Meta's AI Glasses Get Worse, Password Managers Have Risks, iOS Privacy, and more!

Our top stories this week:

• Meta wants to add facial recognition to their smart glasses
• Several password managers were not immune from server compromise
• New privacy features in iOS
• Reminders that AI is still a privacy nightmare

TWIP Live 🔴

Updates from the Team

Site Changes

We made a few changes to our recommendations this week.

• We removed Yattee (YouTube front end for iOS) because it appears to no longer work and has been removed from app stores.
• Removed Dataveria from the list of data broker sites as it appears to be defunct
• We also updated information about uBlock Origin Lite, the Bitlocker cmd workaround for Windows Home, the Firefox daily usage ping, and more behind-the-scenes work.

Release 2026.02.16 · privacyguides/privacyguides.org

What’s Changed update!: Remove Yattee by @ph00lt0 in #3198 update: Remove Dataveria from list of people search sites by @redoomed1 in #3181 update: Better reflect uBlock Origin Lite capabilities b…

GitHubprivacyguides

Private Browsing

Our private browsing video is finally out! We explain the myth of "Incognito Mode," then go through each of the popular browsers and explain how they (don't) protect your privacy and finally recommend a few browsers that do! (It should be added to PeerTube soon!)

Smartphone Security Course: Intermediate

Our Smartphone Privacy & Security course's Intermediate videos are finally out to the public. Learn how to swap out the stock apps with more private alternatives - and in the case of Android, how to get apps more privately in general.

News

This week, Fria wrote about Google's upgrades to face unlock, Amazon's cancelled partnership with Flock, and Apple finally adding E2EE RCS in iOS 26.4 beta.

Google’s “Project Toscana” Will Upgrade Face Unlock

According to Android Authority, Google’s secret Project Toscana is upgrading the face unlock on future Pixels and even Chromebooks.

Privacy GuidesFria Reyes

Amazon Cancels Ring Partnership with Flock

Amazon has announced it has cancelled its previous plans to partner with Flock for its Community Requests feature.

Privacy GuidesFria Reyes

Apple Introduces End-to-End Encrypted RCS Messaging in the iOS 26.4 Beta

The long-awaited cross-platform end-to-end encrypted RCS messaging between Android and iOS users has finally begun its testing phase in the recently released beta for iOS 26.4.

Privacy GuidesFria Reyes

Sources

Meta Plans to Add Facial Recognition Technology to Its Smart Glasses

Meta's already-problematic AI-powered Ray-Bans are now set to include facial recognition. It's worth noting that nothing has been set in stone yet. The New York Times article paints a picture of a company desperately trying to stand out from the competition and throwing out pretty much any idea they can think of, so it's unclear what final form this idea will take. It should be said though that Meta's internal memos did explicitly state that now is a perfect time to release a product like this, while civil rights groups who would normally oppose it are busy with everything else going on. The EFF has decided they are not too busy and put out a blog post about it.

Seven Billion Reasons for Facebook to Abandon its Face Recognition Plans

Meta’s analysis that it can avoid scrutiny by releasing a privacy invasive product during a time of political crisis is craven and morally bankrupt. It is also dead wrong.

Electronic Frontier FoundationMario Trujillo

Popular password managers fall short of “zero-knowledge” claims

Researchers at ETH Zurich have conducted on audits on Bitwarden, LastPass, and Dashlane to see what information could be accessed if a malicious actor gained access to the servers. They were able to recover passwords and even tamper with vault data. These three password managers account for 23% of the market - or over 60 million users. Bitwarden and Dashlane have already responded and fixed most of the issues raised. LastPass said they've fixed some of the issues and plan to fix others in the future. 1Password pre-emptively published a blog post about how they were already mostly immune.

Popular password managers fall short of “zero-knowledge” claims

Architectural weaknesses in Bitwarden, LastPass, and Dashlane, undermine zero-knowledge encryption promises and risk vault exposure.

CyberInsiderAlex Lekander

iOS News

iOS 26.3 has released with one especially exciting privacy-preserving feature: "Limit Precise Location" for cell towers. This essentially takes the existing "course vs precise location" toggles that Apple already allows for apps and applies it to cell towers, which should improve privacy of users. Meanwhile, in the upcoming iOS 26.4 beta we're already seeing the first signs of end-to-end encrypted RCS and Stolen Device Protection being enabled by default.

iOS 26.3 adds unique new privacy feature, and it’s Apple at its best - 9to5Mac

iOS 26.3 introduces a new privacy feature for iPhone—‘Limit Precise Location’—that reveals Apple at its best.

9to5MacRyan Christoffel

Everything New in iOS 26.4 Beta 1

Apple today provided developers with the first beta of an upcoming iOS 26.4 update, which adds quite a few new features to the iPhone. There’s a…

MacRumorsJuli Clover

AI News

This week we have more reminders that AI should - at best - be used carefully and does not respect training data. First up, Copilot had a bug that ignored enterprise security settings that would've forbid it from accessing sensitive data and thus allowed it to summarize confidential emails. Meanwhile, Grok was revealing a porn actress's legal name and birthdate without being prompted. It's a reminder that AI scrapes up data from everywhere, even if you didn't consent to it, and you lose control of that data once it happens.

Microsoft says bug causes Copilot to summarize confidential emails

Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information.

BleepingComputerSergiu Gatlan

Grok Exposed a Porn Performer’s Legal Name and Birthdate—Without Even Being Asked

In the latest in a string of privacy abuses from the chatbot, Grok provided porn performer Siri Dahl’s full legal name and birthdate to the public, information she’d protected until now.

404 MediaNoelle Perdue

Age Verification Reminders

Once again, countries continue to push forward with the overly-simplistic and flawed idea that age-gating the internet will solve problems. We still have nothing new to add to this discussion, but we believe we should continue to let people know whenever we hear about new developments so people can continue to fight back and spread awareness. This week Germany jumped on the bandwagon, and TechCrunch put out a list of countries who have so far expressed interest.

https://www.reuters.com/sustainability/society-equity/german-social-democrat-paper-adds-calls-social-media-curbs-children-2026-02-16/

https://www.politico.com/news/2026/02/19/gavin-newsom-backs-social-media-age-restrictions-00789951

These are the countries moving to ban social media for children | TechCrunch

Australia was the first country to issue a ban in late 2025, aiming to reduce the pressures and risks that young users may face on social media, including cyberbullying, social media addiction, and exposure to predators.

TechCrunchAisha Malik

Forum Updates

I Verified My LinkedIn Identity. Here’s What I Actually Handed Over

Very interesting read I found via a Mastodon post by Brian Krebs

Privacy Guides Community

Ente: Introducing Ente Locker

Privacy Guides Community