Privacy

A planned law to require CSAM scanning in chat apps would be illegal, disproportionate, and could increase rather than decrease the risks to children, say experts. It could also see Apple withdraw iMessage from EU countries.

The warning was given by more than 20 speakers at a privacy seminar, as the European Union continues to press for a CSAM measure which would effectively outlaw end-to-end encryption in chat apps like iMessage, WhatsApp, and Signal …

Some 81% of Americans are concerned about how companies use their personal data, according to a large-scale study.

Two-thirds of those surveyed said they have little to no understanding of what companies do with the data collected about them, and even more believe there’s nothing they can do about it …

A class action lawsuit against Apple claims that AirTag stalking has led to “multiple murders.”

The lawsuit alleges that AirTags have been used by stalkers in at least 20 US states, and that Apple has failed to take adequate action to protect victims …

A powerful new California privacy law has now taken effect, designed to make it far easier for consumers to request that data brokers delete their data instead of selling it. The state’s right to repair legislation is also now active.

It’s hoped that both laws will serve as models for other US states, with a more ambitious goal of seeing their provisions enacted in federal law …

Snapchat’s My AI feature is facing the prospect of a ban in the UK, over concerns that it may be putting the privacy of children at risk.

It follows separate user outrage at the ChatGPT integration being pinned to the top of their chats, and a mix of concern and amusement when the chatbot went rogue …

A Homeland Security report on the illegal use of smartphone location data by multiple government agencies – including the US Secret Service – has now been made public. The report concludes that three separate US agencies broke the law by breaching privacy protections.

The report was originally categorized as Law Enforcement Sensitive, but this classification has now been removed, and a redacted version made available to the public …

One of the new privacy improvements with iOS 17 is a fresh embedded Photos picker for third-party apps plus alerts about which apps have full access to your photo library. Follow along for how to limit iPhone Photos app access for apps with iOS 17.

Eufy security cameras are getting an update that allows them to track a visitor across multiple cameras, and send you a single video alert which follows the visitor between views.

A demo video shows a delivery driver dropping off a package, and one view shows them placing the package in a yard, combined with a view from a second camera which shows the driver getting back into their van at the front of the home …

macOS Sonoma has officially launched with new features and improvements like interactive widgets, Game Mode, all-new wallpapers, and more. But one of the important behind-the-scenes changes is dozens of security fixes. Here are the 61 security patches that come with macOS 14.0.

After updating to the release version of iOS 17, some iPhone users are experiencing their existing privacy settings change without permission. Apple says it is investigating these reports. Here’s the latest.

In more T-Mobile news surely to give you déjà, déjà, déjà vu, the company has reportedly fallen victim to its third data breach this year, with over 90GB of employee and customer information stolen. And if you aren’t keeping track, it’s the company’s eighth major breach since 2018…

Update: New information suggests the data breach doesn’t affect T-Mobile itself, but an independent T-Mobile retailer called ConnectivitySource. The data from the leak “is related to an independently owned authorized retailer,” T-Mobile told 9to5Mac. “T-Mobile’s employee data was not exposed.”

ConnectivitySource is one of the company’s largest authorized retailers and operates in 38 states across the US. Around 146,109 audio recordings of customers calling stores were also collected by the hackers, claims vx-underground.

The British government’s hugely controversial Online Safety Bill has today passed in the second chamber of Parliament, and after six years of debate is now set to become law.

While Apple’s iMessage and other end-to-end encrypted messaging apps were saved from being outlawed by the bill, the government hasn’t yet given up the fight …

In what appears to be the latest in a series of T-Mobile security breaches, customers are reporting that they are seeing the personal data of other users when logged into their accounts.

Data accessible includes sensitive information like credit card details, home address, purchase history, and current credit balance …

While we’re still waiting to hear whether a federal TikTok ban will be imposed, some 18 state attorneys general are backing Montana’s state-level ban on the short video app. The ban is due to take effect on January 1, 2024.

TikTok is seeking to overturn the ban on the basis that it violates the free speech rights of its video creators, granted by the First Amendment. The app is one of the most popular in the world, used by around a third of the US population …

Although the previous White House incumbent threatened a US TikTok ban and then quietly dropped it, the idea never quite went away. A new report says that fresh meetings have taken place between Bytedance, the Chinese owner of the app, and US government officials.

Things kicked off back in the summer of 2020 when the previous administration said that it was considering the possibility of banning TikTok over unspecified security concerns that data could be used by the Chinese government. Since the app uses very little personal data, the nature of these fears was not explained …

This year we’ve seen a powerful new malware launch called Atomic macOS Stealer (AMOS) that specifically targets Apple users. Now in the latest development, AMOS has been found in malicious ads for Google searches. Here’s how to avoid this threat and help others do the same.

The future of iMessage in the UK had seemed in doubt, as the British government was demanding that the company break end-to-end encryption to allow messages to be scanned. Apple had said that it would withdraw iMessage from the UK rather than compromise user privacy.

WhatsApp and Signal had similarly threatened to withdraw their messaging apps from the UK, but the government has now done a U-turn, while issuing a meaningless, face-saving statement …

Update: The MTA flaw has been eliminated, but the Apple Pay question remains. See the end of the piece.

An inexcusable NYC subway security flaw has been revealed, allowing anyone with knowledge of a user’s credit card number and expiry date to track all journeys made within the past seven days.

But what’s far more concerning is that the vulnerability applies to journeys where Apple Pay was used to tap into stations, despite the fact that this should be completely impossible …