Check out the final four startups pitching tomorrow at CCC Web3 Demo Day

Tomorrow, January 11, is a big day in the web3 universe. It’s The Cross Chain Coalition Web3 Demo Day, a showcase of 12 boundary-pushing early-stage startups building projects across web3, DeFi, NFT and gaming.

Today we’re revealing the final four startups ready to deliver their best five-minute pitch to a global audience, including some of the industry’s most influential founders and investors. Folks like Jonathan King (Coinbase Ventures), Mary-Catherine (MC) Lader (Uniswap Labs), Etiënne vantKruys (TRGC) and many more.

Register today, and don’t miss the chance to network with top blockchain investors — live in our event chat.

And now, without further ado, here are the final four startups ready to impress investors:

Meet Candy Shop, a one-stop solution provider designed to make NFT deployment and brand-management problems a thing of the past. Founded by Anson Cheung, this project aims to provide the entire NFT value chain from within your own dedicated shop.

Meet Coinfront, a digital currency banking and payments infrastructure for web2 companies. Co-founder Ash Shoukr and team aim to build the easiest way to accept and settle crypto payments.

Meet Knabu, a project specializing in secure transaction settlement. Founded by Gabrielle Patrick, the company builds clearing infrastructure designed to let firms leverage distributed ledger technology, become payment institutions or become electronic money institutions.

Meet Wallchain, an already-profitable web3 anti-bot solution, founded by Yurii Kyparus. The solution is designed to protect DEXes from MEV bots by getting inside user transactions and leaving zero opportunities for bots.

Join us tomorrow — January 11 — for the Cross Chain Coalition Web3 Demo Day and see for yourself what the brilliant minds behind 12 up-and-coming projects are building.

Register now for this free online event and reserve your seat at the virtual table.

Check out the final four startups pitching tomorrow at CCC Web3 Demo Day by Lauren Simonds originally published on TechCrunch

Wyze launches its new $34 pan and tilt security camera

It’s only been a few days since CES closed its doors, but there are still plenty of new gadgets to be had. Some companies, after all, would rather not launch their products into the noise that is the world’s largest consumer electronics show. Seattle-based Wyze is one of these. The company made its name by launching an extremely affordable security camera back in 2017 and while it has since expanded well beyond that (think air purifiers, gun safes and vacuums), its camera offerings remain core to its identity (and, most likely, revenue). Indeed, Wyze’s founders recently promises that in the coming year, the company would go back to its basics and make 2023 the year of the camera. Today, it is kicking this off with the launch of its indoor/outdoor Wyze Cam Pan v3.

The new camera features a completely new design, which also now allows the waterproof wired camera to tilt a full 180 degrees, on top of its 360-degree panning ability.

Image Credits: Wyze

The previous version only had a 93-degree vertical range, but otherwise, the two cameras feature comparable specs. These include Wyze’s HD sensor with color night vision, which works surprisingly well, as well as the ability to track objects and people once the camera detects motion, 24/7 recording on a microSD card and two-way audio. Since it’s a bit more flexible, the new version is also easier to mount inverted on a wall or ceiling. One nifty feature — though not new — is that you can set the camera to continuously monitor a room in a constant pattern by setting 4 waypoints.

Wyze sent me a review unit earlier this month and on top of these basic specs, maybe the most important update here is that the new camera is very quiet. Wyze says it reduced the motor noise by half — and that’s quite notable. And since the camera can now fully tilt down, the company also introduced a new privacy mode that points the camera down and eliminates its field of view. I’m not sure what I was expecting, but it’s also quite small, though it feels heavier than you expect and is generally well-built.

Image Credits:

Like its other modern cameras, the new system also supports Wyze’s subscription AI and storage service for automatically detecting and tagging events (this starts at $2/month/camera but even without paying, you get 14 days of free cloud storage). In my experience, this works quite well (I mostly use it to detect people and packages at our front door). I haven’t used it outside yet, but Wyze promises that the camera is waterproof, up to IP65 specs. The company recommends you use its $14 outdoor power adapter, though.

The last version of its panning camera cost $44 (plus about $6 flat-rate shipping) on Wyze.com and about $50 at third-party vendors with free shipping. The new version will cost $34 (plus shipping) when you order direct from Wyze. That’ll likely mean it’ll set you back $40 on Amazon, for example. Given Wyze’s flat-rate shipping rate, you’re usually better off buying direct when ordering more than one unit (assuming you don’t mind the slower shipping). There are cheaper options from the likes of TP-Link brand Kasa, for example, though Wyze may have many of these competitors beat in terms of its software smarts.

Image Credits: Wyze

We would be remiss not to note that Wyze Cam Pan v2 was one of the cameras that had a security flaw that the company took a long time to acknowledge publicly and only finished patching last year (except for the Wyze Cam V1, which it couldn’t patch because of its hardware limitations). A hacker would’ve needed access to the camera’s random ID number through your local network to exploit this vulnerability. Security flaws are almost inevitable (and we’ve seen far more problematic issues with security cameras over the years), but Wyze’s mistake here was to not talk about this one for years. I’d like to think that Wyze has learned from this and has since strengthened its approach to security (and its app supports two-factor authentication), but it’s something worth keeping in mind.

Wyze launches its new $34 pan and tilt security camera by Frederic Lardinois originally published on TechCrunch

India’s antitrust order will stall Android’s progress in the country, Google warns

Google has warned that growth in the use of Android in India may stall due to an antitrust order issued by the Indian antitrust watchdog last year over the U.S. company’s domination in the country.

The order, which was issued by the Competition Commission of India (CCI) in September, found that Google had abused its dominant position in the market for mobile operating systems by imposing restrictive contracts on mobile manufacturers.

The CCI ordered Google to change its contracts with manufacturers, allowing them more freedom to install rival apps and services on Android devices. According to a Reuters report, Google filed a challenge with India’s Supreme Court and said that the order would require some modifications of its existing contracts and new license agreements. It would alter the company’s existing arrangements with over 1,100 device manufacturers and thousands of app developers.

“Tremendous advancement in growth of an ecosystem of device manufacturers, app developers and users is at the verge of coming to a halt because of the remedial directions,” the company said in the filing, as quoted by the news agency. “No other jurisdiction has ever asked for such far-reaching changes based on similar conduct.”

After three and a half years of investigation, the Indian watchdog fined Google $161.9 million for its anti-competitive practices related to Android devices in several markets, such as licensable OS for smartphones, app store, web search services and non-OS specific mobile web browsers. The regulator concluded that the Android maker dominated all those markets.

Google had responded to the order and said that it was a “major setback for Indian consumers and businesses.” The company also appealed the ruling to the country’s appellate tribunal, the National Company Law Appellate Tribunal (NCLAT).

Last week, the tribunal dismissed Google’s plea for an interim stay on the antitrust order and directed the company to pay 10% of the $161.9 million penalty while the case is due for hearing next month.

This was not the first time Google had been subject to an antitrust investigation. The company was previously investigated by authorities in other countries. For instance, Google eventually lost its appeal against a massive $4.3 billion fine in Europe.

India’s antitrust order will stall Android’s progress in the country, Google warns by Jagmeet Singh originally published on TechCrunch

BioNTech acquires Tunisian-born and U.K-based AI startup InstaDeep for £562M

German-based biotech company BioNTech SE is set to acquire InstaDeep, a Tunis-born and U.K.-based artificial intelligence (AI) startup InstaDeep for up to £562 million (~$680 million) in its largest deal yet.

Per The Financial Times, the German vaccine maker intends to useInstaDeep’s machine learning to “improve its drug discovery process, including developing personalised treatments tailored to a patient’s cancer.”

BioNTech is said to pay £362 million — a mix of cash and an undisclosed amount of BioNTech shares — upfront. The remaining £200 million is dependent on on how InstaDeep performs in the future, according to the company’s statement.

Last January, InstaDeep,founded by Karim Beguir and Zohra Slim in 2014, raised $100 million in Series B financing led by Alpha Intelligence Capital and CDIB.BioNTech was among the participating investors which also included Chimera Abu Dhabi, Deutsche Bahn’s DB Digital Ventures and Google.

The Tunis and London-based enterprise AI startup whichuses advanced machine learning techniques to bring AI to applications within an enterprise environment, hasoffices in Paris, Tunis, Lagos, Dubai and Cape Town.

CEO Begur, in an interview with TechCrunch last year, said InstaDeep uses reinforcement learning, a kind of machine learning that helps design optimization strategies and tackles them simultaneously.Instances where InstaDeep applies its AI tech includes helping a large shipping company to efficiently transport thousands of containers to a railway station or automate scheduling for 10,000 trains. Other examples are the design of advanced therapeutics with silicon and routing components on a printed circuit board.

Thecompany is currently working on a moonshot product to automate railway scheduling with Deutsche Bahn, the largestrail operator in Europe.

In 2019, InstaDeep formed a multi-year strategic collaboration with BioNTech to launch a joint AI innovation lab where they would deploy the latest advances in AI and ML to develop novel immunotherapies. This acquisition is as a result of this long-term partnership that has seen InstaDeep become the centerpiece of a growing portfolio of initiatives around AI and ML at BioNTech.

BioNTech intends to use computational solutions to create personalised drugs for cancer patients and according to its CEOUğur Şahin, “The acquisition of InstaDeep allows us to incorporate the rapidly evolving AI capabilities of the digital world into our technologies, research, drug discovery, manufacturing and deployment processes. Our aim is to make BioNTech a technology company where AI is seamlessly integrated into all aspects of our work.”

InstaDeep’s 240-man team will continue to provide its AI and machine learning services to other companies, including Google and Nvidia, per the company’s statement.

“AI is progressing exponentially and our mission at InstaDeep has always been to make sure it benefits everyone. We are very excited to join forces and become one team with BioNTech, with whom we share the same culture of deep tech innovation and focus on positive human impact,” said Beguir on the acquisition. “Together, we envision building a world leader that combines biopharmaceutical research and AI with the aim to design next-generation immunotherapies that enhance medical care – thus, helping fight cancer and other diseases.”

The transaction is expected to close in the first half of 2023, subject to customary closing conditions and regulatory approvals.

BioNTech acquires Tunisian-born and U.K-based AI startup InstaDeep for £562M by Tage Kene-Okafor originally published on TechCrunch

App Store developers have earned $320 billion to date, says Apple

Apple today shared an update on its subscription businesses and global App Store, noting that the tech company has now paid out a record $320 billion to app developers since 2008 — a number that reflects the revenue apps have generated, minus Apple’s commission. In addition, the tech giant said it now has more than 900 million paid subscriptions across Apple services, with subscriptions on the App Store driving a “significant” part of that figure.

Image Credits: Apple

The company’s App Store in 2022 faced one of its tougher years since its founding, with lawsuits and antitrust actions aimed at limiting its market power. The U.S. Department of Justice is said to now be in the early stages of filing an antitrust lawsuit against Apple, even chiming in on the Apple-Epic Games antitrust appeal recently to point out to the court why the original ruling — which had decided that Apple was not a monopolist — had misinterpreted antitrust law. The U.K. is also probing the Android-iOS duopoly, with a specific focus on browsers and cloud gaming services.

Apple also this year had to make concessions over various parts of its App Store business.

For example, in the Netherlands, it had to comply with an antitrust order that allowed dating apps to use third-party payments. Multiple European countries are probing its App Tracking Transparency framework for antitrust issues. And last month, Apple loosened its grip on App Store pricing with the introduction of 700 new price points and rules that now permit developers to set prices that don’t end in $0.99 to combat complaints that Apple doesn’t let developers run their own businesses as they see fit — a result of a class action lawsuitwith U.S. app developers settled in 2021.

Despite its challenges, Apple’s App Store business continues to grow.

The company noted that more than 650 million visitors from 175 regions worldwide visit the App Store every week and it’s still delivering new experiences. Among the highlights was the launch of Apex Legends on mobile earlier this year, and the growing popularity of a new form of social networking with BeReal, Apple’s “app of the year.”

Apple’s game subscription service, Apple Arcade, also grew in 2022 with the addition of over 50 more titles, including Warped Kart Racers, Jetpack Joyride 2, Gibbon: Beyond the Trees, Wylde Flowers, and Cooking Mama: Cuisine. The service now hosts more than 200 games in total.

Apple also highlighted stats across other services, noting Apple Music has topped over 100 million songs, and growing Spatial Audio adoption with monthly listeners tripling since launch. Shazam’s 20th anniversary in 2022 saw it hitting the milestone of 70 billion all-time Shazams. (It didn’t report on its Podcasts figures, however. )

Apple Fitness+, meanwhile, grew its library to 3,500 workouts and meditations. And Apple TV+ became the first streaming service to win an Academy Award for Best Picture with “CODA.” In February, the Apple TV app will begin streaming Major League Soccer games, after the announcement of a 10-year partnership between Apple and the league.

App Store developers have earned $320 billion to date, says Apple by Sarah Perez originally published on TechCrunch

New Jersey and Ohio are the latest states to ban TikTok on government devices

New Jersey and Ohio are the latest states to ban TikTok on government-owned devices over national security concerns. The two have joined at least 20 other states in doing so. The move comes amid fears that collected data could allow the Chinese government to spy on Americans.

New Jersey Governor Phil Murphy announced on Monday that the state issued a cybersecurity directive to prohibit the use of high-risk software and services, including TikTok, on government-owned devices. In addition to banning TikTok from state devices, Murphy said the state was also banning products and services from numerous other vendors, including Huawei, Hikvision, Tencent and ZTE.

On the same day, Ohio Governor Mike DeWine issued an executive order banning the use of any application owned by an entity located in China on government owned devices. DeWine said in the order that “these surreptitious data privacy and cybersecurity practices pose national and local security and cybersecurity threats to users of these applications and platforms and the devices storing the applications and platforms.”

Wisconsin Governor Tony Evers said on Friday that he planned to join other states in banning the popular short-form video app from state owned devices as well.

“We’re disappointed that so many states are jumping on the political bandwagon to enact policies that will do nothing to advance cybersecurity in their states and are based on unfounded falsehoods about TikTok,” a spokesperson for TikTok said in a statement to TechCrunch. We are continuing to work with the federal government to finalize a solution that will meaningfully address any security concerns that have been raised at the federal and state level.”

Calls to ban TikTok from government devices mounted after FBI Director Christopher Wray said in November that the app poses national security risks. In December, President Joe Biden approved a bill that prohibits the use of TikTok by the federal government’s employees on devices owned by its agencies. The U.S. military has also banned its service-members from using TikTok on government devices, fearing the app could potentially expose personal data to “unwanted actors.”

There are also efforts to ban TikTok from consumer devices across the United States. Last month, Senator Marco Rubio proposed legislation that would ban TikTok nationally. Rubio said that the app allows the Chinese government “a unique ability to monitor more than 1 billion users worldwide, including nearly two-thirds of American teenagers.”

TikTok has been a source ofsecurity and privacy concerns for several years. Given the increasingscrutiny of TikTok, this may be just the start of the challenges to come for the company in the year ahead.

New Jersey and Ohio are the latest states to ban TikTok on government devices by Aisha Malik originally published on TechCrunch

Are Arm and Ant Group’s derailed exits back on track?

Firms linked to Ant Group saw their stocks rise on Monday after news over the weekend that founder Jack Ma would relinquish control of the Alibaba affiliate once known as Alipay.

These jumps may seem like a paradox, as Ma’s near disappearance from public view is not exactly encouraging for Chinese entrepreneurs or foreign investors.

The Exchange explores startups, markets and money.

Read it every morning on TechCrunch+ or get The Exchange newsletter every Saturday.

However, as we have explored recently in a different context (Coinbase’s post-settlement stock bump), markets hate uncertainty — and Ma’s downfall had been lingeringway too long for their taste.

As you may recall, things turned sour for Ant Group two years ago, when its IPO plans were cut short by Chinese regulators. What followed was a long period of turmoil not only for Ant, but also for its founder and Chinese fintech as a whole.

Are Arm and Ant Group’s derailed exits back on track? by Anna Heim originally published on TechCrunch

John Deere will let farmers repair their own equipment

Here in the U.S., John Deere is, in a word, dominant. According to figures from antitrust non-profit, The American Economic Liberties Project, the corporation controls 53% of the large tractor market in this country and 60% of farm combines. It’s not the only game in town, but it’s a hard one to the avoid. That’s precisely why refusal to allow customers to repair its products has been a major concern for farmers.

Over the weekend, Deere and Co. joined the American Farm Bureau Federation (AFBF) in cosigning a memorandum of understanding (MOU) designed to open access to tools and repair information.

“This is an issue that has been a priority for us for several years and has taken a lot of work to get to this point,” AFBF president, Vincent Duvall, said. “And as you use equipment, we all know at some point in time, there’s going to be problems with it. And we did have problems with having the opportunity to repair our equipment where we wanted to, or even repair it on the farm.”

Deere SVP David Gilmore adds, “This agreement reaffirms the longstanding commitment Deere has made to ensure our customers have the diagnostic tools and information they need to make many repairs to their machines. We look forward to working alongside the American Farm Bureau and our customers in the months and years ahead to ensure farmers continue to have the tools and resources to diagnose, maintain and repair their equipment.”

Per the MOU,

[Deere] shall ensure that any Farmer, including any staff or independent technician assisting a Farmer at a Farmer’s request, and any Independent Repair Facility that provides assistance to Farmers, has electronic access on Fair and Reasonable terms to Manufacturer’s Tools, Specialty Tools, Software and Documentation.

The deal follows mounting pressure from customers to open repairability, amid complaint that – among other things – systems appear to break down at a faster rate. Deere had previous required farmers to visit authorized dealers for repair. There are still some caveats here. Among them, Deere will not “divulge trade secrets, proprietary or confidential information” or “allow owners or Independent Repair Facilities to override safety features or emissions controls or to adjust Agricultural Equipment power levels.”

The news is part of a mounting push to allow consumers to repair their own property. Apple, Samsung and Google have all launched their own at-home phone repair programs, as states like New York and Massachusetts have passed their own right to repair laws. A federal version is believed to be in the offing, as well.

However, it seems likely that repairs will become more difficult for consumers, as Deere leans into robotics for future systems.

John Deere will let farmers repair their own equipment by Brian Heater originally published on TechCrunch

Facebook data-scraping breach triggers GDPR enforcement lawsuit in Ireland

Facebook-owner Meta and its lead data protection regulator in the European Union, the Irish Data Protection Commission (DPC), are facing an interesting legal challenge over a major data-scraping breach that led to a €265 million penalty for Facebook last yearunder the bloc’s General Data Protection Regulation (GDPR).

The legal action, reported earlier by the Irish Examiner, is being brought by the digital rights group, Digital Rights Ireland (DRI) — which is unhappy about the finding by the Irish regulator that no security breach occurred. Instead, in a final decision of November 25 2022 on an own volition enquiry the DPC opened in response to the incident, it found a breach by Meta of the GDPR’s requirement for data protection by design and default. Hence levying a fine.

However the lack of a finding by the DPC of a breach of the security of processing (aka Article 32 of the GDPR) meant there was no requirement for Meta to notify the 100 million or so EU-based Facebook users whose information was exposed and subsequently posted to online forums via the data-scraping of Facebook users carried out by unknown “malicious actors”. Instead Meta could pay a fine representing a tiny fraction of its revenue to make the matter go away.

The unknown entity/entities involved in the breach were able to obtain data on Facebook users by using a contact importer feature the platform had offered up to September 2019. The design of this feature was insecure in that it allowed large sets of phone numbers to be uploaded — enabling malicious actors to find phone numbers that matched Facebook profiles and, via this method, collate a massive data-set on individuals that included (in the majority of cases) phone numbers, names, genders and Facebook IDs that was later found exposed online.

Data-sets containing linked names and phone numbers plus social media profile information offer what DRI calls a “treasure trove” for fraudsters to target people — such as via phishing and social engineering techniques.

The total number of affected Facebook users globally is estimated to number around 533M — so the EU component of this data-scraping breach is also just the tip of the iceberg.

Following media reports of the data-scraping breach last year, DRI complained to the DPC on behalf of two data subjects whose information had been exposed — which led on to the DPC opening an own volition enquiry in April 2021. And in an update letter sent by the DPC to DRI in December, which has been shared with TechCrunch, the regulator writes:

The facts of this case, as established by the DPC, led to a conclusion that the data was not collated arising from exposure as a result of a security vulnerability falling for examination under Article 32 GDPR, but rather arose as a result of the very design of the relevant features of the platforms. Accordingly, as security was not infringed, there was no personal data breach within the definition of Article 4(12) and for that reason Article 34 was therefore not applicable.

In the letter the DPC also asserts that: “The configuration of the Meta systems permitted such scraping to occur at the material time and this was the basis upon which the DPC found an infringement of Article 25.”

So, essentially, the Irish regulator’s finding asserts that the Facebook data scraping breach occurred because of the design of Meta’s systems being insecure — yet, simultaneously, declines to find that users’ data was exposed because of a security vulnerability. Therefore it finds no infringement of the security of processing as defined by the GDPR — so no personal data breach, under the regulation and, consequently, no need for the tech giant to consider whether it should inform affected users that it lost of their personal data.

Although we understand a final outcome letter from the DPC to the DRI is due to be sent this month — so the regulator hasn’t yet provided its last word on the latter’s complaint (but, per the decision it made in November on its own volition enquiry, it’s safe to assume the substance isn’t going to be different).

Despite Meta being fined a couple of hundred million over this data-scraping breach it arguably dodged a far bigger bullet here — since it has not had to inform the circa 100M EU-based users that it breached their security and exposed their data. And for a company which made over $33.6B in 2021 alone, by mining people’s data to sell their attention to advertisers, a fine of $275M is the proverbial ‘parking ticket’/cost of doing business — which can be written off as a business expense.

Whereas reputational damage, which has the potential to drive users away and so reduce engagement with Meta’s services, poses a far more meaningful threat to its attention-sapping business model.

Conveniently for Meta, the tech giant has so far been able to contain the damage over this massive data-scraping episode to a few media reports — and to some reporting of the fine itself — instead of having to communicate with every single one of the users personally affected by having their information scraped and exposed online.

Although it is appealing the DPC’s enforcement, regardless.

Discussing the DRI’s lawsuit, which is being lodged in the Circuit Court in Ireland — and targets Meta and the DPC both with the claim that “justice has been denied” to victims of the data breach — its chair, Dr TJ McIntyre, told TechCrunch: “The data breach point is just one part of a wider complaint that they didn’t make an adequate decision overall with regard to our complainants. The central argument with regard to a security breach is that it makes no sense to say that there’s a notifiable breach if somebody picks the lock but not if you don’t bother locking the door to begin with; i.e. a failure to apply security is a breach, not merely inadequate security.”

“Whether it is a notifiable data breach is in one sense relatively unimportant — it doesn’t affect the fact that there was a violation of duty. However a finding on this point would be helpful in establishing liability towards the individuals affected,” he added.



Meta and the DPC were contacted for comment on DRI’s lawsuit.

A spokesperson for Meta declined to comment. But we understand the company has yet to receive any filings or legal papers regarding the DRI’s case.

The DPC’s deputy commissioner, Graham Doyle, sent the following statement:

“It will be appreciated that we cannot comment on the substance of matters that are now before the courts. For information, however, you may wish to note that a decision has not actually been made yet by the DPC in relation to this complaint. It is acknowledged that DRI takes a different view on this point.”

The DPC continues to attract criticism over its approach to enforcing GDPR against tech giants and the DRI’s lawsuit joins a variety of legal actions and accusations fired at it since the regulation came into application — which run the gamut from complainants about time wasting and wasted resources to narrowly scoped or simply non-existent (i.e. never opened) enquiries following complaints, to legal challenges accusing it of inaction and even alleging criminal corruption.

It routinely defends itself — arguing its dealing with a large workload that often involves complex cases that require full attention to due process to minimize the risk of decisions being overturned on appeal.

Depending on what happens with this latest legal challenge over the Facebook data-scraping breach the lawsuit could have wider significance beyond Meta itself — in relation to other GDPR complaints being decided by the DPC that hinge on whether there’s a breach of security — such as a major complaint against Google’s role in real-time bidding (which, more broadly, implicates the third party tracking ad industry as a whole) that the DPC has been formally considering since May 2019 but still hasn’t decided or enforced.

Last year, complainants in that case sued the Irish regulator for inaction over what they’ve dubbed “the largest data breach ever”.

It remains to be seen what the DPC will decide on that (separate) GDPR complaint. But the wider point here is there could be a risk of a GDPR enforcement loophole if sloppily designed systems that are insecure by design — accidentally or even, potentially, cynically and systematically — are allowed to provide a route for data processors to avoid broader security breach liability under the GDPR.

There is also an interesting comparison to be drawn with the Cambridge Analytica Facebook data scandal, which made global headlines back in 2018 — and which Facebook has always strenuously denied represented a breach of user data. Yet it was, similarly, an insecure design — in that case of its developer platform — that led to data on hundreds of millions of users being extracted from Facebook without the knowledge or consent of the vast majority of the affected users in that earlier event.

The “rogue” actor Facebook accused of perpetrating the Cambridge Analytica data heist was an app developer who had agreed to its developer T&Cs.

And the company was accused in 2018 by the developer, Aleksandr Kogan, of not really having T&Cs as a result of the company not taking actions to ensure its terms were actively being enforced.

That major global data scandal predated the application of the GDPR — but it’s interesting to speculate what kind of enforcement Facebook would have faced had the episode fallen under the EU regulation. And whether or not Ireland’s DPC would have deemed Cambridge Analytica a security breach or just another failure of data protection by design.

Facebook data-scraping breach triggers GDPR enforcement lawsuit in Ireland by Natasha Lomas originally published on TechCrunch

2023 will bring crisper methods for evaluating startup success

The momentum of the most active 12 months ever for venture investing did not carry over well into 2022, to say the least. As interest rates and inflation spiked, geopolitical challenges arose and the economy began trending downward, fundraising slowed dramatically throughout the year.

But if 2022 was a year of paradigm-shifting dynamics, 2023 will be a year when we’ll determine the winners and the losers — and more importantly, when crisper methods for evaluating success will emerge.

The landscape for software companies

The tech ecosystem has seen a few downturns (though none were meaningful) since cloud computing emerged as a dominant trend over a decade ago, but inflation is a new beast for many of us.

It’s been 30 years since inflation was a tangible, real-world macroeconomic consideration. When inflation is at 7%, if you aren’t growing by at least that much, you are shrinking.

In a difficult budget environment, high gross retention rates can be a strong signal that customers love your products and get real value from them.

In tandem with inflation, the demand curve is being whipsawed — we first saw a period of strong product growth driven by the COVID-19 pandemic, and now we’re seeing budgets and spending being tightened as startups and mature companies alike prepare to weather the storm.

We’re entering 2023 with a great number of known issues and a constrained ability to forecast what’s ahead. One thing’s for certain, though: This year will be more about nailing it than scaling it.

The predictors of success

In this environment, investors will look for efficiency metrics like high gross margins, strong gross retention rates (how many customers continue to subscribe each year), rapid expansion within customers, decreasing customer acquisition costs, shorter sales cycles and productive sales reps.

Gross retention, in particular, will be critical, because companies must be able to retain customers to stabilize their 2023 growth plans. In a difficult budget environment, high gross retention rates can be a strong signal that customers love your products and get real value from them.

Investors are also watching the path to break-even based on the current balance sheet — via metrics such as cash burn as a multiple of net new annual recurring revenue.

Assuming you have high gross retention rates, it may make sense to burn cash, but it won’t if you are burning more capital than the amount of new business accrued. As growth rates decline, many companies are slashing burn rates accordingly, resulting in a wave of layoffs even at companies with strong balance sheets and market positions.

2023 will bring crisper methods for evaluating startup success by Ram Iyer originally published on TechCrunch

Pin It on Pinterest