Productivity startup Time is Ltd raises $5.6M to be the ‘Google Analytics for company time’

Productivity analytics startup Time is Ltd wants to be the Google Analytics for company time. Or perhaps a sort of “Apple Screen Time” for companies. Whatever the case, the founders reckon that if you can map how time is spent in a company enormous productivity gains can be unlocked and, money better spent.
It’s now raised a $5.6 million late seed funding round led by Mike Chalfen, of London-based Chalfen Ventures, with participation from Illuminate Financial Management and existing investor Accel. Acequia Capital and former Seal Software chairman Paul Sallaberry are also contributing to the new round, as is former Seal board member Clark Golestani. Furthermore, Ulf Zetterberg, founder and former CEO of contract discovery and analytics company Seal Software, is joining as President and co-founder.
The venture is the latest from serial entrepreneur Jan Rezab, better known for founding SocialBakers, which was acquired last year.
We are all familiar with inefficient meetings, pestering notifications chat, video conferencing tools and the deluge of emails. Time is Ltd. says it plans to address this by acquiring insights and data platforms such as Microsoft 365, Google Workspace, Zoom, Webex, MS Teams, Slack, and more. The data and insights gathered would then help managers to understand and take a new approach to measure productivity, engagement, and collaboration, the startup says.
The startup says it has now gathered 400 indicators that companies can choose from. For example, a task set by The Wall Street Journal for Time is Ltd. found the average response time for Slack users vs. email was 16.3 minutes, comparing to emails which was 72 minutes.
Chalfen commented: “Measuring hybrid and distributed work patterns is critical for every business. Time Is Ltd.’s platform makes such measurement easily available and actionable for so many different types of organizations that I believe it could make work better for every business in the world.”
Rezab said: “The opportunity to analyze these kinds of collaboration and communication data in a privacy-compliant way alongside existing business metrics is the future of understanding the heartbeat of every company – I believe in 10 years time we will be looking at how we could have ignored insights from these platforms.”
Tomas Cupr, Founder and Group CEO of Rohlik Group, the European leader of e-grocery, said: “Alongside our traditional BI approaches using performance data, we use Time is Ltd. to help improve the way we collaborate in our teams and improve the way we work both internally and with our vendors – data that Time is Ltd. provides is a must-have for business leaders.”

Productivity startup Time is Ltd raises .6M to be the ‘Google Analytics for company time’

Microsoft plans to launch dedicated Xbox cloud gaming hardware

Microsoft will soon launch a dedicated device for game streaming, the company announced today. It’s also working with a number of TV manufacturers to build the Xbox experience right into their internet-connected screens and Microsoft plans to bring build cloud gaming to the PC Xbox app later this year, too, with a focus on play-before-you-buy scenarios.
It’s unclear what these new game streaming devices will look like. Microsoft didn’t provide any further details. But chances are, we’re talking about either a Chromecast-like streaming stick or a small Apple TV-like box. So far, we also don’t know which TV manufacturers it will partner with.
It’s no secret that Microsoft is bullish about cloud gaming. With Xbox Game Pass Ultimate, it’s already making it possible for its subscribers to play more than 100 console games on Android, streamed from the Azure cloud, for example. In a few weeks, it’ll open cloud gaming in the browser on Edge, Chrome and Safari, to all Xbox Game Pass Ultimate subscribers (it’s currently in limited beta). And it is bringing Game Pass Ultimate to Australia, Brazil, Mexico and Japan later this year, too.
In many ways, Microsoft is unbundling gaming from the hardware — similar to what Google is trying with Stadia (an effort that, so far, has fallen flat for Google) and Amazon with Luna. The major advantage Microsoft has here is a large library of popular games, something that’s mostly missing on competing services, with the exception of Nvidia’s GeForce Now platform — though that one has a different business model since its focus is not on a subscription but on allowing you to play the games you buy in third-party stores like Steam or the Epic store.
What Microsoft clearly wants to do is expand the overall Xbox ecosystem, even if that means it sells fewer dedicated high-powered consoles. The company likens this to the music industry’s transition to cloud-powered services backed by all-you-can-eat subscription models.
“We believe that games, that interactive entertainment, aren’t really about hardware and software. It’s not about pixels. It’s about people. Games bring people together,”
said Microsoft’s Xbox head Phil Spencer. “Games build bridges and forge bonds, generating mutual empathy among people all over the world. Joy and community -that’s why we’re here.”
It’s worth noting that Microsoft says it’s not doing away with dedicated hardware, though, and is already working on the next generation of its console hardware — but don’t expect a new Xbox console anytime soon.

Microsoft plans to launch dedicated Xbox cloud gaming hardware

Nexford University lands $10.8M pre-Series A to scale its flexible remote learning platform

Two profound problems face the higher education sector globally — affordability and relevance. Whether you live in Africa, Europe, or the U.S., a major reason why people don’t go to university or college or even drop out because they cannot afford tuition fees. On the other hand, relevance shows the huge gap between what traditional universities teach and what global employers actually look for. It’s not a secret that universities focus a bit too much on theory.

Over the past few years, there has been the emergence of a number of alternative credential providers trying to provide students with the necessary skills to earn and make a living. Nexford University is one of such platforms, and today, it has a closed $10.8 million pre-Series A funding round.
Dubai-based VC Global Ventures led the new round. Other investors include Future Africa’s new thematic fund (focused on education), angel investors, and family offices. Unnamed VCs from 10 countries, including the U.S., U.K., France, Dubai, Switzerland, Qatar, Nigeria, Egypt and Saudi Arabia, also took part.
To date, Nexford has raised $15.3 million, following the first tranche of $4.5 million in seed funding raised two years ago.
Fadl Al Tarzi launched Nexford University in 2019. The tech-enabled university is filling affordability and relevance gaps by providing access to quality and affordable education.
“That way, you get the best of both worlds,” CEO Al Tarzi said to TechCrunch. “You get practical skills that you can put to work immediately or for your future career while actively keeping a job. So the whole experience is designed as a learning as a service model.”
Nexford Unversity lets students study at their own pace. Once they apply and get admitted into either a degree program or a course program, they choose how fast or slow they want the program to be.
Fadl Al Tarzi (CEO, Nexford University)
The CEO says whatever students learn on the platform is directly applicable to their jobs. Currently, Nexford offers undergraduate degrees in business administration; 360° marketing; AI & automation; building a tech startup; business analytics; business in emerging markets; digital transformation; e-commerce; and product management. Its graduate degrees are business administration, advanced AI, e-commerce, hyperconnectivity, sustainability, and world business.
Nexford’s tuition structure is very different from traditional universities because it’s modelled monthly. Its accredited degrees cost between $3,000 to $4,000 paid in monthly instalments. In Nigeria, for instance, an MBA costs about $160 a month, while a bachelor degree costs $80 a month. But the catch for the monthly instalment structure means the faster a learner graduates, the less they pay.
What’s it like learning with Nexford University?
Nexford University doesn’t offer standardized and theoretical tests or assignments as most traditional universities do. Al Tarzi says the company employs what he calls a competency-based education model where students prove mastery by working on practical projects.
For instance, a student working on an accounting course will most likely need to create a P&L statement, analyze balance sheets and identify where the error is to correct it. The platform then gives the student different scenarios showing companies with different revenues and expense levels. The task? To analyse and extract certain ratios to help make sense of which company is profitable and the other unit economics involved.
Though Nexford plays in the edtech space, Al Tarzi doesn’t think the company is an edtech company. As a licensed and accredited online university, Nexford has a huge amount of automation across the organization and provides students with support from faculty and career advisors.
After offering degrees, Nexford puts on its placement hats by fixing its graduates with partner employers.
There’s a big shortage of jobs in Nigeria, and despite the high unemployment, it’s actually difficult to find extremely qualified entry-level graduates. So Nexford has carried out several partnerships where employers sponsor their employees or soon-to-be employees for upskilling and rescaling purposes.
An illustration is with Sterling Bank, a local bank in the country. Most Nigerian banks have yearly routines where they hire graduates and put them on weeks-long training programs. Sterling Bank employs any candidate it feels did great after the capital intensive (eight weeks in most cases) programs.
So what Nexford has done is to partner with Sterling to fund the tuition for high school leavers. When these students go through Nexford’s programs for the first year, they begin to get part-time placements at Sterling. Upon graduation, they get a job in the bank.
“That saves Sterling the training cost and our tuition fee is almost equal to the training that they provided for students. Also, students start paying back once they get placed, so it’s a win-win.”

Nexford University has learners from 70 countries, with Nigeria its biggest market yet. Nexford also has blue-chip partnerships with Microsoft, LinkedIn Learning, and IBM to provide access to tools, courses and programmes to improve the learning experience.
One of the major gains of this learning experience is how it prepares people for remote jobs. Nexford is bullish on its virtual skills grid, where people will get jobs remotely regardless of their location on the platform.
“Across Sub Saharan Africa by the year 2026, there’s gonna be a shortage of about 100 million university seats as a result of huge growth in youth population not met by growth and supply. Even if you want to build universities fast, you wouldn’t be able to meet the demand. And that spirals down to the job market. We don’t think the local economy will produce enough jobs in Nigeria, for instance. But we want to enable people to get remote jobs across the world and not necessarily have to migrate.” 
Last year, Nexford’s revenues grew by 300%. This year, the company hopes to triple the size of its enrollment from last year, the CEO said.
Nexford is big on designing students’ curriculum based on analysis of what their employer needs. Al Tarzi tells me that the company always follow the Big Data approach, asking themselves, “how do we find out what employers worldwide are looking for and keep our curriculum alive and relevant?”
“We develop proprietary technology that enables us to analyze job vacancies as well as several other data sources; use AI to understand how those data sets and build a curriculum based on those findings. So, in short, we start with the end in mind,” he answers.
The company is keen on improving its technology regardless. It wants to analyse skills more accurately and automate more functions to enhance user experience. That’s what the funding will be used for in addition to fuelling its regional expansion plans (particularly in Asia) and investing in growth and product development. Per the latter, the online university says it will be launching partner programs with more employers globally to facilitate both placement and upskilling and rescaling. 
Merging both worlds of tech and the traditional university model is no easy feat. The former is about efficiency, user-centricity, product, among others. The latter embodies rigidity and continues to lag behind fast-paced innovation. And while there’s been a boom in edtech, most startups try to circumvent the industry’s bureaucracy by launching an app or a MOOC. Nexford’s model of running a degree-granting, licensed, accredited, and regulated university is more challenging but in it lies so much opportunity.
Iyin Aboyeji, Future Africa general partner CEO, understands this. It’s one reason why the company is the first investment out of Future Africa’s soon-to-be-launched fund focused on the future of learning and why he believes the company is a game-changer for higher education in Africa.
“During the pandemic, while many universities in Nigeria were shut down due to labour disputes, Nexford was already delivering an innovative and affordable new model of online higher education designed for a skills-based economy.”  
For general partner at Global Ventures Noor Sweid, Nexford University is redressing the mismatch between the supply of talent and the demands of today’s digital economy. “We are thrilled to partner with Fadl and the Nexford team on their journey toward expanding access to universal quality higher education in emerging markets,” she said.

Nexford University lands .8M pre-Series A to scale its flexible remote learning platform

Ring won’t say how many users had footage obtained by police

Ring gets a lot of criticism, not just for its massive surveillance network of home video doorbells and its problematic privacy and security practices, but also for giving that doorbell footage to law enforcement. While Ring is making moves towards transparency, the company refuses to disclose how many users had their data given to police.
The video doorbell maker, acquired by Amazon in 2018, has partnerships with at least 1,800 U.S. police departments (and growing) that can request camera footage from Ring doorbells. Prior to a change this week, any police department that Ring partnered with could privately request doorbell camera footage from Ring customers for an active investigation. Ring will now let its police partners publicly request video footage from users through its Neighbors app.
The change ostensibly gives Ring users more control when police can access their doorbell footage, but ignores privacy concerns that police can access users’ footage without a warrant.
Civil liberties advocates and lawmakers have long warned that police can obtain camera footage from Ring users through a legal back door because Ring’s sprawling network of doorbell cameras are owned by private users. Police can still serve Ring with a legal demand, such as a subpoena for basic user information, or a search warrant or court order for video content, assuming there is evidence of a crime.
Ring received over 1,800 legal demands during 2020, more than double from the year earlier, according to a transparency report that Ring published quietly in January. Ring does not disclose sales figures but says it has “millions” of customers. But the report leaves out context that most transparency reports include: how many users or accounts had footage given to police when Ring was served with a legal demand?
When reached, Ring declined to say how many users had footage obtained by police.
That number of users or accounts subject to searches is not inherently secret, but an obscure side effect of how companies decide — if at all — to disclose when the government demands user data. Though they are not obligated to, most tech companies publish transparency reports once or twice a year to show how often user data is obtained by the government.
Transparency reports were a way for companies subject to data requests to push back against damning allegations of intrusive bulk government surveillance by showing that only a fraction of a company’s users are subject to government demands.
But context is everything. Facebook, Apple, Microsoft, Google, and Twitter all reveal how many legal demands they receive, but also specify how many users or accounts had data given. In some cases, the number of users or accounts affected can be twice or more than threefold the number of demands they received.
Ring’s parent, Amazon, is a rare exception among the big tech giants, which does not break out the specific number of users whose information was turned over to law enforcement.
“Ring is ostensibly a security camera company that makes devices you can put on your own homes, but it is increasingly also a tool of the state to conduct criminal investigations and surveillance,” Matthew Guariglia, policy analyst at the Electronic Frontier Foundation, told TechCrunch.
Guariglia added that Ring could release the numbers of users subject to legal demands, but also how many users have previously responded to police requests through the app.
Ring users can opt out of receiving requests from police, but this option would not stop law enforcement from obtaining a legal order from a judge for your data. Users can also switch on end-to-end encryption to prevent anyone other than the user, including Ring, from accessing their videos.

Amazon’s Ring Neighbors app exposed users’ precise locations and home addresses

Ring won’t say how many users had footage obtained by police

Tech giants still aren’t coming clean about COVID-19 disinformation, says EU

European Union lawmakers have asked tech giants to continue reporting on efforts to combat the spread of vaccine disinformation on their platforms for a further six months.
“The continuation of the monitoring programme is necessary as the vaccination campaigns throughout the EU is proceeding with a steady and increasing pace, and the upcoming months will be decisive to reach a high level of vaccination in Member States. It is key that in this important period vaccine hesitancy is not fuelled by harmful disinformation,” the Commission writes today.
Facebook, Google, Microsoft, TikTok and Twitter are signed up to make monthly reports as a result of being participants in the bloc’s (non-legally binding) Code of Practice on Disinformation — although, going forward, they’ll be switching to bi-monthly reporting.
Publishing the latest batch of platform reports for April, the Commission said the tech giants have shown they’re unable to police “dangerous lies” by themselves — while continuing to express dissatisfaction at the quality and granularity of the data that is being (voluntarily) provided by platforms vis-à-via how they’re combating online disinformation generally.
“These reports show how important it is to be able to effectively monitor the measures put in place by the platforms to reduce disinformation,” said V?ra Jourová, the EU’s VP for values and transparency, in a statement. “We decided to extend this programme, because the amount of dangerous lies continues to flood our information space and because it will inform the creation of the new generation Code against disinformation. We need a robust monitoring programme, and clearer indicators to measure impact of actions taken by platforms. They simply cannot police themselves alone.”

Understanding Europe’s big push to rewrite the digital rulebook

Last month the Commission announced a plan to beef up the voluntary Code, saying also that it wants more players — especially from the adtech ecosystem — to sign up to help de-monitize harmful nonsense.
The Code of Practice initiative pre-dates the pandemic, kicking off in 2018 when concerns about the impact of “fake news” on democratic processes and public debate were riding high in the wake of major political disinformation scandals. But the COVID-19 public health crisis accelerated concern over the issue of dangerous nonsense being amplified online, bringing it into sharper focus for lawmakers.
In the EU, lawmakers are still not planning to put regional regulation of online disinformation on a legal footing, preferring to continue with a voluntary — and what the Commission refers to as “co-regulatory” — approach, which encourages action and engagement from platforms vis-à-vis potentially harmful (but not illegal) content, such as offering tools for users to report problems and appeal takedowns, but without the threat of direct legal sanctions if they fail to live up to their promises.
It will have a new lever to ratchet up pressure on platforms too, though, in the form of the Digital Services Act (DSA). The regulation — which was proposed at the end of last year  — will set rules for how platforms must handle illegal content. But commissioners have suggested that those platforms which engage positively with the EU’s disinformation Code are likely to be looked upon more favorably by the regulators that will be overseeing DSA compliance.
In another statement today, Thierry Breton, the commissioner for the EU’s Internal Market, suggested the combination of the DSA and the beefed up Code will open up “a new chapter in countering disinformation in the EU”.
“At this crucial phase of the vaccination campaign, I expect platforms to step up their efforts and deliver the strengthened Code of Practice as soon possible, in line with our Guidance,” he added.
Disinformation remains a tricky topic for regulators, given that the value of online content can be highly subjective and any centralized order to remove information — no matter how stupid or ridiculous the content in question might be — risks a charge of censorship.
Removal of COVID-19-related disinformation is certainly less controversial, given clear risks to public health (such as from anti-vaccination messaging or the sale of defective PPE). But even here the Commission seems most keen to promote pro-speech measures being taken by platforms — such as to promote vaccine-positive messaging and surface authoritative sources of information — noting in its press release how Facebook, for example, launched vaccine profile picture frames to encourage people to get vaccinated, and that Twitter introduced prompts appearing on users’ home timeline during World Immunisation Week in 16 countries, and held conversations on vaccines that received 5 million impressions.
In the April reports by the two companies there is more detail on actual removals carried out too.
Facebook, for example, says it removed 47,000 pieces of content in the EU for violating COVID-19 and vaccine misinformation policies, which the Commission notes is a slight decrease from the previous month.
While Twitter reported challenging 2,779 accounts, suspending 260 and removing 5,091 pieces of content globally on the COVID-19 disinformation topic in the month of April.
Google, meanwhile, reported taking action against 10,549 URLs on AdSense, which the Commission notes as a “significant increase” versus March (+1,378).
But is that increase good news or bad? Increased removals of dodgy COVID-19 ads might signify better enforcement by Google — or major growth of the COVID-19 disinformation problem on its ad network.
The ongoing problem for the regulators who are trying to tread a fuzzy line on online disinformation is how to quantify any of these tech giants’ actions — and truly understand their efficacy or impact — without having standardized reporting requirements and full access to platform data.
For that, regulation would be needed, not selective self-reporting.

Tech giants must open up about the coronavirus ‘infodemic’, say EU lawmakers

Europe to press the adtech industry to help fight online disinformation

Europe to put forward rules for political ads transparency and beef up its disinformation code next year

Tech and ad giants sign up to Europe’s first weak bite at ‘fake news’

 

Tech giants still aren’t coming clean about COVID-19 disinformation, says EU

Iterative raises $20M for its MLOps platform

Iterative, an open-source startup that is building an enterprise AI platform to help companies operationalize their models, today announced that it has raised a $20 million Series A round led by 468 Capital and Mesosphere co-founder Florian Leibert. Previous investors True Ventures and Afore Capital also participated in this round, which brings the company’s total funding to $25 million.
The core idea behind Iterative is to provide data scientists and data engineers with a platform that closely resembles a modern GitOps-driven development stack.

After spending time in academia, Iterative co-founder and CEO Dmitry Petrov joined Microsoft as a data scientist on the Bing team in 2013. He noted that the industry has changed quite a bit since then. While early on, the questions were about how to build machine learning models, today the problem is how to build predictable processes around machine learning, especially in large organizations with sizable teams. “How can we make the team productive not the person? This is a new challenge for the entire industry,” he said.
Big companies (like Microsoft) were able to build their own proprietary tooling and processes to build their AI operations, Petrov noted, but that’s not an option for smaller companies.
Currently, Iterative’s stack consists of a couple of different components that sit on top of tools like GitLab and GitHub. These include DVC for running experiments and data and model versioning, CML, the company’s CI/CD platform for machine learning, and the company’s newest product, Studio, its SaaS platform for enabling collaboration between teams. Instead of reinventing the wheel, Iterative essentially provides data scientists who already use GitHub or GitLab to collaborate on their source code with a tool like DVC Studio that extends this to help them collaborate on data and metrics, too.
Image Credits: Iterative
“DVC Studio enables machine learning developers to run hundreds of experiments with full transparency, giving other developers in the organization the ability to collaborate fully in the process,” said Dmitry Petrov, CEO and founder of Iterative. “The funding today will help us bring more innovative products and services into our ecosystem.”
Petrov stressed that he wants to build an ecosystem of tools, not a monolithic platform. When the company closed this current funding round about three months ago, Iterative had about 30 employees, many of which were previously active in the open-source community around its projects. Today, that number is already closer to 60.
“Data, ML and AI are becoming an essential part of the industry and IT infrastructure,” said Leibert, general partner at 468 Capital. “Companies with great open source adoption and bottom-up market strategy, like Iterative, are going to define the standards for AI tools and processes around building ML models.”

Iterative raises M for its MLOps platform

Hackers are targeting employees returning to the post-COVID office

With COVID-19 restrictions lifting and employees starting to make their way back into offices, hackers are being forced to change tack. While remote workers have been scammers’ main target for the past 18 months due to the mass shift to home working necessitated by the pandemic, a new phishing campaign is attempting to exploit those who have started to return to the physical workplace.
The email-based campaign, observed by Cofense, is targeting employees with emails purporting to come from their CIO welcoming them back into offices.
The email looks legitimate enough, sporting the company’s official logo in the header, as well as being signed spoofing the CIO. The bulk of the message outlines the new precautions and changes to business operations the company is taking relative to the pandemic.
If an employee were to be fooled by the email, they would be redirected to what appears to be a Microsoft SharePoint page hosting two company-branded documents. “When interacting with these documents, it becomes apparent that they are not authentic and instead are phishing mechanisms to garner account credentials,” explains Dylan Main, threat analyst at Cofense’s Phishing Defense Center.
However, if a victim decides to interact with either document, a login panel appears and prompts the recipient to provide login credentials to access the files.
“This is uncommon among most Microsoft phishing pages where the tactic of spoofing the Microsoft login screen opens an authenticator panel,” Main continued. “By giving the files the appearance of being real and not redirecting to another login page, the user may be more likely to supply their credentials in order to view the updates.”
Another technique the hackers are employing is the use of fake validated credentials. The first few times login information is entered into the panel, the result will be the error message that states: “Your account or password is incorrect.”
“After entering login information a few times, the employee will be redirected to an actual Microsoft page,” Main says. “This gives the appearance that the login information was correct, and the employee now has access to the OneDrive documents. In reality, the threat actor now has full access to the account owner’s information.”
While this is one of the first campaigns that’s been observed targeting employees returning to the workplace (Check Point researchers uncovered another last year), it’s unlikely to be the last. Both Google and Microsoft, for example, have started welcoming staff back to office cubicles, and the majority of executives expect that at least 50% of employees will be back working in the office by July, according to a recent PwC study.
“We saw threat actors follow the trends throughout the pandemic, and we expect they are likely to leverage themes of returning to work in their attacks in the coming months,” Tonia Dudley, a strategic advisor at Cofense, told TechCrunch. “We can expect remote workers to continue to be targeted as well. While employers begin to bring staff back to the office, it’s likely we’ll see a hybrid model of work moving forward. Both groups will be targets for phishing attacks.”
Threat actors typically adapt to exploit the global environment. Just as the shift to mass working over remote connections led to an increase in the number of attacks attempting to exploit remote login credentials, it’s likely the number of attacks targeting on-premise networks and office-based workers will continue to grow over the coming months.

What you need to know about COVID-19-related cyberattacks

Hackers are targeting employees returning to the post-COVID office

The open-source Contributor Covenant is now managed by the Organization for Ethical Source

Managing the technical side of open-source projects is often hard enough, but throw in the inevitable conflicts between contributors, who are often very passionate about their contributions, and things get even harder. One way to establish ground rules for open-source communities is the Contributor Covenant, created by Coraline Ada Ehmke back in 2014. Like so many projects in the open-source world, the Contributor Covenant was also a passion project for Ehmke. Over the years, its first two iterations have been adopted by organizations like the CNCF, Creative Commons, Apple, Google, Microsoft and the Linux project, in addition to hundreds of other projects.
Now, as work is starting on version 3.0, the Organization for Ethical Source (OES), of which Ehmke is a co-founder and executive director, will take over the stewardship of the project.
“Contributor Covenant was the first document of its kind as code of conduct for open-source projects — and it was incredibly controversial and actually remains pretty controversial to this day,” Ehmke told me. “But I come from the Ruby community, and the Ruby community really embraced the concept and also really embraced the document itself. And then it spread from there to lots of other open-source projects and other open-source communities.”
The core of the document is a pledge to “make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation,” and for contributors to act in ways that contribute to a diverse, open and welcoming community.
As Ehmke told me, one part that evolved over the course of the last few years is the addition of enforcement guidelines that are meant to help community leaders determine the consequences when members violate the code of conduct.
“One of the things that I try to do in this work is when people criticize the work, even if they’re not arguing in good faith, I try to see if there’s something in there that could be used as constructive feedback, something actionable,” Ehmke said. “A lot of the criticism for years for Contributor Covenant was people saying, ‘Oh, I’ll say one wrong thing and be permanently banned from our project, which is really grim and really unreasonable.’ What I took from that is that people are afraid of what consequences project leaders might impose on them for an infraction. Put that way, that’s kind of a reasonable concern.”
Ehmke described bringing the Covenant to the OES as an “exit to community,” similar to how companies will often bring their mature open-source projects under the umbrella of a foundation. She noted that the OES includes a lot of members with expertise in community management and project governance, which they will be able to bring to the project in a more formal way. “I’m still going to be involved with the evolution of Contributor Covenant, but it’s going to be developed under the working group model that the organization for ethical source has established,” she explained.
For version 3.0, Ehmke hopes to turn the Covenant into what she described as more of a “toolkit” that will allow different communities to tailor it a bit more to their own goals and values (though still within the core ethical principles outlined by the OES).
“Microsoft’s adoption of Contributor Covenant represents our commitment to building healthy, diverse and inclusive communities, as well as our intention to contribute and build together with others in the ecosystem,” said Emma Irwin, a program manager in Microsoft’s Open Source Program Office. “I am honored to bring this intention and my expertise to the OES’s Contributor Covenant 3.0 working group.”

Where top VCs are investing in open source and dev tools (Part 1 of 2)

The open-source Contributor Covenant is now managed by the Organization for Ethical Source

EU bodies’ use of US cloud services from AWS, Microsoft being probed by bloc’s privacy chief

Europe’s lead data protection regulator has opened two investigations into EU institutions’ use of cloud services from U.S. cloud giants, Amazon and Microsoft, under so called Cloud II contracts inked earlier between European bodies, institutions and agencies and AWS and Microsoft.
A separate investigation has also been opened into the European Commission’s use of Microsoft Office 365 to assess compliance with earlier recommendations, the European Data Protection Supervisor (EDPS) said today.
Wojciech Wiewiórowski is probing the EU’s use of U.S. cloud services as part of a wider compliance strategy announced last October following a landmark ruling by the Court of Justice (CJEU) — aka, Schrems II — which struck down the EU-US Privacy Shield data transfer agreement and cast doubt upon the viability of alternative data transfer mechanisms in cases where EU users’ personal data is flowing to third countries where it may be at risk from mass surveillance regimes.

Europe’s top court strikes down flagship EU-US data transfer mechanism

In October, the EU’s chief privacy regulator asked the bloc’s institutions to report on their transfers of personal data to non-EU countries. This analysis confirmed that data is flowing to third countries, the EDPS said today. And that it’s flowing to the U.S. in particular — on account of EU bodies’ reliance on large cloud service providers (many of which are U.S.-based).
That’s hardly a surprise. But the next step could be very interesting as the EDPS wants to determine whether those historical contracts (which were signed before the Schrems II ruling) align with the CJEU judgement or not.
Indeed, the EDPS warned today that they may not — which could thus require EU bodies to find alternative cloud service providers in the future (most likely ones located within the EU, to avoid any legal uncertainty). So this investigation could be the start of a regulator-induced migration in the EU away from U.S. cloud giants.
Commenting in a statement, Wiewiórowski said: “Following the outcome of the reporting exercise by the EU institutions and bodies, we identified certain types of contracts that require particular attention and this is why we have decided to launch these two investigations. I am aware that the ‘Cloud II contracts’ were signed in early 2020 before the ‘Schrems II’ judgement and that both Amazon and Microsoft have announced new measures with the aim to align themselves with the judgement. Nevertheless, these announced measures may not be sufficient to ensure full compliance with EU data protection law and hence the need to investigate this properly.”
Amazon and Microsoft have been contacted with questions regarding any special measures they have applied to these Cloud II contracts with EU bodies.
The EDPS said it wants EU institutions to lead by example. And that looks important given how, despite a public warning from the European Data Protection Board (EDPB) last year — saying there would be no regulatory grace period for implementing the implications of the Schrems II judgement — there hasn’t been any major data transfer fireworks yet.
The most likely reason for that is a fair amount of head-in-the-sand reaction and/or superficial tweaks made to contracts in the hopes of meeting the legal bar (but which haven’t yet been tested by regulatory scrutiny).
Final guidance from the EDPB is also still pending, although the Board put out detailed advice last fall.
The CJEU ruling made it plain that EU law in this area cannot simply be ignored. So as the bloc’s data regulators start scrutinizing contracts that are taking data out of the EU some of these arrangement are, inevitably, going to be found wanting — and their associated data flows ordered to stop.
To wit: A long-running complaint against Facebook’s EU-US data transfers — filed by the eponymous Max Schrems, a long-time EU privacy campaigners and lawyer, all the way back in 2013 — is slowing winding toward just such a possibility.
Last fall, following the Schrems II ruling, the Irish regulator gave Facebook a preliminary order to stop moving Europeans’ data over the pond. Facebook sought to challenge that in the Irish courts but lost its attempt to block the proceeding earlier this month. So it could now face a suspension order within months.
How Facebook might respond is anyone’s guess but Schrems suggested to TechCrunch last summer that the company will ultimately need to federate its service, storing EU users’ data inside the EU.
The Schrems II ruling does generally look like it will be good news for EU-based cloud service providers which can position themselves to solve the legal uncertainty issue (even if they aren’t as competitively priced and/or scalable as the dominant US-based cloud giants).
Fixing U.S. surveillance law, meanwhile — so that it gets independent oversight and accessible redress mechanisms for non-citizens in order to no longer be considered a threat to EU people’s data, as the CJEU judges have repeatedly found — is certainly likely to take a lot longer than ‘months’. If indeed the US authorities can ever be convinced of the need to reform their approach.
Still, if EU regulators finally start taking action on Schrems II — by ordering high profile EU-US data transfers to stop — that might help concentrate US policymakers’ minds toward surveillance reform. Otherwise local storage may be the new future normal.

Facebook’s EU-US data transfers face their final countdown

Facebook told it may have to suspend EU data transfers after Schrems II ruling

European Parliament amps up pressure on EU-US data flows and GDPR enforcement

Legal clouds gather over US cloud services, after CJEU ruling

EU contracts with Microsoft raising ‘serious’ data concerns, says watchdog

EU bodies’ use of US cloud services from AWS, Microsoft being probed by bloc’s privacy chief

OpenAI’s $100M startup fund will make ‘big early bets’ with Microsoft as partner

OpenAI is launching a $100 million startup fund, which it calls the OpenAI Startup Fund, though which it and its partners will invest in early-stage AI companies tackling major problems (and productivity). Among those partners and investors in the fund is Microsoft, at whose Build conference OpenAI founder Sam Altman announced the news.
In a prerecorded video, Altman explained that “this is not a typical corporate venture fund. We plan to make big early bets on a relatively small number of companies, probably not more than 10.”
It’s not clear exactly how the $100M will be divided or disbursed, or on what timeline, or whether this is part of a longer program. But it seems to be a limited fund, not just the 2021 round.
Altman did say that they will be looking for companies that are taking on serious issues, like healthcare, climate change, and education, where AI-powered applications or approaches could “benefit all of humanity,” in keeping with OpenAI’s mission statement. But it would also consider productivity improvements as well, presumably like the GPT-3 powered natural language coding Microsoft showed off yesterday.

Expect an even hotter AI venture capital market in the wake of the Microsoft-Nuance deal

“We know it’s you, the developers, who can use powerful tools like gpt3 to create ambitious applications that will leave a positive mark on the world,” said Microsoft CTO Kevin Scott in the company’s stream. “Microsoft is thrilled to be able to support this fund.”
Companies selected for funding will receive early access to new OpenAI systems and Azure resources from Microsoft, which hopefully would allow them to spring fully formed and ready to scale from the program. OpenAI would not elaborate on the equity agreement, expectations for startups, other partners, or any further details. It’s entirely possible that the $100M figure is the only thing they’ve actually settled on.
The minimal application process suggests they expect a large number of submissions, but if you want to throw your company into the mix, start prepping your elevator pitch. Part of the application is a one minute video (take note that “Demos, music and effects are not necessary”) that the selection team (the makeup of which OpenAI did not detail) will no doubt watch if a company makes it through the first round of winnowing. Hope you haven’t dismantled that Zoom background just yet.

British AI startup Faculty raises $42.5M growth round led by Apax Digital Fund

OpenAI’s 0M startup fund will make ‘big early bets’ with Microsoft as partner