Enlarge (credit: PATRICK T. FALLON / Contributor | AFP )

Days after TikTok users sued to block Montana's TikTok ban , TikTok has followed through on its promise to fight the ban and filed its own lawsuit in a United States district court in Montana.

"We are challenging Montana’s unconstitutional TikTok ban to protect our business and the hundreds of thousands of TikTok users in Montana," Brooke Oberwetter, TikTok's spokesperson, told Ars. "We believe our legal challenge will prevail based on an exceedingly strong set of precedents and facts."

TikTok's complaint hits all the same points that TikTok users' lawsuit does.

Enlarge (credit: NurPhoto / Contributor | NurPhoto )

After the Federal Trade Commission launched a probe into Twitter over privacy concerns, Twitter’s negotiations with the FTC do not seem to be going very well. Last week, it was revealed that Twitter CEO Elon Musk’s request last year for a meeting with FTC Chair Lina Khan was rebuffed . Now, a senior Twitter lawyer, Christian Dowell—who was closely involved in those FTC talks—has resigned, several people familiar with the matter told The New York Times .

Dowell joined Twitter in 2020 and rose in the ranks after several of Twitter’s top lawyers exited or were fired once Musk took over the platform in the fall of 2022, Bloomberg reported . Most recently, Dowell—who has not yet confirmed his resignation—oversaw Twitter’s product legal counsel. In that role, he was “intimately involved” in the FTC negotiations, sources told the Times, including coordinating Twitter’s responses to FTC inquiries.

The FTC has overseen Twitter’s privacy practices for more than a decade after it found that the platform failed to safeguard personal information and issued a consent order in 2011. The agency launched its current probe into Twitter’s operations after Musk began mass layoffs that seemed to introduce new security concerns, AP News reported . The Times reported that the FTC's investigation intensified after security executives quit Twitter over concerns that Musk might be violating the FTC's privacy decree.

Enlarge (credit: NurPhoto / Contributor | NurPhoto )

Today an Italian regulator, the Guarantor for the Protection of Personal Data (referred to by its Italian acronym, GPDP), announced a temporary ban on ChatGPT in Italy. The ban is effective immediately and will remain in place while the regulator investigates its concerns that OpenAI—the developer of ChatGPT—is unlawfully collecting Italian Internet users’ personal data to train the conversational AI software and has no age verification system in place to prevent kids from accessing the tool.

The Italian ban comes after a ChatGPT data breach on March 20 , exposing “user conversations and information relating to the payment of subscribers to the paid service,” GPDP said in its press release. OpenAI notified users impacted by the breach and said it was "committed to protecting our users’ privacy and keeping their data safe," apologizing for falling "short of that commitment, and of our users’ expectations."

Ars could not immediately reach OpenAI to comment. The company has 20 days to respond with proposed measures that could address GPDP’s concerns or face fines of up to 20 million euro or 4 percent of OpenAI’s gross revenue.

Enlarge (credit: NurPhoto / Contributor | NurPhoto )

Meta announced that starting next Wednesday, some Facebook and Instagram users in the European Union will for the first time be able to opt out of sharing first-party data used to serve highly personalized ads, The Wall Street Journal reported . The move marks a big change from Meta's current business model, where every video and piece of content clicked on its platforms provides a data point for its online advertisers.

People “familiar with the matter” told the Journal that Facebook and Instagram users will soon be able to access a form that can be submitted to Meta to object to sweeping data collection. If those requests are approved, those users will only allow Meta to target ads based on broader categories of data collection, like age range or general location.

This is different from efforts by other major tech companies like Apple and Google, which prompt users to opt in or out of highly personalized ads with the click of a button. Instead, Meta will review objection forms to evaluate reasons provided by individual users to end such data collection before it will approve any opt-outs. It's unclear what cause Meta may have to deny requests.

Enlarge / TikTok Chief Executive Officer Shou Zi Chew testifies before the House Energy and Commerce Committee. (credit: Kent Nishimura / Contributor | Los Angeles Times )

For nearly five hours, Congress members of the House Committee on Energy & Commerce grilled TikTok CEO Shou Zi Chew over concerns about the platform's risks to minor safety, data privacy, and national security for American users.

“The American people need the truth about the threat TikTok poses to our national and personal security,” committee chair Cathy McMorris Rodgers (R-Wa.) said in her opening statement, concluding that “TikTok is a weapon.”

Rodgers suggested that even for Americans who have never used the app, “TikTok surveils us all, and the Chinese Communist Party (CCP) is able to use this as a tool to manipulate America as a whole.”

Enlarge (credit: Bloomberg / Contributor | Bloomberg )

Before it was updated last month, Discord’s privacy policy specifically promised to alert users “in advance” if the company ever started storing contents of video calls, voice calls, or channels. That’s why some users became alarmed when the latest updates—which go into effect March 27—seemed to quietly drop this promise. One Discord user asked Ars to investigate, wondering, “Does Discord plan to retain call recordings?”

According to a Discord spokesperson, the answer is no.

“There has not been a change in Discord's position on how we store or record the contents of video or voice channels,” a Discord spokesperson told Ars. “We recognize that when we recently issued adjusted language in our privacy policy, we inadvertently caused confusion among our users. To be clear, nothing has changed and we have reinserted the language back into our privacy policy, along with some additional clarifying information.”

Enlarge / If your phone knows where you are, the feds can too. (credit: Luis Alvarez | Getty Images )

The Defense Intelligence Agency, which provides military intelligence to the Department of Defense, confirmed in a memo that it purchases "commercially available" smartphone location data to gather information that would otherwise require use of a search warrant.

The DIA "currently provides funding to another agency that purchases commercially available geolocation metadata aggregated from smartphones," the agency wrote in a memo ( PDF ) to Sen. Ron Wyden (D-Ore.), first obtained by the New York Times .

The Supreme Court held in its 2018 Carpenter v. United States ruling that the government needs an actual search warrant to collect an individual's cell-site location data. "When the Government tracks the location of a cell phone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user," Chief Justice John Roberts wrote for the majority in his opinion. "The retrospective quality of the data here gives police access to a category of information otherwise unknowable."

Read 4 remaining paragraphs | Comments

Enlarge / A user in Singaapore holding the TraceTogether device that can be used for COVID-19 contact tracing in lieu of a smartphone app. (credit: Roslan Rahman | AFP | Getty Images )

The government of Singapore said this week it has used data gathered for COVID-19 mitigation purposes in criminal investigations, sparking privacy concerns about contact tracing both in Singapore and elsewhere in the world.

Singapore's contract-tracing app, TraceTogether, has been adopted by nearly 80 percent of the country's population, according to The Guardian , and Singaporeans are required to use it to enter certain gathering places such as shopping malls.

TraceTogether's privacy statement originally read, "Data will only be used for Covid-19 contact tracing," but it was updated this week to add, "Authorised Police officers may invoke Criminal Procedure Code (CPC) powers to request users to upload their TraceTogether data for criminal investigations. The Singapore Police Force is empowered under the CPC to obtain any data, including TraceTogether data, for criminal investigations," The Register reports.

Read 8 remaining paragraphs | Comments