iOS Lockdown Mode Feature: The Cyber Bouncer for Your iPhone!

Introduction

Whatsapp is one of the leading OTT messaging platforms, which has been owned by the tech giant Meta since 2013. WhatsApp enjoys a user base of nearly 2.24 billion people globally, with almost 487 million users in India. Since the advent of Whatsapp, it has been the most commonly used messaging app, and it has made an impact to such an extent that it is used for professional as well as personal purposes. Meta powers the platform and follows similar guidelines and policies as its parent company.

The New Feature

Users of WhatsApp on the web and desktop can now access one account from various devices. One WhatsApp account may now be used on up to four handsets thanks to a new update from Meta. Be aware that the multi-device capability has been planned for some time and is finally being made available to stable WhatsApp users. Each linked device (up to four devices can be linked) will function independently, and the independent devices will continue to receive messages even if the central device’s network connection is lost. Remember that WhatsApp will automatically log out of all the companion devices if the primary smartphone is dormant for an extended period. Four more gadgets may be a mix of four PCs and smartphones or four smartphones. This feature is now available for updates and downloads on Android as well as iOS platforms.

Potential issues

As we go deeper into the digital age, it is the responsibility of the tech giants to pilot innovation with features of security by design. Thus such new features should be accompanied by coherent safety and security policies or advisories to ensure the users understand the implications of the new features. Convenience over conditions is an essential part of cyberspace. It points to the civic duty of netizens to go through the conditions of any app rather than only focus on the convenience it creates. The following potential issues may arise from the new features on Whatsapp –

• Increased cybercrime- The bad actors now do not need to access SIM cards to commit frauds over the platforms as now on a single number 4 devices can be used hence the cybercriminal activity can increase over the platform. It is also pertinent for the platform to create SoPs for fake accounts which use multiple devices, as they pose a direct threat to the users and their interests.
• Difficulty in identifying and tracing- The LEAs will face a significant issue in identifying the bad actors and tracing them as the individual’s involvement through a linked device needs to be given legal validity and scope for investigation. This may also cause issues in evidence handling and analysis.
• Surge in Misinformation and Disinformation- With access to multiple devices, the screen time of an individual is also bound to increase. This leads to more time spent online, thus causing a rise in instances of misinformation and disinformation by bad actors. Thus the aspect of fack checking is of prime importance.
• Potential Oversharing of Personal Data- With the increased accessibility on different devices, it is very easy for the app to seek data from all devices on which the app is running, thus leading to a bigger reservoir of personal data for the platforms and data fiduciaries.
• Higher risk of Phishing, Ransomware and Malware Attacks- As the devices under the same login credentials and mobile number will increase, the message can be viewed on all the devices, thus increasing the risk of widespread embedded ransomware and malware in multiple devices is and ever-present threat.
• One number, more criminals- This feature will allow cybercriminals to operate using one device only, earlier they used to forge Adhaar cards to get new sims, but this feature will enable the bad actors to commit crimes and attacks from one single SIM using 4 different devices.
• Rise in Digital Footprint- As the number of devices increases, the users will generate more digital footprints. As a tech giant, Meta will have access to a bigger database, which increases the risk of data breaches by third-party actors.

Conclusion

In the fast-paced digital world, it is important to remain updated about new software, technologies and policies for our applications or forms of tech. This was a long-awaited feature from WhatsApp, and its value of it doesn’t lie in technological advancement only but also in the formulation of policies to govern this technology towards the trust and safety aspect of users. The platforms, in synergy with the policy makers, need to create a robust framework to accommodate the new features and add-ons on apps vehicle, staying in compliance with the laws of the land. Awareness about new features and vulnerabilities is a must for all netizens, and it is a shared responsibility for all netizens to spread the word about safety and security mechanisms.

The United Nations in December 2019 passed a resolution that established an open-ended ad hoc committee. This committee was tasked to develop a ‘comprehensive international convention on countering the use of ICTs for criminal purposes’. The UN Convention on Cybercrime is an initiative of the UN member states to foster the principles of international cooperation and establish legal frameworks to provide mechanisms for combating cybercrime. The negotiations for the convention had started in early 2022. It became the first binding international criminal justice treaty to have been negotiated in over 20 years upon its adoption by the UN General Assembly.  

This convention addresses the limitations of the Budapest Convention on Cybercrime by encircling a broader range of issues and perspectives from the member states. The UN Convention against Cybercrime will open for signature at a formal ceremony hosted in Hanoi, Viet Nam, in 2025. The convention will finally enter into force 90 days after being ratified by the 40th signatory.

Objectives and Features of the Convention

• The UN Convention against Cybercrime addresses various aspects of cybercrime. These include prevention, investigation, prosecution and international cooperation. 
• The convention aims to establish common standards for criminalising cyber offences. These include offences like hacking, identity theft, online fraud, distribution of illegal content, etc. It outlines procedural and technical measures for law enforcement agencies for effective investigation and prosecution while ensuring due process and privacy protection. 
• Emphasising the importance of cross-border collaboration among member states, the convention provides mechanisms for mutual legal assistance, extradition and sharing of information and expertise. The convention aims to enhance the capacity of developing countries to combat cybercrime through technical assistance, training, and resources. 
• It seeks to balance security measures with the protection of fundamental rights. The convention highlights the importance of safeguarding human rights and privacy in cybercrime investigations and enforcement.
• The Convention emphasises the importance of prevention through awareness campaigns, education, and the promotion of a culture of cybersecurity. It encourages collaborations through public-private partnerships to enhance cybersecurity measures and raise awareness, such as protecting vulnerable groups like children, from cyber threats and exploitation.

Key Provisions of the UN Cybercrime Convention

Some key provisions of the Convention are as follows:

• The convention differentiates cyber-dependent crimes like hacking from cyber-enabled crimes like online fraud. It defines digital evidence and establishes standards for its collection, preservation, and admissibility in legal proceedings.
• It defines offences against confidentiality, integrity, and availability of computer data and includes unauthorised access, interference with data, and system sabotage. Further, content-related offences include provisions against distributing illegal content, such as CSAM and hate speech. It criminalises offences like identity theft, online fraud and intellectual property violations.
• LEAs are provided with tools for electronic surveillance, data interception, and access to stored data, subject to judicial oversight. It outlines the mechanisms for cross-border investigations, extradition, and mutual legal assistance.
• The establishment of a central body to coordinate international efforts, share intelligence, and provide technical assistance includes the involvement of experts from various fields to advise on emerging threats, legal developments, and best practices.

Comparisons with the Budapest Convention

The Budapest Convention was adopted by the Committee of Ministers of the Council of Europe at the 109th Session on 8 November 2001. This Convention was the first international treaty that addressed internet and computer crimes. A comparison between the two Conventions is as follows:

• The global participation in the UNCC is inclusive of all UN member states whereas the latter had primarily European with some non-European signatories. 
• The scope of the UNCC is broader and covers a wide range of cyber threats and cybercrimes, whereas the Budapest convention is focused on specific offences like hacking and fraud. 
• UNCC strongly focuses on privacy and human rights protections and the Budapest Convention had limited focus on human rights.
• UNCC has extensive provisions for assistance to developing countries and this is in contrast to the Budapest Convention which did not focus much on capacity building.

Future Outlook

The development of the UNCC was a complex process. The diverse views on key issues have been noted and balancing different legal systems, cultural perspectives and policy priorities has been a challenge. The rapid technology evolution that is taking place requires the Convention to be adaptable to effectively address emerging cyber threats. Striking a balance remains a critical concern. The Convention aims to provide a blended approach to tackling cybercrime by addressing the needs of countries, both developed and developing.

Conclusion

The resolution containing the UN Convention against Cybercrime is a step in global cooperation to combat cybercrime. It was adopted without a vote by the 193-member General Assembly and is expected to enter into force 90 days after ratification by the 40th signatory. The negotiations and consultations are finalised for the Convention and it is open for adoption and ratification by member states. It seeks to provide a comprehensive legal framework that addresses the challenges posed by cyber threats while respecting human rights and promoting international collaboration. 

References

• https://consultation.dpmc.govt.nz/un-cybercrime-convention/principlesandobjectives/supporting_documents/Background.pdf 
• https://news.un.org/en/story/2024/12/1158521 
• https://www.interpol.int/en/News-and-Events/News/2024/INTERPOL-welcomes-adoption-of-UN-convention-against-cybercrime#:~:text=The%20UN%20convention%20establishes%20a,and%20grooming%3B%20and%20money%20laundering 
• https://www.cnbctv18.com/technology/united-nations-adopts-landmark-global-treaty-to-combat-cybercrime-19529854.htm 

Introduction

Social media has emerged as a leading source of communication and information; its relevance cannot be ignored during natural disasters since it is relied upon by governments and disaster relief organisations as a tool for disseminating aid and relief-related resources and communications instantly. During disaster times, social media has emerged as a primary source for affected populations to access information on relief resources; community forums offering aid resources and official government channels for government aid have enabled efficient and timely administration of relief initiatives.

However, given the nature of social media, misinformation risks during natural disasters has also emerged as a primary concern that severely hampers aid administration during natural disasters. The disaster-disinformation network offers some sensationalised influential campaigns against communities at their most vulnerable. Victims who seek reliable resources during natural calamities often reach out to inhospitable campaigns and may experience delayed or lack of access to necessary healthcare, significantly impacting their recovery and survival. This delay can lead to worsening medical conditions and an increased death toll among those affected by the disaster. Victims may lack clear information on the appropriate agencies to seek assistance from, causing confusion and delays in receiving help. 

Misinformation Threat Landscape during Natural Disaster

During the 2018 floods in Kerala, it was noted that a fake video on water leakage from the Mullaperyar Dam created panic among the citizens and negatively impacted the rescue operations. Similarly, in 2017, reports emerged claiming that Hurricane Irma had caused sharks to be displaced onto a Florida highway. Similar stories, accompanied by the same image, resurfaced following Hurricanes Harvey and Florence. The disaster-affected nation may face international criticism and fail to receive necessary support due to its perceived inability to manage the crisis effectively. This lack of confidence from the global community can further exacerbate the challenges faced by the nation, leaving it more vulnerable and isolated in its time of need.

The spread of misinformation through social media severely hinders the administration of aid and relief operations during natural disasters since it hinders first responders' efforts to counteract and reduce the spread of misinformation, rumours, and false information and declines public trust in government, media, and non-governmental organisations (NGOs), who are often the first point of contact for both victims and officials due to their familiarity with the region and the community. In Moldova, it was noted that foreign influence has exploited the ongoing drought to create divisions between the semi-autonomous regions of Transnistria and Gagauzia and the central government in Chisinau. News coverage critical of the government leverages economic and energy insecurities to incite civil unrest in this already unstable region. Additionally, First responders may struggle to locate victims and assist them to safety, complicating rescue operations. The inability to efficiently find and evacuate those in need can result in prolonged exposure to dangerous conditions and a higher risk of injury or death.

Further, international aid from other countries could be impeded, affecting the overall relief effort. Without timely and coordinated support from the global community, the disaster response may be insufficient, leaving many needs unmet. Further, misinformation also impedes military, reducing the effectiveness of rescue and relief operations. Military assistance often plays a crucial role in disaster response, and any delays can hinder efforts to provide immediate and large-scale aid.

Misinformation also creates problems of allocation of relief resources to unaffected areas which resultantly impacts aid processes for regions in actual need. Following the April 2015 earthquake in Nepal, a Facebook post claimed that 300 houses in Dhading needed aid. Shared over 1,000 times, it reached around 350,000 people within 48 hours. The originator aimed to seek help for Ward #4’s villagers via social media. Given the average Facebook user has 350 contacts, the message was widely viewed. However, the need had already been reported on quakemap.org, a crisis-mapping database managed by Kathmandu Living Labs, a week earlier. Helping Hands, a humanitarian group was notified on May 7, and by May 11, Ward #4 received essential food and shelter. The re-sharing and sensationalisation of outdated information could have wasted relief efforts since critical resources would have been redirected to a region that had already been secured.

Policy Recommendations

Perhaps the most important step in combating misinformation during natural disasters is the increasing public education and the rapid, widespread dissemination of early warnings. This was best witnessed in the November 1970 tropical cyclone in southeastern Bangladesh, combined with a high tide, struck southeastern Bangladesh, leaving more than 300,000 people dead and 1.3 million homeless. In May 1985, when a comparable cyclone and storm surge hit the same area, local dissemination of disaster warnings was much improved and the people were better prepared to respond to them. The loss of life, while still high (at about 10,000), the numbers were about 3% of that in 1970. On a similar note, when a devastating cyclone struck the same area of Bangladesh in May 1994, fewer than 1,000 people died. In India, the 1977 cyclone in Andra Pradesh killed 10,000 people, but a similar storm in the same area 13 years later killed only 910. The dramatic difference in mortalities was owed to a new early-warning system connected with radio stations to alert people in low-lying areas. 

Additionally, location-based filtering for monitoring social media during disasters is considered as another best practice to curb misinformation. However, agencies should be aware that this method may miss local information from devices without geolocation enabled. A 2012 Georgia Tech study found that less than 1.4 percent of Twitter content is geolocated. Additionally, a study by Humanity Road and Arizona State University on Hurricane Sandy data indicated a significant decline in geolocation data during weather events.

Alternatively, Publish frequent updates to promote transparency and control the message. In emergency management and disaster recovery, digital volunteers—trusted agents who provide online support—can assist overwhelmed on-site personnel by managing the vast volume of social media data. Trained digital volunteers help direct affected individuals to critical resources and disseminate reliable information. 

Enhancing the quality of communication requires double-verifying information to eliminate ambiguity and reduce the impact of misinformation, rumors, and false information must also be emphasised. This approach helps prevent alert fatigue and "cry wolf" scenarios by ensuring that only accurate, relevant information is disseminated. Prioritizing ground truth over assumptions and swiftly releasing verified information or acknowledging the situation can bolster an agency's credibility. This credibility allows the agency to collaborate effectively with truth amplifiers. Prebunking and Debunking methods are also effective way to counter misinformation and build cognitive defenses to recognise red flags. Additionally, evaluating the relevance of various social media information is crucial for maintaining clear and effective communication.

References

1. https://www.nature.com/articles/s41598-023-40399-9#:~:text=Moreover%2C%20misinformation%20can%20create%20unnecessary,impacting%20the%20rescue%20operations29. 
2. https://www.redcross.ca/blog/2023/5/why-misinformation-is-dangerous-especially-during-disasters
3. https://www.soas.ac.uk/about/blog/disinformation-during-natural-disasters-emerging-vulnerability‍
4. https://www.dhs.gov/sites/default/files/publications/SMWG_Countering-False-Info-Social-M dia-Disasters-Emergencies_Mar2018-508.pdf