 Coming up on DTNs, WhatsApp moderators can read your messages if you send them to them. El Salvador's first day with Bitcoin as its official currency and whether Proton Mail undermined its own privacy potential. This is the Daily Tech News for Tuesday, September 7th, 2021 in Los Angeles. I'm Tom Merritt. And I'm the show's producer, Roger Chang. Sarah Lane has the day off, but joining us, Bloomberg tech editor, host of tech's message, Nate Langson is back. Welcome back, Nate. Thank you for having me once again. Very glad to be here. We were just talking about caves and roofs and fiber to the cave and all of that. If you'd like that conversation, get our expanded show, Good Day Internet, become a member at patreon.com slash DTNs where you can join our top patrons like Bjorn Andre, Jeff Wilkes and Paul Reese. Let's start with a few tech things you should know. Apple announced it will hold an announcement Tuesday, September 14th, at 10 a.m. Pacific 1 p.m. Eastern Time. The invite showed a kind of a glowing Apple logo, neon-ish, in front of a mountain landscape with the headline, California Streaming, which is literally what they'll do since they will stream the event from Apple Park in California. There's also an augmented reality Easter egg available to users of an iOS device if you want to investigate that. Meanwhile, in slightly unrelated Apple news, Ford has hired Apple's VP of Special Projects, a.k.a. the head of the Apple Car Team, Doug Field, to become Ford's Chief Advanced Technology and Embedded Systems Officer. The analysts at AppEddie report that TikToks surpassed YouTube in average watch time per user in the U.S. and U.K. Remember, YouTube videos are usually quite a bit longer than TikToks. AppEddie's data only accounts for Android devices, though. YouTube still leads in overall watch time, given its much larger user base. AppEddie also found that apps with a prominent live streaming feature accounted for three quarters of money spent in the top 25 social apps during the first half of 2021. Microsoft is replacing MSN Feed and Microsoft News with a new personalized news feed called Microsoft Start. It's integrated into the Windows 11 widgets section, as well as the Windows 10 task bar. Microsoft starts using some human curation along with algorithms to choose which stories from more than 1,000 publishers to show each user, along with things like weather and sports scores. You can take a look. If you want, go to MicrosoftStart.com or find the iOS or Android apps. According to a report by German publication Heise, German lawmakers proposed requiring smartphone manufacturers to provide seven years of mandatory security updates, also requiring availability of affordable replacement parts for the devices. Current EU regulations will require five years of security updates and a policy that's set to roll out in 2023. The tech advocacy group Digital Europe, which includes Google, Samsung and Apple, is currently lobbying for three years of updates. And Volkswagen debuted the IDBuzz Autonomous Electric Vehicle Van at the 2021 IAA mobility event in Munich. It features autonomous systems developed by Argo AI. VW plans to use IDBuzz as a platform for its full-scale commercial ride-hailing and delivery operations that it plans to launch in Germany in 2025. Germany is also getting testing of a RoboTaxi service next year in Munich from Intel's Mobileye and car company 6SE using the Move app. All right, let's talk a little more about a story that got a lot of headlines. It seems to already be kind of debunked, but maybe you heard about it, maybe you didn't. A report from ProPublica says that contractors hired by Facebook review messages reported as improper that have been screened by an algorithm. ProPublica titled the article, How Facebook undermines privacy protections for its two billion WhatsApp users. ProPublica points out that while WhatsApp messages are end-to-end encrypted, if a recipient of a message selects the report option, it will forward the allegedly offending message as well as the previous four in the exchange for context to reviewers. Process works like forwarding a message does for any person in WhatsApp. In fact, the forwarding is even end-to-end encrypted. Moderators only see reported messages. This is not a story that they can see other messages. If you press report, it will forward that and it will tell you what it's forwarding. A WhatsApp spokesperson told XDA developers, based on the feedback we've received from users where confident people understand when they make reports to WhatsApp, we receive the content they send us. It felt a little tongue-in-cheek to me. I don't know about you, Nate. Most of the security researchers I've seen have expressed some disappointment with ProPublica at spinning what is a fairly uncontroversial reporting platform as some kind of privacy weakness. Yes. I do have to say that I am not a WhatsApp user and part of the reason for not being a WhatsApp user is somewhat of putting my money where my mouth is when it comes to privacy and not particularly wanting to use something I don't trust. However, I am on WhatsApp side in this instance in that it doesn't break end-to-end encryption because it has ended on the other side. Where it is decrypted and is viewable and it is in the purview and remit of that user to report it, to do what they want with that text. They can just as easily copy it and send it to your parents, to your children, to your boss, to whomever. So it doesn't concern me that somebody is able to see your messages if somebody you've sent them to reports it. I don't see that as problematic. That is a good system. That is what the system should be. This isn't a privacy issue. The thing that gets me a little bit more is whether there is metadata and prior messaging as part of a chain of a conversation that is also shared along with those messages. Things that may not necessarily be pertinent to a privacy, sorry, not a privacy review process. That I'm less clear on. There is some suggestion that the previous few messages may also be transmitted as part of this, maybe to understand context. I find that a little less easy to agree with being necessary, but fundamentally, I don't see this as being a major blow for WhatsApp. Yeah, unlike the Apple situation where people were like, well, it's forwarding something to the parents without the user having control. There was some argument about whether or not does that leak out information without your control? Is that really end-to-end encryption, et cetera? We had a lot of back and forth about that. This is very clearly not a subversion of end-to-end encryption because of what you very well put, which is you're taking the message and you're sending it on. You know what's being sent. The messages that are included for context, it's clear to you, hey, if you send this, this is what will be sent. You're choosing to do that. This is not something that's happening without your impetus. Like you said, you could just copy and paste this stuff. That would not also be a weakness for end-to-end encryption. In fact, being able to report abuse is important. ProPublica is kind of undermining a very important thing to have in any kind of messaging or social media platform, which is the ability to say like, hey, can you review this? This person keeps harassing me and I don't like it. I would like it to stop. WhatsApp says they only shut down the most egregious offenses of this. They don't consider themselves moderators. They're just checking for any kind of violation of terms of service about how you're allowed to use the system. I think you're right. There's a lot of great information to be had around metadata, around the unencrypted parts of WhatsApp where they can see what a group chat name is and they could see IP address of users and things like that. That's not what's in the story, unfortunately. Super quickly, before we move on, the one thing I would also flag here is that if messages that are set to disappear, which is something WhatsApp has been introducing apps like Signal have it already, where you can say this message can be viewed once and then it's gone, if those messages end up in the hands of reviewers in this manner, that I think also is probably not okay. That's not what seems to be being flagged here, but it's something that I would suggest keeping our eye on. Sure. There's lots of things that could be a problem that you could imagine, and that would absolutely be one of them. There's no suggestion that that's the case here, though. I think we've gotten to a point where people are so excited to catch the bad guys that they're letting their judgment fuzz what is a fairly uncontroversial thing in this case. Yeah. El Salvador now officially has two currencies, neither one of them are from El Salvador. You may not have realized that El Salvador has been using the U.S. dollar as its official currency for several years, and now their second official currency is Bitcoin. Monday, El Salvador's president confirmed that it had purchased 200 more Bitcoins, bringing El Salvador's national reserves to 400 Bitcoins. That's depending on what time you look at it, around $20 million worth of Bitcoin. The law means that most businesses are required by El Salvador in law to accept Bitcoin as payment, though the Financial Times found that only three of 20 enterprises it surveyed in San Salvador, the capital, had plans to accept Bitcoin, so compliance is a whole different situation. El Salvador's government hopes the move will reduce the cost of remittances. That's the process of sending money back to El Salvador from abroad, which normally can incur heavy fees. It could also improve access to financial services for the unbanked, of which there are a large number in El Salvador. To encourage adoption, the government has developed its own Bitcoin wallet called Chivo and is offering any one with a national ID, $30 worth of Bitcoin, if they install Chivo. It also has installed 200 ATMs in the country, where you can put in dollars and have them converted to Bitcoin and sent to your wallet. I couldn't find any information about how widespread they are. I guess they're probably all in San Salvador, but maybe there's a few elsewhere. Bitcoin is volatile. That's the major downside here. The IMF has warned El Salvador about the potential destabilizing effects of this move, and Moody's has even downgraded El Salvador's debt rating in response to the new law. It's the kind of move that maybe you could only make in El Salvador. Some people have said that the government is using it to distract from other issues there. Nate, what do you make of this? I think the people I'm most concerned about is shop owners, because if you look at the volatility of Bitcoin, it is in the hands of the person who has that money, whether or not to hold it and to spend it. Obviously, they have to be made aware of that, and there's a government responsibility to educate. However, a shop owner will not have bought their goods, but it's very likely, with Bitcoin, and will have used a fiat currency. If, as is the case today, the price of Bitcoin drops, the best part of 10%, that is an instant loss for those shopkeepers. Obviously, it can go up. I'm aware of that. But for this to happen on the first day, I can imagine a lot of shopkeepers who are maybe wondering whether or not this was a good thing, or thinking, yeah, it probably wasn't. It's a great test case, though. I'm very excited to see how it goes, but I think we're in for an interesting ride. Let's just put it out. It's almost like a nice little laboratory test case, right? I think the economist was estimating. The economist was estimating less than 10% of transactions in El Salvador so far seem to be being made with Bitcoin. So it's not a large portion of the economy. I was reading the BBC saying, with different interviews, some people are immediately taking their Bitcoin and converting it to US dollars as soon as a payment is made, which helps reduce the exposure to the volatility. Others are treating any payments in Bitcoin as a savings plan, where they'll just leave it in the account long term and see what happens. So yeah, it's an experiment. In a smaller country, probably not representative of most economies. But worth watching, I suppose, and seeing if we can learn anything from it. Absolutely. Governments wanted to protect privacy. Folks, that's all they want to do. Well, they also want to build bridges and collect taxes and lots of other stuff. But one of the things they really want to do is protect privacy. So over the years, they've required websites to notify you about cookies. You might have noticed this as you were observing the web. Sites work around the laws and implement dark patterns to try to get you to approve of their use of cookies. And so the laws have gotten stricter. We got things like California's data protection law or Europe's GDPR. And that makes the notifications more complex. We have options and OKs and multiple screens. So time to find the cookie pop up notifications. Well, maybe not find them, but maybe fix them. UK Information Commissioner Elizabeth Denham says she will call on the group of seven nations on Tuesday, the G7, to join forces and fight the pop ups that they have required. The G7 includes the UK, Canada, France, Italy, Japan, the United States and Germany. Denham, in fact, is on her way out. But incoming Commissioner John Edwards has told the Telegraph he too plans to do something about cookies. So this may span the different administrations of the ICO. The UK's Information Commissioner's Office has a vision for the future where they think browsers or even whole devices could support settings that last rather than having to confront pop ups at every website, something that several plugins like ConsentoMatic attempt to do on their own right now. But it's a government made problem that now the ICO is saying we need to all team up to fight the thing we created. Yes, and they only have themselves to blame. Well, I say themselves. I mean, in terms of the European experience, ads have become the least annoying thing about browsing the web in Europe. If it's not cookie pop ups, please don't leave yet. Please subscribe to our newsletter. Full screen overlays or what have you. So I will be very happy for any effort to be made to get rid of them because it's almost unavoidable no matter the plugin. If you're living in anywhere that's governed by GDPR in Europe, which includes the UK right now. So this is exciting. I'm glad you mentioned that Elizabeth Denham was on her way out and there is an incoming commissioner. We talked about this actually on text message the other week because he's the guy who's coming in is a very tough individual when it comes to tech companies. And as you say, he's specifically highlighted cookies as problematic and something that we want to get rid of and that he wants Britain to lead the way and in some form. But you're up against the real challenge of having to force people to change again. And people don't like change. Tech companies really hate change. Well, they hate it when they're told they have to change. And I don't know if there's a good solution to this. I think you look at what Google's doing with flock and its idea of cookies. You look at baking it into the browser, breaking it into the device. It's just fundamentally I just don't think there's a good answer to this. Yeah, it's a very down a note to end on. But I just don't know what they're going to do. Well, the problem is my first initial reaction was, well, if the popups are crazy, then redesign the law to make the popups be less crazy. But I think what's happened is they don't have an idea of how to best do that and still achieve their goal, which is transparency and user consent. So what they want to do is they want to put pressure on the tech companies to fix it themselves. And to do that, they need the US, Japan, Germany, France, etc. To all put pressure on the tech companies to fix it themselves, which I think many people out there would say, well, maybe you should have done that in the first place instead of create these baroque rules that didn't necessarily achieve what you wanted in the first place. I wonder if you could borrow from the thinking that led to what most modern browsers now do when you're browsing an unsecured site, just a regular HTTP site where it flags up in in gray or in red, you know, not secure. If it's green, there's a nice little green logo or a padlock or something that implies you are secure. I wonder if there's a way of extending that to to privacy from a cookie and permissions and an agreement standpoint where you're not being forced to agree to something. But there's a window that says you haven't yet agreed. And it's just up to you as part of the browser experience on a per site basis, which HTTPS notifications are to agree or disagree. It would make it less intrusive on the browsing experience because your eye isn't being drawn to it as quickly as the content. So you're not saying the full screen thing. You're just saying a little address bar notification there. I think I think the reason they haven't done something like that is they want you to be forced to say yes or no. That the problem was that the websites would be like they'd be fine with it being up in the address bar because everybody just ignore it. So yeah, I don't know if they would. I don't know. I don't know. A big red thing up in the it's hard to miss and it is quick to say except but I don't know. Maybe a rise. The solution on the user end is just respect my default notifications and let me decide when I want to give an exception, except websites are not going to be OK with that because they're like, well, that will kill advertising, which it wouldn't, but it would certainly reduce the way they do it now because we see the Sturman drawing about what Apple's doing, but they're essentially doing that, saying, yeah, you're going to say no, and then that'll be it. You'll have respected that for everything from then on. Hmm. Anyway, if you've solved this feedback, the Daily Tech News Show dot com. Don't don't email Elizabeth Denham yet. It's not her way out anyway. Let us know. We'll pass the word along to her. Hey, folks, would you like a DTS hat, maybe a hoodie or a mask or a mouse pad? We got it all and more at the Daily Tech News Show store with brand new logos. If you've got some of our stuff before with the classic logo, there's still some of that, but the the brand new, more colorful Daily Tech News Show logo that you see in your album art is now on the merch as well. Go check it out. Daily Tech News Show dot com slash store. French police have been trying to identify activists that are occupying apartments and commercial spaces in Paris. And one of the activists was found to be using a proton email account. Proton mail is an end to end encrypted email service created by scientists who used to work at CERN and it's headquartered in Switzerland, which means you can't just serve something from France. Proton mail won't respect that. They're like, we're in Switzerland, we're neutral. It has to be the Swiss to make us do anything. Well, a police report revealed that the French police working with Europol got Swiss courts to order proton mail to log the IP address, which proton mail says, we don't do. We don't log your IP address. The court said, well, in this case, you have to log the IP address of this one account, provide that and the device ID you get by doing that to the French police. Actually, the Europol who gave it to the French police who eventually arrested the individual in question. So there are a lot of headlines out there. Proton mail gives up activists who is arrested. Had the court ordered proton to provide the contents of the email, which it did not. But if it had, proton mail would not have been able to comply because they do use end to end encryption. However, while proton does not log IP addresses normally, it's capable of doing so. So it says it had no legal choice. Once the Swiss court told it had to do that, it had to do that. And the IP address was the only thing provided by proton. Now, that IP address log includes the device ID. That's why that's in there, too. But that's all they did. They didn't give them anything else. Proton supports access by the onion router and offers its own VPN service. And proton has noted that if either had been used, the actual IP address of the user would have been unobtainable. They would have gotten either the VPN IP address or the Tor IP address, which would have been useless. So they're basically telling other activists like, hey, if you're going to use proton mail, you might want to use the onion router or our VPN service or some other subsequent to the story coming out. The Open Terms Archive noted that proton mail's privacy policy has added the following line. Proton mail said, we'll clarify this a little better. So the line now reads, if you are breaking Swiss law, proton mail can be legally compelled to log your IP address as part of a Swiss criminal investigation. This obligation, however, does not extend to proton VPN, see VPN privacy policy here. So even in the privacy policy, they're letting you know, if you use our VPN, it's not going to work. But this is one I've seen a lot of misunderstanding around date. And I think proton mail got put in a tough position. There's a lot of criticism over whether the Swiss courts should have cooperated or not. If this was extreme enough for the court to order this, given that it's activists occupying some restaurants and apartments. Yes. And that is at the point that I was going to make as well, because you would think that something of this nature where you would force a company that's its business model is built on privacy interests like this, that you would think, well, this is going to have to be the most extreme thing in the world. They're going to have to agree to it. It'll be CSAM related. It'll be terrorism. It'll be drugs, human trafficking, something like that. It was climate activists. And to me, when I saw that, I thought they must have done something very, very, very naughty indeed to justify it. But I don't know what a climate protester can do to warrant this action on the part of Switzerland. I feel like it's a mistake. I may be missing something. And please let us know if you've got reliable sources that show otherwise. But it seems like it's just occupying property that they don't have the right to occupy. That that's trespass, you know, that's a few other things. But it doesn't feel like the kind of extreme thing that would require a Swiss court to give cross border authorization to. Now, there is terrorism involved sometimes with climate activists. And there's some confusion about whether these are all climate activists. I think the one that was arrested is a climate activist. But I think there's more than one cause here. Maybe it all got jumbled together. I don't know. However, what Proton Mail has been put in the position of is not being able to say anything under court order about the actual court order itself and trying to walk that line and explaining what it had to do. A lot of people trust Proton Mail. I don't know if this is the kind of thing that could spell the end of widespread trust for what it does. It's the kind of thing that historically has been very damaging for. I would let's say niche, i.e. not giant publicly traded behemoths like Apple, who can't afford to fight something like this. It can be destructive. I hope for their user's sake, that is not the case, because this is not a nice way to deal with that. All right, let's talk some tech, like fundamental tech, not policy. One of the biggest drawbacks to foldable phones is the crease in the display where the fold is. Companies like Samsung have done a lot to reduce the crease. It's a lot less pronounced in the latest fold, but it would be better if it weren't there at all. LG Chem, that is the part of the LG conglomerate that deals with chemistry, has developed a display cover window. That's that's the part that's on the outside of your phone, but not only helps solve the crease problem, but increases durability as well, which is another issue with folding. LG claims that its proprietary coating added to a thin polyethylene terephthalate plastic film is not only sturdier and more flexible than current solutions, but it's it's not going to have a crease. And that includes tempered glass and a polyamide film. LG says its solution can hold its shape after two hundred thousand folds and LG plans to start mass production of the cover in 2022 for use in phones, laptops and tablets. Great. If it makes the product seem less pointless, I'm all for it. Yeah, I mean, how do you feel about foldable, right? Like the idea with foldable has been like, can you can you do it without the hinge breaking? Well, Samsung had a problem with that, but they seem to have created a durable hinge now. All right, can you do it without the glass breaking? Well, they've done it without the glass breaking, but they're still the crease. Well, can you get rid of the crease? LG Chem is the latest to be like, I think we can get rid of the crease. Once you get rid of all those objections, do you still need it? I've not found of a reason to need it ever. So no is my answer. I don't want to be one of these people that just says, ah, this is terrible. It's awful. What a pointless idea. But but I'm yet to be I'm yet to be wowed. Yes, LG's technology will make this better. Excellent. Brilliant. But I'm yet to be I'm yet to be convinced that there's any need for it. I'm a little more bullish on the scrollable, where you have like a phone size screen and then you can unroll it internally. So for you, it's just pulling it out and then you got a tablet. I could see myself using that. That's been something I've wanted since the Nexus 7, honestly, where I'm like, this is perfect for reading a book, but I don't want to carry it around with me. Why can't I get this in one device? If I could have the screen just expand when I needed it, I could watch video on the plane. I could read a book or I could just use it as a phone. I could have multiple sizes. Maybe this gets me there. I'm still thinking the scrollable element probably is a more practical way to do it. But hey, if this gets rid of the crease, I'm willing to give it a shot. Yeah. All right, let's check out the mail bag. We get email to feedback at DailyTechNewsShow.com. We get conversations in our discord and the chip shortage and the wider logistics issues around that are a frequent topic of discussion in our discord. And recently, West Bay Stars was discussing how it's impacting their grocery shopping. West Bay Stars wrote the whole shipping issue has had our household stressed as jalapenos have been missing from Costco for over a month. My wife even resorted to ordering the pair. We usually get at Costco for approximately $6.50 from Amazon for more than $20 US. Someone is hoarding and scalping jalapenos in Japan. That's where West Bay Stars is. They finally returned to Costco at the normal price yesterday. So we bought four pairs. They won't last as long as their expiration date and will weather the next jalapeno shortage. We've been talking a lot about we had the example of somebody trying to buy some appliances and the appliances aren't in. There's been some other stuff that we've tried to order some clocks recently and it's going to take four to eight weeks for the clocks to get here, which back in the day, four to eight weeks, that was normal. But these days, it's like, oh, wow, we've we've set back the clock on shipping times. Have you noticed anything like that? Yeah, garden furniture, it's impossible to buy the garden furniture you want. But I also feel that it's one of these things we say it's a first world problem, but it is a problem. So let's complain about it a bit and it is a problem. I cannot sit in my garden comfortably and that is annoying. So I hope it gets solved, please. And West Bay Stars cannot rely on jalapenos, which I am very sympathetic to, especially in Japan, where, you know, they're not easy to just run down to the store and get. Yes, I think it's less about what are we going to do about it and more about us all realizing it's not just us. Like, oh, yeah, everybody's feeling the effects of this. We're all in this garden furniture, clock, jalapeno, chip shortage together. What a horrible year it's been. Almost two now. Yeah. Yeah. Oh, no. Well, I've got good news. We have a new boss on the show. Thank you to Molly Fanton. Molly Fanton just started backing us on Patreon. Thank you, Molly. Because of Molly, we are just down one patron on the month. It would be two if it weren't for Molly Fanton jumping in. So thank you, Molly. If you would like to be the person that pushes us back into net positive and you've been thinking about joining that Patreon, now's the time to do it. Patreon.com slash DTNS. Thank you, Nate Langson, my friend, as always, it was a pleasure chatting tech with you. Thank you. It's great to be here. I mean, for anyone who likes my voice and the weird stuff that I say about things, I have a show called Text Message that's sort of like the misbehaving weird cousin of DTNS. So that's at uktechshow.com. And if you like this, maybe you'll like maybe you'll like that. It's a fixture of my Sundays, I have to say. That's high praise. It usually shows up mid, mid Sunday morning and I'll either maybe do some yard work or gardening or or go for a run. And you and Ian are my my pals on that. I love it. Thank you very much. Go check it out, folks. Don't forget, if you want to check us out live, we are live at 4 30 p.m. Eastern 20 30 UTC. You can find out more about that at dailytechnewshow.com slash live back tomorrow with Scott Johnson. Talk to you then. This show is part of the Frog Pants Network. Get more at frogpants.com. Bob hopes you have enjoyed this program.