Privacy

Since August, EFF and others have been telling Apple to cancel its new child safety plans . Apple is now changing its tune about one component of its plans: the Messages app will no longer send notifications to parent accounts.

That's good news. As we've previously explained , this feature would have broken end-to-end encryption in Messages, harming the privacy and safety of its users. So we're glad to see that Apple has listened to privacy and child safety advocates about how to respect the rights of youth. In addition, sample images shared by Apple show the text in the feature has changed from "sexually explicit" to "naked," a change that LBTQ+ rights advocates have asked for, as the phrase "sexually explicit" is often used as cover to prevent access to LGBTQ+ material.

Now, Apple needs to take the next step, and stop its plans to scan photos uploaded to a user's iCloud Photos library for child sexual abuse images (CSAM). Apple must draw the line at invading people's private content for the purposes of law enforcement. As Namrata Maheshwari of Access Now pointed out at EFF's Encryption and Child Safety event , "There are legislations already in place that will be exploited to make demands to use this technology for purposes other than CSAM." Vladimir Cortés of Article 19 agreed, explaining that governments will "end up using these backdoors to ... silence dissent and critical expression." Apple should sidestep this dangerous and inevitable pressure, stand with its users, and cancel its photo scanning plans.

Apple: Pay attention to the real world consequences, and make the right choice to protect our privacy.

It is not only the British parliament that is clamouring to control their subjects via an identity verification requirement fo social media users. Governments are=round the world are doubling their efforts to end online anonymity by proposing and introducing new laws that force users to hand over their identity documents (IDs) to use social media and by framing online anonymity as something that needs to be eradicated.

While most of these government efforts to end online anonymity have been widely covered in the media, America's recent proposals have managed to stay out of the spotlight. But despite flying under the radar, these proposals do exist in a discussion draft that was introduced by Congressman John Curtis in May.

The discussion draft aims to require a provider of a social media service to verify the identity of users of the service, and for other purposes and prevent anyone from creating a social media account without verifying their identity.

Not only does this discussion draft intend to make ID verification mandatory for anyone who wants to create a social media account but it also wants to force social media companies to report users to the Federal Trade Commission (FTC) whenever they suspect users have submitted fake IDs. Additionally, it contains a requirement for the FTC to submit these reports to the United States (US) Department of Justice (DOJ).

While the discussion draft does include an exception for social media providers that have annual revenues of less than $1 billion for three consecutive years, the large social media platforms where the vast majority of the more than three billion total social media users are registered will be forced to verify the real identity of their users.

Encrypted-email company ProtonMail sells itself on its privacy features, promising to let uses take control of their personal data.

But it had been legally obliged to collect data from an account said to be linked to a climate activist arrested by French police.

ProtonMail's website previously claimed encrypted emails cannot be shared with third parties. And as well as offering end-to-end encryption, it did not, by default, keep any IP [Internet Protocol] logs which can be linked to your anonymous email account.

ProtonMail has now removed the claim from the front page of its website, which it said it would update to clarify its obligations in cases of criminal prosecution. Its privacy policy now says: If you are breaking Swiss law, ProtonMail can be legally compelled to log your IP address as part of a Swiss criminal investigation.

The company also publishes reports of the requests for information it receives. And last year, it received more than 3,500 requests for assistance from Swiss authorities.

The company said it stood with activists and suggested those seeking anonymity also use The Onion Router (Tor) network, which hides users IP addresses under several layers of security.