Privacy

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Meta quietly updated its Instagram Help Center recently announcing that end-to-end encrypted (E2EE) messaging will no longer be supported on the platform after May 8, 2026. If you have encrypted chats, you will want to export them before the deadline.

The company’s official reasoning: low adoption. “Very few people were opting in to end-to-end encrypted messaging in DMs, so we’re removing this option from Instagram in the coming months,” a Meta spokesperson said. “Anyone who wants to keep messaging with E2EE can easily do that on WhatsApp.”

That explanation could be technically true, but still a little hard to take seriously…

TikTok is setting itself apart from most other online platforms that offer messaging by stating that it won’t be introducing end-to-end encryption to ensure the privacy of direct messages.

This means that the company will be able to read messages sent between users, which is likely to cause concerns even after its US operations were separated from its Chinese owner …

Update: Added comment from TikTok below

A new report says that video feeds from Meta Ray-Ban smart glasses are sent for review by human data annotators in Kenya, and that the footage includes sensitive content that is supposed to be excluded.

Whistleblowers says that the video seen by third-party contractors used by Meta includes everything from people having sex to bank cards …

You may recall that way back in 2017, the WPA2 encryption standard used by most Wi-Fi routers at the time was cracked and had to be replaced with a new version, WPA3. Now a new attack method dubbed AirSnitch means that Wi-Fi encryption on most networks can be bypassed in order to access all of the traffic passing through the router.

Almost all routers are vulnerable, so there are three steps you should take in order to protect yourself, with the greatest risk occurring through use of public Wi-Fi hotspots …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Much like the infamously useless “close door” button in an elevator, reporting spam on an iPhone or Mac often feels like a placebo. This skepticism isn’t exclusive to Apple either. There is widespread distrust of reporting features in general. The issue largely stems from a lack of transparency. Because users rarely see a noticeable decline in junk mail after hitting “report,” many assume the button does nothing and eventually stop using it altogether.

While Apple does provide a great support document for how to make reports, it doesn’t explain exactly what it does with these reports to improve its security prowess. Allow me to shed some light here…

When Amazon announced a wider rollout of a surveillance feature to help Ring smart doorbells locate lost dogs, it was immediately seen as a precursor to using the feature to identify people.

That the company did in fact plan to do this has now been confirmed by a leaked email which Ring has admitted is genuine …

An unsecured database that likely contains tens of millions of unique Social Security numbers, alongside email addresses and passwords, has been discovered by security researchers.

While the database appears to have been collated from a number of separate data breaches over approximately a decade, the researchers explain why even very old personal data remains a live threat …

Badged versions of TP-Link routers are supplied to US customers by more than 300 ISPs, making them the most widely used Wi-Fi routers in the country, found in millions of US homes.

It therefore caused grave concern when security researchers at Microsoft found that a hacking group based in China was using vulnerabilities in the devices to carry out cyber attacks in the US. It had been widely expected that the routers would be banned from sale in the US, but politics seemingly intervened. However, the battle is not yet over …

Amazon’s plan to turn Ring doorbells into a neighborhood-wide surveillance system was roundly denounced as dystopian even when it was just searching for lost dogs.

The company does at least seem to have learned from the privacy backlash, announcing that it has now abandoned plans for a partnership with police …

iOS 26.3 is the latest iPhone software update, and one of its most interesting new features is a privacy setting—‘Limit Precise Location’—that reveals Apple at its best.

Both WhatsApp and Telegram have been blocked in Russia as the government tries to force people to use its unencrypted WeChat clone, Max. All messages sent and received in Max can be read by the government.

The government also blocked access to Facebook and Instagram, and designated parent company Meta as “an extremist organization” …

Amazon apparently thought the world would respond with a collective “awww” when it announced an expansion of its Ring Search Party feature to help find lost dogs, promoted via a 30-second Super Bowl ad (below). Instead, it’s being widely panned as a dystopian move in the current climate.

Since the company has recently rolled out a facial recognition capability for the Ring video doorbell, people drew the obvious and exceedingly short line between surveilling for dogs to surveilling for people …

During Alphabet’s Q4 2025 earnings call, CEO Sundar Pichai added to the confusion regarding where, exactly, the upcoming Gemini-powered Siri will run. Here’s what he said.

Both the founders of WhatsApp and current owner Meta state that the app uses end-to-end encryption, meaning that nobody outside the chat can access the content. A lawsuit claims that this isn’t true and that anyone inside Meta can get full access to all of the messages sent or received by any WhatsApp user.

Johns Hopkins University professor and cryptographer Matthew Green has weighed in with a blog post analyzing the claims and likely reality …

The Electronic Frontier Foundation (EFF) is out with a new campaign that presses tech companies to move faster to protect user data through end-to-end encryption, and stronger defaults and privacy settings. Here are the details.

Publicly available information reveals that Apple was fined a total of $851 million last year for privacy and antitrust violations, down from $2.1B in 2024.

The data was collated by Proton, which reports that it would have taken the iPhone maker just three days, three hours and 28 minutes to pay off the total …

A Californian court has awarded Apple a partial victory in a class action lawsuit alleging that the company violated the privacy of some iPhone owners.

The case followed a security researcher discovering data collection practices by Apple which he described at the time as “shocking” …

An effort led by security research lab CovertLabs is actively uncovering troves of (mostly) AI-related App Store apps that leak and expose user data, including names, emails, and chat history. Here are the details.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Talk of the largest grocer in the world not supporting Apple Pay or any Tap to Pay solution for that matter is making the rounds on social media again, as 9to5Mac noted yesterday. It is worth mentioning that there are real security benefits behind this technology. While the vast majority of users choose tapping for payment because it is quick and easy, there is a lot happening behind the scenes to keep your information private.

Today Apple confirmed a new partnership with Google to power future AI features, including the upcoming Siri overhaul. But how will that impact user privacy? Here’s what Apple says.

Roblox, one of the most popular kids’ apps in the world, is now requiring children as young as nine years old to submit a video selfie for age verification. Update: Following a partial launch in December of last year, the requirement is now being rolled out globally. The company says you will see the update within the next week.

While the developer is doing this for good reasons, it adds further weight to the argument that Apple and Google, rather than individual app developers, should be responsible for age verification …