumors that Apple is looking to add blood glucose to [Apple] Watches. But it’s a very tricky thing. We’ve also looked at this ourselves. And there’s lot of constraints there as far as how much power it would take and how accurate it is — I think it might be a little way off.

“But he got interested in that and we did an Apple Watch integration but the challenge with that and all the other tools out there — Fitbit and so on — is that their data resolution’s quite low. So [with our custom hardware] we’re looking every second or minute at these data points. [Whereas] Apple Watch and other wristbands tend to sample every few minutes to save power because the battery life is tricky.”

Limbo’s smart scale is also customized rather than off-the-shelf kit — and Bradbury says it is higher end than consumer smart scales (which can suffer from poor accuracy). But he also says there is less need for high resolution data for the scale (vs the wristband) since it’s mostly used to track progress over time, not for dynamic feedback on meals etc.

“We’re looking at a gradual — over the course of 3-6 months — period of shifting body fat percentage,” he says of the scale. “Obviously that usually comes down. That’s the main goal of the program. So we’re looking for a shift over time. We’re not looking for a precise, exact moment in time measurements. We’re not training, say, boxers for a fight where every ounce counts.”

The core interface for Limbo’s program is of course a mobile app — which visualizes the user’s blood glucose level (via a plotted line), tracking changes continuously; and delivers feedback and nudges to members (via push messages).

Limbo says it’s using a combination of AI-powered analysis and human coaches looking at users’ data in order to encourage positive behavioural changes, via feedback and nudges — with the overarching goal of steering users towards eating a healthier, balanced diet and away from consuming foods that spike their blood sugar. So the push is to cut back on simple sugars (carbs, processed foods etc).

The user has to do only limited data logging themselves. They’re asked to snap a picture of whatever they’re eating to log their food intake, with an optional text field to add more details. But Bradbury says adding extra detail isn’t required — because all the connected hardware enables them to rely on this tracking of the user’s biological signals to determine what post-meal feedback to provide.

So while the app might not literally know what that dark beverage you’re drinking is — or, if it looks like a cup of tea, how many sugars you might have slipped into it — the data won’t lie. If the drink contains unhealthy levels of sugar that spike your glucose the app will pick up that response in the CGM data and nudge you to drink something less sugary next time.

So the user gets continual, dynamic feedback to help them change their diet for the better.

“It’s a really interesting issue because it’s both psychological and it’s data,” says Bradbury, discussing the importance of the psychological element. “You can show people data — you can tell them stuff til you’re blue in the face but that’s different from having a psychological effect to make them behave in a different way. So the nudges are almost like extra pushes on top of the data. So if someone spikes their blood sugar it’ll push a message saying what just happened? Essentially you can’t cheat on this program.

“One of the biggest issues with other diets is compliance. That people — quote — forget they had that muffin. And no one’s the wiser except for them. Whereas you can’t cheat on Limbo. There’s automated sensing if something happened. So there’s interventions like that where the member knows they’re being watched and they behave accordingly. You can’t pull a fast one and sneak something past the system. And secondly there are educational interventions — such as the right balance of carbs and sugars and proteins and fats to eat to get to your goal.

“So that might be ‘this contained too many carbs’, ‘try to reduce sugar content in drinks’, that type of thing. Another one might be more positive: ‘Add more protein to the next meal’ or do something along those lines.”

“The idea is a coach on your arm that watches you 24/7 and steers you in the right direction,” he adds.

But don’t we already know that eating sugary processed foods is bad and leads to weight gain, and eating healthy whole, fresh foods is good for us? Why do we need an app to tell us this?

“If knowledge were enough to get someone across the finish line — we all know these things technically — then there wouldn’t be an obesity crisis. But the hard thing is that firstly a lot of people don’t know exactly what carbs and sugars are and the impact of highly processed foods which are extremely bioavailable — which spike you very quickly and directly after eating them. So there’s a lot of people who don’t really have a clear picture of what food does to them,” he suggests.

“Secondly we’ve been served myths for decades or centuries. People think that a sweet piece of fruit is good for you — they’ve been told it’s good for you. And they’ve taken it for granted. When a glass of orange juice is a cup of sugar. So these pervasive myths throw people off course. And certainly it’s the willpower thing — if you have a coach who’s watching you 24/7, who’s holding you accountable, steering you in the right direction, educating you on what’s actually happening to you inside your body it’s a very powerful crutch to help people get places.”

Myth busting without marketing

While the primary focus of Limbo’s intervention currently is around food, nutrition and diet, Bradbury notes the app will also nudge users to take some low intensity exercise — such as a post meal walk — as another tactic to “flatten the curve” (aka get glucose level back into the target zone). And he says they’re planning to put more focus on how activity affects blood glucose as they continue developing the product.

“If you eat something that has too high carb and sugar content the app will often pop up and say now would be a good time to take a [low intensity exercise] walk — so it’s not about sending people to the gym and spin class and so on. It’s much more about a smaller, more manageable amounts of exercise that complement the food choices,” he says of the current Limbo experience.

“One of the big lies that have been sold to people is that you have to go to the gym and sweat your way out of extra weight. It’s very, very hard to exercise off a poor diet,” he adds. “Or an imbalance of energy coming into the body that is expended. So most of the nudges are about food and diet.”

The priority for the seed funding is product development. “We haven’t really spent any money on marketing and we’ve let things spread by word of mouth because I think people are quite mistrustful of marketing for anything to do with diets and food — it’s a space where there’s so much snake oil sold and dodgy businesses so we’re basically just showcasing what people have done or the weight they’ve lost with this and having them spread the word themselves,” he tells us.

“So rather than spend lots of money on marketing we’re putting that into the AI, the analytics and the product side — so we’re building out teams to make the product broader. There’s lots of things we can do more on in terms of sleep and exercise. Lots of the focus is on food but they all interact with each other… so we’re building out an experience to showcase to members how those things interact in a visual way.”

Limbo is also working towards a US launch in the second half of next year, per Bradbury.

Obesity is of course a global problem so the team sees huge potential for scaling, while cautioning that they don’t want to grow so quickly they lose “the quality of individualized advice”, as Bradbury puts it.  (For a sense of scale, Limbo’s team is currently 18 people who are supporting around 2k members.)

On the competition front, while there are a growing number of CGM players seeking to tempt consumers with a glimpse of their metabolic health — indeed, even CGM maker Abbott is itself getting into the game — Bradbury argues Limbo’s approach of productizing an existing weight loss program as an app (rather than trying to develop a methodology off of CGM data) gives it an edge.

Hence he also argues that Limbo’s competition is closer to a more radical obesity intervention — like gastric bypass surgery — than what other startups are offering.

That said, US startup January AI also has a lot of research underpinning its food-response focused program, while India’s Healthify — which is due to launch a premium CGM offering in the US next year — already has years of fitness data under its belt (and the latter’s Pro offering similarly combines CGM, smart scale plus in-app coaching), to name two. So Limbo certainly isn’t the only solid-looking CGM weight loss game in town.

Asked about its pricing strategy — which is a major mark-up on most CGM competitors — Bradbury again says it’s a reflection of the proven program and accessible approach it’s offering.

“As far as we’ve seen so far all of the other companies started with the idea of well what if we could give CGMs to everyone? And then we’ll look at the data and see what we can find,” he says. “So we took the opposite approach… We’ve already done the 30 years research beforehand so we know what happens when someone wears a CGM, we know how to steer them into better choices.

“So while we look similar to some other CGM companies we’re starting from a very different position. We’re implementing a pre-existing, prescriptive program — do this, do that, do this, and you will lose weight. So that’s a very big difference in terms of the experience of the program — and people will, I think, pay for results.”

Aside from premium pricing, there is the challenge of convincing users to stick a sensor in their arm. Wearing a CGM can look daunting, given it’s a semi-invasive sensor that requires both pricking your skin and living with a filament in your arm for weeks at a time, but Bradbury says the team hasn’t — so far — had a problem getting people to get comfy with biowearables.

He suggests target customers are simply so motivated to achieve their weight loss goals — and so tired of trying diets that are miserable and haven’t helped them — that they’re happy to try something different where they get to see data and track their results, even if it means getting comfortable with firing a gadget into their arm every two weeks.

Still, the first 2,000 or so Limbo members may be especially motivated due to repeat failure to shift weight other ways. So it will be interesting to see whether its early adopters are outliers in being so easy for it to onboard, i.e. owing to having stubborn weight issues — and whether broader scaling will be more challenging.

Limbo’s price-point is certainly one hard limit.

On the other hand, the lure of real-time health data is undoubtedly powerful — and if its method of bite-sized insights plus wraparound support which does the hard work by translating sometimes confusing metabolic signals into simple actions people can take to improve their lifestyles then it’s easy to imagine big appetite for a smart but simple diet tool.

“A lot of people start the program and it’s not for 3-4 weeks that their blood sugar ever gets into the standard zone — and that’s because for the 10-15 years prior they were eating carbs and sugars so often and so much that their body systems were beaten down and overwhelmed and they were constantly fighting to lower the sugar but with insulin resistance and so on they couldn’t do it,” says Bradbury of Limbo’s experience with early members. ” But after 3-4 weeks with an intense [effort] in pushing you’ll find that that member gets into the ‘blue’ for the first time.

“What the system really is is letting people conscientiously engage with their bodies — and that’s something that’s almost impossible with food because you can’t just put your finger on your pulse and measure your blood glucose… So if we can visualize this for people and coach them on what they see it can have a big effect.”

“It’s a virtuous cycle we try to set up for them,” he adds. “You’ll see a bad result if you have a[n unhealthy] snack and then you’ll know that’s going to happen. So, over time, people unwind those snacking habits. It’s also the effect of them seeing what is happening inside their body. You can eat a cookie or a muffin or something and you can ignore it. But when you see it in front of you in the app — this spike happening and the crash afterwards — it’s a very different thing [vs the traditional experience of dieting] in terms of a feedback cycle, a feedback loop to change your decision next time.”

Limbo’s seed round is led by Hoxton Ventures. Other backers include (the former NBA basketball player) Shaquille O’Neal, Seedcamp, (former Apple exec) Rory Sexton, (rugby player) Jamie Heaslip, and co-founders at a number of tech firms including Intercom, PCH International, Yelp, Voxpro, and Web Summit.

Limbo is tackling obesity with a pair of wearables and decades of physiology by Natasha Lomas originally published on TechCrunch

As antitrust regulators around the world dial up scrutiny of platform power, Mozilla has published a piece of research digging into the at times subtle yet always insidious ways operating systems exert influence to keep consumers locked to using their own-brand browsers rather than seeking out and switching to independent options — while simultaneously warning that competition in the browser market is vital to ensure innovation and choice for consumers and, more broadly, protect the vitality of the open web against the commercial giants trying to wall it up.

Mozilla is not a bystander in the browser arena, as it of course developers the Firefox browser and the Gecko engine that underpins it. But it’s a non-profit, free software developer, rather than a commercial player. It also remains the underdog in market share terms — with the market being dominated by Google’s Chrome browser and Apple’s Safari (especially on mobile); and by the technical infrastructure the pair develop via their respective Blink and Webkit browser engines. Just those three browser engines (Blink, Webkit, and Mozilla’s Gecko) are the only ones left in play — powering all browsers available to consumers. (Microsoft’s Edge, for example, runs on Google’s Blink).

Perhaps the most striking thing about Mozilla’s report is how unexceptional most of its conclusions are.

It’s hardly news that Google bundles Chrome with Android and Apple preloads Safari on iOS and that most mobile users won’t bother changing those defaults — especially as neither mobile platform makes it easy to switch default browser, even as their brand name familiarity exerts its own stickiness discouraging consumers from seeking out smaller, less well known alternatives.

Nor is it a news flash that Windows-maker Microsoft bundles its own Edge browser on desktops running its operating system. Although some of the sneaky tactics it uses to promote its browser to users and actively discourage the downloading of alternatives might be new if you’re not a regular Windows user. (Examples cited in the report include a “recommended browser settings” pop-up which pushes consumers to pick Edge as their default browser by deploying messaging that implies the pre-selected choice is a necessary setting for security; or the tech giant actively targeting Firefox users with an ad for Edge that appears as “suggested” content in the Windows start menu, alongside the message “Still using Firefox? Microsoft Edge is here”.)

But the visibility and extent of operating system lock-ins — combined with increasingly low diversity in browser engine technology — should act as a wake up call to regulators, galvanizing the case for intervention.

The UK’s Competition and Markets Authority signalled recently it’s intending to probe Apple and Google market power in mobile browsers, after taking a deep dive look at the mobile market, so scrutiny around browsers does look to be — finally, tardily — on the rise.

“Billions of people across the globe are dependent on operating systems from the largest technology companies. Amazon, Apple, Google, Microsoft and Meta each provide their own browser on their operating systems and each of them uses their gatekeeper position provider to preference their own browsers over independent rivals. Whether it is Microsoft pushing Firefox users to switch their default on Windows computers, Apple restricting the functionality of rival browsers on iOS smartphones or Google failing to apply default browser settings across Android, there are countless examples of independent browsers being inhibited by the operating systems on which they are dependent,” Mozilla writes in a summary of its findings. 

“This matters because American consumers and society as a whole suffer. Not only do people lose the ability to determine their own online experiences but they also receive less innovative and lower quality products. In addition, they can be forced to accept poorer privacy outcomes and even unfair contracts. By contrast, competition from independent browsers can help to drive new features, as well as innovation in areas like privacy and security.”

Firefox gets a privacy boost as Total Cookie Protection becomes the default for all users

US consumers stuck on defaults

One perhaps (more) surprising finding from the report — which is entitled Five Walled Gardens: Why Browsers are Essential to the Internet and How Operating Systems Are Holding Them Back — is that US consumers were found to be among the most affected by pre-installations and defaults across the five markets Mozilla’s researchers looked at.

For the report, Mozilla conducted a survey of more than 6,000 people in five markets (the US, UK, France, Kenya and India) to learn about attitudes and preferences to web browsers and search engines — and generally found what it describes as a “complex” picture, with many people expressing confidence in having a wide choice of browsers and saying they knew how to install a browser but a similarly large proportion not actually thinking about the browser or search engine they use and many never changing defaults or installing an alternative browser.

“The research showed that U.S. respondents were the least likely to know how to install browsers across desktop/laptop and smartphone devices. They were also among the least likely to know how to change default browser settings and the least likely to actually do so on desktop/laptops computers,” it writes in a summary of its findings. “Between one third and one quarter of U.S. respondents reported being uncomfortable or ‘very uncomfortable’ with downloading and installing or changing the default browser on their device. We know from this data that people who were less comfortable with downloading browsers and changing defaults were significantly less likely to do so.”

Table from Mozilla Survey Study: The Installation, Use, and Personalization of Web Browsers, 2022

“These findings point to the importance of operating systems offering consumers clear and easy routes for American consumers to change their software and select alternatives. However, in reality, operating system providers have the ability and incentive to preference their own browsers; we found many examples of them using dark patterns and negative design practices to undermine consumer selection of independent browsers,” Mozilla adds.

The report looks timely given rising FTC attention to dark patterns — with a recent report by the US regulator warning firms against using deceptive design tactics to, for example, trick consumers into sharing data. (Another of the egregious Microsoft examples cited in Mozilla’s report is a Windows 10 setup screen that users a “time pressure” tactic to push users to accept sweeping Microsoft data-sharing defaults at the point of set-up — with the pre-selected “express setting” that’s being recommended by Microsoft meaning users who accept it are agreeing to send Microsoft and unknown third parties (“trusted partners”) their location, location history and ad ID, as well as sending browsing data to Microsoft.)

Citing other recent research on negative online choice architecture (OCA), Mozilla highlights the case for regulation to focus on mild or subtle uses of dark patterns — which were found to be much more likely to be effective than more aggressive ones which tend to generate a powerful customer backlash.

“OCA is a neutral term; there is of course nothing inherently wrong with companies marketing their services. However, where these marketing messages are in fact deceptive design practices used by powerful platforms to undermine consumer choice and prevent switching away from their affiliated browsers, it harms competition and ultimately consumers,” Mozilla adds in the report. “Similarly, companies are and should be free to build their brands. But where branding is used by gatekeeper operations systems alongside negative OCA, or brands are built and promoted using harmful design practices, it also leads to consumer harm.”

Mobile sameness and sludge

Mobile browsers were found to be particularly sticky and prone to consumers not switching, with Mozilla noting that combined factors of pre-installation satisfaction, utility, lack of differentiation and inertia meaning consumers are “even less likely to seek out alternative mobile browsers that may better suit their needs, align with their values or offer more privacy and security”.

“The experience of mobile browsers as basic utilities and the perceived lack of differentiation among them mean that the browser that comes pre-installed on a device is at a huge advantage,” it writes in the report. “This benefits the operating system and not necessarily the consumers. Many people are hesitant to switch to a new browser because they quickly become accustomed to their pre-installed browser and do not have a strong incentive to seek out an alternative, or may be hindered from discovering one. This conditioning of consumer behavior over a long period of time means that moving away from a satisfactory pre-installed browser is an active choice that takes some amount of cognitive effort. If people are busy or if the process is too confusing, people put off making a change or decide not to make it all. For many people, it is easier to simply continue with the status quo or put off the decision for a later time.”

The report also throws up an interesting link between desktop and mobile browser use — with Mozilla saying that “nearly all” users of Firefox’s (alternative) mobile browser also using Firefox on their desktop computers.

“Our research shows that in the U.S. less than 6% of people who use a desktop browser other than Firefox report using Firefox on their smartphone,” it notes. “This suggests that the more people use Firefox or another alternative browser on their desktop computer, the more likely they may be to try that browser on their mobile device.”

That in turn implicates Microsoft’s aggressive promotion of its own browsing software to Windows users — and especially the anti-Firefox messaging it injects into its desktop OS — as contributing to reducing Firefox’s share of the mobile browser market (despite Microsoft not having a mobile platform in play these days).

However it’s clear there are a combination of factors making competing on mobile especially tough going for indie browser makers. And the report underlines how the mobile space is challenging on account of it being a more tightly controlled and/or integrated (and branded so bundled) experience than desktop OSes. 

Google, for example, uses contract restrictions with OEM partners to maximize the proportion of Android devices that come with own-brand services such as its Chrome browser preloaded, despite Android being open source. (And the tech giant has of course got into antitrust hot water over some of these restrictions — such as in the EU, where it has been forced to offer a choice screen promoting search engine rivals).

However consumer familiarity (and comfort) with Big Tech products can clearly work in lock-step with lock-ins — albeit, again, platforms may well seek to shape that outcome by actively over-selling integration benefits through suggestive messaging (and/or by creating friction for alternatives).

“Our research shows that many consumers have a perception that Chrome is the browser that works best on Android phones, and that products from the same company will perform better together (e.g. Gmail will work better in Chrome),” notes Mozilla — pointing to Google’s use of such messaging as part of its “cross-product promotion” as one example.

“It is also closely linked to web compatibility issues and the extent to which operating system providers restrict or allow interoperability of third party browsers, including accessing the same features and APIs afforded to their own browsers,” it goes on, also critically discussing Apple banning alternative browser engines from its App Store which limits differentiation for competing with Safari since rivals must also develop on Webkit (which, historically, slowed down their ability to compete and continues to restrict how much difference they can offer).

“Feature development remains at a standstill for alternative browsers on iOS because Apple — in control of both the browser engine and operating system — does not make available to rivals some of the necessary APIs and functionality, thereby limiting differentiation.”

Choice undermined

Mozilla’s report also highlights instances where even where a consumer has succeeded in selecting an alternative browser as their default, a platform may still revert to a self-serving choice — bypassing their election to resurface their browser in certain circumstances, such as when performing a ‘lookup’ after selecting text in iOS (which it notes “would historically always open web search results in Safari, regardless of which default browser is selected by the user”); or opening up a web link in the Windows search bar or icon — which opens Edge (“again regardless of the default browser setting; or using the search widget on Android — which “will always open results in a Google browser”.

“This demonstration of OCA highlights just some of the practices used by operating systems to preference their own browsers and undermine consumer choice. Lawmakers and policymakers in some countries have started to take action against deceptive patterns to protect consumers. And others have begun to address the lack of effective competition in digital markets, including through introducing regulation. However, very few have recognized the connection between these issues and the importance of browser competition, or studied the role of OCA practices as a way to implement (or thwart) consumer choice and welfare,” Mozilla argues.

“We believe that if people had a meaningful opportunity to try alternative browsers, they would find many to be compelling substitutes to the default bundled with their operating system. These opportunities have been suppressed for years through online choice architecture and commercial practices that benefit platforms and are not in the best interest of consumers, developers or the open web. It is difficult to underestimate the impact of years of self-preferencing and undermining consumer choice, including its effect on consumer behavior. It is also difficult to estimate the disruptive innovation, alternative products and features, and the independent competitors which have been lost as a result of these practices.”

Mozilla’s report does not go into specific recommendations for regulatory interventions to force platforms to “do better for consumers and developers”, as it puts it — as it says it plans to publish further work on remedies in the coming months — but it urges lawmakers to act to prevent “further harm to consumers from continued inaction and competitive stagnation”.

“As these companies have so far failed to do better, regulators, policymakers and lawmakers have spent considerable time and resources investigating digital markets. They should therefore be in a good position to recognize the importance of browser competition and to act to prevent further harm to consumers from continued inaction and competitive stagnation,” it suggests.

“We call on them to enforce the laws which already exist and the laws and regulations which will soon come into force. And where existing laws and regulations are lacking, we call for them to be introduced and their importance for the future of the internet to be highlighted. Regulators, policymakers and lawmakers in many jurisdictions can take this moment to create a new era in the internet’s story — one in which consumers and developers benefit from genuine choice, competition and innovation.”

As noted above the EU has taken antitrust enforcement action in relation to Google’s Android contract restrictions that has led to a choice screen being offered to users in the EU — at least for default search engine. However Mozilla’s report is generally dismissive of existing remedies that have featured online choice architecture and software design, arguing: “The remedies that have so far been deployed have had many limitations and have largely failed.”

Its conclusion is backed up by the lack of a meaningful shift in Google’s market share for search on mobile in Europe — where it holds a 96.6% market, which is a drop of only 0.3% since 2018 when the Commission fined the company $5BN and ordered it to case infringing consumers, as not-for-profit Google alternative, Ecosia, recently pointed out.

Google rival DuckDuckGo has also called for regulators to go much further in regulating choice screen remedies — arguing in recent years that the design and integration of such tools must enable a truly ‘one-click’ and universally accessible experience if they are to actually move the competition needle against ingrained platform power.

Google fails to overturn EU’s €4BN+ Android antitrust decision

The Web Foundation is taking on deceptive design

Mozilla urges action to unpick platform browser lock-ins by Natasha Lomas originally published on TechCrunch

It was back in 2019 that we reported on Visionaries Club, a new, Berlin-based, European VC focusing on B2B, founded by Sebastian Pollok and Robert Lacher. At the time, Visionaries Club had launched two new €40M micro funds for seed and growth-stage B2B.

Pollok was previously a VC at e.ventures in San Francisco and also founded Amorelie, which exited to Pro7Sat.1 Media Group. Lacher was previously a founding partner of La Famiglia, an early investor in FreightHub, Coya, Asana Rebel, OnTruck and Personio.

Visionaries Club has now announced a second B2B-focused fund, with a new €150m Seed Fund and €200m ‘Early Growth Fund. It’s so far invested in companies such as Personio, Miro, Choco, Xentral, Truelayer, Vay, Taxdoo, Yokoy, Pigment, Leapsome and Gtmhub, alongside VCs such as Sequoia, Accel, Index, Lightspeed or Bessemer.  

In a statement, Lacher said: “We are extremely proud and humbled that more than 20 of our founder LPs are founders we have backed in the past, that now reinvest their private money into our funds such as Hanno Renner (Personio), Jenny Podewills (Leapsome), Daniel Khachab (Choco), Christian Reber (Pitch / Superlist) or the founders of Taxdoo and Insify.”

The fund essentially operates as a micro-VC fund, which means it can lead, and co-lead Seed investment deals, co-investing alongside larger, multistage VC funds in Early Growth stage (Series B) deals.

It’s also launching the Visionaries Club science-driven, €50 million ‘Tomorrow Fund’ to back science-driven startups at the Pre-Seed and Seed stage.

Additionally, Sahar Meghani and Marton Sarkadi Nagy have been promoted to Partners.

London-based Meghani will take a lead role in managing the new Growth Fund, while Sarkadi Nagy will take a lead on the seed fund activities.

Berlin’s Visionaries Club VC boosts its funds with €400M worth of fresh capital for B2B investments by Mike Butcher originally published on TechCrunch

Companies are facing hundreds of millions of dollars in fines these days for failing to comply with data protection and data privacy rules, and that’s driving wave of organizations, and their users, to get more serious about data protection. One of the byproducts of that has been the emergence of new technology to meet that increase in activity.

DataGuard is a Munich-based startup that has leaned into the SaaS-based business model to provide privacy, information security and other data protection as a series of on-demand, cloud-based “as-a-service” tools to small and medium-sized businesses, and today it’s announcing that it has secured $61 million in a Series B round of funding led by Morgan Stanley Expansion Capital to double down on the market.

The investment also includes One Peak, the U.K. VC that led DataGuard’s last fundraise of $20 million in 2020, the startup’s first-ever outside funding. Bastian Nominacher (co-founder / co-CEO of Celonis), Hanno Renner (co-founder / CEO of Personio) and Carsten Thoma (founder of Hybris) are also participating

DataGuard is not disclosing its valuation. But as another marker of how it is doing, despite the wider contraction that we’ve seen in the tech sector, this startup continues to grow. It now has more than 3,000 customers across 50+ countries, and they in turn are providing tools that cover over 40 million individual users — employees, customers, and other stakeholders. This is triple the 1,000 customers it had in 2020. While DataGuard doesn’t disclose specific revenue numbers, it says that revenues have also grown, some 10x in the last year. Its definition of SMB is somewhat fluid and includes bigger mid-market end users: the customer list includes familiar names like Canon, Hyatt, and Unicef.

DataGuard provides a range of tools across privacy, information security and compliance that can assess the different ways that data is being used by an organization. It analyzes this data to determine whether a company is compliant with various certifications (for example, GDPR, CCPA, ISO 27001, TISAX, or SOC 2); and if not, what it needs to do to become compliant.

The basic idea behind DataGuard is that while larger enterprises might have teams of in-house staff — lawyers, engineers and data scientists — working to monitor, implement and adjust that org’s data protection, privacy and compliance policies (a strategy that, even with lots of people and budget piled on it, often still goes wrong); smaller organizations might have less human resources but just as big of a task to grapple with.

Its target audience, said Thomas Regier (above, left, who is co-CEO and co-founder with Kivanc Semen, right), are “those with maybe just one IT security person,” who may be a specialist in network security but not data security. Some of its customers, he added, may not have in-house security experts at all: the task of how to make sure data protection is implemented legally and soundly falls to, say, a marketing team: that’s because online interactivity with individuals is one of the key areas that data protection is meant to cover, so in some cases, it’s those using that data who might be tasked with making sure it’s being done correctly.

“We’ve built this for civilians,” he said.

To be sure, marketing — specifically interfaces for cookie and data consent related to marketing and “analytics” — has for many of us been the most obvious face of data privacy and protection over the last several years. Spurred by GDPR and other regulations, we now see those consent windows daily, and many a company has lamented about how the popularity of “reject all” has impacted the bottom line. And the big headlines we’ve read about data protection violations tend to be about the same: in one example from just earlier this month, Instagram was fined more than $400 million for misusing children’s data under GDPR rules in Europe.

But Regier says that these days, added to this are additional pressures beyond the very bad publicity companies get from fines investigative exposés in the media:

“Marketing is a huge piece of the puzzle, but the second part is that companies are protecting their customers’ data,” he said. “They need to shore that up. They have no choice because if they don’t they will now lose those customers. It’s moved beyond the fig leaf and goes to the core of the business.” With that, cyber insurance premiums have shot up, another sign of how businesses are financially impacted when they don’t implement strong security and data protection. (Debatable whether those premiums are effective for other reasons, however.)

The third important driver DataGuard is seeing among its customers is commercial pressure. That is, organizations are now getting more proactive in vetting partners to make sure that they are being responsible, both on a proactive and reactive basis when something does go wrong.

Interestingly, using mechanics that sound remarkably similar to how data brokers themselves operate, DataGuard can also see how a company’s data might be used by third parties and customers, to determine where it might not be compliant, or conversely alert those third parties in the event that any data has been compromised. Getting that bigger picture is becoming increasingly important as part of the vetting process that companies go through when they work on procurement deals, which underscores that it’s not all about making sure that, say, the business-critical nature of the work.

The compliance piece of the business, is a newer area, but one that the company will be using some of this investment to continue developing. It potentially also opens the door to DataGuard providing similar services to vet more aspects of security and data protection, such as when it crosses over into data networking and endpoint management.

That, plus the fact that DataGuard has grown as much as it has with so little outside funding, are all reasons why investors have been knocking.

“Data privacy, information security and compliance are areas of increasing focus for regulators, enterprises and consumers globally at a time when the quantity of sensitive data that businesses must process in order to operate is growing exponentially,” said Lincoln Isetta, MD of Morgan Stanley Expansion Capital, in a statement. “It is clear from our diligence that DataGuard’s unique, all-in-one platform allows customers to move beyond simple ‘check-the-box’ compliance, information security and data privacy practices and instead manage data as a competitive differentiator. We are thrilled to be joining the DataGuard team and look forward to helping them build on their success.”

“DataGuard has seen strong growth since our initial investment which speaks to the drive and execution capabilities of the founders and their leadership team. DataGuard has helped create a new category that is both extremely sizeable and business critical,” added David Klein, managing partner at One Peak, and Christoph Mayer, partner, in a joint statement. “Over the next decade, companies will invest tens of billions of dollars into compliance and security to become and remain trusted partners. We were the first institutional investor in DataGuard back in 2020, and we are thrilled to be doubling down on our investment to support the Company in further accelerating its growth trajectory and expanding its geographical reach.”

DataGuard locks down $61M for data protection as a service by Ingrid Lunden originally published on TechCrunch

Keeping up with tax compliance for cryptocurrency can be tricky, especially since many laws are new (or haven’t been written yet). That’s why Binocs was founded. Users integrate their exchanges and wallets, and Binocs provides a tax report and other accounting details. The startup announced today that it has raised $4 million to expand in markets like the United States, United Kingdom and Australia. The round was led by BEENEXT and Arkam with participation from Accel, Saison Capital, Premji Invest, Blume and Better Capital.

Founded in May 2022 by Tonmoy Shingal and Pankaj Garg and based in Bangalore, Binocs currently has over 1,000 users, including retail and institutional investors who need to perform forensic accounting and risk management. Binocs is currently tax compliant in the U.S., U.K., Australia, South Africa and India, with plans to add more markets next month. Part of the funding will be used for product development and Binocs’ go-to-market teams for retail and institutional investors.

Binocs can provides tax report in less than 30 minutes. It also tracks return on investment, profits and losses and capital exchanges, as well as taxes for derivatives, lending and borrowing across CeFi and DeFi. The app can give users details on fees and tax deducted at source already paid on transactions so they understand how much taxes they need to pay.

Binocs founders Tonmoy Shingal and Pankaj Garg

Shingal told TechCrunch that Binocs is meant to be a bridge connecting transactions on the blockchain to the “web2 equivalent compliance world,” especially as the number of coins, exchanges, types of trade and DeFi protocols increase.

There are currently about 300 million crypto users, and that is expected to hit about 1 billion by the end of this year.

Binocs’ founders point to figures from the Coin Market Cap that say the total market cap of the crypto industry rose from about $325 billion in in September 2020 to $1 trillion in September 2022. With a blended tax of about 20%, the overall tax liability is about $70 billion, a number that can increase to $300 billion by 2026.

Shingal, the startup’s CEO, said crypto hedges and investment funds often run with a small number of staff, and the process of calculating tax and performing compliance is time-consuming because they have to pull data from multiple sources, merge it and then adhere to different compliance and reporting regulations for each type of transaction.

“The traditional approach is to collate and interpret the blockchain exchange ledgers manually. Doing which requires significant time, sophisticated knowledge about crypto transactions, local regulations,” Shingal said. “This task is time consuming and prone to errors, which could be costly.”

He added that regulations are one of the biggest obstacles to more adoption of crypto, with about 15 to 20 countries that currently tax crypto investments, and 60 to 70 that will in the future.

Binocs also plans to build more apps on top of its algorithm as it gets more data. “We think of ourselves as a data company that understands what is going on in crypto transactions and build applications for multiple use cases on top in the future,” Shingal said.

Binocs is currently pre-revenue, and will monetize by operating on a freemium model, as well as an enterprise plan for business investors.

Crypto tax reporting app Binocs helps users navigate regulations by Catherine Shu originally published on TechCrunch