THIS WEEK'S SPONSOR:

FitnessView

All-in-One Health & Fitness Dashboard

Posts tagged with "Privacy"

Craig Federighi Provides Deeper Insight Into iCloud Private Relay

Fast Company’s Michael Grothaus interviewed Craig Federighi this week regarding the suite of new privacy features which Apple unveiled at WWDC. The article includes some notable technical details on how iCloud Private Relay works under the hood. One of the most interesting — and somewhat unfortunate — revelations is that iCloud Private Relay will only work from Safari. Users of other browsers are out of luck here.

The reason for this restriction has to do with Apple’s commitment to unassailable privacy, which happens by ensuring that no party can ever access both your IP address and your destination URL. From what I can gauge, this is actually a three-step process which looks something like this:

  • From Safari, you navigate to a particular URL. Safari encrypts this destination URL locally and then forwards your request to Apple’s iCloud Private Relay servers.
  • Apple’s servers anonymize your IP address so that it can’t be traced back to you, then forward the request to a trusted third-party’s servers.
  • The third-party decrypts the destination URL, then forwards the final request (decrypted URL plus anonymized IP address) to the destination.

Read more

An Overview of the New Privacy Controls Coming to Apple’s OSes

Privacy has become a central theme of Apple’s OS updates in recent years, and this WWDC’s announcements were no different. During the opening keynote yesterday, the company introduced new privacy features across its OSes and system apps designed to put users in control of their data and prevent unwanted tracking. As Craig Federighi Apple’s senior vice president of Software Engineering explained in an Apple press release:

Privacy has been central to our work at Apple from the very beginning. Every year, we push ourselves to develop new technology to help users take more control of their data and make informed decisions about whom they share it with. This year’s updates include innovative features that give users deeper insights and more granular control than ever before.

One of Apple’s focuses this year is on email. Hide My Email, which is part of iCloud+, lets users create random email addresses that forward to their main address, allowing them to avoid giving out their primary email address to third parties that may sell it or use it to send unsolicited messages. According to Apple, iCloud+ subscriptions with the new features the company announced will cost the same as they do now for the amount of storage offered with a current iCloud subscription. Another new mail feature is, Mail Privacy Protection, which is built into Apple’s Mail app, and prevents invisible pixel trackers that are used to tell if someone has opened a message and gather other information.

Read more

Apple Tells CNET It’s Making Privacy Changes to AirTags and Has an Android App Coming Later This Year

CNET reports that Apple is adjusting the time within which they sound an alert when separated from their owners and adding ways to alert people when AirTags and third-party Find My network-enabled items are nearby.

Initially, AirTags were set to play a sound three days after they were separated from their owners. Now, the device will play a warning beep somewhere between 8 and 24 hours. Apple is also creating an Android app to allow owners of Android phones and devices to know if an AirTag or Find My network device is planted on them.

AirTags launched last month with numerous privacy protections baked into the device and related software, noting at the time that they expected to make adjustments along the way. With a few weeks of real-world use by customers and investigations by The Washington Post and others, today’s changes are a positive step toward ensuring that AirTags can only be used for their intended purpose: tracking belongings, not people.

The latest changes are being rolled out now and will be applied to AirTags when they are near an iPhone. Apple told CNET that it will have more details on the planned Android app later this year.

Permalink

Apple Releases New App Tracking Transparency Video

Apple has released a new video in its ongoing ‘Privacy. That’s iPhone’ campaign titled ‘Tracked.’ The latest spot starts with the lead character purchasing a coffee and then being followed around all day by a growing crowd of people that intrude on his privacy. Back home at the end of the day, the protagonist is prompted by his iPhone to ‘Ask App Not to Track’ or ‘Allow’ tracking, and as soon as ‘Ask App Not to Track’ is chosen, the mob of people crowding his apartment pop like balloons, disappearing in puffs of smoke.

Privacy isn’t an easy thing to depict visually, and no doubt, someone will take issue with aspects of the way the video portrays app trackers, but I enjoyed it. The video is entertaining, but it’s also useful to anyone who doesn’t realize how intrusive cross-app and website tracking can be.

This isn’t the first video released in the series. Late last month, Apple released ‘App Tracking Transparency’, which explains how the iOS 14.5 feature works. Earlier this year, the company also released ‘A Day In the Life of Your Data,’ a case study with real-world examples of what app trackers can do.

‘How Apple Designed AirTags to Be Privacy-First and Stalker-Proof’

Michael Grothaus at Fast Company interviewed Kaiann Drance, Apple’s vice president of worldwide iPhone product marketing and Ron Huang, a senior director of sensing and connectivity, about AirTags. The focus of the story is the privacy features built into AirTags, and it includes this interesting nugget not covered during Apple’s event on Tuesday:

AirTags also have a unique security feature called Pairing Lock, which protects against people who may find your lost item and snatch the AirTag from it to use as their own. Huang likens Pairing Lock to the iPhone’s Activation Lock. “It means that if you lose your AirTag, somebody can’t just pick up your AirTag, re-pair it with their phone, and continue using it,” he says. “This has been really impactful for the iPhone and we think it will be for AirTag as well.”

I’ve seen a lot of questions raised online about exactly how AirTags work and their privacy features, and this Fast Company story is a great place to start to learn more.

Permalink

Kara Swisher Interviews Apple CEO Cook for Sway

Apple CEO Tim Cook was interviewed on Sway, The New York Times’ podcast hosted by Kara Swisher, in an episode released today. Swisher asked Cook about a wide range of topics, including privacy, iOS 14.5, Parler’s removal from the App Store, autonomous vehicles, AR, its upcoming court case with Epic Games, and more.

On privacy and the reaction to App Tracking Transparency, Cook said he was shocked by the degree of pushback the feature has caused. Asked whether he thought ATT will harm businesses that rely on digital advertising, Cook said:

I think that you can do digital advertising and make money from digital advertising without tracking people when they don’t know they’re being tracked. And I think time will prove that out. I’ve heard this about other things we’ve done in the past that it’s almost existential and it wasn’t. I don’t buy that.

Regarding Parler’s removal from the App Store, Cook explained that can return to the App Store when they comply with its rules:

Well, in some ways, it was a straightforward decision, because they were not adhering to the guidelines of the App Store. You can’t be inciting violence or allow people to incite violence. You can’t allow hate speech and so forth. And they had moved from moderating to not being able to moderate. But we gave them a chance to cure that. And they were unable to do that or didn’t do that. And so we had to pull them off. Now, having said that, Kara, I hope that they come back on. Because we work hard to get people on the store, not to keep people off the store. And so, I’m hoping that they put in the moderation that’s required to be on the store and come back, because I think having more social networks out there is better than having less.

Cook also made the case that human curation on the App Store is a crucial element of the marketplace’s security model, rejecting the notion that users should be able to sideload apps and elaborating:

I think curation is important as a part of the App Store. In any given week, 100,000 applications come into the app review. 40,000 of them are rejected. Most of them are rejected because they don’t work or don’t work like they say that they work. You can imagine if curation went away, what would occur to the App Store in a very short amount of time.

Regarding new products, Cook wouldn’t confirm whether Apple is planning to offer augmented reality hardware or an autonomous car. Still, his excitement about those underlying technologies was evident, noting that AR, in particular, is critical to Apple’s future.

Also of note was Cook’s comment that iOS 14.5 is ‘just a few weeks’ away, which is longer than I expected and perhaps a sign that an April product event will occur.

The interview, which is just under 36 minutes long, touches on other topics, including Apple’s role in policy issues like voting rights, working with the US government, and Cook’s role as the first openly gay CEO of a Fortune 500 company. The episode is available in Apple Podcasts as well as third-party podcast players, and The New York Times has published a transcript of the entire interview.

Permalink

Apple Publishes ‘A Day in the Life of Your Data’ Case Study and Reveals That App Tracking Transparency is Coming in the Spring

Today is Data Privacy Day, and to mark the occasion, Apple has published a case study titled ‘A Day in the Life of Your Data.’ In the accompanying press release, Craig Federighi, Apple’s senior vice president of Software Engineering explains the company’s approach to privacy:

Privacy means peace of mind, it means security, and it means you are in the driver’s seat when it comes to your own data. Our goal is to create technology that keeps people’s information safe and protected. We believe privacy is a fundamental human right, and our teams work every day to embed it in everything we make.

Apple’s efforts to put its customers in control of their data are not new, but as they evolve and expand, so have tensions with other tech industry titans like Facebook. Part of the lastest tensions stems from the fact that as part of the next iOS and iPadOS beta, Apple will begin testing a system that alerts users when an app wants to share data it collects with other apps, websites, and companies. The most common way apps do this is with the Identifier for Advertisers or IDFA, a unique code that identifies your device.

Users can already go into the Privacy section of the Settings app to turn off IDFA-based tracking under ‘Tracking,’ but that requires people to know about the setting and find it. Apple’s new system is similar to other privacy flows throughout iOS in that it displays an alert when an app that wants to use tracking is launched, asking the user to grant it permission.

Facebook and others, whose advertising relies on aggregating data about users from multiple apps and websites and then tying it back to a specific individual, see this as a threat to their business models. Attempting to reframe the issue as one of economics, Facebook argues that the change will hurt small businesses who purchase targeted ads because those ads will no longer be as effective.

The new privacy feature, which Apple calls App Tracking Transparency, comes on the heels of the standardized privacy disclosures the company began requiring from developers with its Fall 2020 OS updates. For apps like Facebook, the disclosures are extensive, but to its credit, Facebook published its disclosures late last year, while Google still hasn’t.

Apple's App Store privacy labels make it clear to users that third-party Twitter clients collect far less data than the official app, for example.

Apple’s App Store privacy labels make it clear to users that third-party Twitter clients collect far less data than the official app, for example.

Apple’s case study is a day-in-the-life hypothetical that follows a father and daughter throughout their day together. The document is peppered with facts about tracking and data brokers, including a citation to a study that says the average app includes six trackers. Most useful, though, is the case study’s plain-English, practical examples of the kind of tracking that can occur as you go about a typical day’s activities using apps.

It’s impossible to create a case study that users who aren’t security experts will understand without glossing over details and nuances inherent to privacy and tracking. However, the study is extensively footnoted with citations to back up the statements it makes for those who want to learn more, which I think strikes the right balance. I’ve had tracking turned off on my devices since it was possible, and personally, I’m glad to see the feature is going to be surfaced for others who may not be aware of its existence.

Apple and Privacy in 2020: Wide-Reaching Updates with Minimal User Intrusion

Privacy has increasingly become a competitive advantage for Apple. The bulk of the company’s revenue comes from hardware sales, in stark contrast to competitors like Google who depend heavily on ad revenue and thus benefit tremendously from collecting user data. Apple calls privacy one of its core values, and the structure of its business makes it easier to hold true to that value. But that doesn’t mean its privacy work is easy or without cost – behind the huge number of privacy enhancements this year was surely significant effort and resources that could have been diverted elsewhere. The company’s privacy discourse isn’t empty marketing speak; it’s product-shaping. Not only that, but thanks to Apple’s enormous influence in tech, it can be industry-shaping too, forcing companies that otherwise may not prioritize user privacy to do business differently.

This year in its WWDC keynote, Apple dedicated an entire section of the presentation to privacy, detailing its latest efforts within the framework of what it calls its four privacy pillars:

  • On-device processing
  • Data minimization
  • Security protections
  • Transparency and control

Evidence of each of these pillars can be seen throughout much of what Apple announced during the rest of the keynote. On-device processing, for example, powers the new Translate app in iOS 14, HomeKit Secure Video’s face recognition feature, and more. New security protections have been implemented to warn you if a Keychain password’s been compromised, and to enable Sign In with Apple for existing in-app accounts, both of which make your accounts more secure. But the majority of this year’s most prominent privacy updates fell under the remaining two core pillars: data minimization and transparency and control.

Here are the privacy-focused changes you’ll see this fall across iOS and iPadOS 14 and macOS Big Sur.

Read more