Lots to get to today, so getting right to it. Today's Login is 1,451 words, a 5 minute read.
1 big thing: Facebook tightens rules around self-harm images
Today's World Suicide Prevention Day reminds us that plenty of people are struggling with feelings of harming themselves. Deciding just what to allow and not allow on social networks is a tricky balance and something Facebook has been wrestling with for more than a decade.
Driving the news: As part of a fresh series of consultations over the past year, Facebook is announcing a series of moves today aimed at reducing the risk of encouraging self-harm while also trying to preserve the ability for people to discuss their struggles without shame.
Specifically, Facebook is:
- Tightening its rules to limit graphic depictions of cutting on Facebook and Instagram.
- Tightening its policies around acceptable images related to eating disorders.
- Hiring a full-time health and well-being expert on its safety team to focus on these and other issues.
- Promoting the #chatsafe guidelines designed to help encourage healthy dialogue with those dealing with suicidal feelings.
- Looking for ways to share some public user data with the academic community, starting with two researchers who study suicide prevention.
What they're saying: "While suicide prevention work and dealing with self-harm can be some of the most challenging policy work we do, it's also some of the most important work we do," Facebook global head of safety Antigone Davis told Axios.
In creating the new policies, Davis said Facebook is trying to limit people from unwittingly being exposed to harmful content while at the same time preserving opportunities for people to share their struggles and gain a sense of community.
Why it matters: Globally, someone dies by suicide every 40 seconds and experts say up to 25 times as many will attempt suicide.
My thought bubble: Facebook needs to perform a delicate and difficult balancing act. Sharing thoughts of suicidal intention, self-harm and disordered eating can have a contagious effect. At the same time, people dealing with these issues need outlets to talk about them or they suffer shame and isolation. Sharing one's struggles can provide relief — yet what's helpful to someone posting could end up being harmful to someone reading.
What's next: Facebook is moving to place greater emphasis on private groups and messaging. That will only make these issues thornier. And, of note, today Facebook doesn't proactively screen private groups for the types of content banned under the new policies. Rather, it relies on reports from users, meaning someone within the group would need to voice a complaint.
2. A cheat sheet for Apple's iPhone event
We won't officially know what Apple is announcing at this morning's event for a few hours more. But it's virtually impossible for phone makers — even secretive Apple — to keep much secret these days.
Expect Apple to introduce at least:
- A high-end iPhone line with three rear cameras, basically an upgrade to the iPhone XS.
- A mid-range iPhone line with an LCD screen and two rear cameras, basically an upgrade to the iPhone XR.
- A new Apple Watch model with sleep tracking, among some other new features.
- A new Bluetooth-based tracking device that can be attached to various objects making them findable via an iPhone or other Apple device.
Also expect updates on some of the services Apple announced earlier this year, such as the Apple Arcade subscription game service.
Yes, but: The most interesting part of the show will be seeing whether Apple does anything beyond the above — or finds ways to make any of the above products more compelling than expected.
Why it matters: The iPhone remains the heart of Apple's business, and by all accounts it is going into essentially the third year with the design that debuted with the iPhone X. It remains unclear just how many good new reasons Apple can dream up to spur upgrades.
3. Controversial spyware firm pivots to human rights
A controversial Israeli military and law enforcement contractor that sells mobile phone spyware to governments is announcing a broad range of human rights protections after years of criticism, Axios' Joe Uchill reports.
The big picture: NSO Group has been accused of selling its Pegasus spyware to authoritarian governments, including the UAE, Saudi Arabia and Qatar. Mexico used Pegasus to spy on the phones of inappropriate targets, including government officials and others who backed a tax on soda.
Background: NSO was purchased in February by Novapina Capital, a European private equity firm, which promised to make the company more transparent and to improve its human rights record.
- According to a spokesperson for the company, NSO has terminated 3 contracts in the past for violating its human rights policies.
- But the company has been saddled with negative publicity for years. Just days before the Novapina purchase, allegations came to light that NSO had sent human operatives to spy on lawyers, civil society groups and a journalist that tracked the group.
The new human rights policy includes:
- Commitments to align business policies with several international human rights codes.
- Promises to research potential clients and decline to sell to those with too many red flags.
- An external whistleblower program to identify misuse, providing a formal mechanism to contact the firm.
- A promise to engage with civil society groups.
Between the lines: NSO had revenue of $250 million in 2018 but has had trouble obtaining investment commensurate with its revenue, according to Forbes.
Yes, but: The policy changes aren't likely to satisfy NSO's critics.
- NSO held its plan close to the vest before the announcement, and civil society groups have not been able to see the plan in full.
- But John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab, which has done much of the research on NSO's alleged human rights abuses, questions any plan that relies on victims to report misuse of the stealthy Pegasus.
4. Election officials flub some basic security tasks
State elections officials struggle with some of the basics of office cybersecurity, according to a new report from cybersecurity auditor NormShield, Joe reports.
Why it matters: With the 2020 elections looming, there is a massive push to button down election cybersecurity.
Details: NormShield audited how state election authorities in all 50 states, D.C. and the territories handled common security tasks not related to the specialized equipment used in elections.
- In a July scan, by the NormShield metrics, an average hacker would be able to breach 27 states' systems. States had particular trouble with keeping patches up to date — nearly averaging the lowest possible grade in tests — and in preventing stolen credentials from showing up on the dark web, although states by and large performed well in other areas of testing.
- NormShield informed states of what they found, giving them a chance to mitigate vulnerabilities, and performed a new scan in August. In the followup scan, states preformed dramatically better, though 13 states would still be vulnerable to an average hacker.
Why patch management grades suffered: Election boards' web servers use older operating systems and programs that are at or near their end of life.
Leaked credentials can be a problem, Maley says, even if they don't provide access to official accounts. Election officials shouldn't be using their official email addresses to sign up for personal online accounts.
- "I actually saw leaked credentials from one state's CISO," said Maley.
5. Exclusive: Uber Eats expands on GrubHub turf
Uber Eats is stepping even more squarely into GrubHub's turf with its latest move: letting restaurants join its service even if they have their own delivery drivers. The option rolled out in Europe and the Middle East last month, and is now available in the U.S., Axios' Kia Kokalitcheva reports.
- Uber Eats has also hit the 1 billion food delivery mark.
Why it matters: There's a lot of pressure on Uber Eats to turn a profit to bolster its parent company's business, so it's no surprise Uber is looking to expand the restaurant side of its marketplace.
The big picture: While GrubHub began as simply a hub for aggregating restaurants that deliver to customers, the company began to provide delivery for restaurants in 2015.
- Still, about 65% of GrubHub's orders are delivered by the restaurants themselves.
- Uber Eats is moving in the opposite direction.
Between the lines: This makes it easier for Uber Eats to work with chains, both national and regional, that have their own delivery operations.
- Yes, but: It's unclear that giving Uber a 15% cut is worth it for any restaurant, especially if it already provides delivery on its own.
6. Take Note
- Apple's event starts at 10am. I'll be there, and you can check Axios.com for live coverage.
- "Tools and Weapons," the book from Microsoft president Brad Smith (and Carol Ann Browne) officially goes on sale. You can read our exclusive preview here. Also, I'll be interviewing Smith next week at a Churchill Club event in Redwood City, Calif.
- Code Commerce concludes in New York.
- Former Cisco executive Padmasree Warrior and Slack and Pinterest veteran Jason Shellen have announced their new startup, Fable.
- 48 states, along with D.C. and Puerto Rico, launched an antitrust inquiry into Google. California and Alabama stayed on the sidelines. (Axios)
- Facebook clarified its policy of trying to ascertain users' location even when they have turned off direct sharing of location via GPS. (Facebook)
- SoftBank has urged WeWork to shelve its planned IPO. (Financial Times)
- Women in labor are turning to VR to ease anxiety and deal with pain. (CNN)
- More than 50 CEOs ask Congress to pass a national privacy law (Axios)
7. After you Login
This made me smile. Hopefully it will make you smile, too.