Apple delays plans to scan iPhones | T-Mobile data breach update | The Welsh Government's WhatsApp rules

8th September

Apple Delays Plans to Scan iPhones

Following widespread criticism and backlash from around the world, Apple has now delayed plans to roll out this technology and said that they have listened to the negative feedback and are reconsidering. Most of this backlash came from concerns that this system, which would take place on-device, could be abused by authoritarian state to spy on citizens.

This technology would scan images before they are uploaded to iCloud, then match them against known abuse material on a database run by the National Centre for Missing and Exploited Children. If a match was found, it would be manually reviewed, and steps would be taken to disable the user’s account and have it reported to law enforcement.

The Electronic Frontiers Foundation, one of the most vocal critics of NeuralHash, set up a petition which gathered 25,000 signatures from people opposing this technology.

In a statement, Apple has said that they will take “additional time over the coming months to collect input and make improvements before releasing these critically important child safety features”.

25,000 people have opposed this technology
- BBC News

T-Mobile Data Breach Update

Last week we also saw an update to the T-Mobile data breach, with the CEO of T-Mobile, Mike Sievert, writing a blog post to speak out about the breach. The alleged hacker behind the attack has also spoken out. John Brinns, who is 21 years old, spoke out in an interview to the Wall Street Journal. He claimed that the attack came about due to an unprotected T-Mobile router and weak spots in the company’s internet addresses that gave him access to over 100 servers. Regarding their security, Brinns said “their security is awful”.

Sievert, T-Mobile CEO, has said that the data breach has been “humbling”. This is T-Mobiles fifth data breach in four years. To help prevent this from happening again, T-Mobile is partnering with cybersecurity firm Mandiant and consultants from KPMG to “tighten things up”. To protect their customers, T-Mobile are offering two years of free identity protection with McAffee’s ID Theft Protection to all users who were affected.

T-Mobile to offer two years of free identity protection with McAffee’s ID Theft Protection to all users who were affected.
- T-Mobile

Welsh Government & WhatsApp Data Rules

The final story this week comes in two parts, both involving data protection. First, it has been reported that the Welsh Government has broken data protection laws more than 300 times in less than three years. The Government said that all breached were “reported, recorded and acted upon, no matter how small”. These breaches include forms with sensitive personal information being emailed to 26 different people, sensitive data accidentally being published on government websites, and a court report being sent to the wrong family.

Second, WhatsApp has been fined $267 million (£193 million) which is the second highest GDPR fine, by Ireland’s Data Protection Commission for breaking the EU’s data privacy rules. In the report published by the Commission, it is alleged that WhatsApp did not properly inform EU citizens how WhatsApp uses their personal information, or how it shares this information with Facebook, its parent company.

WhatsApp has been ordered to update its privacy policy and change how it notifies users about how it shares their data. In response, WhatsApp is going to appeal the decision by the commission.

WhatsApp fined $267 million for breaking EU data privacy rules
- BBC News
If you want to get in touch then give us a shout