Facebook whistleblower Frances Haugen will talk Section 230 reform with Congress this week

Facebook whistleblower Frances Haugen will go before Congress again this week, this time offering her unique perspective on the company’s moderation and policy failures as they relate to Section 230 of the Communications Decency Act, the key legal shield that protects online platforms from liability for the user-created content they host.

The House Energy and Commerce Subcommittee on Communications and Technology will hold the hearing, titled “Holding Big Tech Accountable: Targeted Reforms to Tech’s Legal Immunity,” this Wednesday, December 1 at 10:30 AM ET. Color of Change President Rashad Robinson and Common Sense Media CEO James Steyer will also testify on Wednesday.

The hearing is the latest Section 230-focused discussion from the House committee. In March, the chief executives of Facebook, Google and Twitter went before lawmakers to defend the measures they’ve taken to fight misinformation and disinformation — two major areas of concern that have inspired Democratic lawmakers to reexamine tech’s longstanding liability shield.

In an October Senate hearing, Haugen advocated for changes to Section 230 that would hold platforms accountable for the content that they promote algorithmically. While Haugen isn’t an expert on legislative solutions to some of social media’s current ills, given her time with Facebook’s since-dismantled civic integrity team, she’s uniquely positioned to give lawmakers insight into some of the most dangerous societal outcomes of algorithmically amplified content.

“User-generated content is something companies have less control over. But they have 100% control over their algorithms,” Haugen said. “Facebook should not get a free pass on choices it makes to prioritize growth, virality and reactiveness over public safety.”

Facebook’s former News Feed lead and current Head of Instagram Adam Mosseri is also set to testify before the Senate for the first time next week, addressing revelations in leaked documents that the company knows its business takes a toll on the mental health of some of its youngest, most vulnerable users.

In its announcement, the House Energy and Commerce committee cited four tech reform bills that Congress is currently mulling: the Justice Against Malicious Algorithms Act of 2021, the SAFE TECH Act, the Civil Rights Modernization Act of 2021 and the Protecting Americans from Dangerous Algorithms Act. The first bill, proposed by the committee holding Wednesday’s hearing, would lift Section 230’s liability protections in cases when a platform “knowingly or recklessly” recommends harmful content using algorithms.

Bolt makes first acquisition with Tipser, launches ‘Remote Checkout’

The ability to purchase something at the point of discovery from digital content exists, but checkout technology company Bolt has the opportunity to give that its “one-click” treatment. It announced Monday that it made its first acquisition in Tipser, a Swedish-based technology company enabling direct checkout on any digital surface.

San Francisco-based Bolt is fresh off of raising $393 million in Series D funding in October, bringing total capital raised to date to $600 million. And though the Tipser acquisition is in line with the company’s plans of what it wanted to do with the new capital, Ryan Breslow, founder and CEO of Bolt, told TechCrunch the deal “had been in the works for a while.”

Tipser’s technology enables consumers to purchase products natively from sites like online publications, mobile marketplaces, price comparison sites, social media platforms or search engines. The company is led by Marcus Jacobsson, co-founder and CEO, who started the company in 2012 with Axel Wolrath and Jonas Sjöstedt.

In fact, when Bolt initially began talking to Tipser, the company was not in a place to sell, and was actually working on their next investment round (they raised just over $14 million), but the two companies ended up going into deeper conversations and found their cultural resonances worked better together, Breslow said.

“We saw how significant Tipser could be for Bolt,” he added. “They had been perfecting their embedded commerce technology for a decade and were the only formidable player. They were stronger than us in areas where we were weaker. It is very strategic to have them on our team.”

Exact transaction figures were not disclosed, but Breslow did reveal to TechCrunch that the acquisition, which was an all-stock deal, came in “just shy of $200 million.” The entire Tipser team is staying put, so Bolt will be adding 100 more people to its team. Tipser’s presence in Sweden will now also serve as Bolt’s European headquarters to go with the company’s recent announcement of expanding into Europe.

In addition to the acquisition, Bolt is launching Remote Checkout, a tool for shoppers to make a purchase from the exact point of discovery. Instead of seeing something on social media — where 84% of shoppers look for reviews, according to Pew Research Center — then going to another website to make the purchase,

The new tool is one that Bolt was working on internally for over a year and was inspired by Instagram Checkout, also a tool where you can discover a product and check out directly from the app, Breslow said.

“With the death of tracking and cookies, we could see the need for native checkout so retailers can track conversion,” he added. “It’s better for consumers to not have to click a million things.”

Bolt’s Remote Checkout features include the direct one-click checkout, engagement with Bolt’s network of shoppers and the ability for merchants to boost conversion rates while receiving orders through multiple channels and building direct relationships with visitors. It also turns anonymous visitors into logged-in account holders and monetizes traffic on-site.

The added feature of publishers and creators being able to monetize traffic coming to their sites was one that Jason Wagenheim, president and CRO at media publisher BDG (formerly known as Bustle Digital Group), found particularly interesting. BDG’s brands include Bustle, EliteDaily and Fatherly.

He was a bystander of sorts for the merger, having signed up with Tipser in January as the company’s first U.S. publisher, going live with the product in April on two of BDG’s 13 sites, Wagenheim said in an interview.

“What I love most about this acquisition is that we can accelerate the onboarding of hundreds of more merchants onto our platform,” he said. “This is a marriage of content and commerce.”

Before social media and companies like Bolt and Tipser, shopping directly from a magazine page meant utilizing QR codes, but that didn’t take off like people thought it would, Wagenheim said.

Other publishers tried to crack the code, and he noted Goop being one of the few able to do it. Now with these new technologies, any publisher or creator can close the gap between the upper and lower funnels and drive awareness because its commerce is shoppable and one click away.

He considers BDG’s project with Tipser still in the beta phase, but there are plans to roll out the technology on all of its sites next year. The company already had its audience engage in over 25 million sessions with people, on average, seeing 10 products per session, a metric Wagenheim says means the process is working: people are spending time with the products, are engaged and adding products to carts.

“With hundreds more merchants for editors to write about, and the one-click transaction happening, that is a game-changer,” he added.

How Pilot convinced Index Ventures to think long-term about margins

On a recently recorded (and soon-to-be published) episode of the Found podcast, an entrepreneur told my co-host and me that he sees a broad swath of the venture capitalists out there as money managers, more focused on short-term gains and returns than long-term revolutionary technology.

Whether you agree or not, it’s hard to ignore the fact that the multipliers in Silicon Valley and the growth of software businesses have changed the way we think about a startup’s timeline.

“The pressure from [Index] caused us to work a little harder and be a little bit more precise in our instrumentation to be able to prove that the long-term trajectory would achieve certain milestones that would work for everybody.” Jessica McKellar

Pilot, a bookkeeping software service that has raised more than $160 million since inception, is not necessarily a stranger to the shorter-term desires of investors. Index Ventures partner Mark Goldberg, who led the Series A and Series B rounds for the startup, would be the first to tell you that the board and the founders had some early disagreements about how the company should operate.

Obviously, it wasn’t enough to stop him or Index from doubling down on the business.

We talked about all this and more on TechCrunch Live.

Doubling down

“It was pretty terrifying,” said Goldberg. “In my gut, I thought, ‘Wow, we better get this right.'”

A few things clicked into place for Goldberg to want to keep investing in Pilot. The first was that it was a real category-creation opportunity, in that bookkeeping was a $100 billion industry that was largely fragmented.

The second was the customer love for the product.

“We started to hear customers proactively calling us from within the Index portfolio saying that they hated doing bookkeeping and back office functions, and now they don’t have to think about it. They said things like ‘Whoever this Pilot team is, they’re doing some wizardry so I can just shut my brain off to the part of the business I didn’t enjoy doing.'”

The third was the conviction and dedication of the team to empathizing with and understanding their customers.

He recalled a time early on when the team was no more than 10 people, most of them engineers, when he visited the office on a weekend. They were all wearing green visors, doing bookkeeping for their customers.

“They weren’t doing it because they needed to for customer support, but because they really wanted to empathize with the customers for the product that they were building,” said Goldberg. “That’s the sort of sweat equity and market recognition that told me, if this continues to grow, there really is no ceiling on what this business could become.”

While that sort of dedication to understanding the user was attractive, it was not without its costs.

Counterintuitive convictions

“Pilot is a technology company wrapped in this lovely human layer of high-touch support for its customers, which is a bit counter-intuitive in Silicon Valley, where most companies don’t want humans in the loop,” said Goldberg. “That’s what I know and understand, and we had a view that this sort of tech-enabled service model could be very valuable, but we wanted to make sure that they could create a financial profile that had gross margins that reflected that of a software company.”

In its simplest form, Jessica McKellar and her co-founders felt very strongly that they wanted to focus on the customer fully and deliver great customer service from the very beginning. In a business where you are onboarding customers by ingesting the entirety of their financials, that can be costly.

Head of Instagram Adam Mosseri will testify before the Senate on teen mental heath

Head of Instagram Adam Mosseri will testify before the Senate for the first time as part of a series of hearings about online safety for children and teens. Per The New York Times, Mosseri’s hearing will take place on December 6.

Mosseri’s upcoming testimony comes after Sen. Richard Blumenthal (D-CT) wrote a letter to Facebook (now Meta) CEO Mark Zuckerberg, asking that either he or Mosseri participate in a Senate hearing.

Mosseri posted a video responding to the news of his forthcoming appearance on Capitol Hill. He discussed growing concerns about teen safety online, then outlined past actions Instagram has taken to protect young users, like making young teens’ accounts private by default and restricting the kinds of ads they see.

“I’m going to be talking about these issues with Congress relatively soon,” Mosseri said. “These are important issues, but we all have shared goals. We all want young people to be safe when they’re online.”

When reports leaked in September about Instagram’s knowledge of its dangerous affects on teen girls, the Senate Committee on Commerce, Science, & Transportation didn’t take it lightly. The committee first questioned Facebook Global Head of Security Antigone Davis, who was reticent to answer direct questions from the Senate. Then weeks later, the committee heard testimony from Facebook whistleblower Frances Haugen, a former civic integrity product manager who leaked thousands of internal documents known as the “Facebook Papers.” In her hearing, Haugen told the Senate that Facebook cares more about profits than user safety.

“I am disappointed that Facebook has been unwilling to be fully transparent with me, other members of Congress, and the public, and appears to have concealed vital information from us about teen mental health and addiction,” wrote Senator Blumenthal, who chairs the Senate committee hosting these hearings. “When I sought specific information about Instagram and teens in an August letter, Facebook provided clearly evasive and misleading answers that have now been directly disputed by Ms. Haugen.”

Now, after hearing from executives at Snap, TikTok and YouTube last month, the committee will convene again to hear from the head of Instagram himself. Given the committee’s demonstrated concern about Instagram’s connection to the onset of adolescent eating disorders, it’s expected that Mosseri will be questioned about leaked internal studies that Meta conducted about Instagram’s impact on teen girls.

The internal study, obtained by The Wall Street Journal and later published by Meta itself, found that Instagram makes body image issues worse for one in three teen girls, and that teens blame Instagram for increases in anxiety and depression. Among teens with suicidal thoughts, the study says that 6% of users traced their desire to die by suicide to Instagram. Plus, 32% of surveyed teen girls reported that when they felt bad about their bodies, Instagram made those feelings worse.

Shortly after these documents were leaked, Mosseri announced that Instagram would pause building Instagram Kids. Meta already has products like Messenger Kids, which lets users under 13 chat with people approved by their parents.

“While we stand by the need to develop this experience, we’ve decided to pause this project,” Mosseri wrote. “This will give us time to work with parents, experts, policymakers and regulators, to listen to their concerns, and to demonstrate the value and importance of this project for younger teens online today.”

But critics are skeptical of Meta’s ability to build an Instagram Kids product responsibly. Per research published this month, Facebook allegedly continues to surveil teens for ad targeting.

“It is urgent and necessary for you or Mr. Adam Mosseri to testify to set the record straight and provide members of Congress and parents with a plan on how you are going to protect our kids,” Senator Blumenthal wrote to Zuckerberg.

Apple alerts NSO phone hacking victims in Thailand, El Salvador and Uganda

Image Credits: Bryce Durbin / TechCrunch

Apple has sent threat notification alerts to victims of state-sponsored hackers in Thailand, El Salvador and Uganda, just hours after filing a lawsuit against Israeli spyware maker NSO Group.

At least six Thai activists and researchers who have been critical of the government have received the notification, according to Reuters, including Prajak Kongkirati, a political scientist at Bangkok’s Thammasat University, researcher Sarinee Achananuntakul and Thai activist Yingcheep Atchanont of the legal monitoring group iLaw. Citizen Lab, which tracks illegal hacking and surveillance, identified in 2018 a Pegasus spyware operator active within Thailand.

The alerts — which Apple says are designed to inform and assist users who may have been targeted by state-sponsored attackers — were also sent to a number of users in El Salvador. This includes 12 employees from El Faro, an online digital newspaper that has been notoriously critical of the government, as well as two leaders of civil society organizations and two opposition politicians.

Norbert Mao, the president of the Democratic Party in Uganda, also said on Twitter that he had received the threat notification.

The alert from Apple warns: “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID. These attackers are likely targeting you individually because of who you are or what you do. If your device is compromised by a state-sponsored attacker, they may be able to remotely access your sensitive data, communications, or even the camera and microphone. While it’s possible this is a false alarm, please take this warning seriously.”

Apple on Tuesday sued NSO Group to seek a permanent injunction to prevent the spyware maker from using any Apple product. This would make it more difficult for the company to find and exploit vulnerabilities in iPhone software and hack its targets.

“The steps we’re taking today will send a clear message: In a free society it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place,” said Apple’s security chief Ivan Krstić. “Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.”

Apple files lawsuit against NSO Group over Pegasus spyware

Apple has launched a lawsuit against NSO Group, the maker of the nation-state spyware Pegasus, seeking a permanent injunction to prevent the spyware maker from using any Apple product or service.

In a statement, Apple said it’s seeking the injunction to “prevent further abuse and harm to its users.”

Israel-based company NSO Group develops Pegasus, a spyware that gives its government customers near-complete access to a target’s device, including their personal data, photos, messages and precise location. The spyware works by exploiting previously unknown vulnerabilities in iPhone software. Many of those targeted, including journalists, activists, and human rights defenders, received malicious links in text messages, but Pegasus more recently has been able to silently hack iPhones without any user interaction.

Several authoritarian governments are known to use Pegasus, including Bahrain, Saudi Arabia, Rwanda, the United Arab Emirates and Mexico; though, NSO has repeatedly declined to name or confirm its dozens of customers, citing non-disclosure agreements.

Apple’s complaint, filed Tuesday, aims to make it far more difficult for NSO to find and exploit vulnerabilities in iPhone software to hack its targets.

Researchers at Citizen Lab found evidence earlier this year that NSO Group had developed a new exploit able to bypass new protections built into iPhone software, known as BlastDoor, which Apple designed in large part to prevent NSO-style attacks by filtering out malicious payloads that could be used to compromise a device. This so-called zero-click vulnerability — named as such because it doesn’t require the victim to click any links to become infected — was dubbed ForcedEntry by Citizen Lab for its ability to skirt Apple’s BlastDoor’s protections. Apple patched the vulnerability in September after it was found to affect all Apple devices, not just iPhones.

Apple said that NSO uses Apple’s own services to deliver its spyware. By seeking a permanent injunction, Apple wants to ban NSO from using any of its services to launch attacks against those targeted by its government customers.

“At Apple, we are always working to defend our users against even the most complex cyberattacks. The steps we’re taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place,” said Apple’s security chief Ivan Krstić. “Our threat intelligence and engineering teams work around the clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.”

Apple said its notifying known victims targeted by the ForcedEntry exploit, and said it notifies victims who it discovers who have been targeted with state-sponsored spyware.

An email to NSO Group’s media email was returned as undelivered.

Apple files lawsuit against NSO Group over Pegasus spyware

Apple has launched a lawsuit against NSO Group, the maker of the nation-state spyware Pegasus, seeking a permanent injunction to prevent the spyware maker from using any Apple product or service.

In a statement, Apple said it’s seeking the injunction to “prevent further abuse and harm to its users.”

Israel-based company NSO Group develops Pegasus, a spyware that gives its government customers near-complete access to a target’s device, including their personal data, photos, messages and precise location. The spyware works by exploiting previously unknown vulnerabilities in iPhone software. Many of those targeted, including journalists, activists, and human rights defenders, received malicious links in text messages, but Pegasus more recently has been able to silently hack iPhones without any user interaction.

Several authoritarian governments are known to use Pegasus, including Bahrain, Saudi Arabia, Rwanda, the United Arab Emirates and Mexico; though, NSO has repeatedly declined to name or confirm its dozens of customers, citing non-disclosure agreements.

Apple’s complaint, filed Tuesday, aims to make it far more difficult for NSO to find and exploit vulnerabilities in iPhone software to hack its targets.

Researchers at Citizen Lab found evidence earlier this year that NSO Group had developed a new exploit able to bypass new protections built into iPhone software, known as BlastDoor, which Apple designed in large part to prevent NSO-style attacks by filtering out malicious payloads that could be used to compromise a device. This so-called zero-click vulnerability — named as such because it doesn’t require the victim to click any links to become infected — was dubbed ForcedEntry by Citizen Lab for its ability to skirt Apple’s BlastDoor’s protections. Apple patched the vulnerability in September after it was found to affect all Apple devices, not just iPhones.

Apple said that NSO uses Apple’s own services to deliver its spyware. By seeking a permanent injunction, Apple wants to ban NSO from using any of its services to launch attacks against those targeted by its government customers.

“At Apple, we are always working to defend our users against even the most complex cyberattacks. The steps we’re taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place,” said Apple’s security chief Ivan Krstić. “Our threat intelligence and engineering teams work around the clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon. Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group.”

Apple said its notifying known victims targeted by the ForcedEntry exploit, and said it notifies victims who it discovers who have been targeted with state-sponsored spyware.

An email to NSO Group’s media email was returned as undelivered.

Dent Reality raises $3.4M to bring augmented reality into the grocery store

Despite Apple and Facebook investing billions into a “metaverse” future, in recent years there’s been a distinct drop-off in venture deals for startups focused on finding opportunities in augmented reality. Many VCs who have been burned by investments in large-scale efforts like Magic Leap now see the near-term spoils of augmented reality tech as opportunities largely left for big tech companies, but smaller startups are still finding inroads that appeal to investors.

For London-based Dent Reality, one opportunity is in creating specific small-scale experiences that showcase the powers of the technology — and hyper-localized mapping — starting in venues like grocery stores. In the case of a grocery store, the team’s augmented reality platform can provides shoppers with a small-scale layout of the store’s aisles, while integrating with the store’s database to provide shelf-specific data on where to find particular items. AR capabilities allow users to hold their phone up to chart a path to the object of their desire.

CEO Andrew Hart says that retailers are more broadly interested in finding ways to bring their online toolsets into the experience of real-world shoppers because those personalization tools have grown to make online shoppers much more valuable to them. Dent Reality isn’t specifically a platform for finding things in grocery stores, but Hart says that their high density of products makes them an ideal location to stress test their tech.

“We decided on grocery stores, because it’s the hardest challenge that we could have solved,” Hart tells TechCrunch.

Investors see an opportunity in Dent’s efforts, the London startup has closed a $3.4 million seed round led by Pi Labs with participation from Sugar Capital and 7Percent Ventures.

In the years following the launch of Apple’s ARKit augmented reality developer platform, Hart has built up an audience on Twitter showcasing many of the futuristic augmented reality tech demoes he’s created. Dent Reality was an effort to turn some of these future-flung use cases into a present-day tech platform for developers. While smartphones are an imperfect device for augmented reality, they still offer consumers a way to experience and interact with 3D interfaces which Hart believes will be central to the utility of an upcoming wave of augmented reality glasses devices.

“Interfaces in general have been trapped in 2D and phone screens,” Hart says. “There’s so much opportunity in AR for things we just can’t do with a 2D interface.”

Down the road, Dent Reality wants to tackle everything from large office complexes to hospitals to college campuses, leveraging hyper-localized map data, augmented reality and their unique approach to localizing users with public WiFi data and smartphone sensors that doesn’t require buildings to integrate new hardware infrastructure.

Dent Reality raises $3.4M to bring augmented reality into the grocery store

Despite Apple and Facebook investing billions into a “metaverse” future, in recent years there’s been a distinct drop-off in venture deals for startups focused on finding opportunities in augmented reality. Many VCs who have been burned by investments in large-scale efforts like Magic Leap now see the near-term spoils of augmented reality tech as opportunities largely left for big tech companies, but smaller startups are still finding inroads that appeal to investors.

For London-based Dent Reality, one opportunity is in creating specific small-scale experiences that showcase the powers of the technology — and hyper-localized mapping — starting in venues like grocery stores. In the case of a grocery store, the team’s augmented reality platform can provides shoppers with a small-scale layout of the store’s aisles, while integrating with the store’s database to provide shelf-specific data on where to find particular items. AR capabilities allow users to hold their phone up to chart a path to the object of their desire.

CEO Andrew Hart says that retailers are more broadly interested in finding ways to bring their online toolsets into the experience of real-world shoppers because those personalization tools have grown to make online shoppers much more valuable to them. Dent Reality isn’t specifically a platform for finding things in grocery stores, but Hart says that their high density of products makes them an ideal location to stress test their tech.

“We decided on grocery stores, because it’s the hardest challenge that we could have solved,” Hart tells TechCrunch.

Investors see an opportunity in Dent’s efforts, the London startup has closed a $3.4 million seed round led by Pi Labs with participation from Sugar Capital and 7Percent Ventures.

In the years following the launch of Apple’s ARKit augmented reality developer platform, Hart has built up an audience on Twitter showcasing many of the futuristic augmented reality tech demoes he’s created. Dent Reality was an effort to turn some of these future-flung use cases into a present-day tech platform for developers. While smartphones are an imperfect device for augmented reality, they still offer consumers a way to experience and interact with 3D interfaces which Hart believes will be central to the utility of an upcoming wave of augmented reality glasses devices.

“Interfaces in general have been trapped in 2D and phone screens,” Hart says. “There’s so much opportunity in AR for things we just can’t do with a 2D interface.”

Down the road, Dent Reality wants to tackle everything from large office complexes to hospitals to college campuses, leveraging hyper-localized map data, augmented reality and their unique approach to localizing users with public WiFi data and smartphone sensors that doesn’t require buildings to integrate new hardware infrastructure.