Privacy

At least five VPN apps in the App Store were found to have links to the Chinese military, according to a new report today. Three of them have racked up more than a million downloads.

A subsidiary of one of the Chinese companies behind the apps is currently hiring for a role in “monitoring and analysing platform data,” with a familiarity with American culture listed as a job requirement …

Apple has been fined $162M by France’s competition regulator for the way App Tracking Transparency is implemented, stating that this is an abuse of the company’s powers.

This bizarre ruling follows a complaint by a group of trade associations representing advertisers who are no longer able to access user data to serve personalized ads …

The Meta AI chatbot is finally rolling out to European countries from this week, and will be accessible in Instagram, WhatsApp, Facebook, and Messenger. However, the headline feature of Ray-Ban Meta smart glasses will not be available.

The generative AI feature first launched in the US back in 2023, but privacy concerns were raised when it came to light that the company had been training it on Facebook and Instagram posts since way back in 2007 ….

Apple has been running a variety of ads over the past year pushing Safari as the privacy-friendly browser choice for iPhone, iPad, and Mac users. But in iOS 18.4 beta 1, there’s a new Safari feature that may accidentally undercut that message—despite offering solid utility.

Update 3/19/25: Added information about a change in iOS 18.4 beta 4 below.

A secret court hearing on iCloud encryption began on Friday, amid calls in both the UK and US to make the proceedings public.

The British government is demanding that Apple create backdoor access, not just for the personal data of British citizens, but for all iCloud users worldwide …

The long wait for a smarter Siri is to get even longer, with some indications that the new features we were originally expecting in iOS 18.4 may now be pushed back to iOS 19.

Apple hasn’t provided any real explanation, but two theories have so far been put forward, and now a developer and data analyst has suggested that security concerns may be a third reason – and by far the biggest problem …

Apple’s Advanced Data Protection (ADP) is a privacy feature very few people have been using. Non-techies had never heard of it, and even some geeks hadn’t enabled it.

So Apple standing up to the UK government’s attack on ADP might not seem a big deal – but I’d argue that it’s way more important than it might seem, for three reasons …

The UK’s privacy watchdog has announced a “major investigation” into the child protection measures of three popular apps: TikTok, Reddit, and Imgur.

The Information Commissioner’s Office (ICO) said that it has previously succeeded in bringing about child protection changes on X, Sendit, BeReal, Daily Motion, and Viber …

Apple has been under investigation by authorities in France for nearly two years over App Tracking Transparency, a privacy feature that lets iPhone users decide whether their activity can be tracked by advertisers or not. You’ve likely seen many of the ‘Ask App Not to Track’ pop-ups. Now, per a new Reuters report, the case is about to wrap up and looks set to end unfavorably for Apple.

In a world in which privacy is a hot-button issue, we might have expected Brits to be outraged that their government was responsible for Apple withdrawing Advanced Data Protection from the UK. In reality, it’s gone largely unremarked.

A new Bloomberg piece suggests that’s because people care far less about privacy than they claim. While I do think there’s some truth to that, it’s not the primary reason …

NSO’s Pegasus spyware is one of the most frightening privacy threats an iPhone owner can face. Without you taking any action at all, it’s able to completely take over your phone, accessing almost all of the personal data stored on it, and some versions have been able to activate cameras and microphones.

Pegasus exploits zero-day vulnerabilities – security holes Apple doesn’t yet know about – but the iPhone maker has another way to fight back …

It was discovered last year that location data for US military and intelligence personnel serving overseas was being sold by a Florida-based data broker, but the source of that sensitive data was unclear at the time.

It’s now been claimed that the data was captured by a variety of mobile apps with revenue-sharing agreements with a Lithuanian ad-tech company, and then resold by an American company …

Multiple security flaws have been found in the DeepSeek iOS app, which is still one of the most popular downloads in the App Store after topping the charts when it first launched.

The latest findings are far worse than the previous security failure which exposed chat history and other sensitive information in a database requiring no authentication …

It’s being reported that the British government secretly ordered Apple to create a security backdoor into all content uploaded by iCloud users anywhere in the world.

Apple is certain to refuse the demand, leading to the possibility of a similar privacy stand-off to the one seen between the iPhone maker and the FBI back in the San Bernardino shooter case …

So-called macOS Stealers – malware that seeks to extract personal data like passwords and credit card numbers from your machine – is expected to be significantly more prevalent this year.

A new annual report on the state of malware says that Mac owners could be at almost as much risk as Windows PC users this year …

A Grubhub security breach has exposed personal data for both customers and drivers, says the company, after an “incident” involving a third-party contractor.

The company has not revealed the exact scale of the security fail, but has admitted that the personal data includes names, email addresses, phone numbers, and partial credit card numbers …

A Meta policy document describes the company’s fears that it could accidentally develop an AI model which would lead to “catastrophic outcomes.” It describes its plans to prevent the release of such models, but admits that it may not be able to do so.

Among the capabilities the company most fears are an AI system that could break through the security of even the best-protected corporate or government computer network without human assistance …

A zero-click WhatsApp spyware attack was made against 90 journalists and other “civil society members,” said Meta, which managed to detect the incident.

A zero-click attack means that victims don’t need to tap on a link or take any action in order for their devices to be compromised – simply receiving the message is enough …

DeepSeek privacy concerns have led to investigations being opened in both the US and Europe, and seen the app removed from the App Store in Italy. It seems likely the same will happen in other countries.

Italian’s privacy regulator questioned whether the app complied with GDPR, a tough privacy law that applies across 30 different countries …

Security researchers have discovered two flaws present in all current iPhones, iPads, and Macs – as well as many earlier ones. The vulnerabilities, known as SLAP and FLOP, could potentially allow an attacker to see the current contents of your open web tabs.

The flaws were introduced in the A15 and M2 chips, and are also found in subsequent ones, up to and including the latest version of each device …