What's wrong with EU age verification?

As a deadly heatwave grips Europe, Rome leans on a bracelet to watch its elderly

Rome's municipality has equipped around 700 elderly residents with a wearable bracelet that monitors heart rate, sleep patterns, and detects falls, as part of a broader €400m EU-funded elderly care programme. The scheme pairs the device with daily social worker calls during a record European heatwave that the WHO has linked to over 1,300 deaths. The combination of sensor technology and human contact distinguishes it from consumer fitness trackers, though some participants have dropped out over privacy concerns about continuous location tracking.

Our Research on Membership Inference Attacks and Preventing Privacy Leaks

JetBrains researchers present EZ MIA (Error Zone Membership Inference Attack), a lightweight method for detecting whether specific data was used to train fine-tuned LLMs. Unlike existing approaches that rely on aggregate sequence loss or expensive shadow model training, EZ MIA focuses on token-level error positions where memorization signals are most concentrated, requiring only two forward passes per sequence. Experiments on GPT-2, GPT-2-XL, and Llama-2 show EZ MIA outperforms baselines like LOSS, Min-K++, and SPV-MIA by up to 9x. The research also confirms that full fine-tuning creates significantly more membership leakage than LoRA-based fine-tuning, though LoRA does not eliminate the risk entirely — especially for larger models.

Tech Morality is Hard

A personal reflection on the difficulty of maintaining ethical standards in one's technology choices. The author describes their ongoing effort to avoid tech companies whose values conflict with their own, including dropping X/Twitter, Telegram, and Google services. The latest dilemma involves Mullvad VPN, after news emerged that one of its co-owners donated millions to a controversial Swedish political party with ties to racism. Mullvad's official response frames the donation as a private matter separate from the company's mission. The author plans to cancel their Mullvad subscription and is also questioning whether to drop Kagi search due to its partial use of Yandex data. The post raises broader questions about how far individuals can reasonably go in vetting the personal behavior of company owners versus company policy.

Flock surveillance cameras are spreading across the US

Flock Safety vận hành hơn 100.000 camera nhận diện biển số tự động trên khắp nước Mỹ, sử dụng Android biến thể và AI để tìm kiếm bằng ngôn ngữ tự nhiên. Hệ thống chia sẻ dữ liệu toàn quốc cho phép cảnh sát truy cập dữ liệu từ các bang khác, trong khi lỗ hổng bảo mật nghiêm trọng (như 70 camera không mật khẩu) và lạm dụng theo dõi cá nhân đã bị phát hiện. Dù thiếu bằng chứng giảm tội phạm, mạng lưới vẫn mở rộng bất chấp phản đối.

Những lỗ hổng bảo mật và sử dụng sai mục đích của hệ thống giám sát plate reader Flock Safety cho thấy cần cảnh giác về sự phát triển nhanh chóng của công nghệ giám sát đại trà và cách bảo vệ quyền riêng tư cũng như an ninh dữ liệu trong thời đại số.

In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights

The U.S. Supreme Court ruled 6-3 in Chatrie v. United States that individuals have a reasonable expectation of privacy in their cellphone location data, meaning law enforcement must obtain a search warrant with probable cause before requesting geofence location data from tech companies like Google. The ruling does not ban geofence warrants outright but requires authorities to meet 4th Amendment standards. The decision resolves a circuit split and has broad implications for how police can use reverse location searches. Google has already begun storing location data on-device rather than servers to limit exposure to such warrants.

WhatsApp not lets you reserve usernames

WhatsApp is launching a username feature that lets users share their profiles without revealing their phone number. Starting today, users can reserve usernames (3–40 characters) ahead of the official rollout later this year. Usernames won't be searchable — only people who know your exact username can contact you. Meta is pre-reserving names for celebrities and organizations, and businesses can claim their existing Facebook or Instagram username. The feature puts WhatsApp on par with rivals like Telegram, Signal, and Wire, which have offered usernames for years.

SCOTUS limits geofence warrants in a phone-privacy win

The US Supreme Court ruled 6-3 in Chatrie v. United States that geofence warrants require probable cause under the Fourth Amendment, establishing that individuals have a reasonable expectation of privacy in their phone location data. The decision builds on the 2018 Carpenter ruling and makes it significantly harder for police to demand location records of everyone in a geographic area without a proper warrant. While it doesn't ban geofence warrants outright, it requires police to convince a judge, establish a real basis, and keep requests narrow. The ruling has broad implications for tech platforms like Google, Microsoft, and Uber that regularly receive law enforcement data requests, and could extend to other sensitive digital trails like search queries and smart-home logs.