Privacy

If you live in Europe then you know the routine: open a new website, click through a cookie consent banner designed to maximize data gathering, let out a frustrated sigh and get on with life. That might be changing:

The $9.99 / month subscription will also let you use Anthropic’s Claude Sonnet 4 and Meta’s Llama Maverick through the privacy-focused Duck.ai interface, which doesn’t store your chats or use them for AI training. In addition to these perks, DuckDuckGo’s subscription comes with a VPN and an information removal tool.

404 Media has been on top of the privacy nightmare of Tea, an app that sought to make dating safer for women by sharing “red flags” but has instead been a leaky source of its users’ personal data. A new investigation by 404’s Emanuel Maiberg goes behind the scenes how the app tried to hijack the Are We Dating the Same Guy? Facebook group to goose its community numbers.

404 Media reports how ICE officials added a random person to a “Mass Text” chat, where they discussed plans to find an individual “seemingly marked for deportation.” The messages exposed sensitive information about ICE’s target, including their criminal record, Social Security Number, and driver’s license number.

The platform announced earlier this month that it will begin to use AI to detect users under 18 and automatically apply restrictions to their account. If it incorrectly identifies someone as underage, YouTube will ask for the user’s government ID, credit card, or a selfie to verify their age.

The new Instagram Maps request to enable location services (feeding Meta valuable ad targeting data from your Android or iPhone) has spawned incredulous reactions, along with claims it’s on by default, despite Adam Mosseri’s denials.

A Microsoft workers group says reporting by The Guardian, Local Call, and +972 Magazine “revealed incriminating details about Microsoft’s indispensable role as the technological backbone of Israel’s mass surveillance of Palestinians all over Palestine” with the IDF’s Unit 8200, despite the company’s denials.

After 404 Media reported that an app meant to help women exchange dating information for safety purposes was breached, TechCrunch reports that a rival app targeted at men has been exposing users’ personal data including government IDs. “The security lapse will likely affect any user who signed up or shared identity documents with the app,” TechCrunch writes about TeaOnHer, adding that the app has about 53,000 users.

The company has introduced Proton Authenticator, an open-source two-factor authentication app that can sync 2FA codes across devices using end-to-end encryption. Though Proton’s password manager already comes with a built-in 2FA feature, Proton says using its standalone Authenticator offers an “extra layer of security” by generating codes in a separate app.

Until now it’s stayed quiet on whether it received the same order to open a backdoor to user data as Apple, but a spokesperson confirmed to TechCrunch that it never did. If it had, Google wouldn’t be allowed to say so.

I appeared on On the Media to discuss our story about the Anime Nazi who allegedly hacks universities. I explain why the identity of the alleged hacker is important, why the Times’ obfuscation of its sources is troubling, and what’s at stake in the Republican war on higher education: upward mobility.

Purportedly searching for illegal cannabis grow houses, the Sacramento Municipal Utilities District (SMUD) has been tipping off police about “high” electricity usage based on smart meter readings.

21-year-old Mads Mikkelsen (not the famous one) tells Norwegian newspaper Nordlys that he was pulled aside by customs officials at Newark Airport. An agent searched his phone and found (1) a photo of a wooden pipe he had made, and (2) that one meme of JD Vance where he has the giant bald baby head.

While Meta said ads will be globally introduced to WhatsApp’s updates tab “slowly over the next several months,” the company has now clarified to Ireland’s Data Protection Commission (DCP) that they won’t arrive in the European Union market until 2026. That gives EU privacy regulators time to discuss data-sharing concerns about the ad model.