Apple plans thinner, high-end MacBook Air

A revamped MacBook Air will reportedly feature next-generation Apple Silicon, and a MagSafe charger, plus become both thinner and lighter.

Following previous claims that the MacBook Air will be revamped in 2022 with a mini LED screen, a new report says it will may be released sooner — and will feature a more substantial redesign. Alongside potential changes to the display, it’s said that Apple will cut both the weight and size of its current lightest notebook.

According to Bloomberg, the new MacBook Air will not replace the current one, but rather fit into the lineup as a higher-end option.

It is expected to feature the next generation of Apple Silicon, and to be released in 2022. However, the publication claims that it is also possible that it will come out in the second half of 2021.

Reportedly, Apple has looked at reducing the size of the MacBook Air by retaining the current 13-inch display size yet reducing the bezels around it. It has also evaluated producing a 15-inch version, though the unnamed sources claim that Apple has decided against that for this version.

Bloomberg‘s report does not mention mini LED, but does follow a Ming Chi-Kuo prediction that Apple will reintroduce MagSafe to the Mac. Kuo only specified that it would be in the MacBook Pro models, however.

Apple shifts more production from iPhone 12 mini, to iPhone 12 Pro

Industry reports say that Pegatron is seeing reduced orders for the iPhone 12 mini, while Apple has charged Foxconn with making more of the iPhone 12 Pro series.

Despite recently expanding its manufacturing capacity, Pegatron was already facing a slowdown in orders from Apple over its alleged student labor violations. Now it has also seen a reduction in orders, with Apple reportedly requiring fewer of the iPhone 12 mini.

According to Digitimes, Pegatron has seen a slowdown in orders for the smallest iPhone, blamed on the coronavirus affecting demand in the US and Europe.

Digitimes has a poor track record in projecting Apple’s plans, but a far greater one over its sources within the industry. These latest reports appear to corroborate recent analysis by Morgan Stanley’s Katy Huberty.

Privacy complaint targets European parliament’s COVID-19 test-booking site

The European Parliament is being investigated by the EU’s lead data regulator over a complaint that a website it set up for MEPs to book coronavirus tests may have violated data protection laws.

The complaint, which has been filed by six MEPs and is being supported by the privacy campaign group noyb, alleges third party trackers were dropped without proper consent and that cookie banners presented to visitors were confusing and deceptively designed.

It also alleges personal data was transferred to the US without a valid legal basis, making reference to a landmark legal ruling by Europe’s top court last summer (aka Schrems II).

The European Data Protection Supervisor (EDPS), which oversees EU institutions’ compliance with data rules, confirmed receipt of the complaint and said it has begun investigating.

It also said the “litigious cookies” had been disabled following the complaints, adding that the parliament told it no user data had in fact been transferred outside the EU.

“A complaint was indeed filed by some MEPs about the European Parliament’s coronavirus testing website; the EDPS has started investigating it in accordance with Article 57(1)(e) EUDPR (GDPR for EU institutions),” an EDPS spokesman told TechCrunch. “Following this complaint, the Data Protection Office of the European Parliament informed the EDPS that the litigious cookies were now disabled on the website and confirmed that no user data was sent to outside the European Union.”

“The EDPS is currently assessing this website to ensure compliance with EUDPR requirements. EDPS findings will be communicated to the controller and complainants in due course,” it added.

MEP, Alexandra Geese, of Germany’s Greens, filed an initial complaint with the EDPS on behalf of other parliamentarians.

Two of the MEPs that have joined the complaint and are making their names public are Patrick Breyer and Mikuláš Peksa — both members of the Pirate Party, in Germany and the Czech Republic respectively.

We’ve reached out to the European Parliament and the company it used to supply the testing website for comment.

The complaint is noteworthy for a couple of reasons. Firstly because the allegations of a failure to uphold regional data protection rules look pretty embarrassing for an EU institution. Data protection may also feel especially important for “politically exposed persons like Members and staff of the European Parliament”, as noyb puts it.

Back in 2019 the European Parliament was also sanctioned by the EDPS over use of US-based digital campaign company, NationBuilder, to process citizens’ voter data ahead of the spring elections — in the regulator’s first ever such enforcement of an EU institution.

So it’s not the first time the parliament has got in hot water over its attention to detail vis-a-vis third party data processors (the parliament’s COVID-19 test registration website is being provided by a German company called Ecolog Deutschland GmbH). Once may be an oversight, twice starts to look sloppy…

Secondly, the complaint could offer a relatively quick route for a referral to the EU’s top court, the CJEU, to further clarify interpretation of Schrems II — a ruling that has implications for thousands of businesses involved in transferring personal data out of the EU — should there be a follow-on challenge to a decision by the EDPS.

“The decisions of the EDPS can be directly challenged before the Court of Justice of the EU,” noyb notes in a press release. “This means that the appeal can be brought directly to the highest court of the EU, in charge of the uniform interpretation of EU law. This is especially interesting as noyb is working on multiple other cases raising similar issues before national DPAs.”

Guidance for businesses involved in transferring data out of the EU who are trying to understand how to (or often whether they can) be compliant with data protection law, post-Schrems II, is so far limited to what EU regulators have put out.

Further interpretation by the CJEU could bring more clarifying light — and, indeed, less wiggle room for processors wanting to keep schlepping Europeans’ data over the pond legally, depending on how the cookie crumbles (if you’ll pardon the pun).

noyb notes that the complaint asks the EDPS to prohibit transfers that violate EU law.

“Public authorities, and in particular the EU institutions, have to lead by example to comply with the law,” said Max Schrems, honorary chairman of noyb, in a statement. “This is also true when it comes to transfers of data outside of the EU. By using US providers, the European Parliament enabled the NSA to access data of its staff and its members.”

Per the complaint, concerns about third party trackers and data transfers were initially raised to the parliament last October — after an MEP used a tracker scanning tool to analyze the COVID-19 test booking website and found a total of 150 third-party requests and a cookie were placed on her browser.

Specifically, the EcoCare COVID-19 testing registration website was found to drop a cookie from the US-based company Stripe, as well as including many more third-party requests from Google and Stripe.

The complaint also notes that a data protection notice on the site informed users that data on their usage generated by the use of Google Analytics is “transmitted to and stored on a Google server in the US”.

Where consent was concerned, the site was found to serve users with two different conflicting data protection notices — with one containing a (presumably copypasted) reference to Brussels Airport.

Different consent flows were also presented, depending on the user’s region, with some visitors being offered no clear opt out button. The cookie notices were also found to contain a ‘dark pattern’ nudge toward a bright green button for ‘accepting all’ processing, as well as confusing wording for unclear alternatives.

A screengrab of the cookie consent prompt that the parliament’s COVID-19 test booking website displayed at the time of writing – with still no clearly apparent opt-out for non-essential cookies (Image credit: TechCrunch)

The EU has stringent requirements for (legally) gathering consents for (non-essential) cookies and other third party tracking technologies which states that consent must be clearly informed, specific and freely given.

In 2019, Europe’s top court further confirmed that consent must be obtained prior to dropping non-essential trackers. (Health-related data also generally carries a higher consent-bar to process legally in the EU, although in this case the personal information relates to appointment registrations rather than special category medical data).

The complaints allege that EU cookie consent requirements are not being met on the website.

While the presence of requests for US-based services (and the reference to storing data in the US) is a legal problem in light of the Schrems II judgement.

The US no longer enjoys legally frictionless flows of personal data out of the EU after the CJEU torpedoed the adequacy arrangement the Commission had granted (invalidating the EU-US Privacy Shield mechanism) — which in turn means transfers of data on EU peoples to US-based companies are complicated.

Data controllers are responsible for assessing each such proposed transfer, on a case by case basis. A data transfer mechanism called Standard Contractual Clauses was not invalidated by the CJEU. But the court made it clear SCCs can only be used for transfers to third countries where data protection is essentially equivalent to the legal regime offered in the EU — doing so at the same time as saying the US does not meet that standard.

Guidance from the European Data Protection Board in the wake of the ruling suggests that some EU-US data transfers may be possible to carry in compliance with European law. Such as those that involve encrypted data with no access by the receiving US-based entity.

However the bar for compliance varies depending on the specific context and case.

Additionally, for a subset of companies that are definitely subject to US surveillance law (such as Google) the compliance bar may be impossibly high — as surveillance law is the main legal sticking point for EU-US transfers.

So, once again, it’s not a good look for the parliament website to have had a notice on its COVID-19 testing website that said personal data would be transferred to a Google’s server in the US. (Even if that functionality had not been activated, as seems to have been claimed.)

Another reason the complaint against the European Parliament is noteworthy is that it further highlights how much web infrastructure in use within Europe could be risking legal sanction for failing to comply with regional data protection rules. If the European Parliament can’t get it right, who is?

noyb filed a raft of complaints against EU websites last year which it had identified still sending data to the US via Google Analytics and/or Facebook Connect integrations a short while after the Schrems II ruling. (Those complaints are being looked into by DPAs across the EU.)

Facebook’s EU data transfers are also very much on the hook here. Earlier this month the tech giant’s lead EU data regulator agreed to ‘swiftly resolve’ a long-standing complaint over its transfers.

Schrems filed that complaint all the way back in 2013. He told us he expects the case to be resolved this year, likely within around six to nine months. So a final decision should come in 2021.

He has previously suggested the only way for Facebook to fix the data transfers issue is to federate its service, storing European users’ data locally. While last year the tech giant was forced to deny it would shut its service in Europe if its lead EU regulator followed through on enforcing a preliminary order to suspend transfers (which it blocked by applying for a judicial review of the Irish DPC’s processes).

The alternative outcome Facebook has been lobbying for is some kind of a political resolution to the legal uncertainty clouding EU-US data transfers. However the European Commission has warned there’s no quick fix — and reform of US surveillance law is needed.

So with options for continued icing of EU data protection enforcement against US tech giants melting fast in the face of bar-setting CJEU rulings and ongoing strategic litigation like this latest noyb-supported complaint pressure is only going to keep building for pro-privacy reform of US surveillance law. Not that Facebook has openly come out in support of reforming FISA yet.

Didi to subsidize trips for vaccinations with $10M fund

As countries around the world prepare to vaccinate people against the coronavirus, tech companies are rushing to demonstrate their willingness to help fight the deadly virus. China’s ride-hailing leader Didi Chuxing is pledging a $10 million fund to support COVID-19 vaccination efforts in 13 markets outside its home country China, the company said on Friday.

The multi-purpose fund will be used to reduce fees for passengers going to vaccination appointments and frontline healthcare workers traveling to vaccination locations. It will also sponsor future measures based on a market’s local needs, Didi said, adding that it will continue working with the respective governments. It’s unclear how the company plans to allocate the funds across the dozens of markets.

Like other tech firms, Didi has responded swiftly to the COVID-19 outbreak by offering relief measures. It said it has so far funded more than six million free or discounted rides and meals for frontline healthcare workers and distributed more than six million masks and sanitation kits to driver and courier partners in its international markets.

In China, the ride hailing company has made similar efforts, including financial assistance like insurance plans for drivers with confirmed cases or those undergoing quarantine.

“The vaccination support initiative is a crucial step in our local recovery effort across the world,” said Jean Liu, president of Didi.

“The incredible commitment and agility of Didi teams, together with a safety system built for complex mobility scenarios, play a critical role in protecting our people and ensuring essential services throughout these challenging times. We will continue to stand by our partners and communities to get our cities moving again.”

The SoftBank-backed company took a hit when it temporarily suspended its popular and lucrative carpooling service following two passenger incidents. The startup remains one of China’s most valuable private tech companies and rumors have swirled for a few years that it is planning an initial public offering, which the company has denied.

Didi has garnered over 550 million users across the Asia Pacific, Latin
America and Russia by offering taxi hailing, private car hailing, rideshare, buses, bikes and e-bikes, and it enables over 10 billion passenger trips a year as of late. It has a nascent autonomous driving arm backed by SoftBank and is among a group of Chinese upstart AI companies aggressively developing and testing autonomous vehicles. It’s also working with China’s electric carmaking giant BYD to co-design a model tailored for ride-hailing.

China’s draft payments rules put Ant, Tencent on notice

A string of recent events in China’s payments industry suggests the duopoly comprising Ant Group and Tencent may be getting a shakeup.

Following the abrupt call-off of Ant’s public sale and a government directive to reform the firm’s business, the Chinese authorities sent another message this week signaling its plan to curb concentration in the flourishing digital payments industry.

The set of draft rules, designed to regulate non-bank payments and released by the People’s Bank of China (PBOC) this week, said any non-bank payments processor with over one-third of the non-bank payments market or two companies with a combined half of the market could be subject to regulatory warnings from the anti-monopoly authority under the State Council.

Meanwhile, a single non-bank payments provider with over one half of the digital payments market or two companies with a combined two-thirds of the market could be investigated for whether they constitute a monopoly.

The difference between the two rules is nuanced here, with the second stipulation focusing on digital payments as opposed to non-bank payments in the first.

Furthermore, the rules did not specify how authorities measure an organization’s market share, say, whether the judgment is based on an entity’s total transaction value, its transaction volume, or other metrics.

Alipay processed over half of China’s third-party payments transactions in the first quarter of 2020, according to market researcher iResearch, while Tencent handled nearly 40% of the payments in the same period.

As China heightens scrutiny over its payments giants, it’s also opening up the financial market to international players. In December, Goldman Sachs moved to take full ownership of its Chinese joint venture. This month, PayPal became the first foreign company with 100% control of a payments business in China after it bought out the remaining stake in its local payments partner Guofubao.

Industry experts told TechCrunch that PayPal won’t likely go after the domestic payments giants but may instead explore opportunities in cross-border payments, a market with established players like XTransfer, which was founded by a team of Ant veterans.

Ant and Tencent also face competition from other Chinese internet firms. Companies ranging from food delivery platform Meituan, e-commerce platforms Pinduoduo and JD.com, to TikTok’s parent firm ByteDance have introduced their own e-wallets, though none of them have posed an imminent threat to Alipay or WeChat Pay.

The comprehensive proposal from PBOC also defines how payments processors handle customer data. Non-bank payments services are to store certain user information and transaction history and cooperate with relevant authorities on data checks. Companies are also required to obtain user consent and make clear to customers how their data are collected and used, a rule that reflects China’s broader effort to clamp down on unscrupulous data collection.

JustKitchen is using cloud kitchens to create the next generation of restaurant franchising

JustKitchen operates cloud kitchens, but the company goes beyond providing cooking facilities for delivery meals. Instead, it sees food as a content play, with recipes and branding instead of music or shows as the content, and wants to create the next iteration of food franchises. JustKitchen currently operates its “hub and spoke” model in Taiwan, with plans to expand four other Asian markets, including Hong Kong and Singapore, and the United States this year.

Launched last year, JustKitchen currently offers 14 brands in Taiwan, including Smith & Wollensky and TGI Fridays. Ingredients are first prepped in a “hub” kitchen, before being sent to smaller “spokes” for final assembly and pickup by delivery partners, including Uber Eats and FoodPanda. To reduce operational costs, spokes are spread throughout cities for quicker deliveries and the brands each prepares is based on what is ordered most frequently in the area.

In addition to licensing deals, JustKitchen also develops its own brands and performs research and development for its partners. To enable that, chief operating officer Kenneth Wu told TechCrunch that JustKitchen is moving to a more decentralized model, which means its hub kitchens will be used primarily for R&D, and production at some of its spoke kitchens will be outsourced to other food vendors and manufacturers. The company’s long-term plan is to license spoke operation to franchisees, while providing order management software and content (i.e. recipes, packaging and branding) to maintain consistent quality.

Demand for meal and grocery deliveries increased dramatically during the COVID-19 pandemic. In the United States, this means food deliveries made up about 13% of the restaurant market in 2020, compared to the 9% forecast before the pandemic, according to research firm Statista, and may rise to 21% by 2025.

But on-demand food delivery businesses are notoriously expensive to operate, with low margins despite markups and fees. By centralizing food preparation and pickup, cloud kitchens (also called ghost kitchens or dark kitchens) are supposed to increase profitability while ensuring standardized quality. Not surprisingly, companies in the space have received significant attention, including former Uber chief executive officer Travis Kalanick’s CloudKitchens, Kitchen United and REEF, which recently raised $1 billion led by SoftBank.

Wu, whose food delivery startup Milk and Eggs was acquired by GrubHub in 2019, said one of the main ways JustKitchen differentiates is by focusing on operations and content in addition to kitchen infrastructure. Before partnering with restaurants and other brands, JustKitchen meets with them to design a menu specifically for takeout and delivery. Once a menu is launched, it is produced by JustKitchen instead of the brands, who are paid royalties. For restaurants that operate only one brick-and-mortar location, this gives them an opportunity to expand into multiple neighborhoods and cities (or countries, when JustKitchen begins its international expansion) simultaneously, a new take on the franchising model for the on-demand delivery era.

One of JustKitchen's delivery meals, with roast chicken and vegetables

One of JustKitchen’s delivery meals

Each spoke kitchen puts the final touches on meal before handing them to delivery partners. Spoke kitchens are smaller than hubs, closer to customers, and the goal is to have a high revenue to square footage ratio.

“The thesis in general is how do you get economies of scale or a large volume at the hub, or the central kitchen where you’re making it, and then send it out deep into the community from the spokes, where they can do a short last-mile delivery,” said Wu.

JustKitchen says it can cut industry standard delivery times by half, and that its restaurant partners have seen 40% month on month growth. It also makes it easier for delivery providers like Uber Eats to stack orders, which means having a driver pick up three or four orders at a time for separate addresses. This reduces costs, but is usually only possible at high-volume restaurants, like fast food chain locations. Since JustKitchen offers several brands in one spoke, this gives delivery platforms more opportunities to stack orders from different brands.

In addition to partnerships, JustKitchen also develops its own food brands, using data analytics from several sources to predict demand. The first source is its own platform, since customers can order directly from Just Kitchen. It also gets high-level data from delivery partners that lets them see food preferences and cart sizes in different regions, and uses general demographic data from governments and third-party providers with information about population density, age groups, average income and spending. This allows it to plan what brands to launch in different locations and during different times of the day, since JustKitchen offers breakfast, lunch and dinner.

JustKitchen is incorporated in Canada, but launched in Taiwan first because of its population density and food delivery’s popularity. Before the COVID-19 pandemic, food delivery penetration in the U.S. and Europe was below 20%, but in Taiwan, it was already around 30% to 40%, Wu said. The new demand for food delivery in the U.S. “is part of the new norm and we believe that is not going away,” he added. JustKitchen is preparing to launch in Seattle and several Californian cities, where it already has partners and kitchen infrastructure.

“Our goal is to focus on software and content, and give franchisees operations so they have a turnkey franchise to launch immediately,” said Wu. “We have the content and they can pick whatever they want. They have software to integrate, recipes and we do the food manufacturing and sourcing to control quality, and ultimately they will operate the single location.”

Apple TV+ original 'Servant' reportedly doubles audience with Season 2 premiere

The second season of M. Night Shyamalan’s “Servant” drew record numbers when it premiered on Apple TV+ last week, reportedly coming close to viewership enjoyed by standout hits “Defending Jacob” and “Ted Lasso.”

ServantCiting sources familiar with the matter, Deadline reports the Season 2 premiere of “Servant” more than doubled the show’s audience year over year. Further, Apple released only one episode on Jan. 15, as compared to the three it issued when the series launched last year.Increased domestic viewer numbers were bolstered by year-on-year audience growth in France, Mexico and Spain, the report said.

Read more…

Elon Musk is donating $100M to find the best carbon capture technology

Elon Musk said Thursday via a tweet that he will donate $100 million towards a prize for the best carbon capture technology.

Musk, who recently surpassed Amazon’s Jeff Bezos to become the world’s richest person, didn’t provide any more details except to add in an accompanying tweet the “details will come next week.” It’s unclear if this is a contribution to another organization that is putting together a prize such as the Xprize or if this is another Musk-led production.

The broad definition of carbon capture and storage is as the name implies. Waste carbon dioxide emitted at a refinery or factory is captured at the source and then stored in an aim to remove the potential harmful byproduct from the environment and mitigate climate change. It’s not a new pursuit and numerous companies have popped up over the past two decades with varying means of achieving the same end goal.

The high upfront cost to carbon capture and storage or sequestration (CCS) has been a primary hurdle for the technology. However, there are companies that have found promise in a carbon capture and utilization — a cousin to CCS in which the collected emissions are then converted to other more valuable uses.

For instance, LanzaTech has developed technology that captures waste gas emissions and uses bacteria to turn it into useable ethanol fuel. A bioreactor is used to convert into liquids captured and compressed waste emissions from a steel mill or factory or any other emissions-producing enterprises. The core technology of LanzaTech is a bacteria that likes to eat these dirty gas streams. As the bacteria eats the emissions it essentially ferments them and emits ethanol. The ethanol can then be turned into various products. LanzaTech is spinning off businesses that specialize in a different product. The company has created a spin-off called LanzaJet and is working on other possible product such as converting ethnaol to ethylene, which is used to make polyethylene for bottles and PEP for fibers used to make clothes.

Other examples include Climeworks and Carbon Engineering.

Climeworks, a Swiss startup, specializes in direct air capture. Direct air capture uses filters to grab carbon dioxide from the air. The emissions are then either stored or sold for other uses, including fertilizer or even to add bubbles found in soda-type drinks.  Carbon Engineering, is Canadian company that removes carbon dioxide from the atmosphere and processes it for use in enhanced oil recovery or even to create new synthetic fuels.