Beirut, April 15, 2026 — On April 8, Israel launched its heaviest bombardment on Lebanon since the start of the war—one hundred and sixty bombs, ten minutes — hours after Pakistan’s Prime Minister posted on X that the ceasefire included Lebanon. It did not. Since March 2, Israel has killed over 2,000 people in Lebanon and displaced over 1.2 million people. On April 16, U.S. President Donald Trump announced a 10-day ceasefire.
People in Lebanon celebrated, but whether the ceasefire would hold is another question.
We also know that digital threats can continue despite this ceasefire. This week, we are looking at the villages in South Lebanon that never appeared on Apple Maps and what that absence means now that they are being bombed, the apps people are downloading to stay connected should the internet go down, and why some of them are not safe, the detention of Ahmed Shihab-Eldin, a journalist who has been in a Kuwaiti prison for six weeks for sharing a video of an incident already reported on by CNN, and at the surveillance system built on your advertising data, also known as Webloc.
- Users claim that Apple Maps erased towns in South Lebanon
On April 12, as Israeli forces continued their ground operation in South Lebanon, some users opened Apple Maps and zoomed into the border. On the Israeli side, towns were clearly labelled. On the Lebanese side: almost nothing. No Bint Jbeil, Khiam, or Naqoura. Just blank space where villages have stood for centuries. The same villages Israel’s Defence Minister had ordered demolished, and where bombs were falling. The fear and anger spread. Apple, they said, was erasing Lebanese villages in real time, in preparation for a colonial expansion.
The specific claim turned out to be wrong. A number of investigations showed that these towns were not even available in the first place, according to WIRED Middle East and the Lawyard. While tech companies have indeed, in the past, repeatedly used their products and services for military purposes, there is no evidence so far that Apple Maps has erased border towns on purpose.
“We are aware that some outlets have incorrectly reported that certain village and town names in Lebanon were removed from Apple Maps,” the company said. “These locations have never been featured.”
But the controversy revealed a structural issue worth examining.
These villages have always been invisible on Apple Maps. Their absence predates the war and the invasion. Although the question is no longer about deliberate action at this particular moment of dispossession, it has become why Apple has never mapped these communities?
SMEX has reached out to Apple with inquiries on the matter and is currently awaiting a response from the company.
- Should you use apps that work without the internet in case of a shutdown?
If you are in Lebanon and worried about what happens to your communications if the internet goes out during the war, you may have already heard about alternative apps that work offline, like Bitchat, Bridgefy and Briar. They use Bluetooth and peer-to-peer mesh networks to enable nearby devices to communicate directly, allowing messages to be passed between users even when traditional networks are unavailable.
Here is what you need to know before downloading one.
“Some of these apps rely on Bluetooth as a way to ensure communication is happening with different individuals,” says Madeleine Belesi, a senior cybersecurity analyst at SMEX. “This way of communication is not safe, for multiple reasons, including the fact that it is not end-to-end encrypted, making it easier to be intercepted and for the content to be read,” she warns.
Belesi also notes a practical limitation: these apps also require everyone around to have Bluetooth enabled simultaneously, which is difficult to coordinate reliably in a crisis, adds Belesi.
Although these apps have been used in communicating in conflict zones like Gaza, Iran, and Ukraine, they come with varying trade-offs in terms of range, reliability, and security that users should consider.
Since Israel’s ongoing aggression in 2024, SMEX has put together some resources to guide you on how to stay connected and communicate during a crisis.
As a reminder, SMEX’s Digital Safety Helpdesk is readily available to provide advice on how to handle issues in case of a blackout. You can contact them here:
- WhatsApp/Signal: +961 81 633 133
- Email: helpdesk@smex.org
- Veteran journalist, Ahmed Shihab-Eldin has been detained in Kuwait for six weeks
Ahmed Shihab-Eldin, a veteran Kuwaiti-American journalist of Palestinian descent, was in Kuwait visiting his family when the U.S.-Israeli war on Iran began. On March 2, he posted on his Substack photos and videos including of a U.S. fighter jet that had crashed near a Kuwaiti airbase— content that CNN had previously geolocated and published . He was not on assignment and was not filming, he only shared what was already in the public domain, according to CPJ.
The next day, he was arrested. He has been in prison for six weeks.
CPJ said it is understood that authorities have charged him with spreading false information, harming
national security, and misusing his mobile phone, accusations it said are “vague and overly broad accusations that are routinely used to silence independent journalists.”
Kuwait has not responded to CPJ’s written inquiries and the exact charges have not been made public.
His case is part of a larger issue. Since the war started, Gulf countries have significantly increased state censorship over citizens and residents attempting to document events, capture and share images of Iranian strikes online. In Kuwait alone, dozens have been arrested for social media posts, according to the Gulf Center for Human Rights.
In the UAE, the crackdown has taken a different form. The UAE’s Federal Public Prosecution ordered X to block multiple verified accounts inside the country, including activists, academics, journalists, and even news outlets. The grounds for the request to block is that their content is “misleading” or “offensive”. X complied, restricting access inside the UAE while leaving them visible elsewhere.
SMEX has previously documented and denounced digital rights violations and warned that censorship on war reporting puts freedom of expression at risk. SMEX joins CPJ in calling for the immediate and unconditional release of Ahmed Shihab-Eldin.
- Webloc: The surveillance tool built on your ad data
Consider this, while on your phone playing a random game you downloaded, looking for directions using a new app, or even scrolling through the news, your phone could be silently broadcasting your location, device ID, and a profile of your behavior to a network of companies you do not know, hundreds of times a day. And those companies may be selling your information to governments.
Somewhere in that chain, from your phone to an app to a data broker to a surveillance vendor, your movements become a record. This record includes your address, based on where your phone stays at night. Your work, from where your phone spends the day. And all the routes between these two and the devices near yours. All this data is stored, reachable, and searchable up to three years back. This is known as Webloc.
Citizen Lab at the University of Toronto has published a major investigation this week uncovering the scale of the mass geolocation surveillance system, or Webloc. The system was developed by Cobwebs Technologies — an Israeli company with documented links to the Israeli spyware industry. The founder was revealed to be financially tied to Quadream, an Israeli spyware company that targeted journalists, lawyers, and other civil society figures across the WANA region. It is sold today by its U.S. successor Penlink.
The system exploited data from nearly 500 million devices globally without a warrant. Customers of this legally questionable system include military units, intelligence agencies, and other state surveillance apparatus. Confirmed customers include U.S. Immigration and Customs Enforcement (ICE), the U.S. military, intelligence agencies in Hungary, and other countries. Citizen lab also identified server infrastructure in the UAE and Iraq.
So what does this mean for you right now?
It means that the advertising system and surveillance system are not separate things. In the mean time, below are some steps you cant take to reduce your device’s exposure.
iPhone: Go to Settings > Privacy & Security ? Tracking and disable “Allow Apps to Request to Track.”
Android: Go to Settings > Privacy > Ads and delete your Advertising ID.
On both devices, go to “Location Services” and set each app’s access to “Never” or “While Using” for apps that require it.
Even after disabling tracking, apps may still collect some data, you can try to avoid that by:
- Avoid logging in with social accounts unless necessary
- Use browsers with privacy features like Brave Browser or Firefox
1. Limit permissions aggressively
Many ad-driven apps request access to things they don’t really need (location, contacts, microphone). Only grant permissions that are essential for the app to function, for example, a simple game shouldn’t need your precise location, additionally, regularly review or revoke these permissions in your settings.
2- Avoid sketchy or unknown apps
Apps that rely heavily on ads, especially from unofficial sources can include trackers or even malware. Stick to trusted app stores like Google Play Store or Apple App Store, and check the reviews on the application you want to download.
