Tag: apple

US Bill Mandates On-Device Age Verification

A bill introduced by Representative Josh Gottheimer in the House on April 13 would require Apple, Google, and every other operating system vendor to verify the age of anyone setting up a new device in the United States.

The legislation, H.R. 8250, travels under the friendlier name of the Parents Decide Act, and it is among the most aggressive surveillance mandates ever proposed for American consumer technology.

We obtained a copy of the bill for you here.

The press releases describing it lead with children. The text describes something much larger. To confirm a child is under 18, the system has to identify everyone else, too, and the bill builds the infrastructure to do exactly that.

This is child safety as a delivery mechanism for mass identification. The pattern is familiar by now. A genuine harm gets named, a sympathetic victim gets centered, and the solution proposed reshapes the digital lives of three hundred million people who were not the problem.

The Parents Decide Act follows that template with unusual precision. It takes the real suffering of real children and uses it to justify building a national identity layer underneath every device sold in the country, administered by two private companies, with the details to be filled in later.

The mandate sits in Section 2(a)(1), which obligates providers to “Require any user of the operating system to provide the date of birth of the user” both to set up an account and to use the device at all. Adults included.

There is no carve-out for grown users, no opt-out for people who simply want to turn on a phone without handing a date of birth to Apple or Google first.

The age check is the entry fee for owning a computer. What happens to that data afterward gets handed off to the Federal Trade Commission to sort out later. A federal bill that mandates identification as a condition of using a general-purpose computing device represents something the United States has not previously had, which is a national ID requirement for turning on a device.

Keep reading

FBI Recovers Deleted Signal Messages Through iPhone Notifications

The FBI successfully recovered private Signal messages from a defendant’s iPhone even after the app was deleted. Learn how this security loophole works and the simple setting you must change today to keep your chats private.

Most of us prefer using the Signal app because it is supposed to be very secure with a remarkable end-to-end encryption system that hides our chats from everyone else. It also has a message-disappearing feature to help us set a message deletion time.

But the Federal Bureau of Investigation (FBI) found a way to read private Signal messages on an iPhone, even after the app was deleted. This was revealed in a court case in Texas that these messages can stay hidden in the phone’s memory longer than we expected.

How the loophole works

The case involves a woman named Lynette Sharp and an attack on a Texas detention centre in July 2025. During the trial in April 2026, the FBI revealed they recovered her messages even when she had deleted the Signal app. The bureau, reportedly, retrieved the messages from the iPhone’s push notification database.

During the trial, FBI Special Agent Clark Wiethorn explained how investigators accessed the evidence. When a message arrives, the phone shows a little preview on the screen, which is handled by the phone’s operating system and not the Signal app.

Even if Signal deletes the message later, the phone’s system can save a copy of that preview in its own records. To read these saved messages from Signal, the FBI used Cellebrite, a forensic tool often used by law enforcement to scan seized devices.

A key finding is that the FBI could only see incoming messages, not the ones Sharp sent, which confirms the data came from the notification storage. It shows that while the app’s encryption is strong, the phone’s operating system keeps its own logs of everything.

Keep reading

Apple Removes Bitchat from China App Store at Cyberspace Administration Order

Apple deleted Bitchat from the China App Store, acting on a direct order from the Cyberspace Administration of China. Jack Dorsey, who created the app, posted a screenshot of Apple’s removal notice to X with a short caption: “bitchat pulled from the china app store.”

The notice Apple sent to Dorsey is almost a copy-paste of the one it sent to Damus three years earlier. The language is identical. The accusation is identical. The CAC determined that Bitchat violates Articles 3 of the Provisions on the Security Assessment of Internet-based Information Services with Attribute of Public Opinions or Capable of Social Mobilization.

That regulation, enacted in 2018, requires any online service capable of influencing public opinion or organizing collective action to undergo a government security assessment before going live. If a service hasn’t submitted to that assessment, the CAC can order it pulled.

It targets the capacity for “public opinions” and “social mobilization.” The Chinese government has decided that the ability to communicate outside state-approved channels is itself a security threat, and Apple consistently treats that determination as sufficient grounds for deletion.

Bitchat is a peer-to-peer messaging app that operates over Bluetooth mesh networks. It requires no internet connection, no phone number, no email address, and no user account.

Messages are end-to-end encrypted and stored only on the devices involved. There are no central servers to subpoena, no user databases to hand over, and no content moderation pipeline for the CAC to plug into.

Dorsey built the initial version over a single weekend in July 2025, coding it with Goose, Block’s open-source AI assistant. He published a white paper on GitHub and opened a TestFlight beta that hit its 10,000-user cap within hours.

That design is precisely the problem from Beijing’s perspective. China’s internet censorship apparatus depends on having a chokepoint.

Keep reading

Apple Removes Private VPN Apps From Russia App Store

Apple pulled several custom VPN clients from the Russian App Store last week, including Streisand, V2Box, v2RayTun, and Happ Proxy Utility.

These aren’t the big-name commercial VPN providers that Apple already removed in 2024 at Roskomnadzor’s request. These are tools that let users connect to their own private servers and configure manual proxies, the kind of apps that give technically savvy Russians the ability to route around state censorship without depending on any company’s infrastructure.

Russian tech outlet Kod Durova first reported the removals, noting that the same apps remain available through Google Play on Android.

Days before the removals surfaced, Digital Development Minister Maksut Shadayev announced the Kremlin’s most aggressive anti-VPN campaign yet. “We have an obligation to fulfill the tasks that have been set before us. In this case, the task is to reduce the use of VPNs,” Shadayev said on the state-backed messenger Max.

He linked the push to what he called “long, difficult and ultimately unsuccessful” talks with foreign tech companies over compliance with Russian law.

Keep reading

Apple Expands Age Verification to Singapore & South Korea

Apple’s identity verification demands are spreading across Asia. Starting in late March, the company expanded age verification requirements in both Singapore and South Korea, adding these countries to a growing list alongside the UK, where users must prove they’re adults before Apple lets them fully use their own devices.

Singapore has been partially locked down since February 24, when Apple began blocking downloads of apps rated 18+ unless users confirmed they were adults.

That initial wave also hit Australia and Brazil. But the late March update goes further, bringing Singapore’s requirements closer to the UK model. Apple now requires Singaporean users to confirm they’re 18 or older to download or purchase 18+ apps, using a credit card, a driving license, a National Registration Identity Card, or a Foreign Identification Number card. Passports, debit cards, and gift cards aren’t accepted.

That list of acceptable documents tells you something about Apple’s priorities. Passports are internationally recognized government IDs, but they don’t work here. Debit cards, which millions of adults use as their primary payment method, are also excluded because minors can technically hold them.

Keep reading

Apple UK Age Verification Chaos: Users Face Failed Scans, Rejected Passports, and Forced Content Filters

Apple’s iOS 26.4 age verification system is failing UK users who don’t have a credit card or photocard driving license, leaving them with no way to prove they’re adults on devices they’ve owned for years.

The system arrived without warning, without explanation, and without any apparent consideration for the people who don’t fit Apple’s narrow assumptions about what a British adult looks like.

No Warning, No Communication

Apple sent no email. Included no mention of age verification in the iOS 26.4 release notes it shared publicly.

Unless you’d been following the developer beta track, where the feature appeared in February or reading Reclaim The Net’s earlier coverage, the first you knew about it was a prompt on your screen after restarting your phone.

That’s how 35 million UK iPhone users found out their devices now require identity documents to function normally. A “Confirm You Are 18+” label appeared at the top of Settings, and anyone who couldn’t or wouldn’t comply got silently downgraded. Apple’s Web Content Filter switched on, blocking websites across Safari and every third-party browser. Communication Safety is activated, scanning images and videos in Messages and FaceTime for nudity. Features that worked fine the day before now require government-approved proof of adulthood.

A company that controls what software runs on every iPhone it sells decided overnight that UK users needed to hand over identity documents to keep using the devices they already paid for. And it didn’t bother to tell them it was coming.

Keep reading

Apple Forces UK iPhone Age Checks in iOS 26.4

With iOS 26.4, Apple has turned every iPhone in the UK into an identity checkpoint. The update, released March 24, requires all UK users to confirm they’re 18 or older before accessing certain features and services on their Apple Account.

UK communications regulator Ofcom called it “a real win for children and families.”

The infrastructure being built is more of a problem than that framing suggests.

Apple has, without warning, placed a gatekeeper on the devices of 35 million UK users who paid good money for full-featured smartphones and now find themselves holding something closer to a supervised children’s tablet.

It’s a corporate ultimatum: hand over sensitive personal data or lose functionality you already paid for.

The verification prompt appears immediately after the update installs.

Apple checks whether your account already has a credit card linked or whether the account has existed long enough to establish you as an adult.

For many existing users, the process is essentially automatic. For everyone else, the options narrow quickly: link a credit card, scan a government-issued photo ID, or accept that your account defaults to teen restrictions, with Apple’s Web Content Filter and Communication Safety features switched on across all browsers and messaging apps and FaceTime, monitoring communications.

Web Content Filter blocks websites Apple classifies as explicit, operating across Safari and third-party browsers alike.

Communication Safety scans incoming and outgoing images and videos for nudity. Both activate silently for anyone who hasn’t cleared the adult threshold. Skip verification, or lack a credit card and a government ID, and Apple decides what you’re allowed to see.

Users without a credit card or government ID have no other path. Reports from UK users confirm it. Scan the card, upload the ID, or live with restricted access. The system doesn’t offer alternatives.

Ofcom praised the rollout in a statement, saying it had coordinated extensively with Apple and others on age assurance under the Online Safety Act: “Apple’s decision that the UK will be one of the first countries in the world to receive new child safety protections on devices is a real win for children and families…We’ve worked closely with Apple and other services to ensure they can be applied in a variety of contexts in order to ensure users are protected. This will build on the strong foundations of the Online Safety Act, from widespread age checks that keep young people away from harmful content, to blocking high-risk sites and stepping up action against child sexual abuse material.”

Keep reading

Researchers uncover iPhone spyware capable of penetrating millions of devices

A powerful software exploit capable of penetrating and stealing information from potentially hundreds of millions of Apple (AAPL.O), opens new tab iPhones ‌was planted on dozens of websites in Ukraine in recent weeks, researchers said on Wednesday.

The discovery marks the second time this month that researchers have found spyware targeting iPhones and other Apple devices. Together, the two hacking tools show that the market for sophisticated malware capable of stealing data and cryptocurrency wallet information ​is flourishing, researchers said.

Researchers with cyber firm Lookout, opens new tab, mobile security firm iVerify, opens new tab and Alphabet’s (GOOGL.O), opens new tabGoogle, opens new tab published coordinated analyses of the malware they dubbed “Darksword.” ​On March 3, Google and iVerify revealed a separate powerful iPhone spyware called “Coruna.” Researchers found Darksword hosted on ⁠the same servers.

“There’s now a verified pipeline of recent exploits … that have ended up in the hands of potentially criminal entities with ​a financial focus,” said Justin Albrecht, principal researcher with Lookout.

Keep reading

Republican Lawmakers Demand Answers on UK’s iCloud Encryption Backdoor Order

Two senior Republican lawmakers are demanding answers from the British government about its secret order forcing Apple to break its own encryption. The UK has until March 11 to respond.

House Judiciary Committee Chairman Jim Jordan and Foreign Affairs Committee Chairman Brian Mast sent a joint letter on Wednesday to Home Secretary Shabana Mahmood, pressing for a formal briefing on the Technical Capability Notice (TCN) served on Apple under the UK’s Investigatory Powers Act.

We obtained a copy of the letter for you here.

It’s the latest move in a surveillance fight that began over a year ago and has rattled the US-UK relationship at the highest levels.

In January 2025, UK security officials secretly ordered Apple to build a backdoor into iCloud that would allow them to decrypt any user’s data, anywhere in the world. Not just suspected criminals, not just UK citizens. Everyone.

The order targeted Apple’s Advanced Data Protection (ADP) feature, the optional end-to-end encryption that ensures even Apple can’t read iCloud backups. Apple’s response was to pull ADP from the UK market entirely in February 2025, stripping strong encryption options from roughly 35 million iPhone users rather than comply with a demand it couldn’t legally discuss.

UK law makes it a criminal offense for companies to confirm or deny the existence of such orders, even to their own government.

Apple couldn’t tell the US Department of Justice that the order existed. The DOJ couldn’t verify whether it complied with the CLOUD Act, the bilateral agreement governing how the two countries share access to digital evidence. That agreement explicitly states it “shall not create any obligation that providers be capable of decrypting data.” The UK’s order appears to do exactly that.

The reaction in Washington was bipartisan. Senator Ron Wyden and Congressman Andy Biggs slammed the order as “effectively a foreign cyber attack waged through political means.”

President Trump compared the UK’s conduct directly to China’s. Speaking to the Spectator after meeting Prime Minister Keir Starmer, Trump said: “We actually told [Starmer] . . . that’s incredible. That’s something, you know, that you hear about with China.” DNI Secretary Tulsi Gabbard called any attempt to compel Apple to create security weaknesses an “egregious violation” of privacy and confirmed legal and intelligence teams were assessing the implications.

Keep reading

Apple Rolls Out Age Verification to UK iPhone Users Under Online Safety Act

Apple is now starting to demand age verification from UK iPhone users, and the latest iOS 26.4 beta makes clear what’s at stake for anyone who declines.

The move is a direct consequence of the UK’s Online Safety Act, a censorship law that has also forces platforms to check the identity/age eligibility of every adult user or face fines reaching 10% of global revenue.

The law is controversial but British Prime Minister Keir Starmer says it doesn’t go far enough.

A prompt appears after installation asking users to confirm they’re over 18. Refuse, and Apple says users “will not be able to download and purchase apps or make in-app purchases.”

The verification process gives Apple several ways to build a profile of your age. It can pull from the payment method already linked to your account, use account age as a proxy, or ask you to scan a credit card. Some users may eventually be asked to scan a photo ID. Apple frames this as seamless.

Keep reading