Startups Weekly: Zoom, Superhuman and small reactions to big scandals

Hello and welcome back to Startups Weekly, a weekend newsletter that dives into the week’s noteworthy startups and venture capital news. Before I jump into today’s topic, let’s catch up a bit. Last week, I noted the big uptick in VC spending in 2019. Before that, I struggled to understand WeWork’s growth trajectory.

Remember, you can send me tips, suggestions and feedback to [email protected] or on Twitter @KateClarkTweets. If you don’t subscribe to Startups Weekly yet, do that here, now, please, thanks.

Anyways, onto today’s topic. Venture capitalist’s favorite company, Zoom, endured its first high-profile scandal this week.

After security researcher Jonathan Leitschuh published a Medium post detailing a major security vulnerability within Zoom’s technology platform, the company patched its Mac video conferencing client to remove a rogue web server that allowed any website to join a video call without permission. Users can now update their client or download the new version from Zoom’s website. Apple has also pushed a silent update for Mac users removing the vulnerable component, a move meant to protect users both past and present from the undocumented web server vulnerability without affecting or hindering the functionality of the Zoom app itself.

Zoom only made the call to remove the insecure web server after intense pushback. I’m not here to share my own opinions on Zoom’s security or lack thereof, what I’d like to point out is the company’s poor reaction to the PR nightmare. Yes, Zoom ultimately provided a fix, but initially, it failed to solve the underlying issue.

Zoom’s major hiccup comes shortly after users and onlookers attacked the exclusive email service Superhuman. Superhuman tracks email you send and receive and gives you tools to help manage it. They do this on your behalf, but without the permission of the recipient of your emails.

Superhuman was much faster than Zoom to offer an official response amid complaints. Just a couple of days after a blog post outlining security flaws within the service went viral, Superman announced it was going to remove location logging altogether, get rid of all existing location data, turn off read receipts by default and make them an opt-in feature for users. This is all nice and good and definitely shifted attention away from the key issue: Pixel-tracking (embedding the commonly used advertising tool of a “pixel” in emails to report back to senders info like whether an email’s been opened or not). Superhuman still has the exact same pixel-tracking capabilities, what’s changed is that users just need to turn on the feature.

Startups and public companies alike will do what they can to maintain features that benefit their businesses and will go to great lengths to shift consumer attention away from key issues, even when that means putting their own users at risk.

Anyways…

TC Sessions: Mobility

We hosted our first-ever mobility-focused conference this week in San Jose. In what was an incredibly successful, thought-provoking event, industry leaders gathered to discuss the issues plaguing startups, the future of micromobility, the scooter wars and more. A whole lot of mobility news corresponded with the event, including…

• The future of car ownership: Cars-as-a-service 
• Zoox’s self-driving car will provide a smooth ride via independent active suspension
• Waymo has now driven 10B autonomous miles in simulation
• Udelv partners with H-E-B on Texas autonomous grocery delivery pilot
• Inside the GM factory where Cruise’s autonomous Bolt is made
• Inrix expands its digital rule book beyond self-driving cars to help cities with scooters, bikes and delivery bots
• Bird plans to hire 1,000 workers in Paris

Startup Capital

Who raised money this week?

• Creditas, a Latin American fintech, landed $231M from SoftBank
• Remitly secures $220M at unicorn valuation
• OPay raises $50M to support mobile finance in Nigeria
• Visa invests $40M in no-password crypto vault Anchorage
• India’s NiYO ‘neo-bank’ raises $35M to help blue-collar workers access financial services 
• Glitch is bringing back remix culture to the web with $30M Series A
• Anvyl, looking to help D2C brands manage their supply chains, nabs $9.3M
• Dataform scores $2M to build an OS for data warehouses 

New VC funds

Which VCs closed new funds this week?

• Maniv Mobility closed its second fund on $100M. Kirsten Korosec has the details.
• Former Sequoia Capital India partners raise $351M for maiden fund, called A91 Partners. Manish Singh has more.
• YL Ventures has raised $120M for its fourth cybersecurity-focused fund. Connie Loizos has the full story.
• And ICYMI, Lance Armstrong wants to raise $75M for his first-ever VC fund. Here’s my story.

Snap’s startups

After generally being the butt of the public market’s jokes since its IPO, Snap is having a killer 2019, with its stock price nearly tripling in value. The successes are perhaps giving the company a moment to pause and think more about generating future value. Part of that equation is certainly the company’s Yellow accelerator that aims to invest in pre-seed startups that bring mobile users to shared experiences. We covered Yellow’s inaugural batch back in September; now TechCrunch’s Lucas Matney has the full rundown on Snap’s second class of bets.

Bumble and Badoo’s bad week

Following an extensive report in Forbes about Bumble’s parent company and its billionaire founder Andrey Andreev, the female-first dating app’s founder Whitney Wolfe Herd issued a statement on Tuesday. While Wolfe Herd says she was “mortified by the allegations” and “saddened and sickened to hear that anyone, of any gender, would ever be made to feel marginalized or mistreated in any capacity at their workplace,” the exec also detailed that “Badoo is currently conducting an investigation into the allegations, as well as compiling documentation to expose the factual inaccuracies that exist within the article.” We’ve got Wolfe Herd and Forbes’ statement in full here, as well as more on Forbes’ explosive investigation.

Extra Crunch

First of all, if you still haven’t signed up for Extra Crunch, I’m not sure what you’re doing. For a low price, you can learn more about the startups and venture capital ecosystem with exclusive deep dives, newsletters, resources and recommendations and fundamental startup how-to guides. Here are some of this week’s top-performing posts.

• Grasshopper’s Judith Irwin leaps into innovation banking
• What CISO’s need to learn from WannaCry

#EquityPod