Tag: privacy

40 Attorneys General Urge Congress to ‘Tie Online Access to ID’

Forty state attorneys general (AGs) last week urged federal lawmakers to pass a bill that could ultimately require people to digitally verify their identity to access the internet, according to privacy and free speech watchdog group Reclaim The Net.

In a Feb. 10 letter, the AGs backed the U.S. Senate version of the Kids Online Safety Act. They did not support the U.S. House of Representatives version, which differs in key ways.

If passed, the Senate bill would require government officials and agencies to figure out how computers, cellphones and operating systems could verify people’s age. The bill states:

“The Secretary of Commerce, in coordination with the Federal Communications Commission and the Federal Trade Commission, shall conduct a study evaluating the most technologically feasible methods and options for developing systems to verify age at the device or operating system level.”

The federal officials and agencies would be required to submit a report of their findings to Congress within a year.

Designing cellphones and computer operating systems to verify a user’s age would bring the U.S. another step closer to cementing a digital ID system, Reclaim The Net reported. In an article titled “40 State Attorneys General Want To Tie Online Access to ID,” it wrote:

“Device-level verification would likely depend on digital identity checks tied to government-issued identification, third-party age verification vendors, or persistent account authentication systems. …

“… Once age checks are embedded at the operating system level, the boundary between verifying age and verifying identity becomes difficult to maintain.”

Greg Glaser, a digital privacy expert and attorney, agreed. “By embedding identity checks into apps, hardware, or operating systems, the bill would create a de facto digital ID checkpoint for broad internet use,” he said.

Keep reading

Zuckerberg’s “Fix” for Child Safety Could End Anonymous Internet Access for Everyone

Mark Zuckerberg spent more than five hours on the stand in Los Angeles Superior Court on Wednesday, testifying before a jury for the first time about claims that Meta deliberately designed Instagram to addict children.

The headline from most coverage was the spectacle: an annotated paper trail of internal emails, a 35-foot collage of the plaintiff’s Instagram posts unspooled across the courtroom, a CEO growing visibly agitated under cross-examination.

The more important story is what Wednesday’s proceedings are being used to build.

The trial is framed as a child safety case. What it is actually doing, especially through Zuckerberg’s own testimony, is laying the political and legal groundwork for mandatory identity verification across the internet.

And Zuckerberg, rather than pushing back on that outcome, offered the court his preferred implementation plan.

Keep reading

Texas Sues Drone Maker Anzu Over Alleged Ties to CCP

Texas Attorney General Ken Paxton is suing drone-maker Anzu Robotics, alleging that the U.S.-based company misled consumers and concealed its ties with the Chinese communist regime.

Paxton announced the lawsuit on Feb. 19, accusing the Texas-based startup of rebranding products sourced from Chinese drone giant Da Jiang Innovations, commonly known as DJI.

Founded in the southern Chinese city of Shenzhen in 2006, DJI has been flagged by U.S. regulators as a security risk because of its ties to the Chinese Communist Party (CCP).

The U.S. Commerce Department added DJI to its export control list in 2020 for aiding the CCP’s human rights abuses. The Treasury banned U.S.-based individuals from trading DJI shares the following year because of similar concerns. The Pentagon blacklisted DJI as a Chinese military company in 2022, noting that the Chinese regime requires all Chinese companies to allow it to use them as part of its military-civil fusion strategy.

In the lawsuit, Paxton accused Anzu of making false and misleading representations to Texans about its business relationship with DJI, data-sharing practices, and software development.

Anzu markets itself as an American-owned, made-in-Malaysia alternative, but much of its drone technology is licensed from DJI, which receives payments for every drone that Anzu orders, the complaint alleges.

Keep reading

Spanish Court Orders NordVPN and Proton VPN to Block Piracy Streams

Spain’s soccer league has found a new target in its fight against pirate streams: the VPNs people use to protect their privacy online.

A court in Córdoba has ordered NordVPN and Proton VPN to block specific IP addresses broadcasting illegal LaLiga matches, requiring both companies to alter their “internal systems” to make those addresses “inaccessible from Spain.”

The ruling was issued without notifying either provider. Neither could challenge it before it took effect. The court says it cannot be appealed at all.

LaLiga and Telefónica Audiovisual Digital brought the case to Commercial Court No. 1 of Córdoba, framing the measures as “precautionary” and taken in “defense of [LaLiga] clubs’ audiovisual rights.”

The court’s theory of liability is that VPNs are “contributing” to piracy simply by doing what VPNs do, letting users change their IP address and location. The order also notes that VPNs “acknowledge and advertise” their effectiveness at evading internet restrictions. Offering a privacy tool that works, in other words, is now evidence of wrongdoing.

Both companies found out about the ruling the same way everyone else did. NordVPN and Proton have said that they have received no notice of this.

Keep reading

UK Government Plans to Use Delegated Powers to Undermine Encryption and Expand Online Surveillance

The UK government wants to scan people’s photos before they send them. Not just children’s photos. Everyone’s.

Technology Secretary Liz Kendall spelled it out on BBC Breakfast, floating a proposal to “block photographs being sent that are potentially nude photographs by anybody or block children from sending those.” That second clause is the tell. Blocking “anybody” from sending potentially nude images requires scanning everybody’s messages. There’s no technical path to that outcome that doesn’t involve reading content the sender assumed was private.

Kendall said the government is conducting a consultation on “whether we should have age limits on things like live streaming” and whether there should be “age limits on what’s called stranger pairing, for example, on games online.” The consultation, she said, will look at all of these. That list now covers messaging apps, photo sharing, gaming, and live streaming. Any feature that lets you share an image with another person potentially falls inside it.

This is how the mandate grows. The government announced a push for new delegated powers on February 16, framing them around age verification for social media and VPNs.

Keep reading

ProtonMail Logs Activist’s IP Address With Authorities After Swiss Court Order

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France.

The Switzerland-based company said it received a “legally binding order from the Swiss Federal Department of Justice” related to a collective called Youth for Climate, which it was “obligated to comply with,” compelling it to handover the IP address and information related to the type of device used by the group to access the ProtonMail account.

On its website, ProtonMail advertises that: “No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.”

Despite its no IP logs claims, the company acknowledged that while it’s illegal for the company to abide by requests from non-Swiss law enforcement authorities, it will be required to do so if Swiss agencies agree to assist foreign services such as Europol in their investigations.

“There was no possibility to appeal or fight this particular request because an act contrary to Swiss law did in fact take place (and this was also the final determination of the Federal Department of Justice which does a legal review of each case),” the company said in a lengthy response posted on Reddit.

Put simply, ProtonMail will not only have to comply with Swiss government orders, it will be forced to hand over relevant data when individuals use the service to engage in activities that are deemed illegal in the country. This includes monitoring IP addresses from users in “extreme criminal cases,” according to its transparency report.

“Proton must comply with Swiss law. As soon as a crime is committed, privacy protections can be suspended and we’re required by Swiss law to answer requests from Swiss authorities,” ProtonMail founder and CEO Andy Yen tweetedadding “It’s deplorable that legal tools for serious crimes are being used in this way. But by law, [ProtonMail] must comply with Swiss criminal investigations. This is obviously not done by default, but only if legally forced.”

If anything, ProtonMail users who are concerned about the visibility of their IP addresses should use a VPN or access the email service over the Tor network for additional anonymity.

“The prosecution in this case seems quite aggressive. Unfortunately, this is a pattern we have increasingly seen in recent years around the world (for example in France where terror laws are inappropriately used),” the company said.

Keep reading

Keir Starmer Considers VPN ID Checks as UK Expands Online Safety Act Powers

Having already installed itself as the nation’s digital nanny with its online censorship law, the Online Safety Act, the government is now peering into the last remaining corner of online privacy and wondering whether it, too, might benefit from a sturdy padlock.

Prime Minister Keir Starmer has confirmed that ministers are examining new powers to move beyond social media age limits and into the architecture of private browsing itself. The latest idea involves ID checks for VPN use and chatbots.

Naturally, this is all for the children.

A VPN, or virtual private network, is often treated like a villainous contraption, but it’s actually a tool that encrypts your internet traffic and masks your location. In plain English, it stops internet providers, advertisers, and sometimes governments from tracking what you read, watch, or search.

Keep reading

‘No Privacy’ CBDCs Will Come, Warns Billionaire Ray Dalio

American billionaire and hedge fund manager Ray Dalio has warned that central bank digital currencies (CBDCs) are coming, offering benefits but also potentially allowing governments to exert more control over people’s finances.

“I think it will be done,” said Dalio on CBDCs in a wide-ranging interview on the Tucker Carlson Show on Monday, which also included topics on the US debt crisis, gold prices, and even a potential civil war. 

Ray Dalio is a billionaire hedge fund manager who has been co-chief investment officer of Bridgewater Associates since 1985, after founding the firm in 1975. 

During the interview, Dalio said CBDCs could be appealing due to the ease of transactions, likening them to money market funds in terms of functionality, but he also cautioned about their downsides.

He said there will be a debate, but CBDCs “probably won’t” offer interest, so they will not be “an effective vehicle to hold because you’ll have the depreciation [of the dollar].”

Dalio also cautioned that all CBDC transactions will be known to the government, which is good for controlling illegal activity, but also provides a great deal of control in other areas. 

“There will be no privacy, and it’s a very effective controlling mechanism by the government.”

Keep reading

EU Law Could Extend Scanning of Private Messages Until 2027

The European Parliament is considering another extension of Chat Control 1.0, the “temporary” exemption that allows communications providers to scan private messages (under the premise of preventing child abuse) despite the protections of the EU’s ePrivacy Directive.

draft report presented by rapporteur Birgit Sippel (S&D) would prolong the derogation until April 3, 2027.

At first glance, the proposal appears to roll back some of the most controversial elements of Chat Control. Text message scanning and automated analysis of previously unknown images would be explicitly excluded. Supporters have framed this as a narrowing of scope.

However, the core mechanism of Chat Control remains untouched.

The draft continues to permit mass hash scanning of private communications for so-called “known” material.

According to former MEP and digital rights activist Patrick Breyer, approximately 99 percent of all reports generated under Chat Control 1.0 originate from hash-based detection.

Almost all of those reports come from a single company, Meta, which already limits its scanning to known material only. Under the new proposal, Meta’s practices would remain fully authorized.

As a result, the draft would not meaningfully reduce the volume, scope, or nature of surveillance. The machinery keeps running, with a few of its most visibly controversial attachments removed.

Hash scanning is often portrayed as precise and reliable. The evidence points in the opposite direction.

First, the technology is incapable of understanding context or intent. Hash databases are largely built using US legal definitions of illegality, which do not map cleanly onto the criminal law of EU Member States.

The German Federal Criminal Police Office (BKA) reports that close to half of all chat control reports are criminally irrelevant.

Each false positive still requires assessment, documentation, and follow-up. Investigators are forced to triage noise rather than pursue complex cases involving production, coercion, and organized abuse.

The strategic weakness is compounded by a simple reality. Offenders adapt. As more services adopt end-to-end encryption, abusers migrate accordingly. Since 2022, the number of chat-based reports sent to police has fallen by roughly 50 percent, not because abuse has declined, but because scanning has become easier to evade.

“Both children and adults deserve a paradigm shift in online child protection, not token measures,” Breyer said in a statement to Reclaim The Net.

“Whether looking for ‘known’ or ‘unknown’ content, the principle remains: the post office cannot simply open and scan every letter at random. Searching only for known images fails to stop ongoing abuse or rescue victims.”

Keep reading

EU Targets VPNs as Age Checks Expand

Australia’s under-16 social media restrictions have become a practical reference point for regulators who are moving beyond theory and into enforcement.

As the system settles into routine use, its side effects are becoming clearer. One of the most visible has been the renewed political interest in curbing tools that enable private communication, particularly Virtual Private Networks. That interest carries consequences well beyond “age assurance.”

January 2026 briefing we obtained from the European Parliamentary Research Service traces a sharp rise in VPN use following the introduction of mandatory age checks.

The report notes “a significant surge in the number of virtual private networks (VPNs) used to bypass online age verification methods in countries where these have been put in place by law,” placing that trend within a broader policy environment where “protection of children online is high on the political agenda.”

Australia’s experience fits this trajectory. As age gates tighten, individuals reach for tools that reduce exposure to monitoring and profiling. VPNs are the first port of call in that response because they are widely available, easy to use, and designed to limit third-party visibility into online activity.

The EPRS briefing offers a clear description of what these tools do. “A virtual private network (VPN) is a digital technology designed to establish a secure and encrypted connection between a user’s device and the internet.”

It explains that VPNs hide IP addresses and route traffic through remote servers in order to “protect online communications from interception and surveillance.” These are civil liberties functions, not fringe behaviors, and they have long been treated as legitimate safeguards in democratic societies.

Keep reading