Category: Tech news

Grove Collaborative, a four-year-old, San Francisco-based startup that sells household, personal care, baby, children’s and pet products, has been busy raising money in 2018, shows two new SEC filings that lists representatives from the company’s earlier investors, including Mayfield, Norwest Venture Partners and MHS Capital, as well as apparent new investor General Atlantic, represented by partner Catherine Beaudoin.

One of the filings shows that Grove Collaborative, which had already raised roughly $62 million as of the start of 2018, subsequently raised $27.4 million more this year. A separate, second filing shows another $76.4 million has been secured in what looks to be a newer round that’s targeting $125 million. It’s a lot of money for such a young company, which suggests it has found traction with a growing customer base.

We’ve reached out to Grove Collaborative and are waiting to learn more.

As we reported back in January, co-founder Stuart Landesberg started the company after working with retail brands during two years as an associate with TPG Capital, which focuses on growth equity and middle-market private equity transactions. With shelf space limited for brands in brick-and-mortar stores, he saw an opportunity for a startup that prompts consumers to buy the kinds of items they buy over and over again just as they are running out of them: think dish soap, pet food, deodorant, vitamins and sunscreen.

Amazon, of course, similarly prompts its customers to buy such items, but Grove Collaborative is marketing to a slightly narrower demographic, that of people who want only all-natural products. In fact, along with the brands that it make it easier for its customers to find — think Method and Mrs. Meyers — the company began selling its own all-natural products this year. Among the many dozens of offerings it now retails under the Grove Collaborative label: a coconut body lotion, a foaming hand soap, coffee filters, soy candles and lip balm.

The move puts the startup in more direct competition with other e-commerce companies, like the consumer goods company Honest Company, which similarly sells natural products for the home and personal care, though many of its products are now sold on shelves in big retail stores like Target.

Grove Collaborative also looks to be competing more directly now with well-funded Brandless, which raised $240 million from SoftBank’s Vision Fund in summer at a valuation of slightly more than $500 million. Brandless also sells its own all-natural household and personal care products, though, unlike Grove Collaborative, it also focuses on food and, unlike Grove, it offers a subscription service, yet does not revolve around one. Grove is exclusively selling an auto-shipment service.

Grove had previously raised two separate rounds of funding in quick succession: a $15 million Series B round it closed in March of 2017, following by a $35 million Series C round it announced in January of this year.

Given that Landesberg was formerly an investor himself, he may well have realized — as have many founders — that raising money next year may be far harder in 2019 than it has been this year. As the CEO of Zymergen, whose giant funding round we recently featured, told Bloomberg last week: “We wanted to have some fat on our bones for sure . . . The time to raise money is when people are giving it to you.”

Gfycat, a home for GIF-making tools and an online community, is rolling out a new way to create GIFs — it will now let you keep the sound on. With “Gfycat Sound,” as the feature is called, GIF makers will have the option to retain the audio from the video file they’re using to create their “GIF” — something Gfycat believes will be especially popular among gamers.

The company had already experimented with other types of non-traditional GIFs, like longer GIFs, AR GIFs, HD GIFs and 360 GIFs, for example, in order to evolve the concept of the GIF beyond the classic, grainy loop.

Of course, the resulting GIFs aren’t “.gifs” at this point — they’re short-form videos.

The same holds true for “Gfycat Sound.” But end users don’t necessarily care about the GIFs’ technical underpinnings — they just want to create and share short clips pulled from longer pieces of content.

(If you’re curious, though, Gfycat says it transcodes the video with the audio track – mono and stereo – into WebM and MP4. In a later iteration, it will save the audio as a separate file that can be mixed with any of the 14 different files we generate for every Gfycat.)

The company says it decided to roll out support for sound after polling its community for their top feature requests earlier this year. “GIFs with sound” came back as the top demand from users.

To take advantage of the added support, GIF creators will be able to toggle a switch in Gfycat’s upload tool to keep the sound on or remove it before creating their GIF. As before, GIFs can be created using a video file you upload, or through a link you paste from a site like YouTube, Facebook, Twitch or elsewhere. And if users upload a .gif file or a video that doesn’t have sound, the software will detect that on its end.

The GIF editing software lets you select the start and stop times for the GIF and add captions before sharing, as well.

Once the GIF is uploaded to Gfycat’s site, users will be able to view the audio GIFs while browsing by clicking the icon on the top-right of the GIF to turn the sound on. (The site will default to sound off, thankfully – you won’t all of a sudden be bombarded with noise.)

These new “audio GIFs” work on all mobile and desktop browsers at launch, and will come to Gfycat’s iOS and Android apps in 2019, as well as to its API documentation for developers.

“We see our creators using gaming first and foremost for Gfycat Sound, as e-sports has become a global phenomenon,” explains Gfycat CEO Richard Rabbat. “Now, a gamer can share their achievement with the sound of the ‘shot’ that won her or him the game and achieve more virality for their content,” he says. “We also see our sports content benefiting from Gfycat Sound because you can now share the emotions of the audience,” Rabbat added.

via Gfycat

While an actual GIF file cannot have sound, Gfycat is not the first GIF toolmaker that has expanded to include short-form video alongside its traditional collection of .gifs — Imgur did the same back in May. The reasoning in that case was similar — sometimes you need to hear the clip to really enjoy the content. Plus, advertisers love video, too.

Despite their silly nature, GIFs are a big business these days. Google acquired top GIF platform Tenor earlier this year. At the time, the company was seeing more than 12 billion searches per month.

Gfycat in April said it had 180 million monthly active users, and 500 million page views.

Epic Games had as good a year in 2018 as any company in tech. Fortnite became the world’s most popular game, growing the company’s valuation to $15 billion, but it has helped the company pile up cash, too. Epic grossed a $3 billion profit for this year fueled by the continued success of Fortnite, a source with knowledge of the business told TechCrunch.

Epic did not respond to a request for comment.

Fortnite, which is free to play but makes money selling digital items, has popularized the battle royale category — think Lord of the Flies meets Hunger Games — almost single-handedly, and it has been the standout title for the U.S.-based game publisher.

Founded way back in 1991, Epic hasn’t given revenue figures for its smash hit — which has 125 million players — but this new profit milestone, combined with other pieces of data, gives an idea of the success the company is seeing as a result of a prescient change in strategy made six years ago.

This past September, Epic commanded a valuation of nearly $15 billion, according to The Wall Street Journal, as marquee investors like KKR, Kleiner Perkins and Lightspeed piled on in a $1.25 billion round to grab a slice of the red-hot development firm. However, the investment cards haven’t always been stacked in Epic’s favor.

China’s Tencent, the maker of blockbuster chat app WeChat and a prolific games firm in its own right, became the first outside investor in Epic’s business back in 2012 when it injected $330 million in exchange for a 40 percent stake in the business.

Back then, Epic was best known for Unreal Engine, the third-party development platform that it still operates today, and top-selling titles like Gears of War.

Why would a proven company give up such a huge slice of its business? Executives believed that Epic, as it was, was living on borrowed time. They sensed a change in the way games were headed based on diminishing returns and growing budgets for console games, the increase of “live” games like League of Legends and the emerging role of smartphones.

Speaking to Polygon about the Tencent deal, Epic CEO Tim Sweeney explained that the investment money from Tencent allowed the company to go down the route of freemium games rather than big box titles. That’s a strategy Sweeney called “Epic 4.0.”

“We realized that the business really needed to change its approach quite significantly. We were seeing some of the best games in the industry being built and operated as live games over time rather than big retail releases. We recognized that the ideal role for Epic in the industry is to drive that, and so we began the transition of being a fairly narrow console developer focused on Xbox to being a multi-platform game developer and self publisher, and indie on a larger scale,” he explained.

Tencent, Sweeney added, has provided “an enormous amount of useful advice,” while the capital enabled Epic to “make this huge leap without the immediate fear of money.”

Epic never had a problem making money — Sweeney told Polygon the first Gear of Wars release grossed $100 million on a $12 million development budget. But with Fortnite, the company has redefined modern gaming, both by making true cross-platform experiences possible and by pulling in vast amounts of money.

As a private company, Epic keeps its financials closely guarded. But digging beyond the $3 billion figure — which, to be clear, is annual profit not revenue — there are clues as to just how big a money-spinner Fortnite is. Certainly, there’s room to wonder whether analyst predictions this summer that Fortnite would gross $2 billion this year were too conservative.

The most recent data comes from November when Sensor Tower estimates that iOS users alone were spending $1.23 million per day. That helped the game bank $37 million in the month and take its total earnings within Apple’s iOS platform to more than $385 million.

But, as mentioned, Fortnite is a cross-platform title that supports PlayStation, Xbox, Switch, PC, Mac, Android and iOS. Aggregating revenue across those platforms isn’t easy, and the only real estimate comes from earlier this year when Super Data Research concluded that the game made $318 million in May across all platforms.

That is, of course, when Fortnite was fresh on iOS, non-existent on Android and with fewer overall players.

We can deduce from Sensor Tower’s November estimate that iOS pulled in $385 million over eight months — between April and November — which is around $48 million per month on average. Android is harder to calculate since Epic skipped Google’s Play Store by distributing its own launcher. While it quickly picked up 15 million Android users within the first month, tracking that spending off-platform is a huge challenge. Some estimates predicted that Google would miss out on around $50 million in lost earnings this year because in-app purchases on Android would not cross its services.

There are a few factors to add further uncertainty.

Fortnite spending tends to spike around the release of new seasons — updated versions of the game — since users are encouraged to buy specific packages at the start. The latest, Season 7, dropped early this month with a range of tweaks for the Christmas period. Given the increased velocity at which Fortnite is picking up players and the appeal of the festive period, this could have been its biggest revenue generator to date, but there’s not yet any indicator of how it performed.

More broadly, Fortnite has undoubtedly lost out on revenue in China, which froze new game licenses nine months ago, thereby preventing any publishers from monetizing new titles over that period.

Tencent, which publishes Fortnite in China, did release the game in the country but it hasn’t been able to draw revenue from it yet. The Chinese government announced last week that it is close to approving its first batch of new titles, but it isn’t clear which games are included and when the process will be done.

Already, the effects have been felt.

Games are forecast to generate nearly $40 billion in revenue in China this year, according to market researcher Newzoo. However, the industry saw its slowest growth over the last 10 years as it grew 5.4 percent year-over-year during the first half of 2018, according to a report by Beijing-based research firm GPC and China’s official gaming association CNG.

Fortnite and PUBG — another battle royale title backed by Tencent — have perhaps suffered the most since they are universally popular worldwide but unable to monetize in China. It seems almost certain that those two titles will receive a major marketing push if, as and when they receive the license and, if Epic can keep the game competitive as Sweeney believed it could back in 2012, then it could go on and make even more money in 2019.

But Epic isn’t relying solely on Fortnite.

A more low-key but significant launch this month was the opening of the Epic Games store, which is aimed squarely at Steam, the leader in digital game sales.

While Fortnite is its most prolific release, Epic also makes money from other games, Unreal Engine and a recently launched online game store that rivals Steam. Epic’s big differentiator for the store is that it gives developers 88 percent of their revenue, as opposed to Valve — the firm behind Steam — which keeps 30 percent, although it has added varying rates for more successful titles. Customers are promised a free title every two weeks.

Either way, Epic is betting that it can do a lot more than Fortnite, which could mean that its profit margin will be even higher come this time next year.

What the heck is “Black Mirror: Bandersnatch”?

It’s probably not just a regular episode of the critically acclaimed science fiction anthology series. Netflix has been pretty cryptic about it, only announcing its existence last week, ahead of a December 28 release.

Given the reported 5 hour, 12-minute runtime, “Bandersnatch” may be the choose-your-own-adventure episode that we know was in the works — in that case, it wouldn’t actually take hours and hours to watch, but instead would incorporate multiple paths totaling five hours of footage.

Today, Netflix released a trailer for what it’s describing as “a Black Mirror event.” The story takes place in 1984 and focuses on a programmer (Fionn Whitehead) adapting a fantasy novel into a computer game.

The trailer doesn’t quite come out and say that this will be an interactive episode, but the subject matter and the tagline (“change your mind — change your life — change your past — your present — your future”) seem to be awfully suggestive.

And we won’t have to wait much longer to find out: Netflix says “Black Mirror: Bandersnatch” goes live tomorrow.

This year saw the most devastating cyberattack in history, a gang of teen hackers, and so much Mueller news.

Google has scrambled to remove third-party apps that led users to child porn sharing groups on WhatsApp in the wake of TechCrunch’s report about the problem last week. We contacted Google with the name of one of these apps and evidence that it and others offered links to WhatsApp groups for sharing child exploitation imagery. Following publication of our article, Google removed from the Google Play store that app and at least five like it. Several of these apps had more than 100,000 downloads, and they’re still functional on devices that already downloaded them.

WhatsApp failed to adequately police its platform, confirming to TechCrunch that it’s only moderated by its own 300 employees and not Facebook’s 20,000 dedicated security and moderation staffers. It’s clear that scalable and efficient artificial intelligence systems are not up to the task of protecting the 1.5 billion-user WhatsApp community, and companies like Facebook must invest more in unscalable human investigators.

But now, new research provided exclusively to TechCrunch by anti-harassment algorithm startup AntiToxin shows that these removed apps that hosted links to child porn sharing rings on WhatsApp were supported with ads run by Google and Facebook’s ad networks. AntiToxin found six of these apps ran Google AdMob, one ran Google Firebase, two ran Facebook Audience Network and one ran StartApp. These ad networks earned a cut of brands’ marketing spend while allowing the apps to monetize and sustain their operations by hosting ads for Amazon, Microsoft, Motorola, Sprint, Sprite, Western Union, Dyson, DJI, Gett, Yandex Music, Q Link Wireless, Tik Tok and more.

The situation reveals that tech giants aren’t just failing to spot offensive content in their own apps, but also in third-party apps that host their ads and that earn them money. While these apps like “Group Links For Whats” by Lisa Studio let people discover benign links to WhatsApp groups for sharing legal content and discussing topics like business or sports, TechCrunch found they also hosted links with titles such as “child porn only no adv” and “child porn xvideos” that led to WhatsApp groups with names like “Children ” or “videos cp” — a known abbreviation for “child pornography.”

In a video provided by AntiToxin seen below, the app “Group Links For Whats by Lisa Studio” that ran Google AdMob is shown displaying an interstitial ad for Q Link Wireless before providing WhatsApp group search results for “child.” A group described as “Child nude FBI POLICE” is surfaced, and when the invite link is clicked, it opens within WhatsApp to a group used for sharing child exploitation imagery. (No illegal imagery is shown in this video or article. TechCrunch has omitted the end of the video that showed a URL for an illegal group and the phone numbers of its members.)

Another video shows the app “Group Link For whatsapp by Video Status Zone” that ran Google AdMob and Facebook Audience Network displaying a link to a WhatsApp group described as “only cp video.” When tapped, the app first surfaces an interstitial ad for Amazon Photos before revealing a button for opening the group within WhatsApp. These videos show how alarmingly easy it was for people to find illegal content sharing groups on WhatsApp, even without WhatsApp’s help.

Zero tolerance doesn’t mean zero illegal content

In response, a Google spokesperson tells me that these group discovery apps violated its content policies and it’s continuing to look for more like them to ban. When they’re identified and removed from Google Play, it also suspends their access to its ad networks. However, it refused to disclose how much money these apps earned and whether it would refund the advertisers. The company provided this statement:

Google has a zero tolerance approach to child sexual abuse material and we’ve invested in technology, teams and partnerships with groups like the National Center for Missing and Exploited Children, to tackle this issue for more than two decades. If we identify an app promoting this kind of material that our systems haven’t already blocked, we report it to the relevant authorities and remove it from our platform. These policies apply to apps listed in the Play store as well as apps that use Google’s advertising services.

App	Developer	Ad Network	Estimated Installs	Last Day Ranked
Unlimited Whats Groups Without Limit Group links	Jack Rehan	Google AdMob	200,000	12/18/2018
Unlimited Group Links for Whatsapp	NirmalaAppzTech	Google AdMob	127,000	12/18/2018
Group Invite For Whatsapp	Villainsbrain	Google Firebase	126,000	12/18/2018
Public Group for WhatsApp	Bit-Build	Google AdMob, Facebook Audience Network	86,000	12/18/2018
Group links for Whats – Find Friends for Whats	Lisa Studio	Google AdMob	54,000	12/19/2018
Unlimited Group Links for Whatsapp 2019	Natalie Pack	Google AdMob	3,000	12/20/2018
Group Link For whatsapp	Video Status Zone	Google AdMob, Facebook Audience Network	97,000	11/13/2018
Group Links For Whatsapp – Free Joining	Developers.pk	StartAppSDK	29,000	12/5/2018

Facebook, meanwhile, blamed Google Play, saying the apps’ eligibility for its Facebook Audience Network ads was tied to their availability on Google Play and that the apps were removed from FAN when booted from the Android app store. The company was more forthcoming, telling TechCrunch it will refund advertisers whose promotions appeared on these abhorrent apps. It’s also pulling Audience Network from all apps that let users discover WhatsApp Groups.

A Facebook spokesperson tells TechCrunch that “Audience Network monetization eligibility is closely tied to app store (in this case Google) review. We removed [Public Group for WhatsApp by Bit-Build] when Google did – it is not currently monetizing on Audience Network. Our policies are on our website and out of abundance of caution we’re ensuring Audience Network does not support any group invite link apps. This app earned very little revenue (less than $500), which we are refunding to all impacted advertisers.” WhatsApp has already banned all the illegal groups TechCrunch reported on last week.

Facebook also provided this statement about WhatsApp’s stance on illegal imagery sharing groups and third-party apps for finding them:

WhatsApp does not provide a search function for people or groups – nor does WhatsApp encourage publication of invite links to private groups. WhatsApp regularly engages with Google and Apple to enforce their terms of service on apps that attempt to encourage abuse on WhatsApp. Following the reports earlier this week, WhatsApp asked Google to remove all known group link sharing apps. When apps are removed from Google Play store, they are also removed from Audience Network.

Israeli NGOs Netivei Reshet and Screen Savers worked with AntiToxin to provide a report published by TechCrunch about the wide extent of child exploitation imagery they found on WhatsApp. Facebook and WhatsApp are still waiting on the groups to work with Israeli police to provide their full research so WhatsApp can delete illegal groups they discovered and terminate user accounts that joined them.

AntiToxin develops technologies for protecting online network harassment, bullying, shaming, predatory behavior and sexually explicit activity. It was co-founded by Zohar Levkovitz, who sold Amobee to SingTel for $400 million, and Ron Porat, who was the CEO of ad-blocker Shine. [Disclosure: The company also employs Roi Carthy, who contributed to TechCrunch from 2007 to 2012.] “Online toxicity is at unprecedented levels, at unprecedented scale, with unprecedented risks for children, which is why completely new thinking has to be applied to technology solutions that help parents keep their children safe,” Levkovitz tells me. The company is pushing Apple to remove WhatsApp from the App Store until the problems are fixed, citing how Apple temporarily suspended Tumblr due to child pornography.

Ad networks must be monitored

Encryption has proven an impediment to WhatsApp preventing the spread of child exploitation imagery. WhatsApp can’t see what is shared inside of group chats. Instead, it has to rely on the few pieces of public and unencrypted data, such as group names and profile photos plus their members’ profile photos, looking for suspicious names or illegal images. The company matches those images to a PhotoDNA database of known child exploitation photos to administer bans, and has human moderators investigate if seemingly illegal images aren’t already on file. It then reports its findings to law enforcement and the National Center for Missing and Exploited Children. Strong encryption is important for protecting privacy and political dissent, but also thwarts some detection of illegal content and thereby necessitates more manual moderation.

With just 300 total employees and only a subset working on security or content moderation, WhatsApp seems understaffed to manage such a large user base. It’s tried to depend on AI to safeguard its community. However, that technology can’t yet perform the nuanced investigations necessary to combat exploitation. WhatsApp runs semi-independently of Facebook, but could hire more moderators to investigate group discovery apps that lead to child pornography if Facebook allocated more resources to its acquisition.

WhatsApp group discovery apps featured Adult sections that contained links to child exploitation imagery groupsGoogle and Facebook, with their vast headcounts and profit margins, are neglecting to properly police who hosts their ad networks. The companies have sought to earn extra revenue by powering ads on other apps, yet failed to assume the necessary responsibility to ensure those apps aren’t facilitating crimes. Stricter examinations of in-app content should be administered before an app is accepted to app stores or ad networks, and periodically once they’re running. And when automated systems can’t be deployed, as can be the case with policing third-party apps, human staffers should be assigned despite the cost.

It’s becoming increasingly clear that social networks and ad networks that profit off other people’s content can’t be low-maintenance cash cows. Companies should invest ample money and labor into safeguarding any property they run or monetize, even if it makes the opportunities less lucrative. The strip-mining of the internet without regard for consequences must end.

A popular smart security system maker has ignored warnings from security researchers that its flagship device has several serious vulnerabilities, including allowing anyone access to the company’s central store of customer-uploaded video recordings.

The researchers at 0DayAllDay found that Guardzilla’s top-selling indoor wireless security system contains a set of hardcoded keys that can be easily extracted, because the device’s root password was protected using a decade-old algorithm that’s nowadays easily crackable. Each device uses the same set of keys to upload video recordings to the company’s Amazon Web Services’ storage servers. Anyone can use these keys to log in and gain full access to the company’s cloud storage — and customer data uploaded from the device.

But the storage servers remain vulnerable — even at the time of publication, TechCrunch can confirm — despite the researchers privately emailing the company detailing the vulnerabilities in September.

“We’ve tried several avenues to get in touch with Guardzilla, but they have not acknowledged the report,” said Tod Beardsley, Rapid7’s research director, who helped coordinate the release of the researchers’ findings.

The team of five researchers said in their report that it took two off-the-shelf consumer graphics cards just three hours to decrypt the eight-letter password protecting the affected Guardzilla device’s firmware that ships with each device. Because the keys were buried in the code, anyone with a Guardzilla device could obtain the keys and gain unfettered access to the company’s 13 storage buckets hosted on Amazon’s servers. The researchers tested the keys but did not use them to access the buckets, they said, to prevent unintentional access to Guardzilla customer data.

TechCrunch confirmed that the keys were still active and linked to the listed buckets as of Wednesday. (We could not verify the contents of the buckets as that would be unlawful.)

Hardcoding keys isn’t an uncommon practice in cheaply manufactured internet-connected devices, but is considered one of the worst security practices for a hardware maker to commit as it’s easy for a hacker to break into a central server storing user data. Hardcoding keys has become such an acute problem that a recently passed California law will soon ban consumer electronics using default and hardcoded credentials from 2020 on.

Fixing the vulnerability not only requires the keys to be changed on the server, but also a software patch to be rolled out on each affected device.

“They could update the keys and update the firmware, but that just means they’ll be rediscovered again by the same techniques,” said Beardsley. “The only way I can think of to fix this completely is to change the keys, stand up a proxying service and update the firmware to use this proxying service with unique-per-device accounts.”

“That’s a pretty significant change, but it’s just about the only way to avoid this kind of problem,” he said.

Guardzilla were given three months to fix the security lapse and roll out new firmware to affected devices after the researchers privately reached out, but the company neither acknowledged nor patched the issue, prompting the researchers to go public with their findings.

The researchers also disclosed the vulnerabilities to Carnegie Mellon University’s public vulnerability database, CERT, which is set to issue an advisory Thursday, but received no response from the company.

TechCrunch sent several emails to Guardzilla prior to publication, to no avail. It was only after we contacted the company’s registered agent, a law firm in St. Louis, Missouri, when chief executive Greg Siwak responded to our request for comment — hours before publication. In his email, Siwak denied that the company received any correspondence. We asked several questions to clarify the company’s position, which we will include here if and when they come in. Siwak was adamant that the “accusations are false,” but did not say why.

When reached, former Guardzilla president Ted Siebenman told TechCrunch that he left the company in February but claimed he was “not aware” of the security issues in the device, including the use of hardcoded keys.

The security researchers found two more vulnerabilities — including several known bugs affecting the device’s continued use of a since-deprecated OpenSSL encryption library from more than two years ago. The researchers also disclosed in their write-up their discovery “large amounts” of traffic sent from an open port on the device to Guardzilla’s Amazon server, but could not explain why.

Guardzilla doesn’t say how many devices it’s sold or how many customers it has, but touts its hardware selling in several major U.S. retailers, including Amazon, Best Buy, Target, Walmart and Staples.

For now, your safest bet is to unplug your Guardzilla from the wall and stop using it.

The more smart devices that sell, the more compelling the AI technology becomes. But the virtual assistants inside still stumble.

From Marvel cancellations to ‘Friends’ scares, this year was just the beginning of a long, grueling siege.

In factories across the world, machines are beginning to work more intimately with humans without sending them to the unemployment line—or the grave.

Just bought a Nintendo Switch? Here are some of its best (and most secret) abilities!

Known as the Lockerbie bombing, in December 1988 a bomb downed a Pan Am jet, leaving 270 dead. It was the first mass killing of Americans by terrorists. As the head of the Justice Department’s criminal division, Robert Mueller oversaw the case. And for him, it was personal.

Lawmakers spend the better part of 2018 talking tough to tech companies. Now the pressure is on for Congress to act.

Life is stressful. And Amazon’s voice assistant Alexa is a very convenient scapegoat.

The Indian government is playing the role of festive party pooper for Walmart and Amazon after it announced new regulations that look set to impede the U.S. duo’s efforts to grow their businesses in India.

Online commerce in the country is tipped to surpass $100 billion per year by 2022, up from $35 billion today, as more Indians come online, according to a report co-authored by PwC. But 2019 could be a very different year after an update to the country’s policy for foreign direct investment (FDI) appeared to end the practice of discounts, exclusive sales and more.

The three main takeaways from the new policy, which will go live on February 1, are a ban on exclusive sales, the outlawing of retailers selling products on platforms they count as investors and restrictions on discounts and cash back.

Those first two clauses are pretty clear and will have a significant impact on Amazon — which has pumped some $5 billion into India — and Walmart, which forked out $16 billion to buy India-based Flipkart.

Both online retailers have been able to make a splash by tying up with brands for exclusive online sales, particularly in the smartphone space where, for example, Amazon has worked with Xiaomi and Flipkart has collaborated with Oppo. The new guideline would appear to end that practice, while adding further restrictions to complicate relationships with vendors. From February on, brands will be forbidden from selling more than 25 percent of their sales via any single e-commerce marketplace.

Beyond restricting companies like Oppo — Xiaomi prioritizes its own Mi.com site for sales — that 25 percent ruling is a headache for Amazon, which operates a number of joint ventures with Indian retailers. Those JVs were designed to circumvent a 2016 ruling that prevented foreign e-commerce businesses from owning inventory, but now they seem outlawed.

Cloudtail India (a 49:51 JV between Amazon and Catamaran Ventures) is Amazon’s biggest seller, while another major one is Appario Retail, a collaboration with Patni Group. Together, both sell more than 25 percent of product on Amazon, use exclusive deals and are part-owned by Amazon. That’s three strikes.

Those rules will have Amazon and Walmart-Flipkart working to find alternatives, but there’s more with restrictions on discounts and cash-back offers, which could massively cramp the appeal of online commerce, which has undercut brick and mortar retailers with heavy subsidies.

Here’s the relevant part of the note:

E-commerce entities providing marketplace will not directly or indirectly influence the sale price of goods or services and shall maintain level playing field…

Cash back provided by group companies of marketplace entity to buyers shall be fair and non-discriminatory.

Exactly what constitutes a “level playing field” or “fair” may be open to interpretation, but clearly this update gives offline retailers a route to protest pricing on online retail sites.

The first thought is that these new updates are focused on the core business model tenets that make e-commerce what it is today.

“It will kill competition and there will be nothing for online retailers to differentiate on,” Amarjeet Singh, a partner at KPMG, told Quartz in a comment.

The new regulation is widely seen as a response to concerns from smaller sellers, who feel marginalized and powerless compared to larger organizations. Now, with capital-intensive policies such as discounts, exclusive sales relationships and strategic investment off the table, smaller players will gain a foothold and be able to do more from e-commerce, according to Kunal Bahl, CEO of Snapdeal — a niche e-commerce firm that once competed head-to-head with Flipkart and Amazon.

It’s shaping up to be a very different year for e-commerce in India in 2019.