iOS 18 Control Center: 18 apps that add useful actions to your iPhone

by with No Comment Tech

Image Credits: Apple

Apple’s iOS 18 software update rolled out earlier this month, and it brought significant changes to the iOS Control Center, which provides convenient access to commonly used functions with a simple swipe down on the Home Screen. Now, in addition to the existing controls like Wi-Fi, Bluetooth, Flashlight, and so on, Apple allows third-party app developers to create controls for their own apps. 

Below, we’ve compiled a list of iOS 18-ready apps that users can try in order to take advantage of the redesigned Control Center.

Bulletin

Image Credits: Screenshot by TechCrunch

Bulletin, the AI-powered news reader app that summarizes articles, notably has a total of nine Control Center widgets (the most we’ve seen so far). These include new options to quickly perform app actions, such as going straight to the “For You” tab without opening the app. Additionally, options to go to different news categories, including “Business,” “Entertainment,” “Fashion,” “Sports,” and “Technology.” There’s also an option to pull up the app’s “Smart Summary” feature, which uses AI to recap the top articles of the day.

CARROT Weather

Image Credits: Screenshot by TechCrunch

CARROT Weather, the app that delivers snarky weather forecasts, is also taking advantage of the iOS update with two Control Center widgets. Now, users can add shortcuts to quickly open the Weather and Maps tabs.

Crouton

Image Credits: Screenshot by TechCrunch

Recipe organizer and meal planner app Crouton launched a helpful Control Center widget for users looking to import new recipes with one tap. 

Cheatsheet Notes

Image Credits: Screenshot by TechCrunch

Cheatsheet is a widget that lets users write down important reminders such as hotel room numbers, license plate numbers, and lock combinations to quickly access from their iPhone home screen. The app now has a Control Center widget where people can swipe down to access one of their most important notes. There’s also a new option to add a new “Cheat” or note.

FitBee

Image Credits: Screenshot by TechCrunch

FitBee is a new nutrition-tracking app that lets you log a meal by taking a photo of it, and AI can estimate the meal’s calories and macros, according to the app’s developers. FitBee recently released two features that take advantage of the new Control Center, including the ability to scan barcodes and snap photos of food items, letting users log even faster.

Focused Work

Focused Work iOS 18 app control center
Image Credits: Screenshot by TechCrunch

Focused Work, a time management app that helps users focus, has new control widgets that allow people to start a focus session and access the “Scratch Pad,” or notes section for writing down thoughts that can be revisited after the session. 

LookUp

LookUp iOS 18 control widget
Image Credits: Screenshot by TechCrunch

LookUp is a dictionary app that teaches users one word a day. It introduced several actions to the Control Center, such as the ability to search for a word, scan a word with the phone camera to see its definition, or set up the app’s “Reading Mode,” which turns on a Live Activity to quickly look up a word from the Lock Screen.

Mango Baby

Image Credits: Screenshot by TechCrunch

The Mango Baby app, designed for newborn care, offers parents five useful widgets that can be added to their Control Center. The app now allows users to log diaper changes, and it provides the option to set up different timers such as a sleep timer, pumping timer, bath timer, and tummy time timer to help parents keep track of their baby’s daily routine.

MediSOS

MediSOS iOS 18 app control widget
Image Credits: Screenshot by TechCrunch

The most notable feature that MediSOS offers is its emergency siren that activates when users press the SOS button in the app, notifying people around them that they’re in need of medical attention. Now, people can start the medical emergency alarm from the Control Center thanks to the iOS 18 update. 

Dark Noise

Dark Noise, the app that plays ambient sounds, added multiple options to the Control Center, so users can choose a type of noise, start playing rain sounds, and set a timer all without opening the app. 

Pedometer++

Image Credits: Screenshot by TechCrunch

Pedometer++ lets people track their step count, walking distance, active calories, and heart rate. The app’s new widgets let users instantly start a walk, run, and hike. They can also open the app with one tap. 

Saturn

Image Credits: Screenshot by TechCrunch

Saturn is a recently launched app dubbed the “Mastadon for Everyone” and works with the decentralized social network to show popular content. Now, users can access a series of actions for their iPhone Control Center, such as the ability to open tabs like “Communities,” “Highlights,” “Latest News,” “Popular Pages,” “Suggested Accounts,” and “Trending Tags.” Users can also create a new post or open the search function.

Sofa 

Sofa app iOS 18 Control Center
Image Credits: Screenshot by TechCrunch

Sofa allows users to create lists of different things, from apps to download to things to watch, read, play, and listen to. There are four new control widgets to choose from: “The Pile,” which has everything saved in one place; “Pinned items,” which takes users to their favorite items; “Logbook,” for things they’ve already completed; and “List,” which quickly pulls up a go-to list.  

Spark

Image Credits: Screenshot by TechCrunch

Spark is an AI email assistant designed to help people handle and sort emails while connecting multiple accounts into one inbox. The app offers four widgets that can be added to the Control Center, allowing users to easily access the app for composing emails, conducting searches, accessing attachments, or checking the calendar.

Tripsy

Image Credits: Screenshot by TechCrunch

Tripsy is a travel planner app that lets people plan a list of activities for their next trip, receive real-time flight updates, and even track expenses. Its new control actions allow people to quickly access their trip itinerary or create their upcoming travel plan.  

TV Remote

Image Credits: Screenshot by TechCrunch

TV Remote is a fully customizable remote app for LG, Samsung, Roku, and Sony televisions. One of the most helpful new actions for the Control Center is “Remote Command,” letting users quickly access the remote whenever they want without having to launch the app. 

Waterllama

Waterllama app control center widgets
Image Credits: Screenshot by TechCrunch

Waterllama, the app that tracks daily water intake to ensure people stay hydrated, has a new Control Center widget that lets users quickly add a custom amount of water or other beverages to the daily total. Notably, the widgets aren’t static, so when people tap on them, they include animations. Users can also customize the animation from six different options: splash, big splash, drizzle, droplets, circles, and a pixelated splash. 

Zenitizer 

Image Credits: Screenshot by TechCrunch

Zenitizer allows users to create meditation timers, listen to relaxing sounds, track daily goals, and set reminders. Now, people can add the app’s widget to their Control Center to set a meditation timer with one tap. 

Meta will let third-party apps place calls to WhatsApp and Messenger users — in 2027

by with No Comment Tech

people walking past Meta signage

Image Credits: TOBIAS SCHWARZ/AFP / Getty Images

Meta on Friday published an update on how it plans to comply with the Digital Markets Act (DMA), the European law that aims to promote competition in digital marketplaces, where the law concerns the company’s messaging apps, Messenger and WhatsApp.

As Meta notes in a blog post, the DMA requires that it provide an option in WhatsApp and Messenger to connect with interoperable third-party messaging services and apps. Meta says it’s building notifications into WhatsApp and Messenger to inform users about these third-party integrations and alert them when a newly compatible third-party messaging app comes online.

Meta DMA WhatsApp Messenger
Image Credits: Meta

The company also says it’s introducing an onboarding flow in WhatsApp and Messenger where users can learn more about third-party chats and switch them on. From the flow, users will be able to set up a designated folder for third-party messages or, alternatively, opt for a combined inbox.

Meta DMA WhatsApp Messenger
Image Credits: Meta

In 2025, Meta will roll out group functionality for third-party chats, and, in 2027, it’ll launch voice and video calling in accordance with the DMA.

And at some unspecified point in the future, Meta will bring “rich messaging” features for third-party chats to WhatsApp and Messenger, like reactions, direct replies, typing indicators and read receipts, the company says.

Meta DMA WhatsApp Messenger
Image Credits: Meta

“We will keep collaborating with third-party messaging services in order to provide the safest and best experience,” Meta wrote in the post. “Users will start to see the third-party chat option when a third-party messaging service has built, tested and launched the necessary technology to make the feature a positive and secure user experience.”

The upcoming WhatsApp and Messenger interoperability features aren’t a slam dunk necessarily. As we’ve reported previously, it’s not clear whether other major messaging operators, such as Viber and Telegram, will support them. WhatsApp will require end-to-end encryption to enable interoperability, which could also present technical roadblocks. Plus, Meta requires that companies sign an agreement — the details of which haven’t been made public — to integrate with any of its systems.

Open source messaging protocol Matrix’s founder Matthew Hodgson, for one, noted in a talk this year that Matrix will work with WhatsApp, end-to-end encryption intact, “on an experimental basis.”

Meta is attempting to meet its obligations under the DMA’s messaging-related clauses, but the company has come under fire for allegedly violating other components of the legislation.

This summer, the European Commission said that Meta’s “pay or consent” ad model, which offers EU users of Facebook and Instagram a choice between a paid, ad-free experience or a free, ad-supported version, failed to comply with the DMA.

Apple gives developers a way to nominate their apps for editorial consideration on the App Store

by with No Comment Tech

Apple app store icon

Image Credits: Bryce Durbin / TechCrunch

App developers will have a new path for getting their apps recognized and promoted, Apple told developers at WWDC 2024 this week. In an update planned to arrive in September alongside the release of iOS 18, developers will be able to alert Apple’s Editorial team about their app’s new content or features ahead of its release to be considered for featuring on the App Store.

Today, the App Store’s Editorial team creates stories about apps and their developers and rounds up apps of interest into collections that are highlighted across the App Store’s many sections. However, there was no formal process for alerting App Store editors about upcoming changes that could potentially qualify an app for this type of recognition. With the launch of something called “Featuring Nominations,” developers will be able to directly share their plans with Apple. This is managed via the App Store Connect app where developers already manage their applications, installs and sales.

From a new Nominations dashboard in App Store Connect, developers will be able to create their nominations, either one by one or by uploading a spreadsheet to nominate apps in bulk. Apple recommends using a memorable name for the nomination that will help editors understand what their app’s new content or feature is focused on. Developers can alert editors to three different types of updates: new content, app enhancements or new app launches.

In addition to the update’s name, developers would include a text description that explains any relevant details about the update and the expected publish date. Another field, “Helpful Details,” will also allow developers to offer other information for editors’ reviewing their submission — like the developer’s story, how they created the app or their efforts around some other key factor, like the app’s accessibility or inclusivity features.

Related to this change, developers will also receive a push notification from App Store Connect if the Editorial team chooses to feature the app on the App Store. By tapping on the notification, developers will be taken to a page with new Promote Your App marketing assets designed for sharing the news on social media.

Apple will also provide marketing material for other big moments in the app’s lifecycle, like when it first launches or when it rolls out a new feature or new version.

Image Credits: Screenshot of Steve Troughton-Smith’s Mastodon post

These features were announced in a session alongside other news about updates to TestFlight, Apple’s pre-launch app testing platform, which now has a new look-and-feel.

One change that will make the testing process even more useful to developers is the ability to set criteria to filter for the type of testers they need to reach. For instance, a developer could restrict their TestFlight build only to those who have both an iPhone and a Vision Pro, or only devices that are running a certain iOS version. This way, when the public link to the TestFlight is shared, only those testers who fit the criteria will be able to install the beta build of the app.

Apple is also allowing developers to create deep links to custom product pages for their app — meaning those pages they built to highlight an app’s particular features for a select audience, or those that promote special deals. These custom links can be used when advertising the app via Apple Search Ads or on other platforms, like social media sites.

Apple’s iOS 18 will roll out to the public later this fall.

Digital generated image of people surrounded by interactive transparent and glowing panels with data. Visualising smart technology, blockchain and artificial intelligence.

CData, which helps orgs use data across apps and build AI models, snaps up $350M

by with No Comment Tech

Digital generated image of people surrounded by interactive transparent and glowing panels with data. Visualising smart technology, blockchain and artificial intelligence.

Image Credits: Andriy Onufriyenko / Getty Images

Artificial intelligence startups continue to dominate the headlines with immense venture capital rounds, but there’s enough opportunity out there for companies building tools that make it easier to work with data-heavy applications like AI. That’s especially true for organizations that may still have one foot (or both feet) in the legacy data camp. 

In one of the latest examples of that opportunity, a data connectivity solutions provider called CData has picked up a whopping $350 million in growth capital. Sources close to the company confirmed to TechCrunch that the round gives it a valuation of over $800 million, post-money.

CData has around 7,000 large enterprise customers, many of which are not tech companies, but lean on tech heavily — think big healthcare providers, Office Depot, Holiday Inn and the like. CData builds connectors that such enterprises can use to stitch together data from different applications — and different locations, not just in the cloud — more easily.

More recently, the company’s tools saw a boost in demand from customers keen to get in on the AI rush — they saw how CData could be used to build proprietary AI models based on their internal data. 

“One of the biggest drivers now for us is this move towards enterprises investing in AI,” said Amit Sharma, the founder and CEO of CData. “You can do a lot with public datasets, but proprietary datasets are very important for organizations. We’re the easiest way for companies to access their proprietary data and use it in their AI workloads.”

Warburg Pincus and Accel invested in the all-equity transaction, which includes both equity and secondary components, Sharma said in an interview this week. There is also a separate debt component on top of the $350 million, although the company is not disclosing more details about that. Before this round, North Carolina-based CData had raised $160 million from a single backer, Updata, which remains an investor with this round. 

The funding — to be used both for business and product development — comes on the heels of a strong run of business for the company. CData started off focusing on application integration 10 years ago, Sharma said, but it has evolved with the rise of the so-called “API economy” and cloud computing.

In a nutshell: Many modern applications offer APIs, but they are inconsistent in how they work, and sometimes, there are no clear APIs at all. That’s where CData comes in with its connectors for different apps and data sources, helping knit an organization’s data together more cleanly. 

“The challenge with APIs is that each API is very different,” Sharma explained. So, for example, if you are pulling data out of Salesforce using an API, he said, one would have to thoroughly understand how the Salesforce API works. “Your developers would have to understand it. But when you work with our connectors, all of them look alike.” He describes the world of software as a modern “Tower of Babel” and says CData is the solution.

In all, Sharma says CData’s platform has some 270 such connectors, and it has partnerships with some 100 independent software vendors, including Google, Salesforce and Informatica, to help build more user-friendly integrations from their end. 

“So when you are using Tableau, you might be using a CData connector inside of it without knowing that you’re actually doing so,” Sharma said. 

Indeed, while these connectors definitely include integrations with more traditional applications in areas like accounting and CRM, they are also coming into their own more recently. Businesses that want to work more with AI can use them to tap their data more easily to build customized models for themselves. 

CData has to contend with a number of competitors, like Domo, Simba from Insight Software, Fivetran and many others. But it looks like CData’s current customer traction, combined with its focus on solving both legacy integration issues and modern ones around AI, has helped it seal the deal. 

“Data connectivity is a critical enabler in a world of intelligent software — any AI, analytics or automation service delivers far better outcomes the more cross-functional data it can access,” said Nate Niparko, a partner at Accel, in a statement. “We’re thrilled to support CData as it builds on its standards for interconnecting the largest catalog of business data.”

TikTok comes for messaging apps with the addition of group chats

by with No Comment Tech

A laptop keyboard and TikTok logo displayed on a phone screen are seen in this multiple exposure illustration.

Image Credits: Jakub Porzycki/NurPhoto / Getty Images

TikTok looks to be taking on popular messaging services like Meta’s WhatsApp and Apple’s Messages, as the company announced on Monday that it’s adding group chats to its platform. You can now create group chats with up to 32 people to chat and share content together.

While people often share TikTok videos with each other in group chats on messaging apps, TikTok is now letting users do so within its own platform. Users can now watch, comment and react together all on TikTok.

The latest addition indicates that TikTok is interested in making its platform more social and a place for conversation with friends, not just an entertainment platform where you interact with strangers.

As with individual messages, group chats are only available to users above the age of 15. TikTok says it has added safety measures to protect teens between the ages of 16 and 17.

Everyone, including teens, can only be added to a group chat by a mutual follower. If a teen gets an invite to join a group chat, they can’t join unless the group has at least one mutual friend in it. Plus, when a teen creates a group chat, TikTok will require them to review and approve new joiners.

You can create a group chat by tapping the “Chat” button at the top of your inbox and then selecting “More options.” Then, you can select the friends you want to include in the group and then click “Start group chat.” To join an existing group chat through an invite, you can tap on the invite and then click “Join group.”

TikTok also announced that it’s rolling out custom stickers in DMs. The company sees the feature as a fun chat option that encourages users to create and upload their own custom stickers for everyone to use.

TikTok comes for messaging apps with the addition of group chats

by with No Comment Tech

A laptop keyboard and TikTok logo displayed on a phone screen are seen in this multiple exposure illustration.

Image Credits: Jakub Porzycki/NurPhoto / Getty Images

TikTok looks to be taking on popular messaging services like Meta’s WhatsApp and Apple’s Messages, as the company announced on Monday that it’s adding group chats to its platform. You can now create group chats with up to 32 people to chat and share content together.

While people often share TikTok videos with each other in group chats on messaging apps, TikTok is now letting users do so within its own platform. Users can now watch, comment, and react together all on TikTok.

The latest addition indicates that TikTok is interested in making its platform more social and a place for conversation with friends, not just an entertainment platform where you interact with strangers.

As with individual messages, group chats are only available to users above the age of 15. TikTok says it has added safety measures to protect teens between the ages of 16 and 17.

Everyone, including teens, can only be added to a group chat by a mutual follower. If a teen gets an invite to join a group chat, they can’t join unless the group has at least one mutual friend in it. Plus, when a teen creates a group chat, TikTok will require them to review and approve new joiners.

You can create a group chat by tapping the “Chat” button at the top of your inbox and then selecting “More options.” Then, you can select the friends you want to include in the group and then click “Start group chat.” To join an existing group chat through an invite, you can tap on the invite and then click “Join group.”

TikTok also announced that it’s rolling out custom stickers in DMs. The company sees the feature as a fun chat option that encourages users to create and upload their own custom stickers for everyone to use.

Apple gives developers a way to nominate their apps for editorial consideration on the App Store

by with No Comment Tech

Apple app store icon

Image Credits: Bryce Durbin / TechCrunch

App developers will have a new path for getting their apps recognized and promoted, Apple told developers at WWDC 2024 this week. In an update planned to arrive in September alongside the release of iOS 18, developers will be able to alert Apple’s Editorial team about their app’s new content or features ahead of its release to be considered for featuring on the App Store.

Today, the App Store’s Editorial team creates stories about apps and their developers and rounds up apps of interest into collections that are highlighted across the App Store’s many sections. However, there was no formal process for alerting App Store editors about upcoming changes that could potentially qualify an app for this type of recognition. With the launch of something called “Featuring Nominations,” developers will be able to directly share their plans with Apple. This is managed via the App Store Connect app where developers already manage their applications, installs and sales.

From a new Nominations dashboard in App Store Connect, developers will be able to create their nominations, either one by one or by uploading a spreadsheet to nominate apps in bulk. Apple recommends using a memorable name for the nomination that will help editors understand what their app’s new content or feature is focused on. Developers can alert editors to three different types of updates: new content, app enhancements or new app launches.

In addition to the update’s name, developers would include a text description that explains any relevant details about the update and the expected publish date. Another field, “Helpful Details,” will also allow developers to offer other information for editors’ reviewing their submission — like the developer’s story, how they created the app or their efforts around some other key factor, like the app’s accessibility or inclusivity features.

Related to this change, developers will also receive a push notification from App Store Connect if the Editorial team chooses to feature the app on the App Store. By tapping on the notification, developers will be taken to a page with new Promote Your App marketing assets designed for sharing the news on social media.

Apple will also provide marketing material for other big moments in the app’s lifecycle, like when it first launches or when it rolls out a new feature or new version.

Image Credits: Screenshot of Steve Troughton-Smith’s Mastodon post

These features were announced in a session alongside other news about updates to TestFlight, Apple’s pre-launch app testing platform, which now has a new look-and-feel.

One change that will make the testing process even more useful to developers is the ability to set criteria to filter for the type of testers they need to reach. For instance, a developer could restrict their TestFlight build only to those who have both an iPhone and a Vision Pro, or only devices that are running a certain iOS version. This way, when the public link to the TestFlight is shared, only those testers who fit the criteria will be able to install the beta build of the app.

Apple is also allowing developers to create deep links to custom product pages for their app — meaning those pages they built to highlight an app’s particular features for a select audience, or those that promote special deals. These custom links can be used when advertising the app via Apple Search Ads or on other platforms, like social media sites.

Apple’s iOS 18 will roll out to the public later this fall.

Apple gives developers a way to nominate their apps for editorial consideration on the App Store

by with No Comment Tech

Apple app store icon

Image Credits: Bryce Durbin / TechCrunch

App developers will have a new path for getting their apps recognized and promoted, Apple told developers at WWDC 2024 this week. In an update planned to arrive in September alongside the release of iOS 18, developers will be able to alert Apple’s Editorial team about their app’s new content or features ahead of its release to be considered for featuring on the App Store.

Today, the App Store’s Editorial team creates stories about apps and their developers and rounds up apps of interest into collections that are highlighted across the App Store’s many sections. However, there was no formal process for alerting App Store editors about upcoming changes that could potentially qualify an app for this type of recognition. With the launch of something called “Featuring Nominations,” developers will be able to directly share their plans with Apple. This is managed via the App Store Connect app where developers already manage their applications, installs and sales.

From a new Nominations dashboard in App Store Connect, developers will be able to create their nominations, either one by one or by uploading a spreadsheet to nominate apps in bulk. Apple recommends using a memorable name for the nomination that will help editors understand what their app’s new content or feature is focused on. Developers can alert editors to three different types of updates: new content, app enhancements or new app launches.

In addition to the update’s name, developers would include a text description that explains any relevant details about the update and the expected publish date. Another field, “Helpful Details,” will also allow developers to offer other information for editors’ reviewing their submission — like the developer’s story, how they created the app or their efforts around some other key factor, like the app’s accessibility or inclusivity features.

Related to this change, developers will also receive a push notification from App Store Connect if the Editorial team chooses to feature the app on the App Store. By tapping on the notification, developers will be taken to a page with new Promote Your App marketing assets designed for sharing the news on social media.

Apple will also provide marketing material for other big moments in the app’s lifecycle, like when it first launches or when it rolls out a new feature or new version.

Image Credits: Screenshot of Steve Troughton-Smith’s Mastodon post

These features were announced in a session alongside other news about updates to TestFlight, Apple’s pre-launch app testing platform, which now has a new look-and-feel.

One change that will make the testing process even more useful to developers is the ability to set criteria to filter for the type of testers they need to reach. For instance, a developer could restrict their TestFlight build only to those who have both an iPhone and a Vision Pro, or only devices that are running a certain iOS version. This way, when the public link to the TestFlight is shared, only those testers who fit the criteria will be able to install the beta build of the app.

Apple is also allowing developers to create deep links to custom product pages for their app — meaning those pages they built to highlight an app’s particular features for a select audience, or those that promote special deals. These custom links can be used when advertising the app via Apple Search Ads or on other platforms, like social media sites.

Apple’s iOS 18 will roll out to the public later this fall.

EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn

by with No Comment Tech

Image Credits: Bryce Durbin / TechCrunch

A controversial push by European Union lawmakers to legally require messaging platforms to scan citizens’ private communications for child sexual abuse material (CSAM) could lead to millions of false positives per day, hundreds of security and privacy experts warned in an open letter Thursday.

Concern over the EU proposal has been building since the Commission proposed the CSAM-scanning plan two years ago — with independent experts, lawmakers across the European Parliament and even the bloc’s own Data Protection Supervisor among those sounding the alarm.

The EU proposal would not only require messaging platforms that receive a CSAM detection order to scan for known CSAM, but they would also have to use unspecified detection scanning technologies to try to pick up unknown CSAM and identify grooming activity as it’s taking place — leading to accusations of lawmakers indulging in magical thinking-levels of technosolutionism.

Critics argue the proposal asks the technologically impossible and will not achieve the stated aim of protecting children from abuse. Instead, they say, it will wreak havoc on internet security and web users’ privacy by forcing platforms to deploy blanket surveillance of all their users in deploying risky, unproven technologies, such as client-side scanning.

Experts say there is no technology capable of achieving what the law demands without causing far more harm than good. Yet the EU is plowing on regardless.

EU watchdog questions secrecy around lawmakers’ encryption-breaking CSAM scanning proposal

The latest open letter addresses amendments to the draft CSAM-scanning regulation recently proposed by the European Council, which the signatories argue fail to address fundamental flaws with the plan.

Signatories to the letter — numbering 270 at the time of writing — include hundreds of academics, including well-known security experts such as professor Bruce Schneier of Harvard Kennedy School and Dr. Matthew D. Green of Johns Hopkins University, along with a handful of researchers working for tech companies such as IBM, Intel and Microsoft.

An earlier open letter (last July), signed by 465 academics, warned the detection technologies the legislation proposal hinges on forcing platforms to adopt are “deeply flawed and vulnerable to attacks” and would lead to a significant weakening of the vital protections provided by end-to-end encrypted (E2EE) communications.

Little traction for counterproposals

Last fall, MEPs in the European Parliament united to push back with a substantially revised approach — which would limit scanning to individuals and groups who are already suspected of child sexual abuse; limit it to known and unknown CSAM, removing the requirement to scan for grooming; and remove any risks to E2EE by limiting it to platforms that are not end-to-end-encrypted. But the European Council, the other co-legislative body involved in EU lawmaking, has yet to take a position on the matter, and where it lands will influence the final shape of the law.

The latest amendment on the table was put out by the Belgian Council presidency in March, which is leading discussions on behalf of representatives of EU Member States’ governments. But in the open letter the experts warn this proposal still fails to tackle fundamental flaws baked into the Commission approach, arguing that the revisions still create “unprecedented capabilities for surveillance and control of Internet users” and would “undermine … a secure digital future for our society and can have enormous consequences for democratic processes in Europe and beyond.”

Tweaks up for discussion in the amended Council proposal include a suggestion that detection orders can be more targeted by applying risk categorization and risk mitigation measures, and cybersecurity and encryption can be protected by ensuring platforms are not obliged to create access to decrypted data and by having detection technologies vetted. But the 270 experts suggest this amounts to fiddling around the edges of a security and privacy disaster.

From a “technical standpoint, to be effective, this new proposal will also completely undermine communications and systems security,” they warn. While relying on “flawed detection technology” to determine cases of interest in order for more targeted detection orders to be sent won’t reduce the risk of the law ushering in a dystopian era of “massive surveillance” of web users’ messages, in their analysis.

The letter also tackles a proposal by the Council to limit the risk of false positives by defining a “person of interest” as a user who has already shared CSAM or attempted to groom a child — which it’s envisaged would be done via an automated assessment, such as waiting for one hit for known CSAM or two for unknown CSAM/grooming before the user is officially detected as a suspect and reported to the EU Centre, which would handle CSAM reports.

Billions of users, millions of false positives

The experts warn this approach is still likely to lead to vast numbers of false alarms.

“The number of false positives due to detection errors is highly unlikely to be significantly reduced unless the number of repetitions is so large that the detection stops being effective. Given the large amount of messages sent in these platforms (in the order of billions), one can expect a very large amount of false alarms (in the order of millions),” they write, pointing out that the platforms likely to end up slapped with a detection order can have millions or even billions of users, such as Meta-owned WhatsApp.

“Given that there has not been any public information on the performance of the detectors that could be used in practice, let us imagine we would have a detector for CSAM and grooming, as stated in the proposal, with just a 0.1% False Positive rate (i.e., one in a thousand times, it incorrectly classifies non-CSAM as CSAM), which is much lower than any currently known detector.

“Given that WhatsApp users send 140 billion messages per day, even if only 1 in hundred would be a message tested by such detectors, there would be 1.4 million false positives every single day. To get the false positives down to the hundreds, statistically one would have to identify at least 5 repetitions using different, statistically independent images or detectors. And this is only for WhatsApp — if we consider other messaging platforms, including email, the number of necessary repetitions would grow significantly to the point of not effectively reducing the CSAM sharing capabilities.”

Another Council proposal to limit detection orders to messaging apps deemed “high-risk” is a useless revision, in the signatories’ view, as they argue it’ll likely still “indiscriminately affect a massive number of people.” Here they point out that only standard features, such as image sharing and text chat, are required for the exchange of CSAM — features that are widely supported by many service providers, meaning a high risk categorization will “undoubtedly impact many services.”

They also point out that adoption of E2EE is increasing, which they suggest will increase the likelihood of services that roll it out being categorized as high risk. “This number may further increase with the interoperability requirements introduced by the Digital Markets Act that will result in messages flowing between low-risk and high-risk services. As a result, almost all services could be classified as high risk,” they argue. (NB: Message interoperability is a core plank of the EU’s DMA.)

A backdoor for the backdoor

As for safeguarding encryption, the letter reiterates the message that security and privacy experts have been repeatedly yelling at lawmakers for years now: “Detection in end-to-end encrypted services by definition undermines encryption protection.”

“The new proposal has as one of its goals to ‘protect cyber security and encrypted data, while keeping services using end-to-end encryption within the scope of detection orders.’ As we have explained before, this is an oxymoron,” they emphasize. “The protection given by end-to-end encryption implies that no one other than the intended recipient of a communication should be able to learn any information about the content of such communication. Enabling detection capabilities, whether for encrypted data or for data before it is encrypted, violates the very definition of confidentiality provided by end-to-end encryption.”

In recent weeks police chiefs across Europe have penned their own joint statement — raising concerns about the expansion of E2EE and calling for platforms to design their security systems in such as way that they can still identify illegal activity and send reports on message content to law enforcement.

The intervention is widely seen as an attempt to put pressure on lawmakers to pass laws like the CSAM-scanning regulation.

Police chiefs deny they’re calling for encryption to be backdoored but they haven’t explained exactly which technical solutions they do want platforms to adopt to enable the sought for “lawful access.” Squaring that circle puts a very wonky-shaped ball back in lawmakers’ court.

If the EU continues down the current road — so assuming the Council fails to change course, as MEPs have urged it to — the consequences will be “catastrophic,” the letter’s signatories go on to warn. “It sets a precedent for filtering the Internet, and prevents people from using some of the few tools available to protect their right to a private life in the digital space; it will have a chilling effect, in particular to teenagers who heavily rely on online services for their interactions. It will change how digital services are used around the world and is likely to negatively affect democracies across the globe.”

An EU source close to the Council was unable to provide insight on current discussions between Member States but noted there’s a working party meeting on May 8 where they confirmed the proposal for a regulation to combat child sexual abuse will be discussed.

Europe’s CSAM-scanning plan is a tipping point for democratic rights, experts warn

European police chiefs target E2EE in latest demand for ‘lawful access’

iOS 18 cracks down on apps asking for full address book access

by with No Comment Tech

Image Credits: Apple

iOS apps that build their own social networks on the back of users’ address books may soon become a thing of the past. In iOS 18, Apple is cracking down on the social apps that ask users’ permission to access their contacts — something social apps often do to connect users with their friends or make suggestions for who to follow. Now, Apple is adding a new two-step permissions pop-up screen that will first ask users to allow or deny access to their contacts, as before, and then, if the user allows access, will allow them to choose which contacts they want to share, if not all.

The changes were introduced in a session at Apple’s Worldwide Developers Conference focused on user privacy features.

When consumers share their contacts with a third-party app, that app will receive ongoing access to their contacts over time, even as new ones are added, according to Apple. To give users more control over the contacts an app can and cannot access, the permissions screen has two stages.

In the first screen, users confirm if they want to share their contacts with the app or not. This is similar to the prompt that’s available today, though some app makers have utilized the contact-sharing option as a way to block users who decline to share their contacts from accessing their app.

For example, last year the photo-sharing app Lapse climbed to the top of the App Store by employing a mechanism that forced users to invite their friends in order to join. Before that, apps like Poparazzi and Clubhouse demanded full address book access — a growth hack that helped them quickly expand their networks. Amo ID, an app from the founder of Zenly (which sold to Snap), also gained steam by requiring users to invite friends to get in.

These techniques may work to provide an initial rush of user adoption, but in many cases, that hack does not drive sustainable growth in the long term. In the meantime, users have to give up access to the address books in full just to try out new social experiences.

That may now become more difficult, as users who opt to share their address book by tapping “Continue” on the first screen will be taken to a second screen in iOS 18 where they can choose whether or not they want to share all their contacts with an app. Here, users will be able to tap on “Allow Full Access” or a new option to “Select Contacts” if they’d rather limit access.

What’s more, iOS 18 does not require the app developer to make any changes on their part for this functionality to work, nor implement any new API. Instead, if a developer’s app asks for access to the Contacts, these new screens will appear automatically.

On X, developer Nikita Bier, who had sold growth-hacked social apps like Gas and tbh to Discord and Facebook, joked, “It’s the end of the world,” followed by a screenshot of Apple’s announcement of the new privacy feature.

For those more interested in security and privacy, however, the addition is welcome. As security firm Mysk wrote on X, the change would be “sad news for data harvesting apps…” Others pointed out that this would hopefully prevent apps that ask repeatedly for address book access even after they had been denied. Now users could grant them access but limit which contacts they could actually ingest.

In addition, if a developer’s app lets people search for contacts to add, they also don’t need to request full access with iOS 18.

Instead, the new Contact Access Button lets an app show results for contacts the app doesn’t have access to along with a button that says “Add” next to each contact’s name. That way, users can pick and choose which contacts they want to provide to the app on a one-by-one basis with just a tap.