Internet News

Google and Apple will soon be required to verify app store users ID/ages in Texas, after Governor Greg Abbott signed the rule into law on Tuesday.

The Texas App Store Accountability Act follows similar legislation that passed in Utah earlier this year, although it requires the app stores to collect even more user data. Enforcement of the Texas law is set to begin at the start of next year -- giving app stores several months to determine how they will collect this information. The bill was passed with super-majority approval by the Texas House and Senate.

An Apple spokesperson responded in a statement:

We believe there are better proposals that help keep kids safe without requiring millions of people to turn over their personal information.

Apple CEO Tim Cook called Abbott earlier this month to encourage him not to sign the bill as written.

Like Utah's law, the Texas bill requires app stores to verify all users ages and obtain parental consent before minor users download or make a purchase through an app. Theyre also required to share age categories -- child, young teenager, older teenager or adult -- with app developers so that, at least in theory, they can provider safer experiences for young users.

But Texas law adds an additional requirement: The app stores must also confirm that the parent or guardian approving a minors app downloads has the legal authority to make decisions for that child.

App store operators Google and Apple argue that the age verification bills will undermine individual privacy. That's because every user, not just children, will have to provide sensitive data -- likely an ID or a scan of their face -- to confirm their age, even if they only want to download something like a weather app, where age is irrelevant. And the custody rule will require parents to turn over even more personal documentation.

Malaysia's Online Safety Bill 2024 was passed by the Dewan Rakyat (House of Representatives) and the Dewan Negara (Senate) on 11 and 16 December 2024 respectively. The Bill will now be presented for Royal Assent and become law upon it being gazetted and will come into operation on a date to be appointed by the Minister of Communications.

The Bill aims to: enhance and promote online safety in Malaysia; reduce harmful content available online and mitigate its potential detrimental effects; and impose duties and obligations on online service providers.

Scope of Application

The Bill will apply to licensed Network Service Providers (NSPs), Application Service Providers (ASPs), and Content Application Service Providers (CASPs). However, it will not extend to private messaging features of any application service or content application service, defined as a feature that allows a user to communicate a content to a specific and limited number of recipients determined by the user and may contain any other characteristics as may be prescribed .

Extraterritorial Application:

The Bill will have extraterritorial effect, applying to the above service providers outside Malaysia that offer application services, content application services, or network services within Malaysia. These provisions fall under the authority of the Minister and will be enforced by the Malaysian Communications and Multimedia Commission (MCMC).

Harmful Content and Priority Harmful Content

Harmful content , as defined in the Bill, includes the following specific types of content:

• (i) content on child sexual abuse material as provided for under section 4 of the Sexual Offences against Children Act 2017 [Act 792];
• (ii) content on financial fraud;
• (iii) obscene content including content that may give rise to a feeling of disgust due to lewd portrayal which may offend a persons manner on decency and modesty;
• (iv) indecent content including content which is profane in nature, improper and against generally accepted behaviour or culture;
• (v) content that may cause harassment, distress, fear or alarm by way of threatening, abusive or insulting words or communication or act;
• (vi) content that may incite violence or terrorism;
• (vii) content that may induce a child to cause harm to himself;
• (viii) content that may promote feelings of ill-will or hostility amongst the public at large or may disturb public tranquillity; and
• (xi) content that promotes the use or sale of dangerous drugs.

Priority harmful content is defined as the first two types of harmful content listed above, namely (i) content involving child sexual abuse material, and (ii) content related to financial fraud.

Duties of ASPs and CASPs

The Bill introduces comprehensive obligations for ASPs and CASPs ( Service Providers ) to enhance online safety and mitigate risks associated with harmful content. These duties aim to create a safer online environment for all users, with particular emphasis on protecting vulnerable groups like children and addressing priority harmful content more stringently. Key requirements include:

• (a) Mitigating Exposure to Harmful Content: Service Providers must implement measures to reduce the risk of users encountering harmful content, either as outlined in the Code of Conduct (Best Practice) for Internet Messaging and Social Media Service Providers issued by the MCMC or through alternative, proven-effective measures.
• (b) User Guidelines: Service Providers are required to provide users with clear guidelines on implemented safety measures and terms of use of their services.
• (c) Online Safety Tools: Service Providers must offer tools and settings that allow users to manage their online safety, such as limiting or preventing interactions with others who may identify, locate, or communicate with them.
• (d) Reporting Mechanisms: Mechanisms must be in place for users to report harmful content and to seek responsive assistance for online safety concerns or inquiries about safety measures.
• (e) Blocking Priority Harmful Content: Service Providers are obligated to establish systems that make priority harmful content inaccessible on their platforms.
• (f) Child Safety Measures: Specific protections for children must be implemented, including preventing access to harmful content, limiting communication with adults, controlling personalised recommendations, reducing features that encourage prolonged use, and safeguarding personal information.
• (g) Online Safety Plan: Service Providers must develop, submit to the MCMC, and publicly share an Online Safety Plan detailing compliance with these obligations.

MCMC is empowered to impose a financial penalty of up to RM10 million (£1,750,000) on Service Providers that fail to comply with any of the aforementioned duties.

Starting July 1st, the classic and iconoclastic comedy series South Park may finally have one streaming home following years of a divided catalog and many millions of dollars in legal fees. Paramount appears ready to consolidate the catalog of their most prized comedy property on Paramount+, starting 1st July

However entertainment critic ArtieReviews reported that American subscribers will find that a dozen additional episodes have been added to the infamous South Park ban list.

Even with all the corporate acrimony between South Park's two streaming homes over the last five years, fans with deep pockets have still been able to stream almost every episode of South Park so long as they had subscriptions to both Max and Paramount+. The only banned South Park episodes that are currently unavailable to stream through any legal means are Super Best Friends, Cartoon Wars Parts I and II, 200 and 201 , all of which featured depictions of the religious character Mohammed.

While ArtieReviews' ban list is yet-unconfirmed by Paramount itself, all of the episodes he listed are entries in the South Park catalog that are unavailable to stream on Paramount+ in non-U.S. markets where the company has retained full streaming control. Once Paramount Global regains a complete South Park streaming catalog, ArtieReviews believes that they will institute their international ban list.

The likely list of banned titles is:

• Season 1 Episode 4: Big Gay Al's Big Boat Ride
• Season 2 Episode 1: Terrance And Phillip In Not Without My Anus
• Season 4 Episode 14: Pip/Great Expectations
• Season 5 Episode 3: Super Best Friends
• Season 6 Episode 2: Jared Has Aides
• Season 6 Episode 7: Simpsons Did It
• Season 7 Episode 1: Cancelled
• Season 8 Episode 3: Passion Of The Jew
• Season 8 Episode 4: You Got F'd In The A
• Season 9 Episode 8: Two Days Before the Day After Tomorrow
• Season 9 Episode 12: Trapped In The Closet
• Season 10 Episode 3/4 Cartoon Wars 1/2
• Season 14 Episode 5/6 200/201
• Season 16 Episode 4 Jewpacabra
• Season 17 Episode 6 Ginger Cow

Motherless.com is a well known porn tube site that seems to feature a more diverse selection of videos than most with a little more user/amateur content, than is the norm. The website is still operating and continues to allow open access.

Ofcom writes of its actions:

Ofcom has launched two investigations into whether Kick Online Entertainment S.A has failed to comply with its duties under the UK's Online Safety Act. Duties under the Act

Providers of services in scope of the Act are required to assess the risk of people in the UK encountering illegal content on their service, and take appropriate steps to protect them from it.

Providers are also required to respond to all statutory information requests from Ofcom in an accurate, complete and timely way.

On 3 March 2025, we opened an enforcement programme to monitor whether providers are complying with their duties under the Act to carry out an illegal content risk assessment and keep appropriate records of their assessments. As part of this programme, we issued an information request to Kick Online Entertainment S.A, which is responsible for providing the pornography website Motherless.com. We required it to submit the record of its illegal content risk assessment to us so we could consider whether it is compliant with its duties.

Having received no response to our request, we have today launched investigations into whether this provider has failed in its duties to complete and keep a record of  a suitable and sufficient illegal content risk assessment and respond to a statutory information request.

We have received complaints about the potential for illegal content and activity on this site, including child sexual abuse material and extreme pornography. In light of this, we will also be considering whether the provider has put appropriate safety measures in place to protect its UK users from illegal content and activity and may launch an additional investigation into its compliance with this duty if appropriate

We will now gather and analyse evidence to determine whether a contravention has occurred. If our assessment indicates a compliance failure, we will issue a provisional notice of contravention to the provider, who can then make representations on our findings, before we make our final decision.

We will provide regular updates as these investigations progress.

Ofcom has commenced investigations into two pornographic services - Itai Tech Ltd and Score Internet Group LLC - under our age assurance enforcement programme.

Under the Online Safety Act, online services must ensure children cannot access pornographic content on their sites. In January, we wrote to online services that display or publish their own pornographic content to explain that the requirements for them to have highly effective age checks in place to protect children had come into force. We requested details of services' plans for complying, along with an implementation timeline and a named point of contact.

Encouragingly, many services confirmed that they are implementing, or have plans to implement, age assurance on around 1,300 sites. A small number of services chose to block UK users from accessing their sites, rather than putting age checks in place.

Certain services failed to respond to our request and have not taken any steps to implement highly effective age assurance to protect children from pornography.

We are today opening investigations into Itai Tech Ltd - a service which runs the nudification site Undress.cc - and Score Internet Group LLC, which runs the site Scoreland.com. Both sites appear to have no highly effective age assurance in place and are potentially in breach of the Online Safety Act and their duties to protect children from pornography. Next steps

We will provide an update on both investigations on our website in due course, along with details of any further investigations launched under this enforcement programme

Encrypted chat apps like Signal and WhatsApp are one of the best ways to keep your digital conversations as private as possible. But if you're not careful with how those conversations are backed up, you can accidentally undermine your privacy.

When a conversation is properly encrypted end-to-end, it means that the contents of those messages are only viewable by the sender and the recipient. The organization that runs the messaging platform--such as Meta or Signal--does not have access to the contents of the messages. But it does have access to some metadata , like the who, where, and when of a message. Companies have different retention policies around whether they hold onto that information after the message is sent.

What happens after the messages are sent and received is entirely up to the sender and receiver. If youre having a conversation with someone, you may choose to screenshot that conversation and save that screenshot to your computers desktop or phones camera roll. You might choose to back up your chat history, either to your personal computer or maybe even to cloud storage (services like Google Drive or iCloud, or to servers run by the application developer).

Those backups do not necessarily have the same type of encryption protections as the chats themselves, and may make those conversations--which were sent with strong, privacy-protecting end-to-end encryption--available to read by whoever runs the cloud storage platform youre backing up to, which also means they could hand them at the request of law enforcement.

With that in mind, lets take a look at how several of the most popular chat apps handle backups, and what options you may have to strengthen the security of those backups.

How Signal Handles Backups

The official Signal app doesnt offer any way to back up your messages to a cloud server (some alternate versions of the app may provide this, but we recommend you avoid those, as there dont exist any alternatives with the same level of security as the official app). Even if you use a device backup, like Apples iCloud backup, the contents of Signal messages are not included in those .

Instead, Signal supports a manual backup and restore option. Basically, messages are not backed up to any cloud storage, and Signal cannot access them, so the only way to transfer messages from one device to another is manually through a process that Signal details here . If you lose your phone or it breaks, you will likely not be able to transfer your messages.

How WhatsApp Handles Backups

WhatsApp can optionally back up the contents of chats to either a Google Account on Android, or iCloud on iPhone, and you have a choice to back up with or without end-to-end encryption. Here are directions for enabling end-to-end encryption in those backups. When you do so, youll need to create a password or save a 64-digit key.

How Apples iMessages Handles Backups

Communication between people with Apple devices using Apples iMessage (blue bubbles in the Messages app), are end-to-end encrypted, but the backups of those conversations are not end-to-end encrypted by default. This is a loophole we've routinely demanded Apple close.

The good news is that with the release of the Advanced Data Protection feature , you can optionally turn on end-to-end encryption for almost everything stored in iCloud, including those backups (unless youre in the U.K., where Apple is currently arguing with the government over demands to access data in the cloud, and has pulled the feature for U.K. users).

How Google Messages Handles Backups

Similar to Apple iMessages, Google Messages conversations are end-to-end encrypted only with other Google Messages users (youll know its enabled when theres a small lock icon next to the send button in a chat).

You can optionally back up Google Messages to a Google Account, and as long as you have a passcode or lock screen password, the backup of the text of those conversations is end-to-end encrypted. A feature to turn on end-to-end encrypted backups directly in the Google Messages app, similar to how WhatsApp handles it, was spotted in beta last year but hasnt been officially announced or released.

Everyone in the Group Chat Needs to Get Encrypted

Note that even if you take the extra step to turn on end-to-end encryption, everyone else you converse with would have to do the same to protect their own backups. If you have particularly sensitive conversations on apps like WhatsApp or Apple Messages, where those encrypted backups are an option but not the default, you may want to ask those participants to either not back up their chats at all, or turn on end-to-end encrypted backups. Ask Yourself: Do I Need Backups Of These Conversations?

Of course, theres a reason people want to back up their conversations. Maybe you want to keep a record of the first time you messaged your partner, or want to be able to look back on chats with friends and family. There should not be a privacy trade-off for those who want to save those conversations, but unfortunately you do need to weigh whether or not its worth saving your chats with the potential of them being exposed in your security plan .

But also its worth considering that we dont typically need every conversation we have stored forever. Many chat apps, including WhatsApp and Signal , offer some form of disappearing messages, which is a way to delete messages after a certain amount of time. This gets a little tricky with backups in WhatsApp. If you create a backup before a message disappears, itll be included in the backup, but deleted when you restore later. Those messages will remain there until you back up again, which may be the next day, or may not be many days, if you dont connect to Wi-Fi.

You can change these disappearing messaging settings on a per-conversation basis. That means you can choose to set the meme-friendly group chat with your friends to delete after a week, but retain the messages with your kids forever. Google Messages and Apple Messages dont offer any such feature--but they should, because its a simple way to protect our conversations that gives more control over to the people using the app.

End-to-end encrypted chat apps are a wonderful tool for communicating safely and privately, but backups are always going to be a contentious part of how they work. Signals approach of not offering cloud storage for backups at all is useful for those who need that level of privacy, but is not going to work for everyones needs. Better defaults and end-to-end encrypted backups as the only option when cloud storage is offered would be a step forward, and a much easier solution than going through and asking every one of your contacts how or if they back up their chats.