Google's newest proposed web standard is... DRM? Over the weekend the Internet got wind of this proposal for a "Web Environment Integrity API. " From a report: The explainer is authored by four Googlers, including at least one person on Chrome's "Privacy Sandbox" team, which is responding to the death of tracking cookies by building a user-tracking ad platform right into the browser. The intro to the Web Integrity API starts out: "Users often depend on websites trusting the client environment they run in. This trust may assume that the client environment is honest about certain aspects of itself, keeps user data and intellectual property secure, and is transparent about whether or not a human is using it."

The goal of the project is to learn more about the person on the other side of the web browser, ensuring they aren't a robot and that the browser hasn't been modified or tampered with in any unapproved ways. The intro says this data would be useful to advertisers to better count ad impressions, stop social network bots, enforce intellectual property rights, stop cheating in web games, and help financial transactions be more secure. Perhaps the most telling line of the explainer is that it "takes inspiration from existing native attestation signals such as [Apple's] App Attest and the [Android] Play Integrity API." Play Integrity (formerly called "SafetyNet") is an Android API that lets apps find out if your device has been rooted.

Root access allows you full control over the device that you purchased, and a lot of app developers don't like that. So if you root an Android phone and get flagged by the Android Integrity API, several types of apps will just refuse to run. You'll generally be locked out of banking apps, Google Wallet, online games, Snapchat, and some media apps like Netflix. [...] Google wants the same thing for the web. Google's plan is that, during a webpage transaction, the web server could require you to pass an "environment attestation" test before you get any data. At this point your browser would contact a "third-party" attestation server, and you would need to pass some kind of test. If you passed, you would get a signed "IntegrityToken" that verifies your environment is unmodified and points to the content you wanted unlocked. You bring this back to the web server, and if the server trusts the attestation company, you get the content unlocked and finally get a response with the data you wanted.

An anonymous reader quotes a report from 9to5Google: Google is rolling out ChromeOS 115 as a bigger-than-usual update with a number of user-facing additions over the coming days. Amidst I/O 2023, Google announced the beta availability of Android App Streaming from your Pixel (4a+) or Xiaomi (12T, 12T Pro, 13, 13 Pro) phone running Android 13 and newer with Cross-Device Services installed. It's now entering stable with ChromeOS 115 so that you can stream apps from your mobile device to your Chromebook. This is framed as letting you "complete quick tasks like replying to a conversation, checking on the status of a rideshare or delivery, and editing your shopping list."

Android apps, which open in a phone-sized window, can be launched via the Phone Hub where you get a row of Recent apps at the bottom of the panel with the ability to browse all compatible "Apps from your phone." Applications can also open when you tap through a messaging notification. When opening PDFs in the Gallery app, ChromeOS 115 adds a signature tool. Appearing next to Draw in the top toolbar, you can add a signature, which is much easier with a touchscreen than a trackpad and save it for future use. You can place it in any document and resize the signature to ensure line fit. Lastly, Google has updated the keyboard Shortcuts app with "new navigation and taxonomy," improved search, and a "refreshed shortcut visualization" that better shows what to press.

Meanwhile, this is unmentioned in the stable release notes, but ChromeOS 115 is testing better windowing options in the beta channel. Hovering over the expand/minimize button in the top-right corner control group will show you a new layout menu. There's Split (half), Partial, Full and Float. That last option is new and makes it so that the window is always on top, just like Picture-in-Picture (PiP) for video. The other options were previously accessed by dragging a window and moving to the left/right side of the screen until an overlay appears. This approach is much more accessible and hopefully sees a wide launch soon. The announcement can be read here.

Google today announced its support for interoperable end-to-end encrypted communication between large messaging platforms, with plans to integrate the MLS protocol into Google Messages and Android. 9to5Google reports: Google says it is "strongly supportive of regulatory efforts that require interoperability for large end-to-end messaging platforms," which is presumably in reference to the European Union's Digital Markets Act. That regulation would require iMessage to be interoperable with other messaging platforms. To achieve this, Google says this interoperability requires "open, industry-vetted standards, particularly in the area of privacy, security, and end-to-end encryption." If not, end-to-end encrypted group messaging and other advanced features would be "impossible in practice." Specifically, "group messages would have to be encrypted and delivered multiple times to cater for every different protocol." [...]

Google says MLS would make possible "practical interoperability across services and platforms, scaling to groups of thousands of multi-device users." This could "unleash a huge field of new opportunities for the users and developers of interoperable messaging services that adopt it."; It is also flexible enough to allow providers to address emerging threats to user privacy and security, such as quantum computing. Google plans to build MLS into its Messages app, which offers E2EE 1:1 and group RCS chats today, and "support its wide deployment across the industry by open sourcing our implementation in the Android codebase." How RCS factors into this remains to be seen.

You now have a new way to connect your Windows PC to an Android device to share files: Nearby Share, an app Google released Wednesday and which will be bundled with upcoming PCs. From a report: As the name suggests, Nearby Share allows you to share files back and forth between Android devices and PCs. It's similar to Apple's AirDrop, with the key difference being that Nearby Share connects devices from two different companies, rather than iPhones and Macs. Google released the beta version of Nearby Share earlier this year.

Nearby Share connects your phone to your PC, but it can also be used for you to send files and photos to nearby Android phones that you don't use, as well as to nearby PCs. That makes it handy for simply sharing a photo at a concert, or dropping a file onto a friend's PC without hassle. You'll just need to be within about 16 feet to do so, Google says. Why use Nearby Share? Google's unspoken argument is that it's simpler to do so. There are already numerous ways to view and transfer files and photos from Android phones to PCs, from the tried-and-true sneakerware to uploading and downloading from the cloud, to more modern approaches like Microsoft's Your Phone, now called Phone Link. Device makers like Samsung also have released their own specific versions for Galaxy devices. Google, though, made its mark with Gmail and search, both functions that worked more simply and effectively than other solutions.

Despite being the fastest-growing online platform in history, Meta's Threads is struggling to retain regular customer engagement. According to SimilarWeb, the Twitter rival saw daily active users decline from 49 million on July 7th to 23.6 million on July 14th. Furthermore, usage in the United States declined from 21 minutes per day to just over six minutes in the same time period. Here's are the key takeaways from the report: - On its best day, July 7, Threads had more than 49 million daily active users on Android, worldwide, according to SimilarWeb estimates. That's about 45% of the usage of Twitter, which had more than 109 million active Android users that day.
- By Friday, July 14, Threads was down to 23.6 million active users, or about 22% of Twitter's audience.
- Usage in the US, which saw the most activity, peaked at about 21 minutes of engagement with the app on July 7. By July 14, that was down to a little over 6 minutes.
- In the first two full days that Threads was generally available, Thursday and Friday, web traffic to twitter.com was down 5% compared with the same days of the previous week. Although traffic bounced back, for the most recent 7 days of data it's still down 11% year-over-year.
- On the days of peak interest in Threads, Twitter's Daily active users on Android, worldwide, were virtually unchanged, but time spent was down 4.3% -- perhaps because some users were off trying Threads. Even with that drop, however, the average total time spent on Twitter was about 25 minutes.

To a large extent, Threads solves the "empty party problem" that makes it tough to start a new online community by allowing Instagram users to instantly create a Threads account, bringing their existing contacts with them. Our daily usage numbers make Meta's claim of having achieved more than 100 million total account signups in a matter of days seem reasonable. However, Threads is missing many basic features and still needs to offer a compelling reason to switch from Twitter or start a new social media habit with Threads.

As unprecedented weather leads to increasing climate anxiety, there's a raft of different apps catering for every kind of forecast. From a report: Preoccupation with weather apps is commonplace in our current unsettled atmosphere. On social media there is almost as much chat about weather apps as there is about the weather: much of it is ire about inaccurate forecasts; some of it is from users who admit checking weather apps more than seems logical. There is still palpable grief, in the wake of the closure of the short-term weather prediction app Dark Sky, late last year, after its acquisition by Apple. In April, when Apple's weather app went down, there was such outrage that the temporary glitch became an international news story.

Fifty per cent of US smartphone users regularly use weather apps; according to Statista, weather apps will make approximately $1.5bn in revenue in 2023, a leap from $530m in 2017. Jeremiah Lasquety-Reyes, a senior analyst for Statista, says this new weather app ecosystem is only going to grow, owing to the climate crisis, as well as a general trend towards "digitizing one's life and schedule." There are certainly plenty out there, catering to a variety of needs: more than 10,000 apps have the word "weather" in the title in Android and iPhone app stores.

The Fairphone 4 -- a user-repairable smartphone built using ethically sourced materials -- is finally coming to the US, almost two years after it first debuted back in September 2021. The Verge reports: Fairphone is partnering with Murena, a company best known for de-Googling Android phones, to launch the US pilot of the Murena Fairphone 4 -- a variant of the handset that runs on a privacy-oriented Android-based operating system: /e/OS. There are two configurations available: one with 6GB of RAM and 128GB of storage for $599 and another with 8GB of RAM and 256GB of storage for $679. The storage of both models can be expanded via microSD, and the phone features a modular design that can be easily disassembled using a standard Phillips #00 screwdriver to replace broken components. It also has an IP54 rating, meaning the device is protected against dust and water sprays.

The Murena Fairphone 4 will ship to US customers with 5G and dual SIM support, a removable 3905mAh battery, a 48-megapixel main camera, a 48-megapixel ultrawide, and a 25-megapixel selfie camera. The phones will be available to order exclusively from Murena's webstore starting today. The Murena Fairphone 4 also comes with the /e/ operating system preinstalled, which is described as a privacy-focused, Google-free mobile ecosystem for folks who want to avoid handing any data over to the search giant. Instead of the usual Google apps, the Fairphone 4 will come with a range of default Murena Cloud apps for things like email, calendar, and cloud storage as well as a dedicated app store that highlights the privacy ratings of each app to help users monitor how their online activity is being tracked.

The Fairphone comes unlocked, but the press release mentions that T-Mobile and other operators based on T-Mobile's network are the only US carriers recommended to be used with the device. Fairphone is also providing an extended five-year warranty for the hardware, and /e/OS is similarly committed to fixing bugs and supporting security and feature updates for five years. The Murena version is the only Fairphone 4 model being introduced to the US, and there's no mention of the standard Android OS model joining it anytime soon.

Instagram's new Twitter competitor called Threads launched today on the web, providing an early look at what to expect from the app that will launch on iOS and Android tomorrow. You can view the web interface here. The Verge reports: Meta briefly made Threads available on the web before pulling profiles offline a few hours later. The Verge was able to access Meta CEO Mark Zuckerberg's first thread (is that what we call them?!) using the web app, and many other brands and creators including Netflix, Gary Vee, and Instagram.

The web interface is fairly basic right now for viewing threads, with options to like, comment, repost, and share -- all prompting you to download the mobile app for the time being. If you're in an unsupported country, like markets in the EU, then you'll only be able to view threads right now. Much like Twitter, you can view an account's main posts in one section and the full reply history in another.

Fediverse integration won't be available immediately at the launch of Threads, but it's clear Instagram is looking to add this soon. Profiles include an Instagram username and link, with a threads.net label that includes the following description: "Soon, you'll be able to follow and interact with people on other fediverse platforms, like Mastodon. They can also find people on Threads using full usernames, like @zuck@threads.net."

Meta is planning to allow users in the EU to directly download apps through Facebook ads, aiming to compete with Google and Apple's app stores. The Verge's Alex Heath writes: The new type of ad is set to start as a pilot with a handful of Android app developers as soon as later this year, I've learned. Meta sees an opening to try this thanks to new regulation in the EU called the Digital Markets Act (DMA) that is expected to go into effect next spring. It deems Apple and Google as "gatekeepers" and requires that they open up their mobile platforms to alternative methods of downloading apps. Android technically allows sideloading already, though Google makes it difficult by coupling its in-app billing and licensing with the Play Store, along with the scary warnings it shows when someone tries to download an Android app from another source. Even still, Meta clearly thinks it's safer to try its test first on Android rather than Apple's iOS.

Meta's pitch to developers participating in the pilot is that, by hosting their Android apps and letting Facebook users download them directly without being kicked out to the Play Store, they'll see higher conversion rates for their app install ads. At least initially, Meta doesn't plan to take a cut of in-app revenue from participating apps, so developers in the pilot could still use whatever billing systems they want.

If you're a ChatGPT Plus subscriber, you can now use a new feature on the ChatGPT app called Browsing to have ChatGPT search Bing for answers to questions. TechCrunch reports: Browsing can be enabled by heading to the New Features section of the app settings, selecting "GPT-4" in the model switcher and choosing "Browse with Bing" from the drop-down list. Browsing is available on both the iOS and Android ChatGPT apps. OpenAI says that Browsing is particularly useful for queries relating to current events and other information that "extend[s] beyond [ChatGPT's] original training data." When Browsing is disabled, ChatGPT's knowledge cuts off in 2021.

WhatsApp has announced it is retiring its Electron-based desktop app, forcing users to switch to the native app for their OS to continue using WhatsApp. Android Police reports: Back when WhatsApp was in the early stages of development, the developers created an app for desktop, based on the Electron JavaScript framework. This allowed them to share a code base between WhatsApp Web and the new, platform-agnostic desktop app that worked on both Windows and macOS. Around four weeks ago, a countdown timer showed up on the main screen of this desktop app, announcing its shutdown.

Doomsday is now here and WABetaInfo reports anyone visiting the Electron-based app just sees a screen saying "App expired." The deprecated app helpfully links to the native WhatsApp Desktop app available on the Microsoft Store or the Mac App Store. The new native app has been stable for around a year now, but is still relatively new. Some users may lament the transition period was too short, or the native app still doesn't have all the functionality for business users, like catalog management and quick replies, and they would be right.

An anonymous reader quotes a report from TechCrunch: A hacker has stolen the messages, call logs and locations intercepted by a widely used phone monitoring app called LetMeSpy, according to the company that makes the spyware. The phone monitoring app, which is used to spy on thousands of people using Android phones around the world, said in a notice on its login page that on June 21, "a security incident occurred involving obtaining unauthorized access to the data of website users." "As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts," the notice read.

LetMeSpy is a type of phone monitoring app that is marketed for parental control or employee monitoring. The app is also specifically designed to stay hidden on a phone's home screen, making it difficult to detect and remove. Also known as stalkerware or spouseware, these kinds of phone monitoring apps are often planted by someone -- such as spouses or domestic partners -- with physical access to a person's phone, without their consent or knowledge. Once planted, LetMeSpy silently uploads the phone's text messages, call logs, and precise location data to its servers, allowing the person who planted the app to track the person in real-time.

Polish security research blog Niebezpiecznik first reported the breach. When Niebezpiecznik contacted the spyware maker for comment, the hacker reportedly responded instead, claiming to have seized wide access to the spyware maker's domain. It's not clear who is behind the LetMeSpy hack or their motives. The hacker intimated that they deleted LetMeSpy's databases stored on the server. A copy of the hacked database also appeared online later the same day. TechCrunch reviewed the leaked data, which included years of victims' call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy. (LetMeSpy claims to delete data after two months of account inactivity.)

A government panel in Japan drew up a set of regulations aimed at opening up the smartphone app stores of U.S. technology giants Apple and Google to competition. From a report: The two companies dominating the smartphone operating system market will be obliged to allow their users to download apps by using services other than their own app stores. The government hopes that the move will spur competition and lead to app price drops. The smartphone OS market is occupied almost entirely by Apple's iOS and Google's Android. The companies control how apps are installed and paid for on their iPhones and Android devices.

The government will create a list of what OS providers must not do in order to stop them favoring their own services and payment platforms. The regulations were drawn up at the government's headquarters for digital market competition, headed by Chief Cabinet Secretary Hirokazu Matsuno. The government aims to submit relevant legislation to the next year's ordinary session of parliament. Apple makes it impossible for iPhone users to download apps without using its App Store. Of Android users, 97% download apps through the Google Play store, although Google does not require them to do so.

Google has reversed the suspension of an Android TV app that was hit with a copyright complaint simply because it is able to load a pirate website that can also be loaded in any standard web browser. From a report: The Downloader app, which combines a web browser with a file manager, is back in the Google Play Store after an absence of nearly three weeks. As we previously reported, Google suspended the app based on a Digital Millennium Copyright Act (DMCA) complaint from several Israeli TV companies that said the app "allows users to view the infamous copyright infringing website known as SDAROT." But that same website could be viewed on any standard browser, including Google's own Chrome app.

"The app was removed on May 19th due to the DMCA takedown request," developer Elias Saba wrote in a blog post today. "Instead of recognizing the absurdity of the claim that a web browser is somehow liable for all the unauthorized use of copyrighted content on the Internet, Google took a backseat and denied my appeal to have the app reinstated." The free app has been downloaded over 5 million times on Google Play and is available on the Amazon app store for devices such as Fire TVs. In addition to the rejected appeal, Saba filed a DMCA counter notification with Google. That "started a 10-business-day countdown for the [TV companies'] law firm to file legal actions against me," Saba wrote today. "Due to the app being removed on a Friday and the Memorial Day holiday, 10 business days had elapsed with no word from the law firm on June 6th and I contacted Google to have the app reinstated."

"It's worth questioning the status quo of technology," argues the Washington Post's Tech Friend newsletter, "including apps as we know them."

Then they tout the benefits of the "non-app app... a hybrid of a website and a conventional app, with features of each" — the unappreciated Progressive Web App (which many still don't know can be installed on your phone's home screen): Web apps look and function pretty much like the conventional apps for your phone or computer, but they clog less space on your device and are less pushy about surveilling you. People who make web apps also say they are easier to create and update than conventional apps... But web apps have been around for years, and most people don't know they exist...

[Traditional apps] come with profound downsides, including Big Tech control, privacy compromises and high development costs. It would be healthy if there were palatable alternative paths to our current app system. Web apps might be part of the solution... At their core, web apps are "the web with an app-like cover," said Rob Kochman, senior product manager for Google's Chrome. Kochman and other web app fans say these apps are less demanding and less intrusive than a conventional app. The web app for Starbucks, for example, takes up just 429 kilobytes of storage on my phone — or less than 1 percent of the storage taken by the standard Starbucks Android app...

And by design, once a conventional app is on your phone, it can access your phone's guts and peek under the hood of your internet network. Web apps are stingier about access, Kochman and other experts told me. "If you're worried about installing some app, you'd probably prefer that as a web app," said a veteran tech executive who helped develop the original technology for web apps. He referred to a web app as "just a website that took all the right vitamins...."

It's difficult to figure out which companies make web apps or find them. There's not an app store for web apps, although there are some attempts like Store.App and Appscope. They're not ideal... Some technologists told me that Apple has held back web apps by limiting their capabilities for Apple devices. The company has said that's not true. And this year, Apple added iPhone feature options for web apps...

We should keep challenging what can feel like immutable parts of digital life, including apps. We have to keep asking: What if there's something better?
It's as easy as "press the three-dot icon, then select 'Add to home screen.'" But it'd be interesting to hear the perspective of Slashdot readers. So share your thoughts and experiences in the comments.

Are you using progressive web apps?

Google Wallet on Android is finally getting ready for your digital driver's license and other US state IDs. Google says the feature is rolling out this month, and it will slowly start bringing states online this year. From a report: Of course, your state has to be one of the few that actually supports digital IDs. Google says Maryland residents can use the feature right now and that "in the coming months, residents of Arizona, Colorado and Georgia will join them." The road to digital driver's license support has been a long one, with the "Identity Credential API" landing in Android 11 back in 2020. Since then it has technically been possible for states to make their own ID app.

Now Google Wallet, Google's re-re-reboot of its payment app, is providing a first-party way to store an ID on your phone. Some parts of the Identity Credential API landed in Google Play Services (Google's version-agnostic brick of APIs), so Wallet supports digital IDs going back to Android 8.0, which covers about 90 percent of Android devices. Maryland has supported Digital IDs on iOS for a while, which gives us an idea of how this will work. An NFC transfer is enough to beam your credentials to someone, where you can just tap against a special NFC ID terminal and confirm the transfer with your fingerprint. Wallet has an NFC option, along with a "Show code" option that will show the traditional driver's license barcode.

An anonymous reader quotes a report from Ars Technica: After endless leaks, Motorola made its fourth-generation lineup of foldables official today. The flagship is the Moto Razr+, which will launch in the US on June 23 for $999. There's also a cheaper phone called only the "Moto Razr" with a smaller outside screen, slower SoC, and no clear US price or release date. Internationally, these phones are called the Moto Razr 40 Ultra and Moto Razr 40. The Ultra model's SoC is a Snapdragon 8+ Gen 1 -- that's not the best you can get from Qualcomm, which would be the 8 Gen 2 -- this is a year-old mid-cycle upgrade chip. The phone has 8GB of RAM, 256GB of storage, and a 3800 mAh battery with 30 W quick charging. The leaked display specs have been all over the place, but officially, the interior display is a 6.9-inch, 2640x1080 OLED that runs at a smoking 165 Hz. The exterior display is super big on the Ultra model and is a 3.6-inch, 144 Hz OLED at a nearly square 1066x1056. Motorola has the phone's dust and water ingress protection rated at IP52, which typically only protects from "direct sprays of water up to 15 degrees from the vertical" and is far from qualifying the Razr as a water-resistant phone.

The design has been better. The original foldable Moto Razr reboot from 2020 had beautiful throwback looks that screamed "Moto Razr." It looked just like the old-school flip phone from the early 2000s but modernized. This fourth foldable generation tones things down a lot and is more of a generic rectangle. You could easily confuse it for Samsung's Galaxy Z Flip. This fourth generation seems more mature, though. Motorola will now let you run any app you want on the ultra's giant front screen, complete with the option of a super tiny Android navigation bar tucked away in the bottom left corner, to the left of the two front cameras. You can peruse the app drawer, use Google Pay, or play media on the front display. You can even type on the keyboard: Google GBoard has a special full-screen mode that will show a single line of input text.

Those front cameras give this font display one of the strangest display shapes on the market. With two big dead spots in the bottom right corner, the workable display area is kind of an upside-down L shape. By default, apps will stay out of the non-rectangular part of the screen, but it's possible to enable a "full screen" mode for the front apps. This will force apps to use the lower part of the display, and you just have to hope that they will somehow deal with that. Android has APIs to identify dead areas of the display for apps to work around, but usually, that's for a top camera notch. Not many apps are built for this, but you're apparently welcome to try to make them work with the feature. [...] If you're interested in the Razr+, preorders start June 16.

Amazon.com will close its official app store in China in July, the latest retreat from the Chinese market by the US tech giant following last year's announcement that its Kindle e-book service would also shut. From a report: An Amazon representative said the Amazon Appstore, launched in 2011 as an alternative to Google for Android phone users to install apps and games, will be "discontinued." However, its official shopping site Amazon.cn will remain operational, as will other services such as Amazon Global Selling, Amazon Global Store and cloud unit Amazon Web Services (AWS). The app store service will shut down on July 17, according to Chinese media The Paper, citing a Tuesday email from Amazon Appstore sent to users, which did not elaborate on the reasons for quitting the market. The Amazon Appstore could not be downloaded from its official Chinese site as of Tuesday.

An anonymous reader quotes a report from Ars Technica: An app that had more than 50,000 downloads from Google Play surreptitiously recorded nearby audio every 15 minutes and sent it to the app developer, a researcher from security firm ESET said. The app, titled iRecorder Screen Recorder, started life on Google Play in September 2021 as a benign app that allowed users to record the screens of their Android devices, ESET researcher Lukas Stefanko said in a post published on Tuesday. Eleven months later, the legitimate app was updated to add entirely new functionality. It included the ability to remotely turn on the device mic and record sound, connect to an attacker-controlled server, and upload the audio and other sensitive files that were stored on the device.

The secret espionage functions were implemented using code from AhMyth, an open source RAT (remote access Trojan) that has been incorporated into several other Android apps in recent years. Once the RAT was added to iRecorder, all users of the previously benign app received updates that allowed their phones to record nearby audio and send it to a developer-designated server through an encrypted channel. As time went on, code taken from AhMyth was heavily modified, an indication that the developer became more adept with the open source RAT. ESET named the newly modified RAT in iRecorder AhRat.

Stefanko installed the app repeatedly on devices in his lab, and each time, the result was the same: The app received an instruction to record one minute of audio and send it to the attacker's command-and-control server, also known colloquially in security circles as a C&C or C2. Going forward, the app would receive the same instruction every 15 minutes indefinitely. [...] Stefanko said it's possible that iRecord is part of an active espionage campaign, but so far, he has been unable to determine if that's the case. "Unfortunately, we don't have any evidence that the app was pushed to a particular group of people, and from the app description and further research (possible app distribution vector), it isn't clear if a specific group of people was targeted or not," he wrote. "It seems very unusual, but we don't have evidence to say otherwise."

A class-action lawsuit has been filed against DoorDash, alleging that the company uses deceptive and fraudulent practices to charge higher delivery fees to iPhone users compared to Android users. Ars Technica reports: The lawsuit (PDF), filed May 5 in the District of Maryland, came in hot. Plaintiff Ross Hecox, in addition to his two children and a presumptive class of similarly situated customers, briefly defines DoorDash as an online marketplace with 32 million users and billions of dollars in annual revenue. "Yet, DoorDash generates its revenues not only through heavy-handed tactics that take advantage of struggling merchants and a significant immigrant driver workforce, but also through deceptive, misleading, and fraudulent practices that illegally deprive consumers of millions, if not billions, of dollars annually," the suit adds. "This lawsuit details DoorDash's illegal pricing scheme and seeks to hold DoorDash accountable for its massive fraud on consumers, including one of the most vulnerable segments of society, minor children."

Specifically, the suit claims that DoorDash misleads and defrauds customers by

- Making its "Delivery Fee" seem related to distance or demand, even though none of it goes to the delivery person.
- Offering an "Express" option that implies faster delivery, but then changing the wording to "Priority" in billing so it is not held to delivery times.
- Charging an "Expanded Range Delivery" fee that seems based on distance but is really based on a restaurant's subscription level and demand.
- Adding an undisclosed 99 cent "marketing fee," paid by the customer rather than the restaurant, to promote menu items that customers add to their carts.
- Obscuring minimum order amounts attached to its "zero-fee" DashPass memberships and coupon offers.
- Generally manipulating DashPass subscriptions to appear like substantial savings, when the company is "engineering" fees to seem reduced.

One of the more interesting and provocative claims is that DoorDash's fees, based in part on "other factors," continually charge iPhone users of its app more than Android users placing the same orders. The plaintiffs and their law firm conducted a few tests of DoorDash's system, using different accounts to order the same food, from the same restaurant, at almost the same exact time, delivered to the same address, with the same account type, delivery speed, and tip. [...] The plaintiffs are asking for $1 billion in damages for those who "fell prey to DoorDash's illegal pricing" over the past four years. The suit also includes allegations that DoorDash improperly allows children to enter into contract with the company without proper vetting. "The claims put forward in the amended complaint are baseless and simply without merit," said a DoorDash spokesperson in a statement. "We ensure fees are disclosed throughout the customer experience, including on each restaurant storepage and before checkout. Building this trust is essential, and it's why the majority of delivery orders on our platform are placed by return customers. We will continue to strive to make our platform work even better for customers, and will vigorously fight these allegations."