Archives 12 September 2022

They come in hordes, strike funny poses, dance to loud music, trample over crops, and often stir up unmanageable crowds that cause traffic jams. TikTok creators in Nepal have earned a reputation for disrespecting religious and historic places in their quest to create viral videos, and are now facing a backlash. Over the last two years, several prominent tourist and religious sites in Nepal have erected “No TikTok” signs to keep creators from shooting at the premises.

These sites include the Buddhist pilgrimage site Lumbini, Kathmandu’s famous Boudhanath Stupa, Ram Janaki Temple in Janakpur, and Gadhimai temple in Bara, among others. According to authorities, officials keep a close eye at these places and rule-breakers are warned or asked to leave. “Making TikTok by playing loud music creates a nuisance for pilgrims from all over the world who come to the birthplace of Gautama Buddha,” Sanuraj Shakya, a spokesperson for the Lumbini Development Trust, which manages the shrines in Lumbini, told Rest of World. “We have banned TikTok-making in and around the sacred garden, where the main temples are located.”

Data centers have caused skyrocketing power demand in parts of London. Now, new housing construction could be banned for more than a decade in some neighborhoods of the UK’s biggest city because the electricity grid is reaching capacity, as first reported on by the Financial Times. The reason: too many data centers are taking up too much electricity and hogging available fiber optic cables. The Financial Times obtained multiple letters sent from the city’s government, the Greater London Authority (GLA), to developers. “Major new applicants to the distribution network… including housing developments, commercial premises and industrial activities will have to wait several years to receive new electricity connections,” said one note, according to the news outlet.

The GLA also confirmed the grid issue to Gizmodo in an email, and sent along text from one of the letters, which noted that for some areas utilities are saying “electricity connections will not be available for their sites until 2027 to 2030.” Though the Financial Times reported that at least one letter indicated making the necessary electric grid updates in London could take up until 2035. […] “Data centres use large quantities of electricity, the equivalent of towns or small cities, to power servers and ensure resilience in service,” one of the GLA letters seen by the Financial Times reportedly said. […] Developers are “still getting their heads round this, but our basic understanding is that developments of 25 units or more will be affected. Our understanding is that you just can’t build them,” said David O’Leary, policy director at the Home Builders Federation, a trade body. Combined, those sections of London contain about 5,000 homes and make up about 11% of the city’s housing supply, according the Financial Times.

As summer winds down, researchers warned this week about systemic vulnerabilities in mobile app infrastructure, as well as a new iOS security flaw and one in TikTok. And new findings about ways to exploit Microsoft’s Power Automate tool in Windows 11 show how it can be used to distribute malware, from ransomware to keyloggers and beyond.

Fog Reveal Tool Gives Law Enforcement Cheap Access to US Location-Tracking Data From Smartphones

The data broker Fog Data Science has been selling access to what it claims are billions of location data points from over 250 million smartphones to local, state, and federal law enforcement agencies around the US. The data comes from tech companies and cell phone towers and is collected in the Fog Reveal tool from thousands of iOS and Android apps. Crucially, access to the service is cheap, often costing local police departments less than $10,000 per year, and investigations by the Associated Press and Electronic Frontier Foundation found that law enforcement sometimes pulls location data without a warrant. The EFF conducted its investigation through more than 100 public records requests filed over several months. “Troublingly, those records show that Fog and some law enforcement did not believe Fog’s surveillance implicated people’s Fourth Amendment rights and required authorities to get a warrant,” the EFF wrote.

It was in this techno-authoritarian wave that a facial recognition mania costing tens of billions of dollars began. Government policies with sci-fi names like SkyNet and Sharp Eyes laid out ambitious plans to blanket the country with cameras linked to police stations that shared data across the country. The vision was clear: just like on the internet, anonymity could be erased in real life. With accurate facial recognition, police could identify, categorise and follow a single person among 1.4 billion Chinese citizens.

Through recent billion-dollar acquisitions of health care services and smart home devices, the tech giant is leveraging its monopoly power to track ‘every aspect’ of our lives

Every step of the way, from its beginnings as an alternative to brick and mortar bookstores to snatching up over half of the online retail market, Amazon has relied on surveillance to dominate the competition, according to Evan Greer, director of the nonprofit advocacy group Fight for the Future.

The world has changed since China banned cryptomining, the Guardian reports. And now “more than a third of the global computing power dedicated to mining bitcoin comes from the US, Senator Elizabeth Warren and five other Democrats reported in a letter to the Environmental Protection Agency…”

But the Guardian also notes there’s two problems with this:
– The largest US cryptomining companies have the capacity to use as much electricity as nearly every home in Houston, Texas; energy use that is contributing to rising utility bills, according to an investigation by Democratic lawmakers…

– “The results of our investigation … are disturbing … revealing that cryptominers are large energy users that account for a significant — and rapidly growing — amount of carbon emissions,” the letter states.

“It is imperative that your agencies work together to address the lack of information about cryptomining’s energy use and environmental impacts.” The congressional Democrats have asked the EPA and the Department of Energy to require cryptominers to disclose emissions and energy use, noting that regulators know little about the full environmental impact of the industry….

The power demands of the industry are also coming at a cost to consumers, the letter states, citing a study that found cryptomining operations in upstate New York led to a rise in electric bills by roughly $165m for small businesses and $79m for individuals.

The main operator of Texas’s grid admitted this week to the Verge that by 2026 crypto mining is set to increase demand on the state’s power grid by a whopping 27 gigawatts — or nearly a third of the grid’s current maximum capacity.

And an associate professor at Rochester Institute of Technology with a background in electricity system policy warns the site that “The more crypto mining that comes into the state, the higher the residents should expect the electricity prices to become.”

“High water temperatures threaten to reduce France’s already unusually low nuclear output,” Reuters reported last week, “piling more pressure on operator EDF at a time when half its reactors are offline due to maintenance and corrosion issues.”

Because river water is used to cool the plants, “reactor production is limited during times of high heat to prevent the hot water re-entering rivers from damaging wildlife.”

“Given the relative rarity of intense heat waves and outages due to storms, the climate-related hiccups have a small impact on energy production overall — affecting less than 1 percent of annual output for EDF on average…” reports Wired. (Though EDF “recently told reporters that it expects more cuts in the coming months as water levels continue to fall.”) But Reuters points out this all comes at a bad time:
EDF has already been forced to cut planned output several times this year because of a host of problems at its reactors — and expects an 18.5 billion euros ($18.6 billion) hit to its 2022 core earnings because of production losses.

Now EDF’s debt “is projected to reach 60 billion euros by the end of the year,” reported Agence France-Presse on Tuesday, adding that the “highly indebted” utility saw announcements of a take-over bid by France’s national government to shareholders (at a cost of 9.7 billion euros ($9.9 billion):
EDF’s finances have been weighed down by declining output from France’s ageing nuclear power stations, which it manages, and the state-imposed policy to sell energy at below cost to consumers in an effort to help them pay their energy bills…. The public tender offer is the simplest way to take back full control of EDF, analysts said, without the need for full legal nationalisation — of which there has been none in France since 1981….

Currently over half of France’s 56 nuclear reactors are idle, either for maintenance or corrosion problems linked to ageing…. Nuclear energy currently covers some 70 percent of France’s electricity needs.

“Record-breaking heat across Texas has pushed its fragile power grid to the brink,” reports NBC News. “But extreme temperatures are doing something else in the famously pro-business state: stirring opposition to energy-guzzling crypto miners who’ve flocked there seeking low-cost energy and a deregulatory stance.”

Ten industrial-scale crypto miners will consume an estimated 18 gigawatts in years to come — though the state’s current capacity is around 80 gigawatts (though it’s expected to grow).

The case against them?
The energy crypto miners use puts “an almost unprecedented burden” on the Texas grid, according to Ben Hertz-Shargel, global head of Grid Edge, a unit of Wood Mackenzie, an energy consulting firm. Mining “pushes the system closer to dangerous system peaks at all times,” he told NBC News. “It is completely inessential and consuming physical resources, time and money that should be going to decarbonize and strengthen the grid….”

Unlike other electricity systems, the Texas grid does not connect to other states’ grids; that means it cannot receive power from other areas in emergencies. Because of their high demand for electricity, crypto miners raise costs for other consumers of power, Hertz-Shargel said. And, on the Texas grid, miners can get paid for powering down during peak demand periods, like the one that recently hit the state. Miners and other industrial customers with these types of arrangements receive revenues for not using electricity; the costs of those revenues are passed on to other electricity customers…. During peak periods, miners can also resell to the grid the electricity they would otherwise have used. Because their contracts can let them buy power at low cost, energy resales when demand is high can generate significant financial benefits in the form of credits against future use….

Electricity customers across the state will cover those credits, said Andrew Dessler, professor of atmospheric sciences at Texas A&M University. “Ratepayers in Texas are going to be paying it off a little bit every month for decades,” Dessler said. “It angers me so much.”

But Lee Bratcher, founder of the Texas Blockchain Council, makes the case for industrial-scale bitcoin mines:
Bratcher and the crypto miners he represents say they provide three benefits to Texas. Because they can turn off their electricity use during high-demand periods, they can help stabilize the grid and rein in runaway power prices. “Power pricing is set off at peaks and the miners are specifically trying to turn off during peaks,” he said. In addition, crypto miners’ 24/7 demand for electricity can provide an incentive for wind and solar developers to bring more green power to the grid while new jobs and tax revenues “lead to orders of magnitude of human flourishing in communities where the mines set up,” Bratcher said.

Still, 800 locals have signed a petition against plans to built America’s largest bitcoin-mining facility — a facility which will consume 1.4 million gallons of water a day and 1 gigawatt of electricity (enough to power 200,000 homes).
Jackie Sawicky, a small-business owner, is organizing the opposition to the Riot facility. “There are over 7,000 people in poverty and 8,000 seniors living on fixed incomes here,” she told NBC News. “We cannot afford increased water costs and electricity.”

According to a 2020 economic impact report commissioned by the Rockdale Municipal Development District, an entity run by area businesspeople, the facility will deliver an estimated $28.5 million in economic benefits to the community over 10 years. The operation employs “nearly 200 full-time benefited employees…”

NSO Group’s Pegasus spyware was used to target Thai pro-democracy protesters and leaders calling for reforms to the monarchy. “We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware,” reports Citizen Lab. “The observed infections took place between October 2020 and November 2021.” Here’s an excerpt from the report:
Introduction: Surveillance & Repression in Thailand: The Kingdom of Thailand is a constitutional monarchy with a parliamentary-style government divided into executive, legislative, and judiciary branches. The country has been beset by intense political conflict since 2005, during the government of former Prime Minister Thaksin Shinawatra. Corruption allegations against the regime culminated in a military coup on September 19, 2006 that ousted Thaksin. The military launched another coup on May 22, 2014 and seized power following mass protests against the civilian government led by Thaksin’s sister, Yingluck Shinawatra. The junta claimed that the 2014 coup was needed to restore order and called itself the National Council for Peace and Order (NCPO).

Findings: Pegasus Infections in Thailand: On November 23, 2021, Apple began sending notifications to iPhone users targeted by state-backed attacks with mercenary spyware. The recipients included individuals that Apple believes were targeted with NSO Group’s FORCEDENTRY exploit. Many Thai civil society members received this warning. Shortly thereafter, multiple recipients of the notification made contact with the Citizen Lab and regional groups. In collaboration with Thai organizations iLaw and DigitalReach, forensic evidence was obtained from notification recipients, and other suspected victims, who consented to participate in a research study with the Citizen Lab. We then performed a technical analysis of forensic artifacts to determine whether these individuals were infected with Pegasus or other spyware. Victims publicly named in this report consented to be identified as such, while others chose to remain anonymous, or have their cases described with limited detail.

Civil Society Pegasus Infections: We have identified at least 30 Pegasus victims among key civil society groups in Thailand, including activists, academics, lawyers, and NGO workers. The infections occurred from October 2020 to November 2021, coinciding with a period of widespread pro-democracy protests, and predominantly targeted key figures in the pro-democracy movement. In numerous cases, multiple members of movements or organizations were infected. Many of the victims included in this report have been repeatedly detained, arrested, and imprisoned for their political activities or criticism of the government. Many of the victims have also been the subject of lese-majeste prosecutions by the Thai government. While many of the infections were detected on the devices of prominent figures, hacking was also observed against individuals who are not publicly involved in the protests. Speculatively, this may reflect the attackers’ intent to uncover details about how opposition movements were organized, and may have been prompted by specific financial transactions that would have been known to Thai financial institutions and the government, but not the public.

The survey of Australia’s ecological systems — conducted every five years — found widespread abrupt changes. These can be blamed on climate change, habitat loss, invasive species, pollution and mining, it said. The threats are not being adequately managed – meaning they are on track to cause more problems. Environment Minister Tanya Plibersek said the document paints a “shocking” and “sometimes depressing” story, vowing to implement new policies and laws.

The 2,000-page State of the Environment report, commissioned by the government, found or reiterated:
– Nineteen ecosystems are on the brink of collapse
– There are now more non-native plant species in Australia than native ones
– Australia has lost more species to extinction than any other continent
– All bar one category of environment examined has deteriorated since 2016, and more than half are now in a “poor” state.

The koala and gang-gang cockatoo are among more than 200 animal and plant species with upgraded threats since 2016. Many of those species are unique to Australia. In recent years, Australia has suffered severe drought, historic bushfires, successive years of record-breaking floods, and six mass bleaching events on the Great Barrier Reef. The report found Australia lacks an adequate framework to manage its environment, instead relying on confusing systems that straddle different tiers of government. Federal government spending on sustaining biodiversity has dropped at the same time risks have been increasing, it said.

In June, Google placed Lemoine on paid administrative leave for breaching its confidentiality agreement after he contacted members of the government about his concerns and hired a lawyer to represent LaMDA. […] Google maintains that it “extensively” reviewed Lemoine’s claims and found that they were “wholly unfounded.” This aligns with numerous AI experts and ethicists, who have said that his claims were, more or less, impossible given today’s technology. Lemoine claims his conversations with LaMDA’s chatbot lead him to believe that it has become more than just a program and has its own thoughts and feelings, as opposed to merely producing conversation realistic enough to make it seem that way, as it is designed to do. He argues that Google’s researchers should seek consent from LaMDA before running experiments on it (Lemoine himself was assigned to test whether the AI produced hate speech) and published chunks of those conversations on his Medium account as his evidence.

During a tournament in Moscow, a chess-playing robot fractured a 7-year-old boy’s finger when the youngster attempted a quick move without giving the device enough time to finish its task. On July 19, at the Moscow Chess Open competition, the incident took place. The youngster is fine, but one of his fingers has been broken, according to Sergey Smagin, vice president of the Russian Chess Federation, who spoke to state-run news organisation RIA Novosti.

The boy, Christopher, is one of the top 30 young chess players in Moscow, and he is just nine years old. In a nation where chess has essentially become a national obsession and source of pride, that makes him very good.

Buried deep beneath your feet lie the cables that keep the internet online. Crossing cities, countrysides, and seas, the internet backbone carries all the data needed to keep economies running and your Instagram feed scrolling. Unless, of course, someone chops the wires in half. On April 27, an unknown individual or group deliberately cut crucial long-distance internet cables across multiple sites near Paris, plunging thousands of people into a connectivity blackout. The vandalism was one of the most significant internet infrastructure attacks in France’s history and highlights the vulnerability of key communications technologies. Now, months after the attacks took place, French internet companies and telecom experts familiar with the incidents say the damage was more wide-ranging than initially reported and extra security measures are needed to prevent future attacks. In total, around 10 internet and infrastructure companies — from ISPs to cable owners — were impacted by the attacks, telecom insiders say. The assault against the internet started during the early hours of April 27. “The people knew what they were doing,” says Michel Combot, the managing director of the French Telecoms Federation, which is made up of more than a dozen internet companies. In the space of around two hours, cables were surgically cut and damaged in three locations around the French capital city — to the north, south, and east — including near Disneyland Paris.

“Those were what we call backbone cables that were mostly connecting network service from Paris to other locations in France, in three directions,” Combot says. “That impacted the connectivity in several parts of France.” As a result, internet connections dropped out for some people. Others experienced slower connections, including on mobile networks, as internet traffic was rerouted around the severed cables. All three incidents are believed to have happened at roughly the same time and were conducted in similar ways — distinguishing them from other attacks against telecom towers and internet infrastructure. “The cables are cut in such a way as to cause a lot of damage and therefore take a huge time to repair, also generating a significant media impact,” says Nicolas Guillaume, the CEO of telecom firm Nasca Group, which owns business ISP Netalis, one of the providers directly impacted by the attacks. “It is the work of professionals,” Guillaume says, adding that his company launched a criminal complaint with Paris law enforcement officials following the incident. Two things stand out: how the cables were severed and how the attacks happened in parallel. Photos posted online by French internet company Free 1337 immediately after the attacks show that a ground-level duct, which houses cables under the surface, was opened and the cables cut. Each cable, which can be around an inch in diameter, appears to have straight cuts across it, suggesting the attackers used a circular saw or other type of power tool. Many of the cables have been cut in two places and appear to have a section missing. If they had been cut in one place they could potentially have been reconnected, but the multiple cuts made them harder to repair.

Google “reserves the right” to make emergency disclosures to law enforcement even when there is no legal requirement to do so. “A provider like Google may disclose information to law enforcement without a subpoena or a warrant ‘if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of communications relating to the emergency,'” a Nest spokesperson tells CNET.

While Amazon and Google have both said they would hand over a user’s data to law enforcement without a warrant, Arlo, Apple, Wyze, and Anker, owner of Eufy, all confirmed to CNET that they won’t give authorities access to a user’s smart home camera’s footage unless they’re shown a warrant or court order. These companies would be legally bound to provide data to the authorities if they were shown a legal document. But, unlike Google and Amazon, they will not otherwise share camera footage with law enforcement, even if they had an emergency request for data. Apple’s default setting for video cameras connected via Homekit is end-to-end encryption which means the company is unable to share user video at all.

In a July 25 letter sent to European lawmaker Sophie in ‘t Veld, EU Justice Commissioner Didier Reynders said iPhone maker Apple had told him in 2021 that his iPhone had possibly been hacked using Pegasus, a tool developed and sold to government clients by Israeli surveillance firm NSO Group. The warning from Apple triggered the inspection of Reynders’ personal and professional devices as well as other phones used by European Commission employees, the letter said. Though the investigation did not find conclusive proof that Reynders’ or EU staff phones were hacked, investigators discovered “indicators of compromise” â” a term used by security researchers to describe that evidence exists showing a hack occurred.

A new study attempts to measure how knowledge gleaned from Wikipedia may play out in one specific realm: the courts.

A team of researchers led by Neil Thompson, a research scientist at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL), recently came up with a friendly experiment: creating new legal Wikipedia articles to examine how they affect the legal decisions of judges. They set off by developing over 150 new Wikipedia articles on Irish Supreme Court decisions, written by law students. Half of these were randomly chosen to be uploaded online, where they could be used by judges, clerks, lawyers, and so on — the “treatment” group. The other half were kept offline, and this second group of cases provided the counterfactual basis of what would happen to a case absent a Wikipedia article about it (the “control”). They then looked at two measures: whether the cases were more likely to be cited as precedents by subsequent judicial decisions, and whether the argumentation in court judgments echoed the linguistic content of the new Wikipedia pages.

It turned out the published articles tipped the scales: Getting a public Wikipedia article increased a case’s citations by more than 20 percent. The increase was statistically significant, and the effect was particularly strong for cases that supported the argument the citing judge was making in their decision (but not the converse). Unsurprisingly, the increase was bigger for citations by lower courts — the High Court — and mostly absent for citations by appellate courts — the Supreme Court and Court of Appeal. The researchers suspect this is showing that Wikipedia is used more by judges or clerks who have a heavier workload, for whom the convenience of Wikipedia offers a greater attraction.
“To our knowledge, this is the first randomized field experiment that investigates the influence of legal sources on judicial behavior. And because randomized experiments are the gold standard for this type of research, we know the effect we are seeing is causation, not just correlation,” says Thompson, the lead author of the study. “The fact that we wrote up all these cases, but the only ones that ended up on Wikipedia were those that won the proverbial ‘coin flip,’ allows us to show that Wikipedia is influencing both what judges cite and how they write up their decisions.”

“Our results also highlight an important public policy issue,” Thompson adds. “With a source that is as widely used as Wikipedia, we want to make sure we are building institutions to ensure that the information is of the highest quality. The finding that judges or their staffs are using Wikipedia is a much bigger worry if the information they find there isn’t reliable.”

The paper describing the study has been published in ” The Cambridge Handbook of Experimental Jurisprudence.”

U.S. law let’s companies like Google and Amazon’s Ring doorbell/security camera system “share user footage with police during emergencies without consent and without warrants.” That revelation “came under renewed criticism from privacy activists this month after disclosing it gave video footage to police in more than 10 cases without users’ consent thus far in 2022 in what it described as ’emergency situations’.”

“That includes instances where the police didn’t have a warrant.”

“So far this year, Ring has provided videos to law enforcement in response to an emergency request only 11 times,” Amazon vice president of public policy Brian Huseman wrote. “In each instance, Ring made a good-faith determination that there was an imminent danger of death or serious physical injury to a person requiring disclosure of information without delay….” Of the 11 emergency requests Ring has complied with so far in 2022, the company said they include cases involving kidnapping, self-harm and attempted murder, but it won’t provide further details, including information about which agencies or countries the requests came from.

We also asked Ring if it notified customers after the company had granted law enforcement access to their footage without their consent.

“We have nothing to share,” the spokesperson responded.

It’s been barely a year since Ring made the decision to stop allowing police to email users to request footage. Facing criticism that requests like those were subverting the warrant process and contributing to police overreach, Ring directed police instead to post public requests for assistance in the Neighbors app, where community members are free to view and comment on them (or opt out of seeing them altogether)… That post made no mention of a workaround for the police during emergency circumstances.

When CNET asked why that workaround wasn’t mentioned, Amazon response was that law enforcement requests, “including emergency requests, are directed to Ring (the company), the same way a warrant or subpoena is directed to Ring (and not the customer), which is why we treat them entirely separately.”

CNET notes there’s also no mention of warrantless emergency requests without independent oversight in Ring’s own transparency reports about law enforcement requests from past years.

CNET adds that it’s not just Amazon. “Google, Ring and other companies that process user video footage have a legal basis for warrantless disclosure without consent during emergency situations, and it’s up to them to decide whether or not to do so when the police come calling….” (Although Google told CNET that while it reserves the right to comply with warrantless requests for user data during emergencies, to date it has never actually done so.) The article also points out that “Others, most notably Apple, use end-to-end encryption as the default setting for user video, which blocks the company from sharing that video at all… Ring enabled end-to-end encryption as an option for users in 2021, but it isn’t the default setting, and Ring notes that turning it on will break certain features, including the ability to view your video feed on a third-party device like a smart TV, or even Amazon devices like the Echo Show smart display.”

The bottom line?

[C]onsumers have a choice to make about what they’re comfortable with… That said, you can’t make informed choices when you aren’t well-informed to begin with, and the brands in question don’t always make it easy to understand their policies and practices. Ring published a blog post last year walking through its new, public-facing format for police footage requests, but there was no mention of emergency exceptions granted without user consent or independent oversight, the details of which only came to light after a Senate probe. Google describes its emergency sharing policies within its Terms of Service, but the language doesn’t make it clear that those cases include instances where footage may be shared without a warrant, subpoena or court order compelling Google to do so.

Facebook’s parent company Meta and major US hospitals violated medical privacy laws with a tracking tool that sends health information to Facebook, two proposed class-action lawsuits allege. The lawsuits, filed in the Northern District of California in June and July, focus on the Meta Pixel tracking tool. The tool can be installed on websites to provide analytics on Facebook and Instagram ads. It also collects information about how people click around and input information into those websites.

An investigation by The Markup in early June found that 33 of the top 100 hospitals in the United States use the Meta Pixel on their websites. At seven hospitals, it was installed on password-protected patient portals. The investigation found that the tool was sending information about patient health conditions, doctor appointments, and medication allergies to Facebook.

When we create our social media accounts, we agree to grant those platforms a free license to use our content as they wish.

…

It was my face. Specifically, it was me in a sponsored Instagram Story ad, putting on a lip balm. In the video, I applied the balm and smiled at the camera, looking pleased with my newly moisturized lips. In real life, I was confused. I had never agreed to appear in a nationwide social campaign, otherwise my checking account would have a couple more zeroes to show for it. I worked in the media industry then, sourcing the right influencers to participate in sponsored articles. I’ve spent years casting with talent, negotiating contracts to ensure fair compensation and modest usage rights for influencers, models, and real people. Based on my experience, it was clear that my image was being exploited by a multibillion dollar brand.

… companies like HelloFresh and Canon are now prioritizing the niche audiences of micro- and nano-creators. Research shows that shoppers find smaller creators “more authentic” and brands have identified those creators as “less costly,” making regular people a win-win for boosting sales.