This year is on track to be a record for global electric vehicle adoption. EVs are expected to make up 13% of light duty vehicle sales, and the world is on track to hit a 2030 milepost en route to net zero by mid-century. Yet the road ahead is far from smooth in other industries.
In 2021, EV sales doubled and made up 9% of the car market by the year’s end. This year's surge is due to more being sold in European and Chinese markets, according to the new installment of the International Energy Agency’s Tracking Clean Energy Progress report released this week. However, the report notes that “electric vehicles are not yet a global phenomenon” and sales in the Global South have lagged due to both high sticker prices and a charging infrastructure deficit. (Exported gas-powered cars are also keeping many emerging countries stuck on fossil fuels.)
The IEA’s scenario for reaching net zero by 2050 sets out a milestone of EVs making up 60% of new car sales by 2030, with more than 300 million EVs on the road by that point. To reach that goal, EVs as a share of new car sales will have to increase by roughly 6% annually for the rest of the decade, which the IEA finds is doable.
Yet the report found that progress is insufficient in 53 of the 55 elements of the energy system. (Outside EV adoption, only lighting is on track.) Of those, 30 received an assessment of “more efforts needed,” and 23 are “not on track.” Take energy efficiency, for example. The report found the rate of improvement in energy intensity — which it dubs the “single largest measure to avoid energy demand” in the IEA net zero scenario — needs to at least double by 2030.
Despite the lack of progress, there are reasons to think the sectors lagging behind EV adoption and lighting are in for a boost. The report flags the Inflation Reduction Act and the European Union’s RePowerEU plan as promising policy developments that should add momentum to the energy transition. And new clean infrastructure and technologies are on the horizon, suggesting that progress for even hard-to-decarbonize areas like heavy industry is likely to accelerate.
That includes the growing interest and financing for green hydrogen as well as a particularly promising 2021 green steel pilot project. The IEA also noted that 2022 is likely to see a new record for renewable electricity capacity added to the grid, with roughly 340 gigawatts coming online.
“This reaffirms my belief that today’s global energy crisis can be a turning point towards a cleaner, more affordable, and more secure energy system,” said IEA executive director Fatih Birol about the report’s findings. “But this new IEA analysis shows the need for greater and sustained efforts across a range of technologies and sectors to ensure the world can meet its energy and climate goals.”
The popularity of VAs has grown dramatically over the past couple of years. And we’re not talking about virtual assistant tech; we’re talking about real people.
Who needs a virtual assistant the most? Laith Masarweh, who founded and runs the virtual assistant company Assistantly, told me that people just getting their businesses off the ground — those he called “solo-prenuers” — need one most often.
- Tons of companies that have laid off employees in recent months have also tapped VAs to offset the workload of their existing employees, Masarweh said.
- Masarweh said those without the resources to hire full-time employees should look into VAs. “The knowledge and the quality of these virtual assistants is high,” he said. “They can get the ball rolling after two weeks or sooner to start with whatever you need.”
And what can they do for you? Masarweh broke down the responsibilities for virtual assistants into about five different categories: administrative operations, sales, marketing, social media, and more “niche” areas of expertise.
- You can hire one to take on anything, really, like managing calendars and executive-level tasks. Masarweh has 15 VAs who help with tasks ranging from sales to operations.
- Masarweh said VAs also have the potential to turn into full-time employees down the line. The person he hired to help with recruitment eventually became his client success manager and later his COO. “And he might be the CEO of the company,” he added. “I would have no problem having him do that.”
Masarweh added that if you’re going to hire a VA, make sure you treat them as part of the team. “I hire as if I was hiring an employee,” he said.
A version of this story appeared in Friday's Source Code. Sign up here to get it in your inbox each morning.
Apple called its employees back to the office as the company’s three-day-per-week hybrid schedule finally began in early September. Many tech companies have eased up on requiring office work, making Apple somewhat of an outlier when it comes to RTO.
Another outlier, Google, has been in hybrid mode since April, reportedly leading to outbreaks of COVID-19 at the office. Yet for all the talk about Google’s three-day-a-week RTO policy, two workers who spoke to Protocol anonymously say it’s not much of a mandate. An employee and a contractor both told Protocol that the hybrid policy doesn’t seem to be imposed across the board.
“The impression I have is that it’s basically not enforced,” the employee said. The Google contractor said attendance varied across different teams, noting that while some of their teammates go to the office three days a week, most only go in once. (Neither Google nor Apple returned emails inquiring about how their hybrid policies are enforced.)
Sundar Pichai’s plan to make Google “20% more efficient” may lead nervous workers to choose to go to the office more often. (An August survey found that CBRE tenants were “evenly split” on whether a recession would drive more workers to the office out of anxiety for their job security.)
As of now, most companies’ hybrid requirements are only enforced as a “very soft mandate,” said Brian Kropp, distinguished VP of research at Gartner. About half of companies with a hybrid mandate are tracking office attendance, Kropp said, but even those that are doing so “have no real plans to fire people for not coming to the office, as long as they’re getting their work done.”
More than 40% of HR leaders surveyed by Gartner last month said they weren’t tracking office attendance. Thirty-five percent said they were gathering attendance data from key fob or badge swipes, while 22% said managers were tracking their teams’ attendance. Another 10% said employees were self-reporting their attendance.
Companies that selectively enforce attendance requirements may wind up with unfair outcomes, Kropp said.
“If you have a mandated set of days where you have to come to the office, but it’s unevenly enforced across the company, then you run into issues of fairness,” Kropp said. “That just creates more variability across the company, which then creates more risk as well in terms of that inconsistency.”
And while flexibility puts companies at an advantage when it comes to competing for talent, it also requires more sophisticated management, Kropp said. “The question you should really be asking is: Does our managerial population, on average, have the capability to manage much more flexibility, or not?” Kropp said. “If the answer is ‘yes, they do,’ you should push for as much flexibility as you can.”
To run high-performing teams in a flexible environment, managers need to be “half social worker, half engineer,” Kropp said. That means more empathy and more capacity for planning and organization.
While companies may seem settled into their hybrid ways of working, many leaders are leaving policies open to change with time rather than overcommitting themselves. The world is unpredictable, as we’ve learned in the last 2.5 years. “A lot of these executives — the way that they’re framing it now is, ‘This is our hybrid strategy for now, and it could evolve and could change,’” Kropp said.
Amazon falls into that category. As Andy Jassy put it at the Code Conference on Wednesday, Amazon doesn’t have a plan to force employees back to the office: “We’re going to proceed adaptively as we learn.”
A version of this story appeared in Protocol's Workplace newsletter. Sign up here to get it in your inbox three times a week.
If you truly want to gauge a company’s culture before accepting a job offer, you have to become a bit of a sleuth. A journalist, even. Troll Blind and Glassdoor. Browse LinkedIn for current employees who seem trustworthy, or former employees who seem not to have an agenda.
But not everyone has the time to investigate companies in this way. Instead, they may rely on company-sponsored chats with current employees.
- Ian Royer, a public relations specialist with Amazon Canada, took Amazon up on its “Candid Chats” program that connects candidates with members of employee resource groups.
- He was on a mission to determine whether he fit with Amazon’s culture. “I am at a point in my career where when I do interviews, I interview for my fit, not the company,” Royer said.
- Royer spoke with representatives from Amazon’s Black Employee Network and LGBTQ group Glamazon after encouragement from his recruiter. Those conversations ultimately won him over.
Steve McElfresh, founder of HR Futures, said it’s worth it for employers to offer to connect candidates with current employees. The more information, the more helpful to candidates. Still, it’s impossible for company-sponsored candidate-employee chats to be completely candid. Those chats are not entirely trustworthy.
- “In most cases you’ve got to assume they’re using a stable of people who are prepped and primed to be positive about the company,” McElfresh said. “There’s nothing fundamentally wrong with that, but I think you've got to take it with a grain of salt.”
For those who want to connect with employees on their own, scouring LinkedIn and similar sites might be the best option. Professional platform Candor, a new startup trying to be the “more authentic LinkedIn,” was built with job sleuthing in mind.
- “Especially in a remote world, it's so hard to figure out and so hard to get to know people and know if that culture fit is going to be there at your next opportunity,” said Candor founder Kelsey Bishop.
- Candor profiles look kind of like corporate mood boards, with descriptors like “my core values,” “teammates that really inspire me” and “things that motivate me.” Bishop said the service is meant for casual networking, and to help people suss out the working styles of their potential future co-workers.
Bishop added that anonymous platforms can quickly turn toxic, hence Candor’s model with private profiles. But without anonymity, how candid will someone really be?
- “As a candidate, you have to dig beyond what’s publicly available,” McElfresh said. “I would certainly be looking for more of the anonymous material.”
- On the other hand, you can’t verify the identity, and therefore validity, of anonymous reviews. “The problem with anonymous material is you get the extremes,” McElfresh said. “You get people who are clearly unhappy, resentful and are almost assuredly overrepresented.”
The most prepared candidates will do all of the above. Just perusing Glassdoor or talking to one company-sponsored employee won’t give you the full picture. You’ve got to really do your research to figure out the fit.
A version of this story appeared in Protocol's Workplace newsletter. Sign up here to get it in your inbox three times a week.
The SEC reportedly will not push for a total ban on payment for order flow, a proposal that chair Gary Gensler said was "on the table" just a year ago.
The regulator is expected to announce changes to the way payment for order flow is conducted, but it will not involve a total prohibition of the controversial system used in processing stock trades, Bloomberg said in a report on Thursday.
The SEC plan is good news for retail stockbrokers like Robinhood, whose revenue model relies heavily on the rebates it receives for sending trade orders to market makers, known as payment for order flow.
Critics have argued that payment for order flow gives brokers an incentive to encourage retail investors to make as many trades as possible, exposing them to financial risks. Robinhood and payment for order flow came under heavy scrutiny early last year during the GameStop trading frenzy.
In August 2021, Gensler told Barron's that the regulator was considering a total ban on the system. Wall Street analysts cited the potential ban as a major headwind for Robinhood, which has already taken hits from the broad market downturn. Canada and the U.K. have banned payment for order flow, and Australia has instituted temporary prohibitions on the practice as it considers a ban.
The company has been forced to make dramatic cuts this year. Just a few months after announcing that it was slashing 9% of its workforce, Robinhood said it was cutting another 23% because the first round of reductions “did not go far enough,” CEO Vlad Tenev said in a letter to employees.
Tenev also pointed to “additional deterioration of the macro environment, with inflation at 40-year highs accompanied by a broad crypto market crash.” The company also acknowledged that it essentially overshot staffing needs for 2022 based on the “assumption that the heightened retail engagement we had been seeing with the stock and crypto markets in the COVID era would persist into 2022.”
Robinhood rallied briefly on Thursday trades on news that payment for order flow would not be banned. But the stock was off more than 2% midday. TD Ameritrade, a subsidiary of Charles Schwab, also makes heavy use of payment for order flow; Schwab shares also leapt early in the day and then fell.
The SEC could not immediately be reached for comment.
The FDA this week announced that cooking chicken in NyQuil isn’t safe, which seems obvious; it came from a “NyQuil cooking challenge” video that went viral — more than a year ago.
Government warnings about viral online fads may come too late to be effective. The NyQuil chicken challenge resurfaced in January after starting as a joke on 4chan in 2017.
- In June, the FDA warned of the dangers of keeping avocados fresh by placing them in water. That video was popular a couple years ago.
- Schools and lawmakers took a few weeks to catch wind of, and warn parents about, a “devious licks” video that resulted in students damaging school property.
- The Tide Pod challenge, which started as a joke on Twitter in late 2017 before making its way to YouTube and elsewhere, got the Consumer Product Safety Commission’s attention about a month after it went viral.
- And French lawmakers needed a few months to warn against the 2018 “InMyFeelings” challenge, which involved getting out of a moving car and dancing.
Government leaders need a lesson on virality. The timing of these warnings highlights the difficulty of staying on top of potentially dangerous challenges, which can go viral in a matter of days. “The FDA is always playing catch-up with these things,” Jeffrey Blevins, a professor at the University of Cincinnati’s journalism department, told me. “It’s impossible for them to be ahead of it. Who in their right mind would have thought of NyQuil chicken?”
- But the fact that the FDA and other government agencies need months — even years — to identify and warn people about dangerous viral trends defeats the purpose of the warning. Once the alert comes around, the damage may have already been done.
- The way in which the FDA responds to harmful viral videos might not be that effective anyway: The ones making the posts go viral — kids — probably aren’t following government alerts, Blevins said. “I would really encourage these agencies to think about being a little more creative in how they respond,” he said.
- The FDA could post TikToks or poke fun at the absurdity of cooking chicken with NyQuil while also explaining the harms, for example. (The FDA didn’t immediately return a request for comment.)
It’s not just the government; pediatricians, schools, and other organizations are aware of the dangers of social media trends and are trying to catch on to them quickly. But word spreads fast, and in order for the government’s warnings to be effective, they need to happen sooner.
A version of this story appeared in Thursday's Source Code. Sign up here to get it in your inbox each morning.
Kraken CEO Jesse Powell is stepping down and will be replaced by chief operating officer David Ripley, the company announced Wednesday.
Powell, who co-founded Kraken in 2011, will become the crypto marketplace’s board chairman. Ripley will take over after Kraken finds a new COO.
Ripley’s leadership and experience “give me great confidence that he’s the ideal successor and the best person to lead Kraken through its next era of growth,” Powell said in a blog post.
He also said that he will be “spending more of my time on the company’s products, user experience and broader industry advocacy.”
Ripley, who joined Kraken through its 2016 acquisition of Glidera, is credited with growing Kraken from 50 to 3,000 employees.
Powell is giving up the CEO post at a critical time when the crypto industry is still reeling from a major downturn that wiped out about $2 trillion in value.
Kraken has managed to weather the storm like other major crypto players, FTX, Binance and Ripple, that have continued expanding, even as rivals like Coinbase pulled back on growth plans.
But Kraken’s workplace culture came under scrutiny after a New York Times report based on leaked Slack messages and employee interviews accused Powell of making insensitive comments on gender and race, sparking heated conversations within Kraken. Powell defended the company’s culture and policies in an interview with Protocol.
Kraken began as a bitcoin exchange before emerging as one of crypto’s biggest marketplaces. Kraken is currently the fourth-largest crypto exchange, after Binance, FTX and Coinbase, according to CoinMarketCap.
Tuesday's “Made On YouTube” event was basically a competition to see how many ways creators and YouTube execs could talk about beating TikTok without actually saying the word “TikTok.”
YouTube is rolling out ad revenue-sharing for Shorts and lowering the barrier to join its partner program, which execs said will bring more “sustainability and inclusivity” to creators. Previously, both TikTok and YouTube paid short-form creators through a set fund.
- Ads will run in between Shorts, similar to the way ads appear as standalone videos between TikToks. Creators can earn 45% of the ad revenue collected on Shorts.
- This is the first time creators can earn ad revenue from short-form video, a change that influencers like Hank Green have called on TikTok to implement.
The announcement is an obvious jab at TikTok, which has been a frontrunner in the short-form video race. And by the way, YouTube didn’t mention the word “TikTok” once.
- Execs instead emphasized that they don’t want creators to be “multiplatform,” meaning they hop from TikTok to YouTube depending on what video they make or audience they intend to reach. They want creators to be “multiformat,” which means they do everything on one platform.
- “This is a huge incentive for me to put all of my work into one place, which means my audience doesn't have to jump between apps to see all of my videos,” said Kris Collins, who originally found fame on TikTok, during the event.
Will YouTube’s moneymaking strategy for Shorts turn people away from TikTok? It’s likely too soon to tell, and many new creators have already built huge communities on TikTok. But if people can make money from short-form video elsewhere, don’t be surprised if they start flocking to Shorts. “Other platforms are focused on getting people their 15 seconds of fame, which is great. But YouTube is taking a different approach,” Collins said.
A version of this story appeared in Wednesday's Source Code. Sign up here to get it in your inbox each morning.
Coinbase is launching a new product to connect developers to the Ethereum blockchain as part of its effort to offer a full stack of crypto infrastructure technology and diversify its business away from consumer trading revenue.
The new Node product provides APIs for developers to connect to the Ethereum blockchain, the most popular system for smart contracts. Its free plan gives up to 120,000 daily requests. It also has an API specifically for developers building NFTs.
“We think the product that we’re [launching today] is the most fundamental piece for anybody building in the ecosystem,” said Luv Kothari, a product manager overseeing Node at Coinbase. “It's almost like going to AWS and getting an EC2 instance so you can start writing code and then deploying your code.”
That idea of becoming the AWS of blockchain infrastructure is a goal for many companies and the investors backing them.
Part of Coinbase Cloud, Node is Coinbase’s first major free self-serve developer product. Coinbase’s Query & Transact service connecting enterprise customers to blockchains launched in 2020, but the new product is free and adds NFT functionality and other new ways to query the blockchain.
It also fits into Coinbase's long-stated goal to diversify its business from just trading revenue to other types of businesses.
While there are already large startups competing with Coinbase in areas such as custody and node infrastructure, Coinbase is seeking to leverage its existing products that connect to Node, such as its Pay SDK for fiat-to-crypto transfers, trading APIs and Commerce API for accepting payments.
The tech industry is way ahead of the curve when it comes to setting climate goals, particularly compared to other major industries.
A new report out today from Climate Impact Partners, an organization that develops carbon market solutions, found that only 42% of Fortune Global 500 companies have taken climate action or committed to doing so by 2030. By contrast, more than 80% of tech companies within that group have done so, the highest percentage of any sector.
The report defines actions or commitments as one of four publicly stated aims: going carbon neutral, reaching net zero, setting science-based targets or securing 100% renewable energy.
The report analyzed the climate commitments of the 500 largest companies in the world by annual revenue. Together, they're responsible for at least 15% of global emissions (or more than 5.6 billion tons of carbon dioxide equivalent) annually. That means that the commitments they make — or don't — have a major impact on the climate.
The tech industry is more consumer-facing than some other sectors in the analysis, and public pressure may factor into why companies are more likely to set climate targets. In many cases, there are also readily available solutions, such as switching data center operations to run on renewables, compared to other industries. Industries like aerospace and defense, for example, have a much steeper path to decarbonization and under 20% of companies in those sectors have set a 2030 or sooner goal.
Still, some of the biggest tech companies haven't set 2030 climate goals. Though nearly 90% have made a major climate commitment for mid-century, under 10% have set goals between 2031 and 2050.
"Setting targets well beyond 2030, a critical decade to align with the goals of the Paris Agreement and limit warming to 1.5 degrees Celsius, indicates a lack of urgency and ambition," the report authors wrote.
“We’re encouraged to see more and more companies from this prestigious group put a stake in the ground and make climate commitments," Saskia Feast, Managing Director of Global Client Solutions at Climate Impact Partners said in a statement. "There are some signals, however, that ambition and urgency might be waning. Much of the growth in commitments this year has been driven by targets set well beyond 2030, which we know is a critical decade for the planet."
Indeed, the report also found that Fortune Global 500 companies that made climate commitments within the last year were more likely to have set 2050 goals than 2030 goals. And although almost 40% of these companies have any sort of net zero target, nearly a third of them exclude Scope 3 emissions from those targets. Scope 3 emissions include those from companies' supply chain partners and typically make up the bulk of companies' footprints. A serious climate plan needs to address these emissions, yet more than 20% of the world's biggest tech companies only include Scope 1 and 2 emissions in their net zero targets, omitting Scope 3 entirely.
The good news is that things are moving in the right direction, although perhaps not quickly enough. This is the fourth year of Climate Impact Partners' analysis of Fortune Global 500 companies and their climate commitments, and an increasing number of these companies are making specific and achievable climate commitments compared to years past. The group observed an 11% increase in companies with a 2030 commitment, 22% increase in companies with a 2050 target and 50% increase in companies making a net zero commitment.
Now, companies actually need to follow through.
Privacy groups are outraged at New York's plan to install cameras in all subway cars in a bid to stop crime. The proposal, announced by Gov. Kathy Hochul on Tuesday, is an expansion of an earlier pilot project that the governor said was “working very well.” Under her expanded plan, there will be two cameras in each of New York’s 6,455 subway cars.
But civil liberties groups are raising alarms about the imminent plan, saying it is yet another example of an erosion of privacy. In a statement shortly after the speech, Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, condemned Hochul’s approach, describing it as “surveillance theater” that would put New Yorkers on “an express train to authoritarianism.”
The ACLU in New York also criticized Gov. Hochul's plans. "New York City is already home to tens of thousands [of] surveillance cameras and there’s no evidence this massive expansion of subway cameras will improve safety," it said in statement. "Real public safety comes from investing in our communities, not from omnipresent government surveillance."
Hochul, who made the announcement in a subway maintenance facility in Queens, said as ridership of the subway continues to slowly return to pre-pandemic levels, many remain concerned about transit crime. “That is why we are leaning into finding strategies and technologies to make sure that we address [it] just as we are doing here today,” she said. “If you think Big Brother is watching you on the subways, you are absolutely right, that is our intent,” she added.
But Cahn argues the proposal is "ripe for abuse by the NYPD."
"Big Brother’s spying never prevented crime before, and it won’t start now," his statement read. Earlier this month, Cahn's New York-based organization expressed concern about another plan, which would phase out the iconic MetroCard in 2023 and replace it with the digital OMNY vending machine and cards. The group called for the subway operator to guarantee that riders would still be able to use cash to pay for OMNY cards and shield riders' data from agencies such as Immigration and Customs Enforcement.
The subway system already has about 10,000 cameras, but until now, their reach has been contained to the platform and mezzanine. The city’s buses also have cameras installed. The mayor has also deployed more police officers on subways. But critics have pointed to the fact that during April's subway shooting, in which 10 people were injured by gunfire, existing cameras did not stop the crime, and it was later revealed the cameras in some stations were faulty. "This tech has failed us too many times to count," Cahn wrote. "In April, when the cameras were supposed to keep us safe, they couldn’t even capture the subway shooter’s image."
Despite being based in New York City, the governor of New York, not the mayor, has had overall responsibility for the subway system since 1968. During her speech, Hochul said the cameras would be paid for with a grant from the federal Department of Homeland Security and the subway’s operator, Metropolitan Transportation Authority. The cameras would not be monitored live, but footage will be used to conduct investigations.
Although Hochul said that transit crime in New York was down compared to pre-pandemic levels, recent high-profile killings on the subway — including the fatal shooting of a man in May and fatal pushing of a woman onto the tracks in Times Square in January — have contributed to the public perception that New York's transit system is unsafe.
Hochul, a Democrat, is currently running for re-election in New York. Her opponent, Republican Lee Zeldin, has made addressing crime a key part of his campaign.
This story was updated to include comment from the ACLU.
Microsoft is hoping that adoption of its latest version of Windows 11 will wipe out a popular technique for stealing credentials, thanks to the company's move to turn on certain security features by default in the operating system.
The Windows 11 2022 update is generally available today. Among the on-by-default security features in the new version of Windows 11 is Credential Guard, which protects against the theft of login and password data stored in Windows.
The technique for stealing login and password information is known as "credential dumping," and it's widely used by attackers ranging from ransomware operators to nation-state hackers. Credential dumping entails copying credentials from several different areas within Windows, often with the help of a software tool such as Mimikatz.
Organizations will automatically be protected against this tactic by updating to the latest Windows 11 version, as Credential Guard will be turned on by default for the first time, according to David Weston, vice president for enterprise and OS security at Microsoft.
Ultimately, the new Windows 11 update "eradicates the most common techniques from a credential-dumping standpoint," Weston told Protocol.
Illegitimate use of credentials is the largest source of data breaches by far, according to Verizon, which found that credentials usage was responsible for 48% of breaches in 2021.
While Microsoft has offered Credential Guard as an optional feature since Windows 10, few organizations have used the feature because it wasn't on by default, Weston said.
For Microsoft to turn the feature on by default, the company had to ensure that the underlying technology used by Credential Guard, known as virtualization-based security, could run without delivering an outsized hit to PC performance, he said. Microsoft now feels confident that it's able to do that as part of the new version of Windows 11, according to Weston. (The ability to run virtualization-based security features by default was a main driver for the higher CPU requirements for Windows 11, Weston has said.)
Other security features will be on by default in the new Windows 11 version as well. Those include hypervisor-protected code integrity, which prevents the modification of Windows kernel code such as drivers (as occurred in the WannaCry attack), and another feature aimed at thwarting credential theft (credential isolation with Local Security Authority protection).
Meanwhile, Microsoft is also introducing features aimed at preventing malware (Smart App Control) and phishing (Microsoft Defender SmartScreen) in the latest Windows 11 update.
All in all, "I would say Windows 11 is substantially more secure than [Windows] 10 at this point, from a feature standpoint," Weston said. "I expect a lot of the momentum — particularly in commercial — for Windows 11 will be driven by security."
The successor to the Windows 10 operating system, Windows 11 was first introduced in October 2021. As of June, 23.1% of Windows PCs were running Windows 11, according to a report from AdDuplex.
Leading U.S. companies including Amazon, Pfizer and PepsiCo have pledged to hire 20,000 refugees over the next three years.
The commitment was made at a summit organized by the Tent Partnership for Refugees, which was founded in 2016 by Hamdi Ulukaya, CEO of Chobani. The announcement comes at a time when the U.S. government expects to welcome more Ukrainian refugees as the war with Russia continues, with several thousand who fled from the Taliban in Afghanistan already in the country.
Amazon said it would hire 5,000 refugees in the next three years, the largest commitment among the 45 companies that pledged. PepsiCo and Pfizer will each hire 500 refugees.
“Being displaced from your homeland and having to start again somewhere is never easy,” Janet Saura, vice president of employee relations, WW Amazon Stores and Corporate, said. “Which is why we are committed to helping where we can, by providing refugees and other displaced people with access to meaningful employment.”
LinkedIn and Coursera pledged to work with refugee support agencies to offer training and networking for 6,000 and 7,500 refugees, respectively, so that they can find jobs in the U.S.
In 2021, Uber, Mastercard and Facebook made commitments to hire 95,000 Afghan refugees. That plan initially faced some hurdles, including the uncertain status of the Afghan people airlifted to U.S. bases around the world and a government bureaucracy gutted by the Trump administration’s anti-immigration policies.
Although significant, the commitments pale in comparison to the number of refugees already in the U.S., with more set to arrive. Nearly 90,000 Afghans have been resettled in the U.S., and in July, the Department of Homeland Security said 100,000 Ukrainians had been admitted in the country in the five months since the invasion and war with Russia began.
Correction: An earlier version of this story misstated the month in which DHS said 100,000 Ukrainians had been admitted. This story was updated on Sept. 20, 2022.
The Department of the Treasury issued a request for comment Monday on Biden’s March executive order on cryptocurrency, creating a formal process around an issue that has already generated significant discussion. The Treasury is accepting comments through Nov. 3.
The order specifically directs the Treasury, along with other applicable agencies, to assure that laws and regulations prevent national security and financial risks. The Treasury is to use law enforcement and other measures to compel crypto entities to comply with anti-money laundering and counter the financing of terrorism best practices. Now, it’s requesting comment on how the agency alone and through private-public partnerships can best mitigate risks.
Though commenters can provide input as they see fit, the Treasury listed specific questions it would like addressed in the report. Most important for DeFi include questions about what risks are attached to peer-to-peer payments, how to maximize public-private information sharing for the purposes of monitoring illicit activity and how financial institutions offering cryptocurrencies can better integrate know-your-customer controls.
The agency also asked what “additional steps” it should take in order to prevent the use of digital assets by criminals. The Treasury is currently being sued by six plaintiffs, supported by Coinbase, over sanctions against cryptocurrency trader Tornado Cash. Tornado Cash was sanctioned because, according to the Treasury, it had been used to launder over $7 billion.
Now, the agency appears to be inviting comment on the move, though the phrasing implies that the agency is more interested in adding restrictions than removing sanctions. The agency also asked for “specific areas” where it can provide further clarity on AML/CFT and sanctions obligations, and how it should address “mixers and other anonymity-enhancing technologies.”
But for businesses everywhere, the attack should serve as yet another reminder that certain security controls that we once thought were a panacea are no such thing.
Specifically, multifactor authentication. This security control, which requires a second form of verification for a user to log into a corporate network, is considered essential for keeping the hackers out. But lately, hackers have been finding clever ways to beat it.
In the Uber breach, the method employed by the hacker appears to be what's known as an "MFA fatigue" attack: The attacker (posing as someone from IT) sends repeated login notifications to an employee until the employee approves it. Basically, the attacker wears the employee down. But once approved, the attacker is in.
"We thought MFA was always the silver bullet," said Bryan Murphy, senior director for consulting services and incident response at identity security vendor CyberArk.
In the past, "the conversation was always 'MFA everything,'" Murphy said. "Now we're starting to see that attackers are finding ways around it."
Another recent high-profile breach, the attack on Twilio, was a different version of the same story.
According to a blog from Cloudflare, which experienced a similar attack to Twilio, the attackers who targeted Twilio most likely tricked employees into giving them the one-time password that was used as the second factor for verification. That's because the employees were actually entering the code into a fake site maintained by the attackers, allowing the attackers to intercept the code and bypass the MFA protections.
Notably, there is one form of MFA that is still considered "unphishable." Hardware security keys that comply with the latest authentication standard, known as FIDO2, serve as a second factor that can't be thwarted because they require the user to physically touch the key. Cloudflare, which provides its employees with YubiKey hardware keys, said the attackers were unable to get around its use of MFA through the use of the keys, preventing the company from getting breached.
Uber said Monday that it doesn't appear the attackers, which it claimed were operating as part of the Lapsus$ group, were able to access any personal customer data or make any changes to its source code.
This story was updated with Uber's blog post on some of the details behind the breach.
In 2020, employees from Facebook and Twitter contacted the Pentagon with concerns about fake accounts they suspected had ties to the U.S. military, according to a Washington Post report. One Facebook executive even reached out to the Pentagon’s head of influence operations policy, Christopher C. Miller. The executive warned Miller that foreign adversaries could likely suss out the origin of these accounts, given that Facebook could, too.
Altogether, Facebook and Twitter ended up taking down around 150 fake profiles and media sites suspected of being created by the U.S. military as part of psychological operations, known as psy-ops. It’s a tactic the U.S. has frequently accused Russia of employing, as with the Russian disinformation issue that surrounded the 2020 elections.
The Biden administration seems intent to rein in or at least account for the scope of such operations. Last week, the undersecretary of defense for policy, Colin Kahl, ordered a full report of the military’s online influence operations for White House review by October, The Post reported. The Biden administration has also reportedly asked the Pentagon to provide more information on its policies for conducting online influence campaigns, concerned that their use could erode U.S. credibility.
One problem: Congress green-lit this activity in 2019 when it passed Section 1631, which gave the military permission to conduct and defend against online information operations, so long as it didn’t infringe on the CIA’s covert authority. Of note, Section 1631 also exempted those activities from the typical oversight system.
We have a better sense of the nature of pro-Western online influence operations thanks to an August 2022 report from Graphika and the Stanford Internet Observatory. The report found that suspicious pro-Western accounts on Twitter and Meta “created fake personas with GAN-generated faces, posed as independent media outlets, leveraged memes and short-form videos, attempted to start hashtag campaigns, and launched online petitions.” Their efforts didn’t seem to go all that well, as the majority of posts received “no more than a handful of likes or retweets.” The studied activity spanned eight social platforms and went back as far as March 2012.
The campaigns promoted U.S. talking points, often taking aim at strategic geopolitical regions such as Central Asia and Iran. Favored topics included “U.S. diplomatic and humanitarian efforts in the region, Russia’s alleged malign influence, Russian military interventions in the Middle East and Africa, and Chinese ‘imperialism’ and treatment of Muslim minorities,” according to the researchers. In some cases the accounts posted content from U.S.-backed media outlets such as Radio Free Europe.
The acknowledgement of suspected U.S.-led online influence operations could diminish U.S. authority to speak out against similar campaigns conducted by China and Russia. Direct communications between U.S. social media platforms and the Pentagon could also be used to further justify government oversight of social media in places like India, Nigeria and Indonesia.
A federal appeals court has once again backed a Texas law that would fundamentally remake social media by forcing companies such as Meta and Twitter to carry most content, including hate speech.
In a ruling released Friday, a three-judge panel on the Fifth Circuit vacated a trial court's preliminary injunction, which had paused the measure during a lawsuit over its constitutionality. The vast majority of scholars and civil liberties advocates say that, in telling a private company what content it must allow, the state's law violates both free speech protections and decades' worth of legal precedent.
The judges argued in their Friday ruling, however, that Texas law regulated the platforms' conduct, not their views. The decision also asserts that Twitter is a "monopolist," and argued social media firms are more like phone companies, which must allow all customers.
Earlier in the year, the same appeals court, after a hearing in which the judges revealed a poor grasp of technology, overruled the trial court and let the law go into effect. The Fifth Circuit is known as the most conservative circuit court in the U.S. Soon after that decision, however, the Supreme Court ruled that the appeals court's decision to let the law go into effect was inappropriate — albeit by a narrower margin than tech advocates were hoping to see — and put a pause on enforcement, pending the outcome of the appeal.
Many tech companies and proponents of free speech had expected the appeals court's ruling, which technically focused on the appropriateness of the trial court's initial injunction. The trial court can still find that the law is unconstitutional, but the tech trade groups that had sued to stop the law are likely to appeal to the full Fifth Circuit, or again to the Supreme Court.
In either case, the ongoing litigation will almost certainly set up a lengthy court battle that could prompt the high court to weigh in on the legal status quo underlying content on the internet.
This story was updated Sept. 16 with additional details.
Call it a reconnaissance mission to Europe’s future Silicon Steppe.
Eric Schmidt, Alphabet’s technical adviser and former Google CEO, just returned from a personal mission to Ukraine where he scoped out its military tech operation and met with the country’s minister of defense. A tireless advocate and funder of emerging tech for defense and national security uses, Schmidt sees the war in Ukraine as a launch pad for fast-moving tech implementation.
“For me, the war answers a central question: what can technology people do to help their government, and the answer is a lot,” Schmidt wrote in a dispatch of what he called “the first networked war.”
Schmidt’s case in point: Elon Musk’s contributions of Starlink internet terminals from SpaceX to Ukraine.
\u201cTogether with the Minister of Defense of Ukraine @oleksiireznikov held a meeting with the former executive director and chairman of the board of Google, ex-executive chairman and technical advisor of Alphabet @ericschmidt.\u201d— Andriy Yermak (@Andriy Yermak) 1662904848
Schmidt praised Musk from the stage at an event underway on Friday, held by the Special Competitive Studies Project, a group Schmidt created to carry on the work of the National Security Commission on AI, a now-defunct government commission.
“Elon [is] a real hero in the story," Schmidt said. "They got a whole bunch of Starlinks, which allowed them to avoid the attacks that Russia had done on the internet.”
“Today, there are about 20,000 Starlinks. I was on a train — brand new, built in May, in Ukraine — where as a passenger on the train, I had 200 megabits coming down. Imagine if that were true on Amtrak, right?” Schmidt continued.
Starlinks may be just the beginning. As Schmidt and others watch Ukraine for clues about how AI and other emerging tech can be used in a military setting, he expects the country to be a force for tech in general.
“The reason this is important is the war will end,” Schmidt said. "And at that point, Ukraine is going to have one heck of a tech industry. Because it's war-hardened, smart. They understand how this stuff works. I was really impressed.”
We're living in the midst of a carbon capture boom.
A new PitchBook data analysis released on Friday shows a record amount of venture capital investment poured into post-combustion carbon capture companies and startups in this year's second quarter. VCs invested a stunning $882.2 million across 11 deals, which easily set a record for the sector. For context, total investment in the sector for the previous four quarters combined totaled $432.1 million.
Post-combustion capture involves removing carbon dioxide after it's been released. That includes point source capture — that is, removing carbon dioxide at the smokestack or wherever its emitted — or direct air capture, which involves removing carbon from the ambient air. The advantage both forms have over other forms of carbon capture is that they "can readily integrate with (and capture carbon from) existing infrastructure," according to analysis from PitchBook's senior analyst for emerging technology John MacDonagh.
Clearly, climate tech investors are taking note. The biggest contributors to the major jump in investment were two big deals: Climeworks' $634.4 million series F round and Carbon Clean's $150 million series C raise, the former being the largest-ever investment in direct air capture technology. Carbon Clean also said its funding round was the largest ever for a point source carbon capture company.
Carbon removal has an essential role to play in a net zero world, though how much it's needed depends on how fast we cut emissions starting now and into the coming decades. Industries like aviation, which rely heavily on fossil fuels and for which renewable energy alternatives are currently hard or impossible to procure, are part of the reason direct air capture has picked up steam.
Point source carbon capture will also be crucial for industries like cement, which is responsible for 8% of global carbon emissions. Wiping them out from the manufacturing process will be extremely challenging, making carbon capture a near necessity for the industry.
While there are a growing number of companies looking to pull carbon from the sky or smokestacks that are attractive to VCs, regulations and policies are also lining up to make them a particularly enticing investment. Changes to the 45Q tax credit as part of the Inflation Reduction Act, in particular, have made capturing carbon more appealing. The IRA bumped the value of carbon captured and used to pull more oil from the ground — a process of dubious climate benefit — from $35 per ton to $60 per ton. And it increased the tax credit for a ton of carbon gathered by direct air capture from $50 to as high as $180.
The changes to the tax credit also lowered the project eligibility threshold, making it easier for smaller startups to qualify. That's big "considering the relative immaturity of the DAC space," MacDonagh wrote, and it could help more startups gain a toehold and grow.
Beyond venture capital funding, major tech companies have offered up hundreds of millions in advance commitments to buy carbon removal services. That includes Frontier — Stripe, Alphabet and Meta are among its members — which committed to spending $925 million on carbon removal over the course of this decade. (The group made its first purchases this summer.)
While money is pouring into the space, the technologies remain unproven at scale. And while regulations that could spur the growth of carbon capture and removal are in place, oversight is still relatively sparse. Parts of the carbon removal community are working on frameworks to ensure the technology does no harm, but a huge gap remains and any commitments would be voluntary at best.
There are also real concerns that the promise of carbon removal working at some point down the road could slow emissions cuts in the near term. This despite the fact that a ton of carbon not emitted today doesn't need to be removed tomorrow. Oil companies are investing heavily in carbon capture, which could give fossil fuels a lifeline or serve as greenwashing window dressing. (Carbon Clean's series C investment round was led by Chevron.)
Ultimately, VC investments are one piece of the puzzle in bringing the industry to maturity and ensuring that it's used in a judicious and fair manner.
Update: This story was changed to reflect updated information on the amount of Carbon Clean's series C funding round. This story was updated Sept. 20, 2022.
The Biden administration offered a deeper look into its crypto game plan Friday, unveiling a strategy that focuses more closely on the risks posed by the controversial industry. It released nine reports that came in response to the president’s crypto executive order issued in March.
The Biden order was praised by the crypto industry for stressing the need for the U.S. to play a leading role in the growth of crypto and blockchain technologies, while protecting consumers, investors and the financial system.
A fact sheet on the reports released by the White House underscores the Biden administration’s concern about the risks posed by the fast-growing crypto sector. The reports, prepared by federal agencies led by the Treasury, Justice and Commerce departments, stressed the importance of law enforcement and strengthening the country’s financial and monetary systems:
- The Biden administration wants the SEC and the CFTC to “aggressively pursue investigations and enforcement actions against unlawful practices in the digital assets space.” It also calls on the CFPB and the FTC to “redouble their efforts to monitor consumer complaints and to enforce against unfair, deceptive, or abusive practices.”
- The administration said it will encourage the adoption of “instant payments systems,” such as the government’s FedNow system scheduled for a rollout as soon as next spring. President Biden will also consider proposals for “a federal framework to regulate non-bank payment providers.”
- President Biden will “evaluate” whether to ask Congress to expand the scope of the “Bank Secrecy Act, anti-tip-off statutes, and laws against unlicensed money transmitting” to also cover digital asset service providers, “including digital asset exchanges and NFT platforms.”
The Federal Trade Commission on Thursday signaled rising concern with manipulative digital interfaces, including subscriptions that auto-renew without disclosure, countdown clocks that falsely suggest deals will go away if customers don't buy quickly and the steering of consumers toward privacy options that give "away the most personal information."
As part of its open meetings series, the FTC voted unanimously to make public a staff report on the concerns, which includes examples of what are often called dark patterns. While multiple commissioners said that some practices in the report might not violate the law, and the two Republicans on the FTC suggested they'd be uncomfortable with enforcement seeking to rein in certain practices cited, such research often signals the direction of future cases or rule-making. Democrats also hold the majority on the commission.
A 2021 FTC report on repair restrictions, for instance, was followed two months later by a formal statement on prioritizing the issue, which itself set the stage for several tech companies to open up repair options to some device owners. The dark patterns report also cited several past cases that included similar conduct. And two Democratic commissioners, Rebecca Kelly Slaughter and Alvaro Bedoya, urged the public to send comments to the FTC as part of a separate agency effort examining the possibility of privacy rules on dark patterns that extend how long children and teens spend online.
Dark patterns are pervasive online, and more FTC interest in them could result in probes or action against an array of companies, including Amazon. The ecommerce giant's process for canceling Prime has come under criticism from consumer groups as being full of nudges and design features that make it difficult to complete, and it's under investigation by the FTC.
In addition, on Thursday the three Democratic commissioners voted to issue a policy statement about the gig economy, making clear the FTC would prioritize actions to rein in deceptive "claims to prospective gig workers about potential earnings" and costs. The statement also said there would be increased scrutiny of wage-fixing and the use of "artificial intelligence or other advanced technologies to govern workers’ pay, performance, and work assignments" if the "automated boss" was breaking promises.
As part of the open meeting, which allows for public comment, the FTC also heard from at least two DoorDash drivers who praised gig work and urged the commissioners not to come down too hard on the industry. In addition, commissioners referred again to Amazon, specifically its $62 million settlement over withholding tips from Flex drivers.
The FTC, which is led by longtime Amazon critic Lina Khan, has long been on a collision course with the company, with a years-long probe of the retailer's competitive practices still ongoing. Amazon has also gone on a buying spree that has attracted the attention of the FTC, which helps oversee merger law.
During the meeting, the commissioners also agreed unanimously to propose a rule that would make it easier to tackle fraudsters who impersonate representatives of legitimate businesses or government agencies.
ByteDance VR subsidiary Pico is getting ready to unveil its new headset next week: The company is holding an online event on Sept. 22, it revealed on social media Thursday. "We can’t wait to show you what we have in store for you," Pico teased in a posting on LinkedIn that promised a "new product announcement" and featured the silhouette of a VR headset.
The company didn't share anything else about the upcoming device, but a number of additional details have leaked over the past few weeks. The device, which may be branded either Pico 4 or Pico Phoenix, will come in two configurations, with a Pro version offering face- and eye-tracking functionality. It will run Android Q and is being powered by a Qualcomm processor, according to an FCC filing first reported by Protocol.
Pico's headset will also be equipped with an inside-out RGB camera that will be used for color video pass-through for mixed reality experiences. That's similar to Meta's upcoming Project Cambria headset, which will be officially unveiled in October. The new Pico headset will be smaller than the company's current Neo 3 device, and will feature a higher-resolution display and clearer optics. It will also have automatic hardware IPD adjustment to adapt to a person’s pupillary distance for a “more accurate and comfortable vision experience,” according to a submission to the Bluetooth SIG that was first reported by Protocol.
ByteDance is clearly positioning the Pico 4 as a competitor to Meta's VR hardware and has made efforts in recent months to reposition Pico from a company primarily focused on enterprise VR to a mass-market consumer hardware maker. This has included striking content deals and building out an internal studio organization focused on VR games and experiences.
Adobe is buying Figma. After Bloomberg reported the deal Thursday morning, both companies released announcements confirming the news. "With access to @Adobe's deep expertise and technology, we believe @Figma will be able to achieve our vision of 'making design accessible to all' even faster," Figma CEO Dylan Field tweeted.
According to Figma's announcement, the deal has been in the works for several months. Bloomberg reported the deal may be for more than $15 billion. Figma's goal is to use Adobe's resources to "to make design and developer tools more collaborative and accessible." Adobe pointed to Figma's early bet on browser-based collaboration and its ability to bring Adobe's design tools into the future. "The productivity tools of the future will be web-based, multi-player, and infused with a new generation of capabilities," Adobe chief business officer David Wadhwani wrote in his announcement.
Figma has been steadily eating away at Adobe's user base since its inception in 2012. Even Microsoft, a loyal Adobe customer for decades, couldn't keep employees away from Figma. Figma became the most popular tool across the tech design community and jumped into more general collaboration with whiteboard FigJam in 2021. Meanwhile, Adobe has faced dropping shares and grave concerns from investors on its ability to grow with upstarts like Figma and Canva in the mix. The old tech giants are showing their age — perhaps Adobe realized it was time for some new blood.
TikTok made a rare appearance before Congress on Wednesday afternoon. Specifically, TikTok COO Vanessa Pappas testified on a panel alongside high-ranking executives from YouTube, Meta and Twitter. The group appeared before the Senate Homeland Security and Governmental Affairs Committee to answer questions about how their respective platforms could be used to promote extremism and civil unrest.
In her opening remarks, Pappas assured the committee that TikTok had adequate data security measures in place to protect U.S. users. Even then, Pappas noted that some China-based employees could access U.S. user data “subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our U.S.-based security team.”
Pappas was repeatedly asked about the BuzzFeed report that found engineers in China had access to nonpublic U.S. user data. She called the reports “not found” and specifically denied the claim that a master administrator account gave at least one Beijing engineer access to virtually all platform data.
In a heated exchange with Sen. Josh Hawley, Pappas also denied ever sharing data with the Chinese government or the Chinese Communist Party. The two then engaged in a long back-and-forth over whether any ByteDance employees held CCP affiliations.
“We have thousands of people that work at the company, so I’m not going to vouch on the political affiliation of any particular individual,” Pappas said of China-based employees with potential CCP ties.
“You have no way to assure me that they don’t have access to our citizens’ data, and you won’t answer my question in a straightforward way about whether a CCP member has ever gained access,” Hawley retorted.
This exchange is indicative of the kind of charges Pappas and TikTok faced throughout the hearing. Even to kick things off, Sen. Rob Portman expressed concerns over TikTok operating in the U.S. since “Chinese law requires all companies operating under its jurisdiction to in essence allow the CCP to access every piece of data collected.”
The focus on TikTok made for a quiet outing for the other tech executives — at least relative to hearings of years past.
Meta, in particular, was able to escape the usual scrutiny it has faced in D.C. appearances. Chief product officer Chris Cox said Meta’s ranking goal is simply to “help people see what they find most valuable,” denying that the company tries to keep users on the platform for a specific length of time.
For Meta, the time away from the spotlight isn’t all good. Of course, there’s an obvious benefit to not being the prime target, and TikTok’s ties to China finally gave Congress bigger fish to fry. But the change in spotlight isn’t just about China — Congress is also paying more attention to TikTok because it’s passing Meta as the most influential social platform in the U.S.Instagram users reportedly spend one-tenth the amount of time on Reels compared to the time TikTok users spend on the platform, The Wall Street Journal reported earlier this week based on internal Meta documents. Meta denied the accuracy of the report. Regardless, one need not look further than Instagram’s recent redesign to know the future of social looks a lot more like TikTok. So while Meta executives may have enjoyed the time away from the spotlight on Wednesday, perhaps they’ll eventually come to reminisce about those Senate grilling sessions.
California Attorney General Rob Bonta has sued Amazon, alleging the company prevents price competition by punishing merchants and third-party sellers when they offer lower prices anywhere aside from Amazon's website, including with competitors such as Best Buy and Walmart.
The suit, following in the footsteps of similar investigations in the U.S. and internationally, alleges that customers pay artificially high prices because Amazon is creating a restraint against natural market competition on cost. The suit also claims that Amazon gains an unfair market advantage because no other commerce site can compete on price, making Amazon a one-stop shop for consumers and further cementing the company's market dominance.
The press release announcing the suit claimed sellers would like to offer lower prices on other sites, because those sites charge lower listing fees and often vendors pass along fee savings to the consumer when they can afford to do so. But Amazon uses its market dominance to enforce rules that make doing so impossible, the suit claims, even though Amazon's fees are allegedly higher than competitors'.
"Merchants that do not comply face sanctions such as less prominent listings and even the possibility of termination or suspension of their ability to sell on Amazon," the AG's office wrote in the press release.
The suit follows a similar complaint from Washington, D.C., in May 2021. A court dismissed that claim in March 2022, although the district's attorney general is appealing the decision. Bonta sued under California's unfair competition law and another state statute that may give the state more leeway. The Federal Trade Commission, currently helmed by a longtime Amazon critic, is also investigating the company and is expected to a file a competition lawsuit, and European authorities are seeking a settlement that would assuage concerns about the company's competition against outside merchants on the platform.
"Sellers set their own prices for the products they offer in our store. Amazon takes pride in the fact that we offer low prices across the broadest selection, and like any store we reserve the right not to highlight offers to customers that are not priced competitively. The relief the AG seeks would force Amazon to feature higher prices to customers, oddly going against core objectives of antitrust law," an Amazon spokesperson wrote in a comment to Protocol.
Ben Brody contributed additional reporting. The story was updated at 4:57 p.m. to add comment from Amazon.