Bitwarden Raises Prices, Microsoft Hands Over Encryption Keys, ICE's Numerous Privacy Concerns, and more!

Our top stories this week:

  • Bitwarden announces an updated premium plan with additional features and new pricing
  • Lessons we can learn from analysis of the Predator spyware
  • Ireland wants to expand policing powers to include "lawful access" to encrypted data and spyware capabilities
  • Microsoft gave Bitlocker keys to the FBI
  • One of the first alternative app stores for iOS is shutting down
  • A roundup of some of ICE's known privacy concerns

TWIP Live šŸ”“

Updates from the Team

Smartphone Course: Intermediate

We're expecting the Intermediate level of our Smartphone Privacy & Security course to be released to members either this weekend or early next week. You can sign up to become a member here:

Donate - Privacy Guides
The charitable mission of Privacy Guides relies on contributions from visitors like yourself. Anything you can do to support the project is hugely appreciated.
Privacy Guides

Upcoming Video: Private Browsing

Our video about private browsing is written, shot, and has gone through first cuts. It'll be off to Jordan for them to work their magic this coming week!

Privacy Guides Shorts

We're continuing to post short vertical videos on our second channel, Privacy Shorts. If you want short versions of our stories that you can easily share around, be sure to check it out!

Privacy Shorts
This is our second channel for Shorts, random uploads, and other content from the Privacy Guides team. Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online. Privacy Guides is a socially motivated website that provides information for protecting your data security and privacy. We are a non-profit project operated by our team members and hundreds of volunteer contributors. ā€œPrivacy Guidesā€ and the ā€œPrivacy Guidesā€ logo are trademarks of the MAGIC Privacy Guides Fund, part of MAGIC Grants, a 501(c)(3) charity.
YouTube

News

We're continuing to pump out short news briefs regularly. This week we talked about Europe's new proposed Twitter competitor, Pwn2Own's Automotive hacking competition, Mandiant releasing rainbow tables, and ChatGPT's upcoming ads. You can find those all here:

Privacy & Security News
The latest news in data privacy, cybersecurity, and consumer rights brought to you by Privacy Guides.
Privacy GuidesJonah Aragon

Site Updates

After slowing down a bit over the holidays, we've returned to going through our backlog of pull requests on GitHub. Expect to see some updates to the site soon!

Sources

Bitwarden launches enhanced premium plan: Complete online security for everyone

Bitwarden is introducing several new features for their premium plan. From their blog post:

  • Vault health alerts: Identify and resolve vulnerabilities and risks to your digital security ā€” reused, exposed, or weak passwords ā€” and immediately take action to resolve them. 
  • Password coaching: Bitwarden flags at-risk passwords right where you access them and guides you to update the password with a stronger alternative.
  • 5x more attachment storage: Store more of your important files securely with expanded storage, from secure documents, backup codes, or sensitive files. More space to keep everything protected in your vault. 
  • 2x more security keys for 2FA: Use up to 10 security keys ā€” including hardware keys, native biometrics, and passkeys ā€” when logging into your Bitwarden account with two-factor authentication, helping ensure you can always access your vault.
  • Phishing blocker (coming soon): Proactively identify and block malicious websites before they can steal credentials, adding critical protection beyond password management.

Prices will also be raised to reflect the new features. Individual plans are now $19.80/year (a 98% raise) and family plans are becoming $47.88 (a 19.7% increase). Free plans remain unaffected.

Bitwarden launches enhanced premium plan: Complete online security for everyone | Bitwarden
Bitwarden Premium and Families plans now have new capabilities to account for a modern cyber landscape needing to anticipate threats before they happen and allowing users to proactively safeguard their digital assets.
Bitwarden

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits

Recently the Google Threat Intelligence Group and Jamf published research on Intellexa's Predator spyware, revealing some astonishing new capabilities. The spyware is capable of running self-diagnostics and telling attackers why it may have failed an operation, covering its tracks by wiping crash logs, and appears to have "missing" code that could suggest future or modular capabilities.

Predator Spyware Turns Failed Attacks Into Intelligence for Future Exploits
Predator spywareā€™s has advanced anti-forensics and anti-detection capabilities, and can learn from its own failures.
SecurityWeekKevin Townsend

Ireland wants to give its cops spyware, ability to crack encrypted messages

Ireland is considering an update to it's 1993 "Postal Packets and Telecommunications Messages (Regulation) Act" that would involve requiring "lawful access" to both encrypted and unencrypted data, including IoT devices, email services, and messaging platforms. They're also wanting to authorize spyware, claiming they will require judge approval and "stringent oversight" and that it should be used in extreme situations.

Ireland explores legal spyware, encryption-breaking powers
: Its very own Snooperā€™s Charter comes a month after proposed biometric tech expansion
The RegisterConnor Jones

Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw

We've just learned that early in 2025, the FBI served Microsoft with a search warrant for recovery keys to BitLocker - Microsoft's built-in encryption software - which Microsoft was able to hand over. Microsoft says that the historically receive about 20 such requests per year but usually aren't able to fulfill them because most users store the recovery keys locally. However, in 2024 Microsoft made BitLocker a standard part of the setup process for Windows 11, where keys are automatically synced via your Microsoft Account. It stands to reason that going forward, we will see more requests for account data fulfilled in light of these factors.

Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw
The tech giant said providing encryption keys was a standard response to a court order. But companies like Apple and Meta set up their systems so such a privacy violation isnā€™t possible.
ForbesThomas Brewster

One of the first alternative app stores in the EU is shutting down

Setapp Mobile - launched in September 2024. It offered access to Setapp's mobile apps for $9.99/month. However, the company has announced it will shutter the app store (the desktop store will remain functional) by February 16, 2026. Though the developer used rosy language, this was almost certainly a result of Apple's labyrinthian and expensive rules for third-party app stores.

One of the first alternative app stores in the EU is shutting down | TechCrunch
Setapp Mobile, one of the first alternative app stores in the EU, is shutting down next month, citing Appleā€™s ever-changing terms.
TechCrunchSarah Perez

ICE Roundup

Privacy is non-partisan, but it's important to talk about how the government is currently using massive amounts of data - often in opaque ways.

To start, ICE has partnered with Palantir to create an app that draws from dozens of data points to suggest which locations are most likely to contain illegal immigrants. This article also briefly mentions current legislative efforts to put oversight into the use of the app.

ā€˜ELITEā€™: The Palantir App ICE Uses to Find Neighborhoods to Raid
Internal ICE material and testimony from an official obtained by 404 Media provides the clearest link yet between the technological infrastructure Palantir is building for ICE and the agencyā€™s activities on the ground.
404 MediaJoseph Cox

ICE also has a facial recognition app. As is common with facial recognition, it's already shown a propensity for errors, which is especially alarming since ICE claims it should be trusted even over official documentation like birth certificates.

ICEā€™s Facial Recognition App Misidentified a Woman. Twice
In testimony from a CBP official obtained by 404 Media, the official described how Mobile Fortify returned two different names after scanning a womanā€™s face during an immigration raid. ICE has said the appā€™s results are a ā€œdefinitiveā€ determination of someoneā€™s immigration status.
404 MediaJoseph Cox

ICE has also established a "no fly zone" around "vessels and ground vehicle convoys and their associated escorts" up to 3,000 feet horizontally and 1,000 feet high. This seems to be an unsettling case of "privacy for me, but not for thee."

Feds Create Drone No Fly Zone That Would Stop People Filming ICE
The FAA has altered a no fly zone designation that was originally created for US military bases to apply to DHS units.
404 MediaJason Koebler

EPIC has released a report suggesting that a combination of ICE presences around clinics and loose medical privacy laws are driving people away from seeking medical care out of fear of data breaches, data abuse, and (of course) arrest.

Surveillance and ICE Are Driving Patients Away From Medical Care, Report Warns
A new EPIC report says data brokers, ad-tech surveillance, and ICE enforcement are among the factors leading to a ā€œhealth privacy crisisā€ that is eroding trust and deterring people from seeking care.
WIREDDell Cameron