Data Privacy Complaints Surge As Apple And AI Reshape Rules

In a world where digital footprints are increasingly valuable, the topic of data privacy has become a hot-button issue across Europe. Over the past two years, a surge in privacy-related complaints, evolving technology, and unsettling incidents in the healthcare sector have brought the subject into sharp relief. From Apple’s latest privacy tools for iPhone users to the mounting caseloads faced by German data protection authorities and the deeply personal stories of patients in Austria, it’s clear that the landscape of data protection is undergoing profound change—and not without controversy.

For many, the journey into digital privacy starts with the devices in their pockets. According to BornCity, Apple has made significant strides in empowering iPhone users to take control of their personal data. Since 2024, the digital advertising industry has leaned heavily on user data to deliver personalized ads and content. To counteract this, Apple rolled out robust privacy features directly into iOS, notably App Tracking Transparency (ATT) and Intelligent Tracking Prevention (ITP) in the Safari browser. These tools aren’t just technical jargon; they’re designed to give ordinary users real choices and meaningful protection against unwanted surveillance.

The ATT framework, for instance, requires app developers to obtain explicit permission from users before tracking their activity across other apps and websites. Whenever a new app is launched, users are greeted with a simple pop-up: allow tracking, or don’t. It’s a small moment, but one with big implications. If users deny permission, Apple blocks the app from accessing the device’s advertising identifier—a unique code often used to build detailed profiles for advertisers. Developers who try to skirt these rules risk being booted from the App Store, a consequence that’s already reshaping industry practices.

For those who want to manage their privacy settings globally, the process is straightforward. By navigating to Settings > Privacy & Security > Tracking, users can toggle off the option that allows apps to request tracking permission. When this switch is off, all future tracking requests are automatically denied. Apple’s approach is both granular and transparent—users can review and adjust permissions for individual apps at any time, ensuring they remain in the driver’s seat.

But apps aren’t the only culprits. Web browsing is another major avenue for digital tracking, and Apple’s Safari browser has responded with layered defenses. ITP, enabled by default, uses on-device machine learning to sniff out and block cross-site trackers and third-party cookies. This means that if you, say, shop for shoes online, you’re less likely to be stalked by ads for those shoes on every other website you visit. For extra peace of mind, users can activate features like ‘Prevent cross-site tracking’ and ‘Hide IP address from trackers’ under Safari’s Privacy & Security settings. The latter masks the device’s unique internet address from known trackers, making it much harder for advertisers to piece together a user’s online behavior.

Transparency is another pillar of Apple’s privacy philosophy. With the App Privacy Report, introduced in iOS 15.2, users get a behind-the-scenes look at how often their apps access sensitive information—like location, photos, or the microphone—and which internet domains those apps contact. This data, available for the past seven days, can be a real eye-opener. If an app is frequently pinging data brokers or ad networks, users can make informed decisions about whether to revoke its permissions or even delete it altogether.

Apple’s privacy push hasn’t gone unnoticed. As BornCity points out, features like ATT have forced the mobile advertising industry to pivot away from third-party data collection toward more privacy-friendly methods. Meanwhile, ongoing enhancements to ITP and new protections against browser fingerprinting signal Apple’s commitment to keeping privacy at the heart of its products. With future iOS updates expected to lean even more on local, on-device processing, the need to ship personal data off to the cloud is shrinking. For newcomers to the iPhone, building good privacy habits with these tools is the best way to ensure a safer digital experience in an ever-changing world.

Yet, even as tech giants roll out new privacy features, the volume of privacy complaints continues to soar—especially in Germany. Haufe.de recently reported that data protection authorities are facing record numbers of submissions. In 2025, Berlin’s data protection office received 8,436 submissions, including 2,644 formal complaints and 5,772 requests for advice. That’s a whopping 50% jump in complaints compared to 2024. The story is similar in Lower Saxony, where complaints shot up by 70% from 2,361 in 2024 to 4,022 in 2025, far surpassing the previous high set during the pandemic in 2021.

What’s driving this explosion in complaints? Part of it is a growing public awareness and concern about privacy. But there’s another, more technological factor at play: artificial intelligence. Many search engines now feature AI chatbots that, when asked about privacy issues, not only inform users about their rights but also suggest filing a complaint—sometimes even providing draft letters. As a result, authorities are seeing a flood of submissions, some containing telltale signs of chatbot-generated text. The Berlin data protection commissioner, Meike Kamp, has cautioned that AI-generated legal advice is often “incomplete or simply wrong,” and that officials have even received complaints citing fabricated court rulings or non-existent legal literature. Kamp’s advice is clear: always double-check information from AI tools before acting on it.

To keep up with the mounting workload, data protection offices are streamlining digital complaint processes and hiring more staff. Still, the challenges are immense. The rise in both volume and complexity of cases means authorities are under pressure to adapt quickly, even as new technologies and regulations continue to shift the landscape.

Nowhere is the human impact of privacy lapses more keenly felt than in healthcare. On February 2, 2026, Krone.at brought to light the distressing experience of a 59-year-old woman from Mattersburg, Austria. After being transferred for neurosurgery, she was shocked to discover that her transport certificate—needed to qualify for a special taxi fare—listed her medical diagnoses in explicit detail. “I couldn’t believe my eyes,” she recalled, describing how the document outlined everything from elevated amylase levels, which can signal pancreatic inflammation, to mentions of gallstones, kidney issues, alcohol consumption, tumors, and bowel diseases. All this, handed over to a taxi driver with no medical need to know.

After lodging a complaint, the certificate was updated to use only a letter-number code in place of explicit diagnoses. Still, some informal phrases like “eye not functioning properly” remained, raising fresh concerns about both privacy and professionalism. The patient’s frustration wasn’t just about the careless handling of her data; it was also about the simplistic language used in official documents. When she voiced her concerns at the hospital, the response was dismissive: “It doesn’t matter what’s on it, it’s just a transport certificate—no one sees it.” But for patients, these breaches are anything but trivial. The experience left her, and others, feeling exposed and let down by a system meant to protect them.

Across Europe, the message is clear: privacy is no longer a niche concern. Whether it’s the tools in our pockets, the offices handling our complaints, or the documents we hand to strangers, the stakes have never been higher. As technology evolves and public awareness grows, the pressure on institutions—be they tech giants, government agencies, or hospitals—to get privacy right will only intensify. For now, vigilance, transparency, and a healthy dose of skepticism toward automated advice seem to be the best defenses in an increasingly connected world.