Privacy

The UK has become the first major country to introduce a legal requirement for internet age verification, but it affects all websites and apps worldwide. Additionally, the US has recently revived a bill very similar to the British legislation.

While the law was presented as a way to prevent children accessing adult websites, the reality is very different, and we’re already seeing the privacy risks of good intentions being turned into bad legislation – with iMessage and FaceTime in the firing line …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Let’s say you have screenshots of sensitive information sitting on your desktop that you’d like to password protect. You know that images of tax, banking, wire transfer forms, etc. in the clear can easily be viewed by anyone with physical or remote access to your machine, but you’re unsure how to secure them. Unfortunately, macOS Preview doesn’t support file-level password protection, but there are quick workarounds that don’t require third-party software or downloading anything not already on your Mac.

Amazon has confirmed it’s in the process of buying Bee, an Apple Watch app and wearable that records everything it hears.

The platform describes itself as “a personal Al that transforms your conversations, tasks, places and more into summaries, personal insights and timely reminders” …

The company behind encrypted email service Proton Mail has today launched a new freemium AI chatbot which promises that your chats will remain completely private.

Proton Lumo offers five protections it says aren’t matched by any of the existing mainstream AI services like ChatGPT and Gemini, and has even thrown shade at Apple Intelligence privacy …

More than 10,000 organizations around the world are at risk from hackers after a serious security flaw was discovered in Microsoft’s popular Sharepoint platform, used to store and share confidential documents. The majority of companies at risk are said to be in the US.

Update: Bloomberg reports that the National Nuclear Security Administration was among the organizations breached – see the end of the piece …

We learned earlier this year that the British government had secretly ordered Apple to create a backdoor into encrypted data for all iCloud users worldwide. Specifically, it wanted a way to see personal data protected by Apple’s introduction of Advanced Data Protection (ADP), which extended end-to-end encryption to almost all iCloud data, meaning not even the iPhone maker could access it.

Apple has been fighting the secret order in secret court hearings, but it now appears that the US government is using technology agreement negotiations to force Britain to back down …

A new report suggests that many people who belong to Gen Z use Find My and other apps to permanently share their location with groups of friends.

A study earlier in the year found that 40% of Gen Z adults share their location with three or more people, and a new piece found it was common to location-share with double digit numbers of friends …

Some data brokers may be illegally selling your information – preventing you from finding out what personal data is held, and opting out from its collection and resale.

Privacy campaigners say they’ve “uncovered a troubling pattern” that may indicate companies who collect and re–sell personal data may not be complying with state laws …

Earlier this week, Meta officially flipped the switch on in-app advertising for WhatsApp users worldwide, marking the first time ads have appeared inside the messaging platform. But if you’re in the European Union, there’s now an important update: the rollout won’t be happening for you… yet.

The privacy-focused web browser DuckDuckGo has boosted its anti-scam features. It can now detect and block fake ecommerce stores, crypto sites, virus alerts, and more.

The new security feature is completely free for all users on both Mac and iOS browsers, with no Privacy Pro subscription needed …

Update: Business Insider notes that Meta has now added a warning message when users share chat queries.

The Meta AI app has been described as “a privacy disaster,” as users unknowingly make their embarrassing questions public.

One tech writer described it as like discovering your web browser history has been public all along without you knowing it …

Scammers are using AI tools to create increasingly convincing ways to trick victims into sending money, and to access the personal information needed to commit identity theft. Deepfakes mean they can impersonate the voice of a friend or family member, and even fake a video call with them!

The result can be criminals taking out thousands of dollars worth of loans or credit card debt in your name. Fortunately there are steps you can take to protect yourself against even the most sophisticated scams. Here are the security and privacy checks to run to ensure you are safe …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Earlier this week, during its annual WWDC keynote, Apple unveiled a slew of headline features like Liquid Glass, a new Games app, and Visual Intelligence, as well as two major spam protection tools coming to iOS 26 this fall. While I was a little disappointed in the lack of new security or even privacy features, these new tools will change the game for users who receive annoying spam calls and messages on the daily. Here’s how they work.

Today, Apple confirmed (via TechCrunch) that a zero-day flaw used to deploy mercenary spyware onto journalists’ iPhones was quietly patched earlier this year, with the iOS 18.3.1 update.

I bet nobody had ‘Meta arguing for privacy on Apple’s behalf’ on their tech bingo cards, but that’s exactly what the social networking company is hoping to do.

Meta has asked the court’s permission to give evidence in support of Apple’s privacy battle with the British government over a feature intended to apply end-to-end encryption to almost all iCloud data …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

We’re officially just over a week away from WWDC 2025. While we expect big design enhancements and much-needed Apple Intelligence improvements to iOS, Apple has the opportunity to do something it’s quite good at: flexing its privacy prowess.

An update to T-Mobile’s T-Life app is rolling out at present, and customers are finding that it has screen recording on by default.

The carrier has confirmed that this is by design, but claims that it’s not a privacy risk, and says that it can be toggled off if desired …

Apple introduced app privacy labels to help people better understand what data an app may collect, including what data is linked to them or used to track them across the web. When released back in 2020, the labels set a precedent in the industry and were a major first step in raising awareness of privacy-invasive apps. It became easy for users to compare something like Signal, which collects virtually no user data at all, and Facebook Messenger, which gobbles up anything and everything it can. The feature set out to help users make informed downloads.

However, in recent years, I have seen a growing conversation around whether these entirely self-reported labels located further down on the application’s App Store page still impact the user’s decision before hitting “Get” to install.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Apple login credentials were among a massive database of 184 million records found sitting unprotected on a web server. Other logins included Facebook, Google, Instagram, Microsoft, and PayPal.

The owner of the database is unclear, but the security researcher who discovered it says that it amounts to “a cybercriminal’s dream working list” …