Connect with us

Uncategorized

ProtonMail, Threema, Tresorit and Tutanota warn EU lawmakers over ‘anti-encryption’ push

Published

on

Four European apps which secure user data via end-to-end encryption, ProtonMail, Threema, Tresorit and Tutanota, have issued a joint-statement warning over recent moves by EU institutions that they say are setting lawmakers on a dangerous path to backdooring encryption.

End-to-end encryption refers to a form of encryption where the service provider does not hold keys to decrypt the data, thereby enhancing user privacy — as there’s no third party in the loop with the technical capability to access data in a decrypted form.

E2e encryption also boosts security by reducing the attack surface area around people’s data.

However growth in access to e2e encrypted services has, for some half decade or more, been flagged as an issue of concern for law enforcement. This is because it makes it harder for agencies to access decrypted data. Service providers served with a warrant for e2e encrypted user data will only be able to provided it in an unreadable form.

Last month the EU Council passed a resolution on encryption that’s riven with contradiction — calling for “security through encryption and security despite encryption” — which the four e2e app makers believe is a thinly veiled call to backdoor encryption.

The European Commission has also talked about seeking “improved access” to encrypted information, writing in a wide-ranging counter-terrorism agenda also published in December that it will “work with Member States to identify possible legal, operational, and technical solutions for lawful access” [emphasis its].

Simultaneously, the Commission has said it will “promote an approach which both maintains the effectiveness of encryption in protecting privacy and security of communications, while providing an effective response to crime and terrorism”. And it has made it clear there will be no ‘one silver bullet’ as regards the e2e encryption security ‘challenge’.

But such caveats are doing nothing to alleviate the concerns of e2e encrypted app makers — who are convinced proposals from the Council of the EU, which is involved in adopting the bloc’s laws (though the Commission usually drafts legislation), sums to an push toward backdoors.

“While it’s not explicitly stated in the resolution, it’s widely understood that the proposal seeks to allow law enforcement access to encrypted platforms via backdoors,” the four app makers write, going on to warn that such a move would fatally underline the security EU institutions also claim to want to maintain.

“The resolution makes a fundamental misunderstanding: Encryption is an absolute, data is either encrypted or it isn’t, users have privacy or they don’t,” they go on. “The desire to give law enforcement more tools to fight crime is obviously understandable. But the proposals are the digital equivalent of giving law enforcement a key to every citizen’s home and might begin a slippery slope towards greater violations of personal privacy.”

They point out that any move to break e2e encryption in Europe would run counter to the global rise in interest in robustly encrypted services — pointing to the recent surge in sign-ups for apps like Signal as a result of mainstream privacy concerns attached to Facebook-owned WhatsApp.

Europe has also been ahead of the curve globally in legislating to protect privacy and security. So it would be quite the U-turn for EU lawmakers to line up to poke holes in e2e encryption. (Which, for example, EU data protection regulators are simultaneously recommending be used in order to legally secure transfers of personal data out of the bloc to third countries where it might be at risk).

To say there are ideological contradictions in the EU pushing in an anti-encryption direction is a massive understatement. Even as the contents of current communiques coming out of Brussels on this topic read as if they’re inherently conflicted — which may in fact be a recognition that squaring this circle is no simple policy proposition.

The app makers also pick up on that. “People around the world are taking back control of their privacy, and often it’s European companies helping them do it. It seems illogical that policy makers in the EU would now push for laws that fly in the face of public opinion and undermine a growing European technology sector,” they write.

In an individual quotation from the joint-statement, Andy Yen, CEO and founder of ProtonMail, a Swiss end-to-end encrypted email service, warns against complacency in the face of the latest seeming push for a legal framework to perforate encryption.

“This is not the first time we’ve seen anti-encryption rhetoric emanating from some parts of Europe, and I doubt it will be the last. But that does not mean we should be complacent,” he said. “Put simply, the resolution is no different from the previous proposals which generated a wide backlash from privacy conscious companies, civil society members, experts and MEPs.

“The difference this time is that the Council has taken a more subtle approach and avoided explicitly using words like ‘ban’ or ‘backdoor’. But make no mistake, this is the intention. It’s important that steps are taken now to prevent these proposals going too far and keep European’s rights to privacy intact.”

Martin Blatter, CEO of end-to-end encrypted instant messaging app Threema, also argues that EU lawmakers risk kneecapping homegrown startups if they seek to push ahead with legislation to force European vendors to bypass or deliberately weaken e2e encryption.

“[It] would not only destroy the European IT startup economy, it would also fail to provide even one bit of additional security,” he warned. “Joining the ranks of the most notorious surveillance states in this world, Europe would recklessly abandon its unique competitive advantage and become a privacy wasteland.”

Also chipping in, Istvan Lam, co-founder and CEO of Tresorit, an e2e encrypted file sync & sharing service, argues that any moves to weaken encryption would seriously undermine trust in services — as well as being “irreconcilable with the EU’s current stance on data privacy”.

“We find this resolution especially alarming given the EU’s previously progressive views on data protection. The General Data Protection Regulation (GDPR), the EU’s globally recognized model for data protection legislation, explicitly advocates for strong encryption as a fundamental technology to ensure citizens’ privacy,” he said, adding: “The current and proposed approaches are at complete odds with each other, as it is impossible to guarantee the integrity of encryption while providing any kind of targeted access to the encrypted data.”

While Arne Möhle, co-founder of Tutanota, a German e2e encrypted email provider, says any push to backdoor encryption would be a disaster for security — which actually risks helping criminals.

“Every EU citizen needs encryption to keep their data safe on the web and to protect themselves from malicious attackers,” he said. “With the latest attempt to backdoor encryption, politicians want an easier way to prevent crimes such as terrorist attacks while disregarding an entire range of other crimes that encryption protects us from: End-to-end encryption protects our data and communication against eavesdroppers such as hackers, (foreign) governments, and terrorists.”

“By demanding encryption backdoors, politicians are not asking us to choose between security and privacy. They are asking us to choose no security,” he added.

A fight looks to be brewing in Europe over what exactly the Council’s contradictory edict on ensuring “security through encryption and security despite encryption” will shake out to. But it seems clear that any push toward backdoors would mobilize major regional opposition — as well as being an unattractive option for EU policymakers because it would face legal challenge under the region’s jurisprudence.

The Commission recognizes this complexity. Its counter-terrorism agenda is also notably wide-ranging. There’s certainly no suggestion that it believes e2e encryption is a sole nut that must be cracked. EU institutions are pushing across a number of fronts here, not least because a bunch of fundamental red lines limit wiggle room for non-targeted interventions.

What comes out of the Council’s resolution may therefore be a concerted push to upskill police in areas relevant to investigations (such as digital forensics and metadata analysis). And perhaps create structures for local or state level forces across the bloc to access more powerful security service technical competences for furthering targeted investigations (e.g. device hacking). Rather than an EU-level order blasted at e2e encryption vendors to mandate a universal key escrow ‘solution’ (or similar) — indiscriminately risking everyone’s security and privacy.

But it’s certainly one to watch.

Lyron Foster is a Hawaii based African American Musician, Author, Actor, Blogger, Filmmaker, Philanthropist and Multinational Serial Tech Entrepreneur.

Continue Reading
Comments

Uncategorized

Freemium isn’t a trend — it’s the future of SaaS

Published

on

As the COVID-19 lockdowns cascaded around the world last spring, companies large and small saw demand slow to a halt seemingly overnight. Enterprises weren’t comfortable making big, long-term commitments when they had no clue what the future would hold.

Innovative SaaS companies responded quickly by making their products available for free or at a steep discount to boost demand.

While Zoom gets all the attention, there were hundreds of free SaaS tools to help folks through the pandemic. Pluralsight ran a #FreeApril campaign, offering free access to its platform for all of April. Cloudflare made its Teams product free from March until September 1, 2020. GitHub went free for teams in April and slashed the price of its paid Team plan.

A selection of new free, free trial and low-priced offerings from leading SaaS companies. Image Credits: Kyle Poyar/OpenView.

The free products were aimed squarely at end users — whether it be a developer, individual marketer, sales rep or someone else at the edge of an organization. These end users were stuck at home during the pandemic, yet they desperately needed software to power their working lives.

End users prefer to do the vast majority of their research online before ever talking to a sales rep, making free products the ideal way to reach them.

End users prefer to do the vast majority of their research online before ever talking to a sales rep, making free products the ideal way to reach them. Many end users want to jump straight into a product, no hassle or credit card or budget approval required.

After they’ve set up an account and customized it for their workflow, end users have essentially already made a purchase decision with their time — all without ever feeling like they were in an active buying cycle.

An end user-focused free offering became an essential SaaS survival strategy in 2020.

But these free offerings didn’t go away as lockdowns loosened up. SaaS companies instead doubled down on freemium because they realized that doing so had a real and positive impact on their business. In doing so, they busted the outdated myths that have held 82% of SaaS companies back from offering their own free plan.

Myth: A free offering will cannibalize paying customers

GoDaddy is a digital behemoth, known for being a ’90s-era pioneer in web domains as well as for their controversial Super Bowl ads. The company has steadily diversified into business software, now generating roughly $700 million in ARR from its business applications segment and reaching millions of paying customers. There are very few businesses that would see greater potential revenue cannibalization from launching a free product than GoDaddy.

But GoDaddy didn’t let fear stop them from testing freemium when lockdowns set in. Freemium started out as a small-scale experiment in spring 2020 for the websites and marketing product. GoDaddy has since increased the experiment to 50% of U.S. website traffic, with plans to scale to 100% of U.S. traffic and open availability to other markets in 2021.

Continue Reading

Uncategorized

Metafy adds $5.5M to its seed round as the market for games coaching grows

Published

on

This morning Metafy, a distributed startup building a marketplace to match gamers with instructors, announced that it has closed an additional $5.5 million to its $3.15 million seed round. Call it a seed-2, seed-extension or merely a baby Series A; Forerunner Ventures, DCM and Seven Seven Six led the round as a trio.

Metafy’s model is catching on with its market. According to its CEO Josh Fabian, the company has grown from incorporation to gross merchandise volume (GMV) of $76,000 in around nine months. That’s quick.

The startup is building in public, so we have its raw data to share. Via Fabian, here’s how Metafy has grown since its birth:

From the company. As a small tip, if you want the media to care about your startup’s growth rate, share like this!

When TechCrunch first caught wind of Metafy via prior seed investor M25, we presumed that it was a marketplace that was built to allow esports pros and other highly capable gamers teach esports-hopefuls get better at their chosen title. That’s not the case.

Don’t think of Metafy as a marketplace where you can hire a former professional League of Legends player to help improve your laning-phase AD carry mechanics. Though that might come in time. Today a full 0% of the company’s current GMV comes from esports titles. Instead, the company is pursuing games with strong niche followings, what Fabian described as “vibrant, loyal communities.” Like Super Smash Brothers, its leading game today in terms of GMV generated.

Why pursue those titles instead of the most competitive games? Metafy’s CEO explained that his startup has a particular take on its market — that it focuses on coaches as its core customer, over trainees. This allows the startup to focus on its mission of making coaching a full-time gig, or at least one that pays well enough to matter. By doing so, Metafy has cut its need for marketing spend, because the coaches that it onboards bring their own audience. This is where the company is targeting games with super-dedicated user bases, like Smash. They fit well into its build for coaches, onboard coaches, coaches bring their fans, GMV is generated model.

Metafy has big plans, which brings us back to its recent raise. Fabian told TechCrunch any game with a skill curve could wind up on Metafy. Think chess, poker or other games that can be played digitally. To build toward that future, Metafy decided to take on more capital so that it could grow its team.

So what does its $5.5 million unlock for the startup? Per its CEO, Metafy is currently a team of 18 with a monthly burn rate of around $80,000. He wants it to grow to 30 folks, with nearly all of its new hires going into its product org, broadly.

TechCrunch’s perspective is that gaming is not becoming mainstream, but that it has already done so. Building for the gaming world, then, makes good sense, as tools like Metafy won’t suffer from the same boom/bust cycles that can plague game developers. Especially as the startup becomes more diversified in its title base.

Normally we’d close by noting that we’ll get back in touch with the company in a few quarters to see how it’s getting on in growth terms. But because it’s sharing that data publicly, we’ll simply keep reading. More when we have a few months’ more data to chew on.

Continue Reading

Uncategorized

Snap to launch a new Creator Marketplace this month, initially focused on Lens Creators

Published

on

Snap on Wednesday announced its plan to soon launch a Creator Marketplace, which will make it easier for businesses to find and partner with Snapchat creators, including Lens creators, AR creators and later, prominent Snapchat creators known as Snap Stars. At launch, the marketplace will focus on connecting brands and AR creators for AR ads. It will then expand to support all Snap Creators by 2022.

The company had previously helped connect its creator community with advertisers through its Snapchat Storytellers program, which first launched into pilot testing in 2018 — already a late arrival to the space. However, that program’s focus was similar to Facebook’s Brand Collabs Manager, as it focused on helping businesses find Snap creators who could produce video content.

Snap’s new marketplace, meanwhile, has a broader focus in terms of connecting all sorts of creators with the Snap advertising ecosystem. This includes Lens Creators, Developers and Partners, and then later, Snap’s popular creators with public profiles.

Snap says the Creator Marketplace will open to businesses later this month to help them partner with a select group of AR Creators in Snap’s Lens Network. These creators can help businesses build AR experiences without the need for extensive creative resources, which makes access to Snap’s AR ads more accessible to businesses, including smaller businesses without in-house developer talent.

Lens creators have already found opportunity working for businesses that want to grow their Snapchat presence — even allowing some creators to quit their day jobs and just build Lenses for a living. Snap has been further investing in this area of its business, having announced in December a $3.5 million fund directed toward AR Lens creation. The company said at the time there were tens of thousands of Lens creators who had collectively made over 1.5 million Lenses to date.

Using Lenses has grown more popular, too, the company had noted, saying that more than 180 million people interact with a Snapchat Lens every day — up from 70 million daily active users of Lenses when the Lens Explorer section first launched in the app in 2018.

Now, Snap says that over 200 million Snapchat users interact with augmented reality on a daily basis, on average, out of its 280 million daily users. The majority (over 90%) of these users are 13 to 25-year-olds. In total, users are posting over 5 billion Snaps per day.

Snap says the Creator Marketplace will remain focused on connecting businesses with AR Lens Creators throughout 2021.

The following year, it will expand to include the community of professional creators and storytellers who understand the current trends and interests of the Snap user base and can help businesses with their ad campaigns. The company will not take a cut of the deals facilitated through the Marketplace, it says.

This would include the creators making content for Snap’s new TikTok rival, Spotlight, which launched in November 2020. Snap encouraged adoption of the feature by shelling out $1 million per day to creators of top videos. In March 2021, over 125 million Snapchat users watched Spotlight, it says.

Image Credits: Snapchat

Spotlight isn’t the only way Snap is challenging TikTok.

The company also on Wednesday announced it’s snagging two of TikTok’s biggest stars for its upcoming Snap Originals lineup: Charli and Dixie D’Amelio. The siblings, who have gained over 20 million follows on Snapchat this past year, will star in the series “Charli vs. Dixie.” Other new Originals will feature names like artist Megan Thee Stallion, actor Ryan Reynolds, twins and influencers Niki and Gabi DeMartino, and YouTube beauty vlogger Manny Mua, among others.

Snap’s shows were watched by over 400 million people in 2020, including 93% of the Gen Z population in the U.S., it noted.

 

Continue Reading

Trending