Yazılar

Apple Suspends Advanced Data Protection Feature in the UK Due to Government Pressure

/in /tarafından

Apple has announced it is pulling its most advanced security feature, Advanced Data Protection (ADP), from the UK in response to government pressure demanding access to user data. This decision marks an unprecedented move by the tech giant, which had previously touted ADP as a significant advancement in user privacy. The feature, designed to provide end-to-end encryption across a broad spectrum of cloud data, will no longer be available to new users in Britain. Those who attempt to activate the feature will receive an error message starting Friday.

Existing users of ADP in the UK will eventually be required to disable the security feature, signaling a significant shift in how Apple handles data privacy in the country. With ADP, Apple had ensured that even it could not access certain types of user data, such as iCloud backups and iMessages. The removal of this encryption means that iCloud backups in the UK will now be less secure, allowing Apple to access user data and potentially provide it to authorities if legally compelled to do so.

This change has raised concerns among privacy advocates who view end-to-end encryption as a critical safeguard against surveillance and unauthorized data access. Apple had positioned ADP as a major step forward in protecting users’ personal information from hackers, cybercriminals, and even governmental overreach. However, with the UK government pushing for greater access to encrypted data in the name of national security, Apple has been forced to make this difficult concession.

While the company has not specified the exact legal demands that led to the removal of ADP in the UK, this move suggests increasing tension between tech companies and governments over the balance between privacy and law enforcement needs. As the situation unfolds, Apple’s decision may set a precedent for other tech giants and could signal a shift in how encryption technologies are implemented globally.

Biden Administration Proposes Stricter Cybersecurity Rules for Healthcare Data Protection

/in /tarafından

The Biden administration has unveiled a proposal to strengthen cybersecurity requirements for healthcare organizations, aiming to mitigate the impact of data breaches like those targeting Ascension and UnitedHealth.

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, highlighted the urgent need for these measures, citing the exposure of sensitive healthcare data of over 167 million Americans in 2023 due to cyberattacks. The proposed regulations emphasize encrypting healthcare data to render it inaccessible if leaked and implementing regular compliance checks to ensure adherence to cybersecurity standards.

The detailed proposed rule was published in the Federal Register, with a summary provided by the Department of Health and Human Services (HHS) on its website. If adopted, the rule would update HIPAA (Health Insurance Portability and Accountability Act) standards, with an estimated cost of $9 billion in the first year and $6 billion annually for the following four years.

Healthcare cyberattacks, including hacking and ransomware incidents, have surged by 89% and 102%, respectively, since 2019, according to Neuberger. Hospitals have faced operational disruptions, while leaked healthcare data, including mental health records, has appeared on the dark web, raising concerns about potential blackmail.

An Office for Civil Rights spokesperson stated that these proposals aim to significantly enhance cybersecurity and protect Americans’ health information. The public will have 60 days to provide feedback before the rules are finalized.