Pandora’s number of active users grew 8 percent in Q1 over the year-ago quarter to 75.3 million, while listener hours grew at a 12 percent rate to 4.8 billion, said CEO Brian McAndrews on an earnings call Thursday. McAndrews cited platform upgrades including alarm clock, sleep timer and station recommendations. Android app users are listening to Pandora significantly more than before the features were available, he said. Subscription revenue rose to $53.7 million from $18.4 million, according to an 8-K SEC filing. Advertising revenue jumped to $140.6 million from $96.7 million. Chief Financial Officer Mike Herring Herring told investors last spring “there’s a much, much bigger market opportunity in the free side” where far more people are willing to listen to ads in exchange for free music. On the lawsuit filed in New York State Supreme Court in Manhattan last week against Pandora on charges of unlawful use of pre-1972 recordings that aren’t covered under federal copyright law, McAndrews said he’s limited in what he can say about the suit, but thinks the “significant value” Pandora brings to artists is “beyond just royalties.” He cited access to more than 75 million monthly active users and exposure to a large breadth of catalogs “that go largely unheard” on terrestrial radio. In many cases, that exposure helps “extend the longevity of an artist’s career,” he said. McAndrews called the landscape of content licensing “a complex topic.” He cited recent rulings that were favorable to the company, including a court judgment last fall upholding the company’s right to perform all compositions in the ASCAP catalog. For the quarter, Pandora revenue grew to $194 million from $115 million in the year-ago quarter, and its loss narrowed to $28.9 million from $38.6 million. Its shares plunged 16.6 percent Friday to $23.51 on what analysts called declining faith among investors about Pandora’s growth story.
Major technology companies are starting a joint initiative to fund open source projects essential to Internet infrastructure, said the companies -- including Amazon, Facebook, Google and Microsoft -- in a Thursday news release (http://bit.ly/1k8So7W). The project, dubbed the Core Infrastructure Initiative (CII), will be housed at the Linux Foundation, they said. The group was “inspired” to action because of the Heartbleed bug, which crippled OpenSSL, built on Secure Sockets Layer (SSL), an open-source cryptographic software library used to secure websites using HTTPS encryption to protect data (CD April 11p13). “Members of CII will evaluate open source projects that are essential to global computing infrastructure and are experiencing under-investment,” said the group. “Support from the initiative can include funding for fellowships for key developers to work full time on the open source project, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support."
The FTC won’t challenge Facebook’s acquisition of virtual reality company Oculus VR, said a pre-merger notification Tuesday from the commission (http://1.usa.gov/1jVKNbs). After the $2 billion deal was disclosed, Facebook CEO Mark Zuckerberg told analysts he saw the move as a “long-term bet” that might not pay dividends for 5-10 years. Analysts were divided on the wisdom of the purchase, but some said it would place Facebook at the forefront of the virtual reality applications market.
Updated FTC guidelines on student data sharing are “helpful” but don’t eliminate the need for “an enforceable framework to protect students,” Electronic Privacy Information Center (EPIC) Student Privacy Project Director Khaliah Barnes told us. On Monday, the FTC released a revised FAQ on compliance with the Children’s Online Privacy Protection Act (http://1.usa.gov/1nm8eQj). The altered and added language was meant to more explicitly address consent and notice guidelines for the sharing of student data. The new FAQs, while clearer about parents’ rights to access data collected about their children, “do not create an enforceable private right of action for students and parents,” Barnes said. “Nevertheless, schools that disclose student information to companies using the data for commercial purposes contravene the FAQs,” as do those companies, Barnes said. “The FTC should use its enforcement powers against companies for their unfair and deceptive commercial practices affecting students.”
NTIA’s oversight of the Internet Assigned Numbers Authority (IANA) functions “had the benefit of two things: lightweight and simple,” said Google Chief Internet Evangelist Vint Cerf at NETmundial Thursday afternoon in Sao Paulo, Brazil, which was webcast. If the transition becomes “too complicated, you will make it really hard for the Internet to grow and serve its users” the way it has for the “last 30 years,” he said: “Don’t screw this up.” Internet Corporation for Assigned Names and Numbers’ accountability review and the IANA transition are “interrelated” and should be put on the same “timeline,” said CEO Fadi Chehade. ICANN’s accountability review (http://bit.ly/1nsuCaK) begins next week, said an ICANN spokesman, saying no official announcement of the review has been released. ICANN’s Governmental Advisory Committee (GAC) “has not formed a particular view on the suggested modalities” of the transition and it may not reach a “consensus view,” but that won’t keep it from being involved, said GAC Chair Heather Dryden. “We are well-equipped to work with the NTIA in their transition,” said Jonathan Robinson, ICANN’s Generic Names Supporting Organization chair. Country-code top-level domain operators don’t have a “contractual relationship” with ICANN and IANA, said CEO Byron Holland of the Canadian Internet Registration Authority, which manages the .ca domain. The lack of a binding contract makes the transition “relatively unique” for country-code operators because of “issues of sovereignty,” said Holland. “Governments have a particular interest in country-code matters” and they should “be resolved at the national level,” said Dryden.
The U.S. was ranked seventh in the networked readiness index (NRI) in the Global Information Technology Report (http://bit.ly/1k8MWlG) released Thursday by the World Economic Forum. The NRI looks at the way countries organize and manage “economic activity based on the new opportunities that the Internet provided for businesses,” and this year particularly focused on the benefits of big data, it said. Big data “has spawned an entire support industry and has attracted a great deal of business press in recent years,” it said. Finland had the top NRI ranking, it said. Sweden and Norway were ranked in the top five. Hong Kong and Korea ranked in the top 10, it said. The report assessed 148 countries with 54 indicators that make up the NRI, it said.
GAO outlined an array of broadband deployment options and concerns to three Democratic lawmakers in a Wednesday report. Sen. Ed Markey, D-Mass., House Commerce Committee ranking member Henry Waxman, D-Calif., and House Communications Subcommittee ranking member Anna Eshoo, D-Calif., had requested the study “to provide information on options for broadband deployment in unserved and underserved areas,” GAO said in the 45-page report (http://1.usa.gov/QFwQpg). The economics of providing such access are very difficult, it said. GAO interviewed FCC officials and stakeholders from 40 groups, reviewing 21 broadband projects in the process, it said, delving into different types of networks, whether municipally owned, cooperative or private in nature. Project heads told GAO they take into account demand for broadband and the different possible technologies they can use to provide access. It mentioned the streamlined procedures Google received in building its fiber network in Kansas City, Mo.: “The city helped facilitate an agreement for use of certain utility easements -- the areas surrounding power lines -- for approximately 90,000 utility poles owned by Kansas City Power and Light, a local utility owned by private investors,” GAO said. “The city negotiated with Google Fiber the use of these rights-of-way and of city properties free of charge in exchange for the company’s construction of a $250-$300 million fiber-optic network to serve homes with Internet and video service, as well as an agreement to provide free Internet connectivity to 300 public buildings, schools, community centers, and libraries.” Google Fiber has also been building this network in Kansas City, Kan., where it deals with that municipality. Some project heads and industry officials warned GAO of state legal barriers to deploying broadband, which also became a factor of consideration. “According to one legal expert who works with states that we contacted, as of May 2013, 20 states had in place restrictions on community broadband services or other public communications initiatives,” GAO said, citing the Baller Herbst Law Group. Stakeholders also attacked the accuracy of the National Broadband Map. It “shows the top half of an Indiana county as covered by broadband service and the bottom half as not covered, but in reality the entire county only has access to dial-up service (which is not considered broadband),” according to one official, GAO said. Telecom and cable stakeholders worry about overbuilding private networks with projects funded by public money, they told GAO.
Communities that want to encourage the creation of faster broadband need to “lower the cost and risk of an upgrade, while also creating an opportunity for more revenues,” said Gig U Executive Director Blair Levin (http://bit.ly/PqpG7q) at a conference on bringing gigabit transmission speeds to communities. That means communities need to reduce capital and operational expenditures, as well as risk for those deploying broadband, while increasing “potential revenues, system benefits and threat of competition,” he said April 11. In terms of competition, Levin cited the response to Google announcing it was building a gigabit network in Austin (CD Apr 10/13 p10). AT&T said it was at least considering doing the same, and Time Warner Cable announced a citywide Wi-Fi project in Austin, he said. The conference where Levin spoke was sponsored by Connecticut Consumer Counsel Elin Swanson Katz and State Broadband Coordinator Bill Vallée.
Certain types of data -- health, financial, personal communications -- deserve better protections under the law, said FTC Commissioner Maureen Ohlhausen during a Georgetown University event Tuesday on privacy and big data. “There’s a reason that health data and financial data … have traditionally had greater protection than general data,” Ohlhausen said during a Q&A after her speech. “It reflects a societal consensus … that these data are a little bit different,” she said. Which is, in part, why data security standards should vary based on industry expectations, she said in response to a question. The FTC should not be saying, “Set your security settings to this level or have this kind of elaborate protection,” she said. “It’s more to have a process-based approach.” If the FTC had rulemaking authority in this area, Ohlhausen would instead want “to require companies to have a process in place to assess what information they have,” figure out “who has access to it” and if they have antivirus software and breach protocol commensurate with industry standards. Ohlhausen’s speech Tuesday hit on many of her favorite themes: regulatory humility, ensuring the commission identifies substantial consumer harm before taking action, and developing a more explicit data security enforcement framework. “The FTC’s data security enforcement framework is not perfect,” she said. “I would like to develop more concrete guidance to industry, for example. But I haven’t seen anything that suggests big data technology raises fundamentally new data security issues.”
The National Institute of Standards and Technology (NIST) said it removed the controversial Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG) cryptographic algorithm from its 800-90 standards series on random bit generators (http://1.usa.gov/1i8QyFL). The agency had reopened public comment on the standards in September amid reports that the National Security Agency engineered weaknesses into the NIST standards, which the International Organization for Standardization subsequently adopted (CD Sept 11 p10). NIST said it now recommends that current users of Dual_EC_DRBG transition to one of the other three approved algorithms “as quickly as possible.” Federal agencies and other entities buying cryptographic products should ask their vendors if the products use Dual_EC_DRBG, and if so, should ask vendors to reconfigure those products, NIST said. The agency said it will accept public comments on the revised 800-90 standards until May 23. NIST subsequently re-evaluated its cryptographic standards development process and has proposed a revised version of that process (http://1.usa.gov/1rg6mpG). The Center for Democracy & Technology, a critic of NSA’s involvement in NIST standards development, praised NIST in comments filed Friday for revising its standards development process. But the group also urged NIST to articulate due process and a pledge to avoid “undue influence” from parties like NSA (http://bit.ly/1eWzkL2). A coalition of eight other groups -- including the Electronic Frontier Foundation, the New America Foundation’s Open Technology Institute and TechFreedom -- said Monday in a letter to NIST that the agency must take “pro-active steps toward implementing a more transparent, accountable process for standards development.” The groups want NIST to avoid NSA influence in the future and allow more feedback from independent experts.