June 12, 2026

Jonah Aragon

Jordan Warne

License Plate Readers Are Framing Innocent People

Our top stories this week:

Flock automated license plate readers linked a man to a violent crime despite being five miles away at the time of the crime.
Massachusetts has voted to pass a new privacy rights bill that bans precise location data.
WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order.
A new upcoming iOS 27 feature automatically changes your compromised passwords.
Signal, DuckDuckGo are threatening to leave Canada if Bill-C22 passes which would force them to compromise their services to allow 'lawful access'.
The United Kingdoms' Keir Starmer has given tech companies an ultimatum forcing them to block explicit images on children's devices.

TWIP Live 🔴

Updates from the Team

It's been a quiet week at Privacy Guides with no major updates to the site, be sure to check in next week for more updates.

This week we released our video on Passwords, where we explained how to create secure passwords and debunked some common privacy myths, it's currently available to members only but will be available publicly 10am central time US!

News briefs

As always, we are publishing news briefs on the latest and greatest in the privacy & security space, Fria published articles about how common speakers can be remotely hacked and used to take over your PC, a ransomware gang is exploiting legacy VPN protocols used in the United States federal government.

Sources

A Flock license plate reader linked a San Diego man to a violent crime. He was five miles away.

Automated license plate readers have never been particularly reliable, this is a perfect case showing that this technology isn't particularly useful for policing and that it can link innocent people to crimes.

Flock is also being abused by the police force for stalking and tracking people, showing further that this technology collects too much information that can be easily abused by those in positions of power.

Massachusetts votes to pass new privacy rights bill that bans sale of precise location data

A new law called the Consumer Data Privacy Act has been passed through the house in Massachusetts, the law would block the sharing or sale of sensitive information without a user’s explicit consent. This is a great step in the right direction for people in Massachusetts but also brings forward to question as to why there is no national privacy law in the United States.

WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order

Last year, as part of a years-long lawsuit launched by WhatsApp against NSO, a court ordered the spyware maker to stop targeting WhatsApp and its users. WhatsApp has said that NSO Group has violated this original court order as they were able to link attacks to their app back to the group. NSO Group were the creators of the infamous Pegasus spyware which is used commonly to target journalists, human rights workers and dissidents.

WhatsApp says it caught new spyware attacks linked to NSO Group in violation of court order | TechCrunch

The messaging giant announced that it disrupted a phishing campaign targeting its users with NSO’s spyware.

TechCrunchLorenzo Franceschi-Bicchierai

New Apple feature automatically changes your compromised passwords

WWDC just happened this week which means we got a sneak peak at what will be included in iOS 27. Unfortunately it was mostly AI hype however there was a new feature announced that allows your device to automatically update compromised passwords, according to them it uses an AI agent to complete the change for you.

Signal, DuckDuckGo among firms weighing Canada exit over lawful access bill

Canada is proposing a lawful access bill called Bill C-22 which would force companies to allow access to encrypted messages and retain metadata on chats. Signal, DuckDuckGo and many other privacy related organizations have signaled they would leave the country if such measures were to pass.

Over 400 Arch Linux packages compromised to push rootkit, infostealer

The AUR or the Arch User Repository has been founded to contain a bunch of packages that have been infected with malware. The AUR does allow anyone to create and share packages thus increasing the risk of such attacks.

Forum Updates

Why use Tor Instead of Mullvad browser + Mullvad VPN?

Show Hosts

Jonah is Privacy Guides' editor and Program Director. With over a decade of technical writing experience, his role includes researching and writing for Privacy Guides. He also runs Triplebit, a non-profit ISP behind many privacy-related tools.

Jordan is the creator and editor of many videos on Privacy Guides' channels. Previously working with Techlore, they have extensive experience in video editing, motion design, and photography.