Yazılar

UK Demands Unprecedented Access to Apple Users’ Encrypted Cloud Data

/in /tarafından

The UK government has reportedly ordered Apple to provide broad access to encrypted user data stored on its cloud service, according to a Washington Post report on Friday. This request is reportedly far-reaching, as it seeks blanket access to all encrypted data, rather than just a specific account, making it one of the most expansive demands in major democracies.

The order comes under the UK’s Investigatory Powers Act of 2016, which allows the government to intercept communications and obtain data for security purposes. However, the level of access demanded from Apple in this case has never been requested before. The UK Interior Ministry has declined to comment, and Apple did not respond to inquiries outside of regular business hours.

Apple’s cloud services offer a feature called Advanced Data Protection, allowing users to lock their data with encryption that only they can unlock. This system is a safeguard that even Apple cannot override, ensuring user privacy. However, the UK government’s demand seeks to bypass these privacy protections, raising significant concerns about privacy and encryption rights.

This order follows a broader UK initiative to update its laws, including changes to the Investigatory Powers Act and the introduction of the Online Safety Act of 2023. The latter requires companies to address harmful content, such as child sexual abuse material, on their platforms, but tech firms like Meta (with WhatsApp) and Signal have voiced concerns about how such regulations could undermine encryption.

In the past, Apple has resisted similar government demands. In 2016, the company fought off a U.S. court order to unlock an encrypted iPhone connected to a terrorist attack in San Bernardino, California.

Italy’s Data Regulator Blocks DeepSeek AI Chatbot Over Privacy Concerns

/in /tarafından

Italy’s data protection authority, the Garante, has ordered Chinese AI startup DeepSeek to block its chatbot in the country after the company failed to address concerns over its privacy practices. The regulator had questioned DeepSeek about its handling of personal data, including details on what data is collected, its sources, the purposes for which it is used, its legal basis, and whether it is stored in China.

The Garante’s decision came after the company provided what was deemed “totally insufficient” information, prompting the watchdog to take immediate action to protect Italian users’ privacy. DeepSeek has yet to comment on the ruling.

The Chinese startup, which recently claimed that its AI models rival or outperform industry-leading U.S. models at a fraction of the cost, has made headlines for surpassing ChatGPT as the top-rated free app on Apple’s App Store in the U.S. However, its swift rise has drawn increasing scrutiny over data protection.

The Garante’s order, which took effect immediately, also includes an investigation into DeepSeek’s data handling practices. Meanwhile, other European regulators, including those in France and Ireland, are investigating the chatbot’s privacy policy.

In response to Italy’s concerns, DeepSeek stated that it had removed its AI assistant from Italian app stores after facing scrutiny. However, Agostino Ghiglia, a member of the Garante board, revealed that the company’s stance—which claimed it was not subject to Italian regulation—further aggravated the situation, prompting the block. Ghiglia emphasized that DeepSeek’s lack of cooperation had made the situation worse.

As of Friday, some Italian users who had previously downloaded the app reported that the chatbot was still functional on their devices, and the web version of the service remained operational. The Garante emphasized that citizens must have the right to consent based on how their data is handled, especially when servers in countries outside the EU, such as China, may not provide the same privacy guarantees as European standards.

The Garante has been at the forefront of data protection in Europe, with a history of taking action against companies, including a brief ban on Microsoft-backed ChatGPT two years ago over potential privacy rule violations.

 

French Privacy Watchdog to Investigate DeepSeek Over AI and Data Protection

/in /tarafından

France’s data privacy authority, the CNIL, announced on Thursday that it will question DeepSeek to assess the workings of its AI system and potential privacy risks for users. The Chinese AI startup gained international attention after revealing that training its DeepSeek-V3 model required less than $6 million in Nvidia H800 computing power.

A CNIL spokesperson confirmed that its AI department is currently analyzing DeepSeek’s tool and will engage with the company to understand its system and data protection measures. The French regulator is among the most active in Europe, having previously fined tech giants like Google and Meta for privacy violations.

DeepSeek is also under scrutiny in other parts of Europe. Italy’s data protection authority recently requested details on its handling of personal data, while Ireland’s Data Protection Commission has inquired about data processing practices related to Irish users.

The European Union maintains strict privacy protections under its General Data Protection Regulation (GDPR), widely regarded as one of the world’s most comprehensive data privacy laws. GDPR violations can result in fines of up to 4% of a company’s global revenue. Additionally, new EU AI regulations impose transparency obligations on high-risk AI models, with penalties ranging from 7.5 million euros (or 1.5% of turnover) to 35 million euros (or 7% of global turnover), depending on the severity of violations.

As regulatory scrutiny intensifies, DeepSeek faces mounting pressure to demonstrate compliance with European data protection standards.