A weekly summary of what I’ve found interesting at the intersection of economics, finance and technology.
The EU Estimates GDPR Is Working, but More Remains To Be Done — The EU published a review two years after the implementation of GDPR. It concludes that it is working, and that it serves as a “global reference point.” But the report also calls for “vigorous” enforcement of the regulation across all member countries, and notes that it places a significant burden on small and medium enterprises and on innovators. Looks like a fair assessment overall, and raises hopes that the drawbacks will be addressed without gutting the regulation. Full Report (EU), Commentary (TechCrunch)
In More Bad News, Brazil Suspended WhatsApp’s Payment Service — It seems like dissatisfaction with Facebook’s content moderation policies may have reached a tipping point, with a growing group of advertisers deciding to boycott the platform. Perhaps not yet a financial threat to the company, but definitely negative for its image. Read (FT $$)
In More Bad News, Brazil Suspended WhatsApp’s Payment Service — The service was launched just a few weeks ago, and marks another setback for Facebook’s attempts to gain a foothold in financial services. Read (FT $$)
In the US, a Proposed New Law Aims To Ban End-To-End Encryption — This proposal looks like bad news overall, and illustrates again that the debate over end-to-end encryption will probably never be settled. Read (US Senate)
Apple Plans To Leverage All Its Devices To Improve the “Find My” Service — Interesting nugget coming out of the company’s World Wide Developers Conference (WWDC): the next version of its operating systems will apparently enlist the hundreds of millions of Apple devices in use to help locate a device that is marked as lost or stolen. This seems like a clever and useful idea, but the privacy implementation will have to be rock solid for this to be adopted. Read (Apple)
A Shady New Ransomware Targets Mac Users — The software in itself seems like a relatively amateur attempt, but it’s a good reminder of the risks associated with downloading from torrents etc. Read (Wired)
Tension Is Rising between Apple and Certificate Authorities — Certificate Authorities (CA’s) are the organisations that enable the little padlock in your browser, used to verify that a website is legit. CA’s do this by issuing an encryption certificate, that is valid for a number of years. In its most recent Safari update, Apple has shortened the validity period that it will accept to display the little padlock, to one year. This means that even if the certificate is valid for five years, the site will be marked as insecure after one year in Safari. Google is expected to follow suit with Chrome. As a result, CA’s will now have to renew all certificates every year, which places additional burden on their systems and resources. Of course this debate is arcane, but it underlines how complex and fragile the security infrastructure on the internet is. Read (ZDNet)
Useful, brief overview of the different Covid-19 contact-tracing approaches (centralised, on-device etc.) from the makers of security- and privacy-focused ProtonMail and ProtonVPN. Read (ProtonMail)
Also at WWDC, Apple announced it is switching its Mac computers from Intel chips to “Apple Silicon”, with an unusually short transition period of only two years. Former Microsoft executive Steven Sinofsky wrote some interesting thoughts on what he calls “some of the most remarkable product engineering over time in history.” Read (Learning By Shipping)
That’s it for this week’s edition. As always, thanks for reading and please forward this to anyone who you think might be interested, it would be much appreciated.