Google signs up Verizon for its AI-powered contact center services

Google today announced that it has signed up Verizon as the newest customer of its Google Cloud Contact Center AI service, which aims to bring natural language recognition to the often inscrutable phone menus that many companies still use today (disclaimer: TechCrunch is part of the Verizon Media Group). For Google, that’s a major win, but it’s also a chance for the Google Cloud team to highlight some of the work it has done in this area. It’s also worth noting that the Contact Center AI product is a good example of Google Cloud’s strategy of packaging up many of its disparate technologies into products that solve specific problems.

“A big part of our approach is that machine learning has enormous power but it’s hard for people,” Google Cloud CEO Thomas Kurian told me in an interview ahead of today’s announcement. “Instead of telling people, ‘well, ‘here’s our natural language processing tools, here is speech recognition, here is text-to-speech and speech-to-text — and why don’t you just write a big neural network of your own to process all that?’ Very few companies can do that well. We thought that we can take the collection of these things and bring that as a solution to people to solve a business problem. And it’s much easier for them when we do that and […] that it’s a big part of our strategy to take our expertise in machine intelligence and artificial intelligence and build domain-specific solutions for a number of customers.”

The company first announced Contact Center AI at its Cloud Next conference two years ago and it became generally available last November. The promise here is that it will allow businesses to build smarter contact center solutions that rely on speech recognition to provide customers with personalized support while it also allows human agents to focus on more complex issues. A lot of this is driven by Google Cloud’s Dialogflow tool for building conversational experiences across multiple channels.

“Our view is that AI technology has reached a stage of maturity where it can be meaningfully applied to solving business problems that customers face,” he said. “One of the most important things that companies need is to differentiate the customer experience through helpful and convenient service — and it has never been more important, especially during the period we’re all in.”

Not too long ago, bots — and especially text-based bots — went through the trough of disillusionment, but Kurian argues that we’ve reached a very different stage now and that these tools can now provide real business value. What’s different now is that a tool like Contact Center AI has more advanced natural language processing capabilities and is able to handle multiple questions at the same time and maintain the context of the conversation.

“The first generation of something called chatbots — they kind of did something but they didn’t really do much because they thought that all questions can be answered with one sentence and that human beings don’t have a conversation,” he noted and also added that Google’s tools are able to automatically create dialogs using a company’s existing database of voice calls and chats that have happened in the past.

When necessary, the Contact Center AI can automatically hand the call off to a human agent when it isn’t able to solve a problem but another interesting feature is its ability to essentially shadow the human agent and automatically provide real-time assistance.

“We have a capability called Agent Assist, where the technology is assisting the agent and that’s the central premise that we built — not to replace the agent but assist the agent.”

Because of the COVID-19 pandemic, more companies are now accelerating their digital transformation projects. Kurian said that this is also true for companies that want to modernize their contact centers, given that for many businesses, this has now become their main way to interact with their customers.

As for Verizon, Kurian noted that this was a very large project that has to handle very high call volumes and a large variety of incoming questions.

“We have worked with Verizon for many, many years in different contexts as Alphabet and so we’ve known the customer for a long time,” said Kurian. “They have started using our cloud. They also experimented with other technologies and so we sort of went in three phases. Phase One is to get a discussion with the customer around the use of our technology for chat, then the focus is on saying you shouldn’t just do chat, you should do chat and voice on a common platform to avoid the kind of thing where you get one response online and a different response when you call. And then we’ve had our engineers working with them — virtually obviously, not physically.”

He noted that Google has seen quite a bit of success with Contact Center AI in the telco space, but also among government agencies, for example, especially in Europe and Asia. In some verticals like retail, he noted, Google Cloud’s customers are mostly focused on chat, while the company is seeing more voice usage among banks, for example. In the telco business, Google sees both across its customers, so it probably made sense for Verizon to bet on both voice and chat with its implementation.

“Verizon’s commitment to innovation extends to all aspects of the customer experience,” said Verizon global CIO and SVP Shankar Arumugavelu in today’s announcement. “These customer service enhancements, powered by the Verizon collaboration with Google Cloud, offer a faster and more personalized digital experience for our customers while empowering our customer support agents to provide a higher level of service.”

Google signs up Verizon for its AI-powered contact center services

Google today announced that it has signed up Verizon as the newest customer of its Google Cloud Contact Center AI service, which aims to bring natural language recognition to the often inscrutable phone menus that many companies still use today (disclaimer: TechCrunch is part of the Verizon Media Group). For Google, that’s a major win, but it’s also a chance for the Google Cloud team to highlight some of the work it has done in this area. It’s also worth noting that the Contact Center AI product is a good example of Google Cloud’s strategy of packaging up many of its disparate technologies into products that solve specific problems.

“A big part of our approach is that machine learning has enormous power but it’s hard for people,” Google Cloud CEO Thomas Kurian told me in an interview ahead of today’s announcement. “Instead of telling people, ‘well, ‘here’s our natural language processing tools, here is speech recognition, here is text-to-speech and speech-to-text — and why don’t you just write a big neural network of your own to process all that?’ Very few companies can do that well. We thought that we can take the collection of these things and bring that as a solution to people to solve a business problem. And it’s much easier for them when we do that and […] that it’s a big part of our strategy to take our expertise in machine intelligence and artificial intelligence and build domain-specific solutions for a number of customers.”

The company first announced Contact Center AI at its Cloud Next conference two years ago and it became generally available last November. The promise here is that it will allow businesses to build smarter contact center solutions that rely on speech recognition to provide customers with personalized support while it also allows human agents to focus on more complex issues. A lot of this is driven by Google Cloud’s Dialogflow tool for building conversational experiences across multiple channels.

“Our view is that AI technology has reached a stage of maturity where it can be meaningfully applied to solving business problems that customers face,” he said. “One of the most important things that companies need is to differentiate the customer experience through helpful and convenient service — and it has never been more important, especially during the period we’re all in.”

Not too long ago, bots — and especially text-based bots — went through the trough of disillusionment, but Kurian argues that we’ve reached a very different stage now and that these tools can now provide real business value. What’s different now is that a tool like Contact Center AI has more advanced natural language processing capabilities and is able to handle multiple questions at the same time and maintain the context of the conversation.

“The first generation of something called chatbots — they kind of did something but they didn’t really do much because they thought that all questions can be answered with one sentence and that human beings don’t have a conversation,” he noted and also added that Google’s tools are able to automatically create dialogs using a company’s existing database of voice calls and chats that have happened in the past.

When necessary, the Contact Center AI can automatically hand the call off to a human agent when it isn’t able to solve a problem but another interesting feature is its ability to essentially shadow the human agent and automatically provide real-time assistance.

“We have a capability called Agent Assist, where the technology is assisting the agent and that’s the central premise that we built — not to replace the agent but assist the agent.”

Because of the COVID-19 pandemic, more companies are now accelerating their digital transformation projects. Kurian said that this is also true for companies that want to modernize their contact centers, given that for many businesses, this has now become their main way to interact with their customers.

As for Verizon, Kurian noted that this was a very large project that has to handle very high call volumes and a large variety of incoming questions.

“We have worked with Verizon for many, many years in different contexts as Alphabet and so we’ve known the customer for a long time,” said Kurian. “They have started using our cloud. They also experimented with other technologies and so we sort of went in three phases. Phase One is to get a discussion with the customer around the use of our technology for chat, then the focus is on saying you shouldn’t just do chat, you should do chat and voice on a common platform to avoid the kind of thing where you get one response online and a different response when you call. And then we’ve had our engineers working with them — virtually obviously, not physically.”

He noted that Google has seen quite a bit of success with Contact Center AI in the telco space, but also among government agencies, for example, especially in Europe and Asia. In some verticals like retail, he noted, Google Cloud’s customers are mostly focused on chat, while the company is seeing more voice usage among banks, for example. In the telco business, Google sees both across its customers, so it probably made sense for Verizon to bet on both voice and chat with its implementation.

“Verizon’s commitment to innovation extends to all aspects of the customer experience,” said Verizon global CIO and SVP Shankar Arumugavelu in today’s announcement. “These customer service enhancements, powered by the Verizon collaboration with Google Cloud, offer a faster and more personalized digital experience for our customers while empowering our customer support agents to provide a higher level of service.”

Rapid Huawei rip-out could cause outages and security risks, warns UK telco

The chief executive of UK incumbent telco BT has warned any government move to require a rapid rip-out of Huawei kit from existing mobile infrastructure could cause network outages for mobile users and generate its own set of security risks.

Huawei has been the focus of concern for Western governments including the US and its allies because of the scale of its role in supplying international networks and next-gen 5G, and its close ties to the Chinese government — leading to fears that relying on its equipment could expose nations to cybersecurity threats and weaken national security.

The UK government is widely expected to announce a policy shift tomorrow, following reports earlier this year that it would reverse course on so called “high risk” vendors and mandate a phase out of use of such kit in 5G networks by 2023.

Speaking to BBC Radio 4’s Today program this morning, BT CEO Philip Jansen said he was not aware of the detail of any new government policy but warned too rapid a removal of Huawei equipment would carry its own risks.

“Security and safety in the short term could be put at risk. This is really critical — because if you’re not able to buy or transact with Huawei that would mean you wouldn’t be able to get software upgrades if you take it to that specificity,” he said.

“Over the next five years we’d expect 15-20 big software upgrades. If you don’t have those you’re running gaps in critical software that could have security implications far bigger than anything we’re talking about in terms of managing to a 35% cap in the access network of a mobile operator.”

“If we get a situation where things need to go very, very fast then you’re in a situation where potentially service for 24M BT Group mobile customers is put into question,” he added, warning that “outages would be possible”.

Back in January the government issued a much delayed policy announcement setting out an approach to what it dubbed “high risk” 5G vendors — detailing a package of restrictions it said were intended to mitigate any risk, including capping their involvement at 35% of the access network. Such vendors would also be entirely barred them from the sensitive “core” of 5G networks. However the UK has faced continued international and domestic opposition to the compromise policy, including from within its own political party.

Wider geopolitical developments — such as additional US sanctions on Huawei and China’s approach to Hong Kong, a former British colony — appear to have worked to shift the political weather in Number 10 Downing Street against allowing even a limited role for Huawei.

Asked about the feasibility of BT removing all Huawei kit, not just equipment used for 5G, Jansen suggested the company would need at least a decade to do so.

“It’s all about timing and balance,” he told the BBC. “If you wanted to have no Huawei in the whole telecoms infrastructure across the whole of the UK I think that’s impossible to do in under ten years.”

If the government policy is limited to only removing such kit from 5G networks Jansen said “ideally” BT would want seven years to carry out the work — though he conceded it “could probably do it in five”.

“The current policy announced in January was to cap the use of Huawei or any high risk vendor to 35% in the access network. We’re working towards that 35% cap by 2023 — which I think we can make although it has implications in terms of roll out costs,” he went on. “If the government makes a policy decision which effectively heralds a change from that announced in January then we just need to understand the potential implications and consequences of that.

“Again we always — at BT and in discussions with GCHQ — we always take the approach that security is absolutely paramount. It’s the number one priority. But we need to make sure that any change of direction doesn’t lead to more risk in the short term. That’s where the detail really matters.”

Jansen fired a further warning shot at Johnson’s government, which has made a major push to accelerate the roll out of fiber wired broadband across the country as part of a pledge to “upgrade” the UK, saying too tight a timeline to remove Huawei kit would jeopardize this “build out for the future”. Instead, he urged that “common sense” prevail.

“There is huge opportunity for the economy, for the country and for all of us from 5G and from full fiber to the home and if you accelerate the rip out obviously you’re not building either so we’ve got to understand all those implications and try and steer a course and find the right balance to managing this complicated issue.

“It’s really important that we very carefully weigh up all the different considerations and find the right way through this — depending on what the policy is and what’s driving the policy. BT will obviously and is talking directly with all parts of government, [the National] Cyber Security Center, GCHQ, to make sure that everybody understands all the information and a sensible decision is made. I’m confident that in the end common sense will prevail and we will head down the right direction.”

Asked whether it agrees there are security risks attached to an accelerated removal of Huawei kit, the UK’s National Cyber Security Centre declined to comment. But a spokesperson for the NCSC pointed us to an earlier statement in which it said: “The security and resilience of our networks is of paramount importance. Following the US announcement of additional sanctions against Huawei, the NCSC is looking carefully at any impact they could have to the U.K.’s networks.”

We’ve also reached out to DCMS for comment.

Founding partner Hjalmar Winbladh is leaving EQT Ventures

EQT Ventures, the Stockholm-headquartered venture capital firm that invests in Europe and the U.S., is losing founding partner Hjalmar Winbladh, TechCrunch has learned.

Rumours that he was leaving the “multi-stage, sector-agnostic” VC fund that he helped launch in 2016, begun circulating within the European startup ecosystem last week, with multiple sources telling TechCrunch that Winbladh has his heart set on starting something new.

A serial entrepreneur, in the real sense, Winbladh is a seven-time founder, having previously built and managed global technology companies such as Wrapp, Rebtel and Sendit. Described as the world’s first mobile Internet company, Sendit was acquired by Microsoft in 1999.

He joined EQT a decade ago to help establish its venture arm, when Europe barely had a venture capital ecosystem and was dwarfed by the U.S. in terms of available capital. In late 2019, EQT Ventures raised its second fund, with commitments totalling €660 million, making it one of the largest VC funds in Europe.

One of the firm’s investments, Small Giant Games, was acquired by Zynga in 2018 in a deal valued at $700 million. Other portfolio companies include 3D Hubs, Varjo, Natural Cycles, Permutive, Codacy, Peakon and Tinyclues.

Confirming Winbladh’s departure, EQT’s Head of Communications, Nina Nornholm, provided the following statement:

“Hjalmar has been with EQT for almost 10 year and has played an instrumental role on our digital transformation journey. Over the last five years, he has also built and led the Ventures team into a very successful business and with a strong portfolio and dedicated team. He is now longing to get back to his entrepreneurial roots and has decided to leave his role within EQT Ventures. He remains on the boards of EQT Ventures’ portfolio companies Banking Circle, Wolt and Peltarion so we are not separating ways entirely”.

In a brief call with Winbladh — interrupting his vacation, no less — he said he was excited to take some time to figure out what’s next, although he stressed that it was too early to go into any detail and that he was leaving EQT Ventures in very good hands.

Painting broad brush strokes, Winbladh told me he wants to continue giving back to the European ecosystem but that the challenges it faces today are very different to ten years ago. With the tech landscape more competitive than ever, he wants to create a way for seasoned entrepreneurs and investors like himself to better support the next generation of founders, hinting at something earlier stage than EQT Ventures’ Series A, B and C focus. However, he said he wasn’t currently raising a fund of his own.

As always, watch this space.

K Fund’s Jaime Novoa discusses early-stage firm’s focus on Spanish startups

Earlier this month, Spanish early-stage venture capital firm K Fund officially launched its second fund, which sits at €70 million, up from €50 million the first time around.

Targeting Spanish startups with an international outlook, the seed-stage firm plans to invest from €200,000 to €2 million, writing first checks in 25-30 companies. Meanwhile, a portion of the fund will also be set aside for follow-on funding for the most promising of its portfolio.

Described as business model- and sector-agnostic, K Fund currently has a mix of B2B and B2C companies in its portfolio across a wide variety of sectors, such as travel, fintech, insurtech and others. They include online travel agency Exoticca, HR software Factorial, insurtech startup Bdeo and Hubtype, a conversational messaging tech provider.

I caught up with K Fund’s Jaime Novoa to delve deeper into the firm’s investment remit, how the Spanish startup and tech ecosystem has developed over the last few years and to learn more about “K Founders,” the VC’s new pre-seed funding program.

TechCrunch: K Fund’s first fund was announced in late 2016 to back startups in Spain with an international outlook at seed and Series A. At €70 million, this second fund is €20 million larger but I gather the remit remains broadly the same. Can you be more specific with regards to cheque size, geography, sector and the types of startups you look for?

Jaime Novoa: We’re both agnostic in terms of business models and industries. Since our focus is, for the most part, Spain, we do not believe that the Spanish market is big enough to build a vertically focused fund, either in terms of business model or sector.

With our first fund we invested in 28 companies, with a slightly larger number of B2B SaaS companies than B2C ones, and across a wide variety of sectors. We do have a bit of exposure to travel and fintech/insurtech, but that’s because we’ve found several interesting companies in those spaces, not because we proactively said, “let’s invest in fintech/travel.”

In terms of check sizes, the core of the fund will be to make the same type of investments as in our first fund: first cheques from €200k to €2m and then sufficient capital for follow-on rounds. We’ll probably do a similar number of deals compared to the previous fund, but we want to have additional capital for follow-on purposes.

K Fund’s Jaime Novoa discusses early-stage firm’s focus on Spanish startups

Earlier this month, Spanish early-stage venture capital firm K Fund officially launched its second fund, which sits at €70 million, up from €50 million the first time around.

Targeting Spanish startups with an international outlook, the seed-stage firm plans to invest from €200,000 to €2 million, writing first checks in 25-30 companies. Meanwhile, a portion of the fund will also be set aside for follow-on funding for the most promising of its portfolio.

Described as business model- and sector-agnostic, K Fund currently has a mix of B2B and B2C companies in its portfolio across a wide variety of sectors, such as travel, fintech, insurtech and others. They include online travel agency Exoticca, HR software Factorial, insurtech startup Bdeo and Hubtype, a conversational messaging tech provider.

I caught up with K Fund’s Jaime Novoa to delve deeper into the firm’s investment remit, how the Spanish startup and tech ecosystem has developed over the last few years and to learn more about “K Founders,” the VC’s new pre-seed funding program.

TechCrunch: K Fund’s first fund was announced in late 2016 to back startups in Spain with an international outlook at seed and Series A. At €70 million, this second fund is €20 million larger but I gather the remit remains broadly the same. Can you be more specific with regards to cheque size, geography, sector and the types of startups you look for?

Jaime Novoa: We’re both agnostic in terms of business models and industries. Since our focus is, for the most part, Spain, we do not believe that the Spanish market is big enough to build a vertically focused fund, either in terms of business model or sector.

With our first fund we invested in 28 companies, with a slightly larger number of B2B SaaS companies than B2C ones, and across a wide variety of sectors. We do have a bit of exposure to travel and fintech/insurtech, but that’s because we’ve found several interesting companies in those spaces, not because we proactively said, “let’s invest in fintech/travel.”

In terms of check sizes, the core of the fund will be to make the same type of investments as in our first fund: first cheques from €200k to €2m and then sufficient capital for follow-on rounds. We’ll probably do a similar number of deals compared to the previous fund, but we want to have additional capital for follow-on purposes.

Creandum backs Amie, a new productivity app from ex-N26 product manager Dennis Müller

Amie, a new productivity app from ex-N26 product manager Dennis Müller, has picked up $1.3 million in pre-seed funding to “kickstart” development and hiring.

Backing 23 year-old Müller is Creandum — the European VC best known for being an early investor in Spotify — along with Tiny.VC and a plethora of angels. They include Laura Grimmelmann (Ex-Accel), Nicolas Kopp (CEO, N26 U.S.), Roland Grenke (Dubsmash co-founder) and Zachary Smith (SVP of product at U.S. challenger bank Chime).

Founded early this year and with a planned launch in early 2021, Berlin-based Amie is developing a productivity app that combines a person’s calendar and to-dos in one place. Previously called coco, it promises to work across all devices, with an interface that “works just like you think”.

“Back in the day, you had a calendar on your office wall, and a to-do list on a notepad,” Müller tells me. “You could take your list with you elsewhere, but not your calendar. Those were digitized instead of rethinking the flow. Most productivity apps solve very specific problems, creating a new one, [and] users need too many tools”.

Amie pre-release app screenshot

Müller says Amie is built on the principle that “to-dos, habits and events all take time, and all belong in the same place”. Many people already schedule to-dos and the startup wants offer the fastest way to create to-dos, schedule events, check your calendar “and even jump into Zoom calls”.

As a glimpse of what’s to come, Amie promises to let you drag ‘n’ drop to-dos into your day, or turn links and screenshots into to-dos. “With Amie’s Alfred-like app, you can create an event and invite people in a different timezone, all while other apps are still loading,” says the young company.

More broadly, Amie wants to act as a central workspace, letting you also do things like join video calls, take notes, and do email, without the need to open extra browser tabs and therefore avoid “context switching”.

“Amie will target professionals who are currently using Google Calendar, due to our integration,” adds Müller. “The waitlist already counts thousands of users, who are mostly professionals working in the tech industry e.g. designers, developers, bizdevs, etc”.

Smartwatch hack could trick patients to ‘take pills’ with spoofed alerts

Security researchers say a smartwatch, popular with the elderly and dementia patients, could have been tricked into letting an attacker easily take control of the device.

These watches are designed to help patients to easily call their carers and for carers to track the location of their patients. They come with their own cellular connection, so that they work anywhere.

But researchers at U.K.-based security firm Pen Test Partners found that they could trick the smartwatch into sending fake “take pills” reminders to patients as often as they want, they said.

“A dementia sufferer is unlikely to remember that they had already taken their medication,” wrote Vangelis Stykas in a blog post. “An overdose could easily result.”

Researchers triggering the “take pill” alert on a vulnerable smartwatch. (Image: Pen Test Partners/supplied)

The vulnerabilities were found in the back-end cloud system, known as SETracker, which powers the smartwatch. The same cloud system also powers millions of other white-label smartwatches and vehicle trackers across Europe, all of which were vulnerable to basic attacks, the researchers said.

The researchers found a copy of the source code that powers the back-end cloud system, allowing the researchers to find security weaknesses in the code. One of the major flaws found was that the server was using a hardcoded key which, if used, an attacker could have sent any commands to remotely control any one of these devices.

With this key, an attacker could trigger the “take pills” alert, secretly make phone calls from the device, send text messages, or — in the case of vehicle trackers — cutting the engine altogether.

The code also had passwords and tokens to SETracker’s cloud storage, which the researchers believe — based on the code — stored data uploaded by these devices. But the researchers were unable to check as doing so would have broken U.K. computer hacking laws.

The researchers said that the vulnerabilities have now been fixed. It isn’t known if the flaws had been exploited by someone else.

This latest research comes just months after Pen Test Partners found similar vulnerabilities in another widely-used white-label child-tracking smartwatches.

Security, or a lack of, is a growing trend among smart device makers, often which build devices with little consideration for good cybersecurity practices. That prompted the U.K. government to propose new legislation that would help improve their security by mandating that smart devices must be sold with a baseline level of security, such as unique passwords.

Smartwatch hack could trick patients to ‘take pills’ with spoofed alerts

Security researchers say a smartwatch, popular with the elderly and dementia patients, could have been tricked into letting an attacker easily take control of the device.

These watches are designed to help patients to easily call their carers and for carers to track the location of their patients. They come with their own cellular connection, so that they work anywhere.

But researchers at U.K.-based security firm Pen Test Partners found that they could trick the smartwatch into sending fake “take pills” reminders to patients as often as they want, they said.

“A dementia sufferer is unlikely to remember that they had already taken their medication,” wrote Vangelis Stykas in a blog post. “An overdose could easily result.”

Researchers triggering the “take pill” alert on a vulnerable smartwatch. (Image: Pen Test Partners/supplied)

The vulnerabilities were found in the back-end cloud system, known as SETracker, which powers the smartwatch. The same cloud system also powers millions of other white-label smartwatches and vehicle trackers across Europe, all of which were vulnerable to basic attacks, the researchers said.

The researchers found a copy of the source code that powers the back-end cloud system, allowing the researchers to find security weaknesses in the code. One of the major flaws found was that the server was using a hardcoded key which, if used, an attacker could have sent any commands to remotely control any one of these devices.

With this key, an attacker could trigger the “take pills” alert, secretly make phone calls from the device, send text messages, or — in the case of vehicle trackers — cutting the engine altogether.

The code also had passwords and tokens to SETracker’s cloud storage, which the researchers believe — based on the code — stored data uploaded by these devices. But the researchers were unable to check as doing so would have broken U.K. computer hacking laws.

The researchers said that the vulnerabilities have now been fixed. It isn’t known if the flaws had been exploited by someone else.

This latest research comes just months after Pen Test Partners found similar vulnerabilities in another widely-used white-label child-tracking smartwatches.

Security, or a lack of, is a growing trend among smart device makers, often which build devices with little consideration for good cybersecurity practices. That prompted the U.K. government to propose new legislation that would help improve their security by mandating that smart devices must be sold with a baseline level of security, such as unique passwords.

Data brokers track everywhere you go, but their days may be numbered

Everywhere you go, you are being followed. Not by some creep in a raincoat, but by the advertisers wanting to sell you things.

The more advertisers know about you — where you go, which shops you visit, and what purchases you make — the more they can profile you, understand your tastes, your hobbies and interests, and use that information to target you with ads. You can thank the phone in your pocket — the apps on it, to be more accurate — that invisibly spits out gobs of data about you as you go about your day.

Your location, chief among the data, is by far the most revealing.

Apps, just like websites, are filled with trackers that send your real-time location to data brokers. In return, these data brokers sell on that data to advertisers, while the app maker gets a cut of the money. If you let your weather app know your location to serve you the forecast, you’re also giving your location to data brokers.

Don’t be too surprised. It’s all explained in the privacy policy that you didn’t read.

By collecting your location data, these data brokers have access to intensely personal aspects of your life and can easily build a map of everywhere you go. This data isn’t just for advertising. Immigration authorities have bought access to users’ location data to help catch the undocumented. In one case, a marketing firm used location data harvested from phones to predict the race, age, and gender of Black Lives Matter protesters. It’s an enormous industry, said to be worth at least $200 billion.

It’s only been in recent years that it was possible to learn what these data brokers know about us. But the law is slowly catching up. Anyone in Europe can request access to obtain or delete their data  under the GDPR rules. California’s new consumer privacy law grants California residents access to their data.

But because so many data brokers collect and resell that data, the data marketplace is a fragmented mess, making it impossible to know which companies have your data. That can make requesting it a nightmare.

Jordan Wright, a senior security architect at Duo Security, requested his data from some of the biggest data brokers in the industry, citing California’s new consumer privacy law. Not all went to plan. As an out-of-state resident, only one of the 14 data brokers approved his request and sent him his data.

What came back was a year’s worth of location data.

Wright works in cybersecurity and knows better than most how much data spills out of his phone. But he takes precautions, and is careful about the apps he puts on his phone. Yet the data he got back knew where he lives, where he works, and where he took his family on holiday before the pandemic hit.

“It’s frustrating not fully knowing what data has been collected or shared and by whom,” he wrote in a blog post. “The reality is that dozens of companies are monitoring the location of hundreds of millions of unsuspecting people every single day.”

Avoiding this invasive tracking is nearly impossible. Just like with web ad tracking, you have little choice but to accept the app’s terms. Allow the tracking, or don’t use the app.

But the winds are changing and there is an increasing appetite to rein in the data brokers and advertising giants by kneecapping their data collection efforts. As privacy became a more prominent selling point for phone consumers, the two largest smartphone makers, Apple and Google, in recent years began to curb the growing power of data brokers.

Both iPhones and Android devices now let you opt-out of ad tracking, a move that doesn’t reduce the ads that appear but prevents advertisers from tracking you across the web or between apps.

Apple threw down the gauntlet last month when it said its next software update, iOS 14, would let users opt-out of app tracking altogether, serving a severe blow to data brokers and advertisers by reducing the amount of data that these ad giants collect on millions without their explicit and direct consent. That prompted an angry letter from the Interactive Advertising Bureau, an industry trade group that represents online advertisers, expressed its “strong concerns” and effectively asked it to back down from the plans.

Google also plans to roll out new app controls for location data in its next Android release.

It’s not the only effort taking on data brokers but it’s been the most effective — so far. Lawmakers are scrambling to find bipartisan support for a proposed federal data protection agency before the end of the year, when Congress resets and enters a legislative session.

Shy of an unlikely fix by Washington, it’s up to the tech giants to keep pushing back.