Social Media Privacy and Data Security

Recent Developments in Social Media Privacy and Data Security

Regulatory Updates

Indonesia's Wiretapping Agreements Raise Privacy Concerns

On June 26, 2025, Indonesia's Attorney General Office (AGO) signed agreements with major telecommunications companies—Telekomunikasi Indonesia, Telekomunikasi Selular, Indosat, and XLSMART Telecom Sejahtera—to enable wiretapping for law enforcement purposes. While intended to track fugitives, this move has sparked concerns among privacy advocates about potential mass surveillance and misuse of surveillance powers. Critics highlight the lack of clear limits on surveillance scope, data retention, and agency access, which may lead to privacy violations and erosion of civil liberties. (reuters.com)

U.S. House Bans WhatsApp on Government Devices

On June 24, 2025, the U.S. House of Representatives banned the use of Meta's messaging app, WhatsApp, on government-issued devices due to security and privacy concerns. An internal memo cited the app's lack of transparency in data protection and potential security risks, classifying WhatsApp as "high-risk." Staff members are required to remove the app by June 30. Meta disputes this characterization, asserting that all WhatsApp messages are end-to-end encrypted. (ft.com)

Australia's Age Verification Trial for Social Media

Australia's Age Assurance Technology Trial, involving over 1,000 school students and hundreds of adults, indicates that software-based age verification can effectively enforce the country's impending ban on social media use by under-16s. Starting in December, platforms like Meta, Snapchat, and TikTok must demonstrate efforts to restrict access for minors or face fines up to A$49.5 million. The trial found no major technical barriers but raised concerns about potential over-collection of personal data. (reuters.com)

Platform Security Breaches

Massive Data Breach Exposes 16 Billion Accounts

Cybersecurity experts reported an unprecedented data breach involving 16 billion leaked login records, affecting major platforms including Google, Facebook, Apple, Telegram, GitHub, and government services. The exposed datasets, some containing up to 3.5 billion records each, raise concerns about mass account takeovers, identity theft, and targeted phishing attacks. Users are advised to update passwords regularly and enable two-factor authentication to mitigate risks. (windowscentral.com)

Meta AI's Discover Feed Exposes Personal User Content

Meta AI's app is facing a significant privacy issue due to its Discover feed, which is populated with personal user content, including text chats, audio clips, and images. Many users are unknowingly publishing private interactions with the chatbot publicly, mistakenly believing they are sharing them privately. This confusion stems from an unclear sharing process, leading to the exposure of sensitive content. Users are advised to be cautious about the information they disclose and manage their privacy settings effectively. (tomsguide.com)

User Privacy Changes

WhatsApp Introduces Ads, Raising Privacy Concerns

WhatsApp has introduced ads within its "Updates" tab, prompting serious concerns about its privacy practices. While Meta claims personal messages remain secure and phone numbers won't be shared with advertisers, it acknowledges the use of data such as location, language, and user interactions for ad targeting. Privacy advocates argue that metadata collection poses significant risks, especially to vulnerable individuals like activists and journalists. Users concerned about their data are advised to consider alternatives such as Signal, Threema, and Session, which offer more robust privacy protections. (tomsguide.com)

Vermont Enacts Age-Appropriate Design Code

On June 12, 2025, Vermont Governor Phil Scott signed the Vermont Age-Appropriate Design Code (AADC) into law. The AADC protects children's privacy by prohibiting abusive data and design practices, enhancing autonomy, and ensuring online safety. The law will take effect on January 1, 2027. (epic.org)

Key Updates in Social Media Privacy and Data Security:

• Indonesia signs wiretapping pacts with telco operators; analysts flag privacy concerns, Published on Thursday, June 26
• WhatsApp introduces ads - and we need to re-evaluate its privacy credentials, Published on Friday, June 20
• 16 billion accounts suffer "the largest data breach" - Google, Facebook, Telegram, and more are susceptible to malicious attacks, Published on Friday, June 20