Tag: privacy

Florida’s New Social Media Bill Says the Quiet Part Out Loud and Demands an Encryption Backdoor

At least Florida’s SB 868/HB 743, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.” Usually these sorts of sweeping mandates are hidden behind smoke and mirrors, but this time it’s out in the open: Florida wants a backdoor into any end-to-end encrypted social media platforms that allow accounts for minors. This would likely lead to companies not offering end-to-end encryption to minors at all, making them less safe online.

Encryption is the best tool we have to protect our communication online. It’s just as important for young people as it is for everyone else, and the idea that Florida can “protect” minors by making them less safe is dangerous and dumb.

The bill is not only privacy-invasive, it’s also asking for the impossible. As breaches like Salt Typhoon demonstrate, you cannot provide a backdoor for just the “good guys,” and you certainly cannot do so for just a subset of users under a specific age. After all, minors are likely speaking to their parents and other family members and friends, and they deserve the same sorts of privacy for those conversations as anyone else. Whether social media companies provide “a mechanism to decrypt end-to-end encryption” or choose not to provide end-to-end encryption to minors at all, there’s no way that doesn’t harm the privacy of everyone.

If this all sounds familiar, that’s because we saw a similar attempt from an Attorney General in Nevada last year. Then, like now, the reasoning is that law enforcement needs access to these messages during criminal investigations. But this doesn’t hold true in practice.

In our amicus brief in Nevada, we point out that there are solid arguments that “content oblivious” investigation methods—like user reporting— are “considered more useful than monitoring the contents of users’ communications when it comes to detecting nearly every kind of online abuse.” That remains just as true in Florida today.

Law enforcement can and does already conduct plenty of investigations involving encrypted messages, and even with end-to-end encryption, law enforcement can potentially access the contents of most messages on the sender or receiver’s devices, particularly when they have access to the physical device. The bill also includes measures prohibiting minors from accessing any sort of ephemeral messaging features, like view once options or disappearing messages. But even with those features, users can still report messages or save them. Targeting specific features does nothing to protect the security of minors, but it would potentially harm the privacy of everyone.

Keep reading

Secretive Billionaire-Filled City in California Is One You’ve Likely Never Heard of—Because Residents Don’t Want You To

Tucked into the foothills of the San Gabriel Mountains is a tiny California town that is home to approximately 1,000 people and just 355 houses—yet it is also one of the wealthiest ZIP codes in the country, with many of its residents boasting either billionaire or multimillionaire statuses.

But unlike Beverly Hills or Bel-Air, the odds are that you have never heard of Bradbury, CA—largely because the wealthy and very secretive people who live there prize their privacy above all else, helping to turn the tony enclave into a veritable sanctuary for high net-worth individuals who want to hide their lives from prying eyes.

According to the Census Bureau‘s 2023 statistics, 39.5% of households in the community, which is bordered by Monrovia and Duarte and is located just a 20-minute drive east of Los Angeles, earn more than $200,000.

Keep reading

Beware: The ECB Digital Currency Is Coming

Christine Lagarde, president of the European Central Bank, has announced that the digital euro will be ready for October 2025.

However, she stressed the importance of moving forward with the legislative process that would impose the digital euro, urging the European Commission, the European Council, and member states parliaments to accelerate the laws and directives that are required to make the digital euro viable.

Why the rush? The European Central Bank’s losses have risen to 7.8 billion euros, and the European monetary authority has posted the second consecutive loss, while sovereign bonds in Europe have slumped again in the first two months of 2025. The ECB needs a digital euro to wash away its disastrous policy of the past decade.

The second reason is because confidence in the ECB’s policy is declining, sovereign bonds are not a reserve asset anymore, and inflation expectations rise. The hurry to impose the digital euro also comes at a time when European member states have announced large plans to spend, borrow, and invest in defense. Thus, the digital euro is critical to imposing the use of the euro as a currency, expanding the control of citizens, and disguising fiscal imbalances with a dangerous tool issued by a monetary institution that has lost most of its credibility in the past five years.

Remember that the ECB’s mandate is price stability, but inflation in the euro area has exceeded 22% in the past four years. At the same time, the European sovereign bond index has fallen by 14% since 2022.

There is another important reason to rush the digital euro. Global central banks and investment firms are concerned that European states will confiscate the assets of the Russian central bank, setting a dangerous precedent that could affect the assets of other non-European nations. As foreign funds fearing confiscation may leave the European financial system, the digital euro may be a useful tool to impose the use of the currency even if demand declines.

The digital euro, which Lagarde described in 2022 as “a digital banknote with a little less anonymity than the paper banknote because it is issued and guaranteed by the central bank,” is an unnecessary and dangerous tool.

Central Bank Digital Currencies (CBDCs) have been gaining attention as the technology of the future for monetary systems, but beneath their promise of efficiency and innovation lies a more pessimistic reality: they can serve as tools for surveillance, eroding personal privacy and financial freedom.

Keep reading

UK Tribunal Blocks Government’s Attempt to Keep Apple Surveillance Case Secret

With a necessary reality check, a UK tribunal has told the government that, no, it cannot hold a secret legal battle against Apple over encryption. The Investigatory Powers Tribunal (IPT), the body meant to oversee the country’s surveillance powers, has dismissed efforts by the Home Office to keep the entire case hidden from public view. And in doing so, it has delivered a quietly important win for press freedom and digital rights. Although, things are far from over.

The case revolves around Apple’s Advanced Data Protection system, or ADP. It’s a security feature that gives users the option to encrypt their iCloud data in a way that even Apple itself cannot access. Not through a backdoor, not with a master key, not at all. It’s the kind of robust end-to-end encryption that governments around the world have grown increasingly nervous about.

The UK, it turns out, is no exception.

Keep reading

UK Halts “Legal but Harmful” Censorship Rule Amid US Trade Pressure, But Online Safety Act Still Fuels Free Speech and Privacy Fears

Plans to implement sweeping content moderation powers for tech companies have been put on hold by the UK government, as concerns grow that reintroducing speech controls could disrupt sensitive trade discussions with President Donald Trump’s allies.

The British Government had been exploring a return to the abandoned “legal but harmful” proposal, a measure that would have forced online platforms to purge content deemed “harmful” yet not unlawful. But after internal pushback and a wary eye on Washington’s stance, the idea has been quietly dropped.

The original measure, introduced under Conservative leadership in 2022, triggered significant dissent, including from within the party itself. Conservative leader Kemi Badenoch, then serving as business secretary, dismissed the idea, warning it could mean “legislating for hurt feelings.” The proposal was ultimately replaced with tools that give individuals more choice over the material they encounter online rather than imposing top-down restrictions.

According to reports, the recent move to distance the government from any revival of the censorship clause comes amid Labour’s review of the Online Safety Act, launched after riots last summer linked to false claims about a Southport attacker. While that review sparked fresh debate over “misinformation,” officials have opted not to revisit the “legal but harmful” language, choosing instead to emphasize online protections for children.

Labour appears focused on building upon new safety measures coming into force this summer, including mandatory age checks for adult content. Technology Secretary Peter Kyle is working on a package aimed at strengthening youth safeguards, though these proposals stop well short of any return to compelled content takedowns.

“We are really committed to keeping children safe,” a government insider said. “Finally, the Online Safety Act is starting to have an impact, and we will see some enforcement action shortly. Age assurance will also be a massive step forward when it comes in the summer, but we’re actively exploring other ways of protecting children.”

​While the UK government’s removal of the “legal but harmful” provision from the Online Safety Act was intended to address concerns over free speech and censorship, significant issues remain. The Act still imposes broad duties on online platforms to assess and mitigate risks associated with user-generated content.

Keep reading

European Commission Revives Push for Encryption Backdoors in ProtectEU Strategy, Framing Mass Surveillance as “Lawful Access”

The EU is once again looking for a way to undermine end-to-end encryption in the name of strengthening law enforcement capabilities, this time via a new strategy, ProtectEU.

The internal security strategy, announced this week by the EU Commission, is presented as a “vision and workplan” that will span a number of years but stops short of making concrete policy proposals.

A press release asserts that the current geopolitical environment is one of “growing” threats from hostile states, and mentions powerful criminal groups and terrorists who are “operating increasingly online” – as well as “surging cybercrime and attacks against our critical infrastructure.”

With the threat elements defined in this way, the EU’s new strategy focuses on six areas, one of them being “more effective tools for law enforcement” – which is where online encryption comes under attack.

When it describes how the groundwork might be laid for mandating encryption backdoors, the EU chooses to use euphemisms such as creating roadmaps for “lawful and effective access to data for law enforcement” and seeking “technological solutions for accessing encrypted data.”

A technology roadmap on encryption would allow for these “solutions” to be found. The EU is not alone in searching for mechanisms to, eventually, legislate against encryption, but these initiatives are invariably met with warnings from both tech companies and civil rights and privacy advocates.

The key issue is that encryption provides both for private communications (which is what law enforcement wants access to) and also the technical security of those communications, financial transactions, etc.

The new EU strategy promises that cybersecurity and fundamental rights will be protected as a future encryption backdoor is implemented.

Keep reading

New FAA Rule Allows Private Jet Owners To Hide Travel Information From Public

The Federal Aviation Administration (FAA) is implementing a data privacy policy that allows people with private jets to hide travel information from the public.

Private aircraft owners and operators can now electronically request that the FAA withhold their aircraft registration information from public view,” the agency said in a March 28 statement.

“Starting today, they can submit a request through the Civil Aviation Registry Electronic Services (CARES) to withhold this information from public display on all FAA websites.”

In its statement, the FAA said the data protection decision was taken based on a privacy provision included in the FAA Reauthorization Act of 2024.

The provision allows aircraft owners to request that certain personally identifiable information not be made publicly available via FAA websites.

“The FAA will publish a request for comment in the Federal Register to seek input on this measure, including whether removing the information would affect the ability of stakeholders to perform necessary functions, such as maintenance, safety checks, and regulatory compliance,” said the agency.

“The FAA is also evaluating whether to default to withholding the personally identifiable information of private aircraft owners and operators from the public aircraft registry.”

While some say that such trackers allow people to record carbon emission info, there have been concerns that monitoring aircraft movements puts at risk the people who use that mode of transportation, often high-profile individuals.

The new rule could negatively affect jet trackers that use FAA information as a key source to track and report flight details of famous personalities.

In December 2023, attorneys for Taylor Swift issued a cease-and-desist letter to a university student, blaming his automated tracking of her private jet travel for revealing the celebrity’s whereabouts to stalkers.

Keep reading

Which AI Chatbots Collect The Most Data About You?

The harbinger of the AI revolution, ChatGPT, remains the most popular AI tool on the market, with more than 200 million weekly active users.

But amongst all its competitors, which AI chatbots are collecting the most user data? And why does that matter?

Visual Capitalist’s Marcus Lu visualizes data from Surfshark which identified the most popular AI chatbots and analyzed their privacy details on the Apple App Store.

At first place, Google’s Gemini (released March, 2023) collects 22 different data points across 10 categories, from its users.

Data collected ranges from general diagnostics (that all bots in this study collect) to access to contacts (that no other bot identified collects).

xAI’s Grok (released November, 2023) collects the least unique data points (7).

China’s DeepSeek (released Jan 2025), sits comfortably in the middle of the pack at 11 points.

The kind of data collected by each of these AI tools varies. All of them collected general diagnostics information. However, only Gemini and Perplexity look at purchases.

And then, nearly all but Perplexity.ai and Grok collect user content.

Keep reading

The Stablecoin Trap: The Backdoor To Total Financial Control

The walls are closing in on your financial freedom—but not in the way most Americans believe.

While the debate rages over the future threat of Central Bank Digital Currencies (CBDCs), a far more insidious reality has already taken hold: our existing financial system already functions as a digital control grid, monitoring transactions, restricting choices, and enforcing compliance through programmable money.

For over two years, my wife and I have traveled across 22 states warning about the rapid expansion of financial surveillance. What began as research into cryptocurrency crackdowns revealed something far more alarming: the United States already operates under what amounts to a CBDC.

  • 92% of all US dollars exist only as entries in databases.
  • Your transactions are monitored by government agencies—without warrants.
  • Your access to money can be revoked at any time with a keystroke.

The Federal Reserve processes over $4 trillion daily through its Oracle database system, while commercial banks impose programmable restrictions on what you can buy and how you can spend your own money. The IRS, NSA, and Treasury Department collect and analyze financial data without meaningful oversight, weaponizing money as a tool of control. This isn’t speculation—it’s documented reality.

Now, as President Trump’s Executive Order 14178 ostensibly “bans” CBDCs, his administration is quietly advancing stablecoin legislation that would hand digital currency control to the same banking cartel that owns the Federal Reserve. The STABLE Act and GENIUS Act don’t protect financial privacy—they enshrine financial surveillance into law, requiring strict KYC tracking on every transaction.

This isn’t defeating digital tyranny—it’s rebranding it.

Keep reading

“MyTerms” wants to become the new way we dictate our privacy on the web

Author, journalist, and long-time Internet freedom advocate Doc Searls wants us to stop asking for privacy from websites, services, and AI and start telling these things what we will and will not accept.

Draft standard IEEE P7012, which Searls has nicknamed “MyTerms” (akin to “Wi-Fi”), is a Draft Standard for Machine Readable Personal Privacy Terms. Searls writes on his blog that MyTerms has been in the works since 2017, and a fully readable version should be ready later this year, following conference presentations at VRM Day and the Internet Identity Workshop (IIW).

The big concept is that you are the first party to each contract you have with online things. The websites, apps, or services you visit are the second party. You arrive with either a pre-set contract you prefer on your device or pick one when you arrive, and it tells the site what information you will and will not offer up for access to content or services. Presumably, a site can work with that contract, modify itself to meet the terms, or perhaps tell you it can’t do that.

The easiest way to set your standards, at first, would be to pick something from Customer Commons, which is modeled on the copyleft concept of Creative Commons. Right now, there’s just one example up: #NoStalking, which allows for ads but not with data usable for “targeted advertising or tracking beyond the primary service for which you provided it.” Ad blocking is not addressed in Searls’ post or IEEE summary, but it would presumably exist outside MyTerms—even if MyTerms seems to want to reduce the need for ad blocking.

Searls and his group are putting up the standards and letting the browsers, extension-makers, website managers, mobile platforms, and other pieces of the tech stack craft the tools. So long as the human is the first party to a contract, the digital thing is the second, a “disinterested non-profit” provides the roster of agreements, and both sides keep records of what they agreed to, the function can take whatever shape the Internet decides.

Keep reality