9 – Breaking News & Latest Updates 2026
Skip to main content
The homepageThe VergeThe Verge logo.
The homepageThe VergeThe Verge logo.

Privacy

As gadgets and services get smarter, they need more data, and face the hard problem of keeping it safe. Data privacy has become a huge problem for Google, Facebook, Amazon, and any company using artificial intelligence to power its services — and a major sticking point for lawmakers looking to regulate. Here’s all the news on data privacy and how it’s changing tech.

Wes Davis
Wes Davis
“Why do the stupid M&M machines have facial recognition?”

A student at the University of Waterloo in Canada asked that in a post showing a vending machine error message that revealed a facial recognition app had failed.

Student publication mathNEWS found that the machine’s maker, Invenda, advertises that it gathers “estimated ages and genders of every client.” But don’t worry, Invenda told Ars Technica the machines are “fully GDPR compliant.”

The school is reportedly removing the machines.

A picture of an out-of-order vending machine message showing the error pop-up.
Oops, you weren’t supposed to see this.
Image: SquidKid47
Wes Davis
Wes Davis
“Machines don’t get tired.”

So said TSA executive director of checkpoint tech Melissa Conley of airports’ use of facial recognition, in a New York Times story today.

70 percent of worldwide airlines may use biometric security by 2026 according to a report cited in the article. Yet the ACLU told the Times the tech still presents surveillance and discrimination concerns. That’s not to mention it could fail to work for tens of thousands of travelers every day.

Don’t date robots — their privacy policies are terribleDon’t date robots — their privacy policies are terrible
DuckDuckGo’s privacy browser adds built-in password syncingDuckDuckGo’s privacy browser adds built-in password syncing
Jon Porter
Jon Porter
WhatsApp works to close a linked devices loophole for locked chats.

Although you can currently “Chat Lock” sensitive WhatsApp conversations to put them in a password- or biometrics-protected folder, the same protection doesn’t carry across to other devices you’ve got linked to your account.

But code spotted in the WhatsApp’s Android app suggests that could soon change. “We also locked this chat on your linked device,” reads a screenshot of the in-development feature posted by WABetaInfo.

WhatsApp beta for Android 2.24.4.14: what's new? | WABetaInfo

[WABetaInfo]

Amrita Khalid
Amrita Khalid
Fake LastPass phishing app nabs a five-star rating on Apple’s App Store.

The slyly named “LassPass” has earned five stars on Apple’s App Store with just five reviews in total, noted Bleeping Computer — more evidence on how easily ratings can be manipulated. Apple has since removed the app.

As Sean Hollister wrote back in 2021, fraudulent ratings have poisoned Apple’s app review system.

Screenshot of “LassPass” app on Apple’s App Store.
Screenshot of “LassPass” app on Apple’s App Store.
Amrita Khalid/The Verge
Google’s use of student data could effectively ban Chromebooks from Denmark schoolsGoogle’s use of student data could effectively ban Chromebooks from Denmark schools
Quentyn Kennemer
Quentyn Kennemer
The FTC gets to keep fighting a company that quietly sells your location data.

Ars Technica reports that a federal judge won’t dismiss the case against Kochava. The lawsuit alleges that the app analytics firm lets advertisers track customers’ names, addresses, and specific geolocation information.

Kochava says its sales are legally compliant and it can’t be held responsible for bad-faith actors, even after the FTC used examples from similar cases to demonstrate how easily someone could trace your steps to sensitive venues like abortion clinics or religious halls.

Data broker allegedly selling de-anonymized info to face FTC lawsuit after all

[Ars Technica]

Mozilla’s new service tries to wipe your data off the webMozilla’s new service tries to wipe your data off the web
Amrita Khalid
Amrita Khalid
US plans visa bans for people connected to spyware that targets journalists and activists.

The State Department can restrict visas to individuals linked to the illegal use of commercial spyware, Secretary of State Antony Blinken announced. The new policy covers investors and heads of companies, as well as those acting on behalf of governments that carry out illegal surveillance.

The policy will be applied using the information in an individual’s visa application, a senior official told reporters.

The US has already placed export limits on spyware firms like Pegasus maker NSO, and Candiru.

Announcement of a Visa Restriction Policy to Promote Accountability for the Misuse of Commercial Spyware - United States Department of State

[United States Department of State]

How to keep track of friends and family on your iPhoneHow to keep track of friends and family on your iPhone
Ring steps back from sharing video with police — mostlyRing steps back from sharing video with police — mostly
Rep. Ro Khanna on what it will take for Congress to regulate AI, privacy, and social media

The Democratic representative from California, whose district includes Apple and Nvidia, discusses the future of tech regulation and the 2024 election.

Nilay Patel
Wes Davis
Wes Davis
What could go wrong if police run facial recognition on an AI-generated face based on old DNA?

Wired tells the story of California detectives who tried to use facial recognition to identify a face made with machine learning and crime scene DNA by phenotyping company Parabon NanoLabs. That’s not a good idea, said Parabon’s director of bioinformatics, Ellen Greytak:

“What we are predicting is more like — given this person’s sex and ancestry, will they have wider-set eyes than average,” she says. “There’s no way you can get individual identifications from that.”

On a related note, a Senate Judiciary Committee hearing on AI in criminal investigations is set for Wednesday.

Cops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on It

[WIRED]

Amrita Khalid
Amrita Khalid
The FTC bans another data broker from selling your location data.

Not only did InMarket Media sell precise location data without asking users for their consent, the data broker didn’t inform the third-party apps using its SDK, the FTC found.

The company’s shopping apps CheckPoints and ListEase requested user location to dole out things like rewards points or reminders — but also secretly used the data for targeted ads.

The regulator recently issued a similar ban on Outlogic.

FTC Order Will Ban InMarket from Selling Precise Consumer Location Data

[Federal Trade Commission]

48,000 companies sent Facebook data on a single person48,000 companies sent Facebook data on a single person
Google will now let EU users select which services share their data, thanks to the DMAGoogle will now let EU users select which services share their data, thanks to the DMA
Emma Roth
Emma Roth
The FCC wants to know what automakers are doing to protect domestic violence survivors.

Chairwoman Jessica Rosenworcel wrote letters to nine major automakers, including GM, Toyota, Ford, and Tesla, to ask what kind of data they collect about their drivers and how they protect their privacy. Rosenworcel sent similar letters to Verizon, AT&T, and T-Mobile, too.

The letters came in response to a report from The New York Times last month, which detailed how a domestic violence survivor was harassed by her abuser using her car’s connected services. “We must do everything we can to help survivors stay safe,” Rosenworcel said. “We need to work with auto and wireless industry leaders to find solutions.”

Chairwoman on Safe Connected Cars for Domestic Violence Survivors

[www.fcc.gov]

FTC bans major data broker from selling invasive location tracking detailsFTC bans major data broker from selling invasive location tracking details
Supreme Court rejects decade-old Twitter First Amendment caseSupreme Court rejects decade-old Twitter First Amendment case
Emma Roth
Emma Roth
23andMe blames security breach on users who “negligently” recycled passwords.

The company has issued a response to the customers who are now suing it over last year’s breach. In a letter obtained by TechCrunch, the company says the hack “was not a result of 23andMe’s alleged failure to maintain reasonable security measures” and instead had to do with users’ failure to reset their passwords.

23andMe admitted that hackers accessed the information belonging to 6.9 million users last December, but it claims the information obtained “cannot be used for any harm.”

23andMe tells victims it's their fault that their data was breached | TechCrunch

[TechCrunch]

Richard Lawler
Richard Lawler
Google has agreed to settle a lawsuit over Chrome’s incognito mode.

In August, Judge Yvonne Gonzalez Rogers denied Google’s attempt to end a class-action lawsuit filed in 2020 that claims it illegally invaded the privacy of millions by tracking browsing activity even with “incognito mode” activated in Chrome and other browsers.

Now, the February 5th trial date is off, as the parties say they have agreed to a settlement and will present a formal agreement for court approval within the next 60 days.

Google agrees to settle Chrome incognito mode class action lawsuit

[Ars Technica]

The FTC proposes new rules to curb the monetization of children’s dataThe FTC proposes new rules to curb the monetization of children’s data
Rite Aid hit with five-year facial recognition ban over ‘reckless’ useRite Aid hit with five-year facial recognition ban over ‘reckless’ use
Wes Davis
Wes Davis
NordVPN now has an Apple TV app.

The company says in its announcement that the app, which uses Nord’s WireGuard-based NordLynx VPN protocol, will let users watch shows they’re following while abroad and prevent ISPs from identifying and throttling streaming content.

NordVPN was initially skeptical that Apple would place limitations on Apple TV’s native VPN support, but later said it was working on an app.

Introducing NordVPN for tvOS

[NordVPN]

Wes Davis
Wes Davis
The scam behind wrong number and romance scams.

The New York Times published an investigative piece on the slave labor behind some of those innocuous-seeming crypto scam texts and calls.

The story focuses on one person who escaped from a compound where he was where he was forced to carry out intricate online romance scams involving crypto. The money earned from these scams is then laundered through other countries, including the US.

A word of warning: This story has descriptions of torture and captivity.

7 Months Inside an Online Scam Labor Camp

[The New York Times]

US Congress pushes warrantless wiretapping decision off until April next yearUS Congress pushes warrantless wiretapping decision off until April next year
Google will update Maps to prevent authorities from accessing location history dataGoogle will update Maps to prevent authorities from accessing location history data
Adi Robertson
Adi Robertson
The case for asking the Supreme Court whether cops can make you unlock your phone.

Hot off a recent Utah Supreme Court decision, legal blogger Orin Kerr lays out the legal conundrum around whether you can be legally compelled to provide a passcode or password (and how that’s actually slightly different from, but closely related to, having to unlock your phone):

The lower court caselaw is a total mess. No one can say what the law is. And I’ve been waiting for a case to come down that might be a good candidate for U.S. Supreme Court review to clear up the mess.

Here’s a possibility: The Utah Supreme Court’s ruling today in State v. Valdez.

Is Compelled Decryption Heading to the Supreme Court?

[Reason.com]

Google will turn off third-party tracking for some Chrome users soonGoogle will turn off third-party tracking for some Chrome users soon
Proton Mail finally gets a desktop app for encrypted email and calendarProton Mail finally gets a desktop app for encrypted email and calendar
Apple will make it harder for governments to get your push notificationsApple will make it harder for governments to get your push notifications
23andMe admits hackers accessed 6.9 million users’ DNA Relatives data23andMe admits hackers accessed 6.9 million users’ DNA Relatives data
Jon Porter
Jon Porter
EU consumer groups aren’t happy with Meta’s paid ad-free service.

A month after Meta announced new subscriptions that give users the choice between paying or giving their “consent” to being tracked and shown ads, the European Consumer Organisation (BEUC) and 18 of its members have filed a complaint, Reuters reports. “People should not be asked to pay for protecting their privacy,” it says. A first step in what’s likely to be a long legal battle.

Meta Platforms' paid ad-free service is targeted in EU consumer groups' complaint

[Reuters]

Sunbird is shutting down its iMessage app for AndroidSunbird is shutting down its iMessage app for Android
Your car can keep collecting your data after a judge dismissed a privacy lawsuitYour car can keep collecting your data after a judge dismissed a privacy lawsuit
WhatsApp head confirms in-app ads are still in the worksWhatsApp head confirms in-app ads are still in the works
Google, Meta, Discord, and more team up to fight child abuse onlineGoogle, Meta, Discord, and more team up to fight child abuse online
YouTube’s ad blocking crackdown is facing a new challenge: privacy lawsYouTube’s ad blocking crackdown is facing a new challenge: privacy laws
Proton’s password manager now lets you securely share loginsProton’s password manager now lets you securely share logins

Most Popular

Most Popular
  1. Trump fires the entire National Science Board
  2. Alex Jones has uncovered another massive conspiracy
  3. 360-degree cameras have a new superpower
  4. The US gets the worst phones
  5. THE PEOPLE DO NOT YEARN FOR AUTOMATION
    Video