United Kingdom
Apple pulls data protection tool after UK government security row
- After the UK government demanded access to Apple’s user data, Apple is taking the unprecedented step of removing Advanced Data Protection (ADP), its highest-level data security tool, from customers in the UK.
- With the removal, only standard encryption will be available. Data encrypted that way is accessible by Apple and shareable with law enforcement if they have a warrant.
- The ADP service is opt-in, meaning people need to sign up to get the protection it provides. From February 21st, any Apple user in the UK attempting to turn it on has been met with an error message. Existing users’ access will be disabled later.
- The move sparked controversy across different points. Cybersecurity experts criticised the UK Home Office’s move to “weaken online security and privacy for UK based users”, while others criticised Apple’s move to “simply withdraw a product rather than cooperate with a government” as a worrying precedent for other tech companies.
ICO publishes its Tech Horizons Report for 2025
- The ICO published its 2025 edition of the Tech Horizons Report, seeking to identify the privacy and data protection implications of emerging technologies poised to significantly affect society, the economy and information rights between the next 2 to 7 years.
- The report focuses on four emerging technologies: connected transport; quantum sensing and imaging for healthcare and medical research; digital diagnostics, therapeutics and healthcare infrastructure; and synthetic media.
- These technologies present unique opportunities but also risks. Most notably, they reveal novel types of information about people, they process increasingly large amounts of personal information, and their growing use by a wide range of parties can lead to transparency and accountability issues.
- Therefore, their implementation must consider and implement appropriate safeguards to ensure data protection by design and by default.
United States
US Senate committee renews children’s online safety debate
- The US Senate has renewed its debates on passing a major omnibus children’s safety package legislation, named Kids Online Safety and Privacy Act (KOSPA).
- The House was previously unable to approve KOSPA before the end of the 118th Congress’ term, when the two-year legislative slate was wiped clean.
- Now in its 119th Congress, the Senate is preparing to revive the KOSPA framework and go further on topics like children’s sexual abuse material and ending Big Tech immunity under the Section 230 of the Communications Act. The framework seeks to address the growing crisis around minors’ online presence and allegations of wide-ranging exploitation by tech platforms.
- Proposed requirements of the previous package included privacy-by-default standards, opt-outs of personalized algorithmic recommendations, parental controls over children’s online activities and risk audits.
Europe
A view from Brussels: European tech industry poses diagnosis, discusses remedies
- DG Connect, the digital policy arm of the European Commission, has announced it does not plan to bring new regulation in the next five years. This position is in line with the Commission’s work program for 2025 to increase European competitiveness in the age of AI.
- According to trade association DigitalEurope, only 13% of European companies use AI. There is a 30% gross domestic product gap between the EU and the U.S., and half the difference in productivity growth between the two is due to slow uptake of technology. DigitalEurope quantified the yearly regulatory burden at 200 billion euros.
- To remedy this, the emerging view is that allowing companies to grow requires cutting the regulatory burden by 50%, for instance limiting and even removing reporting burdens, scaling procurement procedures, and incentivizing companies to invest in talent and security.
- At the annual Munich Security Conference, Meta’s new top lobbyist Joel Kaplan warned the EU Commission that he would have no other choice than to enlist Donald Trump’s help as soon as it felt like Brussels was not treating it fairly.
- According to Kaplan, the EU has been discriminating against Meta and punishing them unfairly, as seen in the more than $3 billion in fines issued for violation of data privacy and antitrust rules.
- Mark Zuckerberg is one of the most prominent figures of Big Tech giants switching alliances in support of Donald Trump, who see this as a golden opportunity to push back against the regulations set forth by the EU Commission in Brussels. Zuckerberg has previously criticised the “increasing number of laws institutionalising censorship and making it difficult to build anything innovative” in Europe.
International
DeepSeek ‘shared user data’ with TikTok owner ByteDance
- The South Korean data protection regulator has accused Chinese AI startup DeepSeek of sharing user data with ByteDance, the owner of TikTok in China. It has yet to confirm what data was transferred and to what extent.
- South Korea had previously removed DeepSeek from app stores over data protection concerns. Before the removal, DeepSeek had already been downloaded more than a million times. Existing users can still access the app and use it on a web browser.
- Critics of the Chinese state have long argued its National Intelligence Law allows the government to access any data it wants from Chinese companies. Fears over user data being sent to China was one of the reasons the US Supreme Court upheld a ban on TikTok. The US ban is on hold until 5 April as President Donald Trump attempts to find a resolution.
- However, ByteDance is owned by several global investors, with supporters saying the same law allows for the protection of private companies and personal data.
