Apple delays plans to scan iPhones | T-Mobile data breach update | The Welsh Government's WhatsApp rules
Apple Delays Plans to Scan iPhones
Following widespread criticism and backlash from around the world, Apple has now delayed plans to roll out this technology and said that they have listened to the negative feedback and are reconsidering. Most of this backlash came from concerns that this system, which would take place on-device, could be abused by authoritarian state to spy on citizens.
This technology would scan images before they are uploaded to iCloud, then match them against known abuse material on a database run by the National Centre for Missing and Exploited Children. If a match was found, it would be manually reviewed, and steps would be taken to disable the user’s account and have it reported to law enforcement.
The Electronic Frontiers Foundation, one of the most vocal critics of NeuralHash, set up a petition which gathered 25,000 signatures from people opposing this technology.
In a statement, Apple has said that they will take “additional time over the coming months to collect input and make improvements before releasing these critically important child safety features”.
- Source - Apple iPhone Scan Update - BBC News
- Source - Apple iPhone Scan Update - Wired
- Source - Apple iPhone Scan Update - CNBC
- Source - Apple iPhone Scan Update - Bloomberg
T-Mobile Data Breach Update
Last week we also saw an update to the T-Mobile data breach, with the CEO of T-Mobile, Mike Sievert, writing a blog post to speak out about the breach. The alleged hacker behind the attack has also spoken out. John Brinns, who is 21 years old, spoke out in an interview to the Wall Street Journal. He claimed that the attack came about due to an unprotected T-Mobile router and weak spots in the company’s internet addresses that gave him access to over 100 servers. Regarding their security, Brinns said “their security is awful”.
Sievert, T-Mobile CEO, has said that the data breach has been “humbling”. This is T-Mobiles fifth data breach in four years. To help prevent this from happening again, T-Mobile is partnering with cybersecurity firm Mandiant and consultants from KPMG to “tighten things up”. To protect their customers, T-Mobile are offering two years of free identity protection with McAffee’s ID Theft Protection to all users who were affected.
- Source - T Mobile Breach Update - CEO Statement
- Source - T Mobile Breach Update - CNET
- Source - T Mobile Breach Update - TechGenix
- Source - T Mobile Breach Update - The Verge
- Source - T Mobile Breach Update - The Wall Street Journal
Welsh Government & WhatsApp Data Rules
The final story this week comes in two parts, both involving data protection. First, it has been reported that the Welsh Government has broken data protection laws more than 300 times in less than three years. The Government said that all breached were “reported, recorded and acted upon, no matter how small”. These breaches include forms with sensitive personal information being emailed to 26 different people, sensitive data accidentally being published on government websites, and a court report being sent to the wrong family.
Second, WhatsApp has been fined $267 million (£193 million) which is the second highest GDPR fine, by Ireland’s Data Protection Commission for breaking the EU’s data privacy rules. In the report published by the Commission, it is alleged that WhatsApp did not properly inform EU citizens how WhatsApp uses their personal information, or how it shares this information with Facebook, its parent company.
- Source - Welsh Government Broken Data Protection Laws - BBC News
- Source - WhatsApp Fined For GDPR - BBC News
- Source - WhatsApp Fined For GDPR - Guardian
- Source - WhatsApp Fined For GDPR - The Verge