Privacy

Tile is out with a new feature for its item trackers that hopes to reduce trouble with both theft and stalking. The company is calling the new feature Anti-Theft Mode and there are several components to it including an unscannable mode, a new $1 million penalty for misuse, ID verification, and more. The changes follow similar ones made by Apple last year. Here’s how the approaches compare.

iOS 16.3 was released to the general public last month, and among other new features, it also included a variety of security updates. One of those fixes addressed an Apple Maps privacy bug that could have allowed an app to “bypass Privacy preferences.”

In a statement to 9to5Mac on Friday, Apple clarified that iPhone users “were never at risk” because of this vulnerability. The company also refuted a report that said a Brazillian food delivery app was accessing user location without permission in iOS 16.2.

President Biden’s second State of the Union address called on Congress to pass bipartisan legislation on both antitrust and data privacy issues.

His comments on the antitrust issue specifically referenced the need to prevent tech companies favoring their own products, an accusation frequently levelled at Apple …

In honor of Safer Internet Day, Apple has shared a list of features and tips to provide a more secure and private experience for kids on devices like iPhone and iPad. Along with 8 ways to stay safer, Apple has highlighted its dedicated educational hub for parents and families plus a new free Today at Apple session called “Your Kids and Their Devices.”

Pegasus spyware journalists Laurent Richard and Sandrine Rigaud were the first to discover an extensive list of specific people being targeted by NSO’s clients. In working on the story, they said they had to take extreme privacy precautions to avoid their own devices being compromised.

One of the major uses of Pegasus has been to silence journalists working on revealing abuses by tyrannical governments, so the risk of their own devices being hacked without their knowledge was very real …

A member of the Senate Intelligence Committee has called on both Apple and Google to remove TikTok from their respective app stores.

The demand follows growing concerns about the Chinese-owned app, with the video sharing app already banned from US federal government devices, along with those in more than half of US states …

Anker has admitted that its statements about Eufy security camera encryption were not accurate. The smart home brand had previously stated that all video footage is end-to-end encrypted, but has now admitted there was an exception to this (which it has now fixed).

The company only finally came clean about the privacy breach after The Verge threatened to post a story about the company’s failure to answer its questions …

An Apple Maps privacy bug fixed in iOS 16.3 may have allowed apps to collect user location data without permission.

At least one app appears to have done so, and a security reporter has speculated that the same privacy bug could have been exploited by countless apps over an unknown time period …

Pegasus spyware – a zero-click way of remotely hacking an iPhone, and gaining access to all the personal data stored on it – has been defended by the company’s CEO. NSO chief exec said that the company had made “mistakes” in selling it to repressive governments, but claimed that it now sells Pegasus only to countries to whom the US sells weapons.

A security researcher said that the comparison was bogus, stating that a more reasonable comparison would be selling long-range nuclear missiles …

In honor of Data Privacy Day, Apple has announced a handful of new resources “designed to help users take control of their data.” This year, those initiatives include dedicated privacy-focused “Today at Apple” sessions, a new short film with Ted Lasso star Nick Mohammed (Nate the Great), and more.

A GoTo hack related to the LastPass security breach was far worse than initially disclosed. The company, formerly known as LogMeIn, has revealed that attackers obtained not only encrypted backups of customer data, but also an encryption key for at least some of that data.

It’s a similar tale to the LastPass hack, which followed a similar path from low-key initial announcement to revelations that it was significantly worse than initially feared …

Apple is facing a third class action privacy lawsuit, after the company was found to be collecting analytics data from iPhone users even after they refused permission.

Apple insists that all developers ask permission to collect analytics data, but security researcher Tommy Mysk discovered last year that the company wasn’t playing by its own rules …

There have been numerous examples of people losing a lifetime’s worth of photos after being locked out of their iCloud account. The Apple account recovery process often proves impossible, especially in cases where an iPhone has been stolen and its owner forced to unlock it.

Just yesterday there was a fresh example, where an unlocked iPhone was stolen at gunpoint by seemingly tech-savvy thieves …

Apple has been fined $8.5 million in France over how personalized advertising works on the iPhone. France’s CNIL data protection agency (National Commission on Informatics and Liberty) issued the €8 million penalty against Apple as the result of an investigation.

The long-running Cambridge Analytica lawsuit against Facebook parent company Meta has finally been settled. The social media company agreed to pay Facebook users a combined total of $725M for sharing their personal data with the now-bankrupt political consultancy.

The lawyers behind the case described the victory as a “historic” one, saying that it was the largest ever payout in a US privacy case …

Brand owner Anker has finally responded to proof of a major Eufy camera security breach, but its official statement still leaves a great many questions unanswered.

The company has now admitted that it lied to users about all footage and images being stored locally, and never sent to the cloud, after a security researcher proved that this was not true …

One of the ironies of Apple’s long-running battle with the FBI over the agency’s desire for a security backdoor into iPhones is that it could have taken advantage of one which already existed: The fact that iCloud backups of iPhones didn’t use end-to-end encryption. Apple has now finally fixed this with Advanced Data Protection (ADP).

ADP not only closes a privacy hole which should have been closed a long time ago, but will also relieve Apple of the need to engage in any similar legal battles in future …

Apple on Wednesday announced new iCloud security features to strengthen users’ privacy. This includes Advanced Data Protection with end-to-end encryption for all data saved in the cloud, as well as support for physical security keys. In an interview with WSJ’s Joanna Stern, Apple’s SVP of software, Craig Federighi, shared some details about what led the company to introduce such features to iCloud.