Archive for World Wide Web

Business Leaders Lack Vital Digital Skills Says OU Survey

The Open University’s new ‘Leading in a Digital Age’ report highlights a link between improved business performance and leaders who are equipped, through technology training, to manage digital change.

Investing In Digital Skills Training

The latest version of the annual report, which bases its findings on a survey of 950 CTOs and senior leaders within UK organisations concludes that leaders who invested in digital skills training are experiencing improved productivity (56 per cent), greater employee engagement (55 per cent), enhanced agility, and vitally, increased profit.

The flipside, highlighted in the same survey, is that almost half (47 per cent) of those business leaders surveyed thought they lacked the tech skills to manage in the digital age, and more than three-quarters of them acknowledge that they could benefit from more digital training.

Key Point

The key point revealed by the OU survey and report is that the development of digital skills in businesses are led from the top and that those businesses that invest in learning and development of digital skills are likely to be more able to take advantage of opportunities in what could now be described as a ‘digital age’.

Skills Shortages

The report acknowledges the digital skills shortages that UK businesses and organisations face (63 per cent of senior business leaders report a skills shortage for their organisation) and the report identifies a regional divide in those companies reporting skills shortages – more employers in the South and particularly the South West are finding that skills are in short supply and reporting that recruitment for digital roles takes longer.

One likely contributing factor to some geographical/regional divides in skills shortages and difficulty in recruiting for tech roles in those areas may be the spending, per area, on addressing those skills shortages.  For example, London is reported to have spent (in 2019) £1.4 billion (the equivalent of £30,470 per organisation), while the North East spent the least (£172.2 million), and South East spent only £10,260 per organisation.

Factors Affecting The Skills Shortage

The OU report identifies several key factors that appear to be affecting the skills shortage and the investment that may be needed to address those skills shortages. These include the uncertainty over Brexit, increased competition, an ageing population, the speed and scope of the current ‘digital revolution’, and a lack of diversity.

What Does This Mean For Your Business?

Bearing in mind that the OU, whose survey and report this was, is a supplier of skills training, the report, nonetheless, makes some relevant and important points.  For many businesses, for example, managers and owners are most likely to the be the ones with the most integrated picture of the business and its aims, and if they had better digital skills and awareness they may be more likely to identify opportunities, and more likely to promote and invest in digital skills training within their organisation that could be integral to their organisation being able to take advantage of those opportunities.

The tech skills shortage in the UK is, unfortunately, not new and is not down to just businesses alone to solve the skills gap challenge. The government, the education system and businesses need to find ways to work together to develop a base of digital skills in the UK population and to make sure that the whole tech ecosystem finds effective ways to address the skills gap and keep the UK’s tech industries and business attractive and competitive.  As highlighted in the OU report, apprenticeships may be one more integrated way to help bridge skills shortages.

.ORG Silence Continues After ICANN Imposes Temporary Sale Halt

Internet companies are still none-the-wiser about the details of the proposed sale of the .org registry to private equity firm Ethos Capital following DNS overseer ICANN putting a temporary halt on the sale back on 9 December.

What Sale?

The rights to the .org domain registry, one of the largest internet registries in the world, with over 10 million names, was/is due to be sold by ISOC (aka the Internet Society), the parent company of PIR (the organisation that currently runs it) for an as-yet-undisclosed sum to Ethos Capital.

Always Not For Profit

The relatively sudden announcement of the sale caused shock and some dismay within the industry over the thought that a registry that has held its non-profit status since 2003 will now be ending up in private hands. Historically, .org domains have always been the outward sign of non-profit organisations.

About Ethos

Some industry commentators have also expressed concern about the lack of knowledge within the industry about Ethos Capital, and some worries have, therefore, been expressed about how qualified and able they may be to manage the .org registry.

Other Criticism

Other criticisms about the sale, which have been voiced online include:

– Suspicion about possible conflicts of interest e.g. around Fadi Chehade, a former CEO of ICANN who is credited by some with encouraging a free-market approach to internet addresses, and who some appear to believe is connected to Ethos Capital.

– After ICANN lifted the price caps on .org domains for the next 10 years (allowing unlimited price increases on the millions of .org domain names) many high-profile non-profit organisations have rejected ICANN’s claim that the move was simply to make the process consistent with the base form registry agreement and have accused ICANN of disregarding the public interest in favour of ICANN’s own administrative convenience.

– Worries that ICANN’s decision to approve the proposed sale may have been subject to bias and may not have reflected the true strength of feeling against the sale.

– Concerns were even expressed by those who supported the proposal e.g. ICANN’s At Large Advisory Committee (ALAC) and Non-Commercial Stakeholder Group (NCSG).

– Anger that ICANN appeared to move ahead with the decision to lift caps without any explanation, and that there still appears to be a level of secrecy surrounding the sale.

– Suspicion by some that the deal has long been the subject of informal discussion among key players.

Temporary Halt

A temporary halt was placed on the proposed sale of the .org Registry right to Ethos Capital in early December and since then, the Packet Clearing House (PCH) has argued (in a letter to ICANN) that the sale and move to non-profit status would mean less money being spent on .org’s operational costs, and could affect stability and could disrupt “critical real-time functions” of organisations using .org domains.

Silence

There is now a sense of frustration from many parties in the industry over the apparent silence, and the distinct lack of information since the temporary halt was placed on the sale.

What Does This Mean For Your Business?

There are many important organisations that use .org domains e.g. air traffic control, and these, as well as the 10 million others who have .org domains, will be concerned not just about the possible price rises of .orgs due to the lifting of the price cap, but also about the possible disruption and instability that the sale of this kind could cause.

There also appears to be a good deal of anger, concern, and unanswered questions in the Internet market about the decision to sell and the details of the sale, as well as apparent feelings of a possible lack of transparency and feelings that things may possibly have been rushed through with important arguments against the sale not being adequately addressed. That said, ICANN must have seen good enough reason to put a temporary halt on the sale, for the time being.

It remains to be seen exactly what happens next but in the interests of the industry and .org owners, the hope is that there will more communication, information and transparency very soon.

Microsoft Criticised By UK’s Cyber Security Agency Over Dmarc

The UK’s National Cyber Security Centre (NCSC) has complained that it has been unable to compile meaningful statistics and draw meaningful conclusions about email security in its latest report because Microsoft stopped sending Dmarc reports two years ago.

What Is Dmarc?

Domain-based message authentication, reporting and conformance (Dmarc) is a protocol, developed by the Trusted Domain Project, to help provide greater assurance on the identity of the sender of a message, and it builds upon the email authentication technologies SPF and DKIM developed over a decade ago and the work on a collaborative system pioneered by PayPal Yahoo! Mail and later Gmail.

Dmarc allows email and service providers to share information about the validity of emails they send to each other, including giving instructions to mailbox providers about what to do if a domain’s emails aren’t protected and verified by SPF and/or DKIM e.g. moving a message directly to a spam folder or rejecting it outright. Information about messages that have passed or failed DMARC evaluation is then fed back to a DMARC register, thereby providing intelligence to the sender about messages being sent from their domain and enabling them to identify email systems being used by spammers.

Dmarc works on inbound email authentication by helping email receivers to determine if a message “aligns” with what the receiver knows about the sender and if not, Dmarc includes guidance on how to handle the “non-aligned” messages e.g. phishing and other fraudulent emails.

Why Were Microsoft’s Dmarc Reports So Important?

Microsoft’s email platforms form one of the biggest receivers of email, and data from Microsoft about the number of emails failing Dmarc gives a good indication of the number of suspicious emails being sent.  The lack of this data in the NCSC’s Mail Check service means that the NCSC’s ability to monitor and report on email security driven by Dmarc adoption has been hampered. This blind spot could have a knock-on negative impact on email security for everyone.

Public Sector Uptake – Good News

The NCSC’s latest report contains good news, however, about a significant uplift in the public sector adoption of email security protocols.  For example, public sector domains using Dmarc more than tripled from December 2017 to December 2018 to 1,369, and the number of domains with a Dmarc “quarantine” or “reject” policy (to prevent suspicious emails being delivered to inboxes) also tripled.

What Does This Mean For Your Business?

Having a collaborative intelligence sharing and effective protocol and process such as Dmarc that is being widely adopted by many organisations has significantly improved email security.  This is particularly valuable at a time when businesses face significant risks from malicious emails e.g. phishing and malware, and email is so often the way that hackers can gain access to business networks.

Sharing intelligence about the level and nature of email security threats and how they are changing over time e.g. in the trusted NCSC report, is an important tool to help businesses and security professionals understand more about how they tackle security threats going forward.  It is, therefore, disappointing that one of the world’s biggest receivers of email, which itself benefits from Dmarc, is not providing reports which could be of benefit to all businesses and organisations.

Visa Adopts Blockchain For Cross-Border, Bank To Bank B2B Payments

Visa is integrating blockchain technology with its core systems to enable participant businesses to make direct, cross-border, bank to bank payments to other corporate participants.

B2B Connect

The news system called Visa B2B Connect is being built using the Hyperledger Fabric framework from the Linux Foundation, and will mean that, rather than paying another corporate by cheque, automated clearing house or wire transfer, all of which require intermediary banks and exchanges, payments can be made directly and instantly from bank to bank of corporate customers.

This will mean cost and time savings, and the ability to pay and get paid 24-hours a day, regardless of location, local time differences, and other problematic traditional banking anomalies such as data truncation, payment delays and compliance issues.

Suite of APIs

The Visa B2B Connect system essentially provides a suite of Application Programming Interfaces (APIs) which allow participating banks to automate B2B, cross-border and cross-currency payments, by developing an end-to-end B2B payments solution to onboard customers, set up their suppliers, check Visa B2B Connect foreign exchange rates and submit payments. Alternatively, banks can choose to integrate just a subset of the APIs to address more specific needs e.g. checking on the status of certain payments through the Visa B2B Connect site.

Expansion Plans

Although the new system will only work for those corporates signed-up as participants to Visa’s pilot scheme, there are already plans to expand it so that it will cover more than 30 global trade corridors and 90 markets by the end of this year.

Benefits

The benefits that the blockchain-based B2B Connect system offers include cryptographically secured B2B transactions, transaction transparency and predictability, and the peace of mind and security of operating within a trusted network where all parties are known participants on a permissioned blockchain operated by Visa.

Blockchain Lacking Functionality

Recent research by Gartner showed that Only 11% of CIOs have deployed or are in short-term planning with blockchain, partly because of the fact that, at the moment, blockchain is a technology and not a complete, ready to use application, and therefore, lacks business-friendly features like a user interface, business logic, data persistence and interoperability mechanisms.

What Does This Mean For Your Business?

For corporates, Visa’s B2B Connect system appears to unlock some of the long-promised benefits of blockchain in terms of fast and easy cross-border payments, security, transparency, and the reassurance of a trusted name in the payments world.  Also, the fact that a suite of APIs are available to participants means that the system can be set up relatively easily, thereby tackling the issue (as highlighted by the Gartner research) of confusion among corporate tech heads about how best to incorporate blockchain and worries about there being few ready to use, complete applications available.

For smaller businesses the hope of being able to use blockchain to add value, reduce costs and gain competitive advantages is being boosted by a growing Blockchain as a Service (BaaS) market which offers the chance to deploy distributed ledgers without the cost or risk of deploying it in-house, and without needing to find in-house developers.  The cloud-based CRM platform ‘Salesforce’ for example, is adding a low code, blockchain-powered service that will allow enterprise users to share data with third parties in a secure, transparent, and auditable way.

Suspected Russian Disinformation Campaign Rumbled

An investigation by the Atlantic Council’s Digital Forensic Research Lab (DFRLab) claims to have unearthed a widespread disinformation campaign aimed at influencing online conversations about several topics, that appears to originate in Russia.

Facebook Accounts

Sixteen suspected Russian fake accounts that were closed by in early May 2019 led researchers to an apparent campaign which stretched across 30 social networks and blogging platforms and used nine languages. The campaign appeared to be focused away from the main platforms such as Facebook and Twitter and was played out instead on blogging sites, subreddits, and online forums.

Even though the scale of the apparent disinformation operation appears to be beyond the abilities of  a small or ad hoc group (the scale has been described as “remarkable”), and that the operation appears to have been working out of Russia,  the DFRLab has pointed out that there is not enough real evidence to suggest that the Russian state / Kremlin is behind it and that the investigation is still ongoing.

What Kind Of Disinformation?

It has been reported that the broad topic areas of the disinformation appear to reflect Moscow’s foreign policy goals e.g. Ukraine, Armenia, opposition to NATO, although conversations have been started and steered around subjects relating to Brexit, Northern Ireland, the recent EU elections, immigration, UK and US relations, the recent turmoil in Venezuela and other issues. Some of the disinformation is reported to have included:

Fake accounts in 2018 of an alleged plot, apparently discovered by Spanish intelligence, to assassinate Boris Johnson.

Shared screenshots of a false exchange between Democratic Unionist Party leader, Arlene Foster, and chief EU Brexit negotiator, Michel Barnier, which appeared to show a secret negotiation behind Theresa May’s back. Also, false information was spread about the Real IRA.

The publishing of a fraudulent letter in French, German, and broken English, featuring a screenshot of a letter allegedly written by Italian-Swedish MEP Anna Maria Corazza was published on various platforms as an attempt to influence the European Parliament elections in May 2019.

Failed and Discovered

The main reasons why the disinformation essentially failed and was discovered were that:

  • Communications were generally not sent via the main, most popular social media platforms.
  • The campaign relied on many forged documents and falsehoods which were relatively easy to spot.
  • So much trouble was taken to hide the source of the campaign e.g. each post was made on a single-use account created the same day and not used again, that the messages themselves hardly saw the light of day and appeared to lack credibility.

What Does This Mean For Your Business?

The fact that someone / some power is going to the trouble to spread disinformation on such a scale with regard to influencing the politics and government of another country is worrying in itself, and the knowledge that it is happening may make people more sceptical about the messages they read online, which can help to muddy the waters on international relations even more.

If messages from a foreign power are used to influence votes in a particular way, this could have a serious knock-on effect on the economy and government policy decisions which is likely to affect the business environment and therefore the trading conditions domestically and globally for UK businesses.  Some have described the current time as being a ‘post-truth’ age where shared objective standards for truth are being replaced by repeated assertions of emotion that are disconnected from real details.  This kind of disinformation campaign can only feed into that and make things more complicated for businesses that need to be able to have reality, truth, clear rules, and more predictable environments to help them reduce risk in business decisions.

Tech Tip – A Free Online HTML Editor

If you’d like to be able to quickly write or edit a piece of content so that it can be easily used online without having to download or purchase HTML editors, try using a free, online HTML editor.

For example, go to https://html5-editor.net/

Type or paste your text into the right-hand side window.  The HTML appears in the left-hand window.  Both are editable.

You can, for example, select all the text in the right-hand window (click in the window, CTRL + A), select ‘Format’ (top bar), and select ‘Clear Formatting’.  This will clean up the code so that you can add your own formatting, links, bold, etc.

If you’d like to save your work as an HTML page, click in the left hand window and use CTRL + A (to copy the HTML code), open Notepad by typing Notepad the Windows search bottom left, CTRL +V to paste into the notepad file, and save the notepad page as a HTML page.

ICO’s Own Website Fails GDPR Compliance Test

Irony and embarrassment are the order of the day as the Information Commissioner’s Office, which is responsible for ensuring GDPR compliance in the websites of businesses and organisations has been forced to admit that its own website is not GDPR compliant.

Cookie Consent Notice

The problem, as pointed out to the ICO by Adam Rose, a lawyer at Mishcon de Reya, is that the ICO’s website currently uses implied consent to place cookies on mobile devices, which is prohibited under the Electronic Communications Regulations (PECR) 2003.  These Regulations operate alongside GDPR, and as highlighted on the ICO’s own website, consent needs to be clearly given for cookies (e.g. by a tick box) and where they are set, the website needs to give users, mobile or otherwise, a clear explanation of what the cookies do and why.

Article 6

It has been reported that Mr Rose argued that the ICO’s own website’s cookie consent tools were at odds with Article 6 of PECR.

ICO’s Own Guide

For example, in the ICO’s own online guide, in terms of getting marketing consent, it states that “some form of very clear positive action” is needed, “for example, ticking a box, clicking an icon, or sending an email – and the person must fully understand that they are giving you consent”.

Cookies Admission

Under “Cookies” in the guide, and in admission of not being fully compliant itself at the moment, the ICO now states that “We use a cookies tool on our website which relies on implied consent of users.  In recognition of the fact that the implementation date for the revised e-Privacy Regulation remains unknown, we are taking reasonable steps now to align our use of cookies the standard of consent required by GDPR.  This means that we are in the process of updating the tool (Civic Cookie Tool) which, by default, requires explicit opt-in action by users of our website.”

This means that the ICO has yet to upgrade to the version of the Civic Cookie Tool which includes explicit opt-in, and therefore, the ICO isn’t currently compliant with the laws that it is supposed to help implement and uphold.

Why?

Even though the ICO announced back in May last year that it would be upgrading to the new version of the Civic Cookie Tool, this has not yet happened. This appears to indicate a possible failure on the ICO’s part in the planning and implementation aspects of this particular tool on its website.

Also, as some tech and security commentators have pointed out, there is still a lack of clear legal rules on cookie compliance, and this has even led to confusion on some points among data protection experts.

It could also be argued that a lack of regulatory enforcement against cookie compliance breaches may mean that most website operators can still put consent rules to the bottom of the list of business priorities with no fear of consequence.  It’s also unclear if the regulator would or would not be able to carry out some kind of enforcement of the law against itself.

What Does This Mean For Your Business?

Many businesses may be thinking that, aside from the obvious irony of the regulator not being totally compliant, what hope do the rest of us have of getting it right if the ICO can’t?

This story could also act as a reminder to businesses that consent is a complicated area in data protection, and that it may be worth revisiting what cookie consent tools are in place on their websites and whether they are up to date and compliant.  For example, as the ICO has discovered, if you’re responsible for implementing the updated version of tools relating to your GDPR compliance, the planning and implementation needs to be managed in order to avoid unwittingly leaving the organisation open to possible infringements of current regulations.

Criminal Secrets Of The Dark Net Revealed

Recent Surrey University research, ‘Web Of Profit’ commissioned by virtualisation-based security firm Bromium has shown that cyber-criminals are moving to their own invisible Internet on the so-called ‘dark net’ to allow them to communicate and trade beyond the view of the authorities.

What Is The Dark Net?

The dark net describes parts of the Internet which are closed to public view or hidden networks and are associated with the encrypted part of the Internet called the ‘Tor’ network where illicit trading takes place.  The dark net is not accessible to search engines and requires special software installed or network configurations made to access it e.g. Tor, which can be accessed via a customised browser from Vidalia.

Deeper

Infiltration and closing down of some of the dark net marketplaces by the authorities are now believed to have led to cyber-criminals moving to a more secure, invisible part of the dark net in order to continue communicating and trading.

How?

Much of the communication about possible targets and tactics between cyber-criminals now takes place on secure apps, forums and chatrooms.  For example, cyber-criminals communicate using the encrypted app ‘Telegram’ because it offers security, anonymity, and encrypted channels for the sale of prohibited goods.

Diverse Dark Net Marketplace

Posing as customers and getting first-hand information from hackers about the costs a range of cyber-attacks, the researchers were able to obtain shocking details such as:

  • Access to corporate networks is being sold openly, with 60% of the sellers offering access to more than 10 business networks at a time. Prices for remote logins for corporate networks ranged from only £1.50-£24, and targeted attacks on companies were offered at a price of £3,500.
  • Phishing kits are available for as little as $40, as are fake Amazon receipts and invoices for $52.
  • Targeted attacks on individuals can be purchased for $2,000, and even Espionage and insider trading are up for sale from $1,000 to $15,000.

Corporations Targeted

One thing that was very clear from the research is that cyber-criminals are very much focusing on corporations as targets with listings for attacks on enterprises having grown by 20% since 2016. The kinds of things being sold include credentials for accessing business email accounts.

Specific Industries

The research also showed that cyber-criminals are moving away from commodity malware and now prefer to tailor tools such as bespoke versions of malware as a way of targeting specific industries or organisations.  For example, the researchers found that 40% of their attempts to request dark net hacking services targeting companies in the Fortune 500 or FTSE 100 received positive responses from sellers, and that the services on offer even come with service plans for conducting the hack, and price tags ranging from $150 to $10,000, depending on the company to be targeted.

The industries that are most frequently targeted using malware tools that are being traded on the dark net include banking (34%), e-commerce (20%), healthcare (15%) and even education (12%).

Researchers also uncovered evidence that vendors are now acting on behalf of clients to hack organisations, obtain IP and trade secrets and disrupt operations.

What Does This Mean For Your Business?

The dark net is not new, but some commentators believe that the heavy-handed nature of some of the police work to catch criminals on the dark net is responsible for pushing criminal communication and trading activity further underground into their own invisible areas.  End-to-end encrypted communications tools such as Telegram mean that cyber-criminals can carry on communicating beyond the reach of the authorities.

The research should show businesses that there is now real cause for concern about the sensitive, informed and finely tuned approach that cyber-criminals are taking in their targeting of organisations, right from the biggest companies down to SME’s.  This should be a reminder that cyber-security should be given priority, especially when it comes to defending against phishing campaigns, which are one of the most successful ways that criminals gain access to company networks.

Law enforcement agencies also need to do more now to infiltrate, gather intelligence, and try to deter and stop the use of different forums, channels and other areas of the dark net in order to at least prevent some of the more open trading of hacking services and tools.

US Visa Applicants Now Asked For Social Media Details and More

New rules from the US State Department will mean that US visa applicants will have to submit social media names and five years’ worth of email addresses and phone numbers.

Extended To All

Under the new rules, first proposed by the Trump administration back in February 2017, whereas previously the only visa applicants who had needed such vetting were those from parts of the world known to be controlled by terrorist groups, all applicants travelling to the US to work or to study will now be required to give those details to the immigration authorities. The only exemptions will be for some diplomatic and official visa applicants.

Delivering on Election Immigration Message

The new stringent rules follow on from the proposed crackdown on immigration that was an important part of now US President Donald Trump’s message during the 2016 election campaign.

Back in July 2016, the Federal Register of the U.S. government published a proposed change to travel and entry forms which indicated that the studying of social media accounts of those travelling to the U.S. would be added to the vetting process for entry to the country. It was suggested that the proposed change would apply to the I-94 travel form, and to the Electronic System for Travel Authorisation (ESTA) visa. The reason(s) given at the time was that the “social identifiers” would be: “used for vetting purposes, as well as applicant contact information. Collecting social media data will enhance the existing investigative process and provide DHS greater clarity and visibility to possible nefarious activity and connections by providing an additional toolset which analysts and investigators may use to better analyse and investigate the case.”

There had already been reports that some U.S. border officials had actually been asking travellers to voluntarily surrender social media information since December 2016.

2017

In February 2017, the Trump administration indicated that it was about to introduce an immigration policy that would require foreign travellers to the U.S. to divulge their social media profiles, contacts and browsing history and that visitors could be denied entry if they refused to comply. At that time, the administration had already barred citizens of seven Muslim-majority countries from entering the US.

Criticism

Critics of the idea that social media details should be obtained from entrants to the US include civil rights group the American Civil Liberties Union which pointed out that there is no evidence it would be effective and that it could lead to self-censorship online.  Also, back in 2017, Jim Killock, executive director of the Open Rights Group was quoted online media as describing the proposed as “excessive and insulting”.

What Does This Mean For Your Business?

Although they may sound a little extreme, these rules have now become a reality and need to be considered by those needing a US visa.  Given the opposition to President Trump and his some of his thoughts and policies and the resulting large volume of Trump-related content that is shared and reacted to by many people, these new rules could be a real source of concern for those needing to work or to study in the US.  It is really unknown what content, and what social media activity could cause problems at immigration for travellers, and what the full consequences could be.

People may also be very uncomfortable being asked to give such personal and private details as social media names and a massive five years’ worth of email addresses and phone numbers, and about how those personal details will be stored and safeguarded (and how long for), and by whom they will be scrutinised and even shared.  The measure may, along with other reported policies and announcements from the Trump administration even discourage some people from travelling to, let alone working or studying in the US at this time. This could have a knock-on negative effect on the economy of the US, and for those companies wanting to get into the US marketplace with products or services.

Amazon Pop-Up Stores

Amazon is launching a pilot scheme which will enable 100 small online businesses to get the opportunity to sell their goods in 10 Amazon pop-up stores in UK high streets.

Clicks And Mortar

The pop-up stores will be branded as ‘Clicks and Mortar’ and will enable small online businesses selling homeware, health and beauty, food and drink and electronics to get their first taste of selling from a physical store in a UK high street. The stores may also offer customers the chance to discover new brands on their local high streets.

Amazon had already tested the pop-up store idea in the UK, albeit briefly and on a small scale, when last October it opened a fashion store in Baker Street in London to gauge customer opinions. The online shopping giant has also opened a “Home of Black Friday” store as part of the annual retail event in London over the last two years.

Following eBay

Last month, as part of its own month-long retail experiment, eBay opened a “concept” store in Wolverhampton’s i10 building, in which 40 businesses have been able to offer interactive experiences to buyers, such as workshops and tutorials. eBay reportedly launched the store as part of a partnership between itself and Wolverhampton Council after its own research showed that showed a quarter of small UK retailers did not have an online presence. The store was designed to show how stores of the future could combine technology with a human connection.

Tough Times On The High Street

The UK high street and many of its famous brand occupants have been going tough times, much of which has been blamed on a move to online shopping and competition from online brands and stores, high business rates, and a further reduction in footfall as more high street stores become empty and less attractive to shoppers.

For example, the latest BRC research shows that one in 10 shops in UK town centres is lying empty and that the vacancy rate has risen over the last four quarters and is now the highest reading since April 2015.

Many big chains have announced widescale branch closures e.g. Debenham’s having to close 22 stores, the Topshop group of stores facing problems, Boots possibly closing 200 branches, and Marks & Spencer now planning to close 72 big high street stores in addition to the 48 already closed.

Criticism

Amazon has faced criticism from some business and retail commentators for the working conditions in its warehouses, and over the relatively small amount of tax that pays in the UK.

What Does This Mean For Your Business?

For a limited number of small online retailers, the pop-up stores offer a great opportunity to have a low-risk, well-supported bricks and mortar retail experience and a chance to gain visibility for their brands.  For the high street, Amazon pop-ups may offer a brief boost in variety, footfall, and interest. For Amazon, one of the big online retailers that some would say have contributed (with other online retailers and high business rates) to the decline of the high street, the pilot offers them a chance to boost their brand and good publicity at a time when the many vacant stores gives them the opportunity to choose some great high street locations in major UK towns and cities. It will also offer Amazon, as it did with eBay, a legitimate opportunity to see how retailing could look in the future and a way to assess opportunities, perhaps, for its own brand and services in high streets.