Apple and Privacy
Apple says privacy is a fundamental human right and one of its core values. Each update to hardware or software takes improving user privacy into consideration, usually at the consternation of world governments or billion-dollar companies. From limiting ad tracking to keeping your data private and local, Apple keeps your data safe.
● Intelligent Tracking Prevention in Safari
● On-device image processing
● end-to-end encrypted messages via iMessage
● Siri doesn't connect data to user for requests
● Apple Pay keeps companies from snooping on transactions
● App Store tracking summaries inform users
● App Tracking Transparency let users opt-out of tracking
Page last updated:
Privacy and security are at the forefront of Apple's products. While it is difficult to pinpoint precisely when the focus on privacy began for Apple, Steve Jobs made it a clear value during an All Things Digital conference in 2010:
"I believe people are smart and some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you're going to do with their data."
Data and privacy go hand-in-hand. The more control a user has, the more private a person can be. Users choosing to keep their data private should not sacrifice ease of use, however, and each update showcases Apple's efforts in this space.
Other companies either don't acknowledge privacy or paint invasive features as a worthy tradeoff for constant surveillance. For example, Facebook warns users that blocking ad tracking may lead to them charging money for services.
Privacy is a fundamental human right. People should reasonably live their lives without someone or some company observing and logging their every move.
The reality is many companies have built their businesses on data collection and user surveillance, which has gone largely without public notice. Facebook, Google, Amazon, and other billion-dollar companies have profited by collecting user data at every opportunity then monetizing it.
These billion-dollar corporations are not necessarily selling the data they collect directly. It is too valuable to sell off at random, so they silo the data to observe trends used to target advertisements. These trends are invaluable to advertisers who wish to target an individual on a hyper-specific metric like weight, neighborhood, or employment status.
Data collection is harmful primarily because of how it is stored — most companies directly attribute data to some kind of identifier that can be traced back to its origin. As long as the data is reasonably accessible by a company, it can be subpoenaed by governments or stolen by hackers. Data surveillance places everyone at risk of intrusive entities prying into their lives which shouldn't be the norm.
Data collection has become so commonplace that no one flinches at a location request or access to health data anymore. Apple hopes to reverse this pervasive practice through several initiatives: making it harder to track users by default, giving users control, and educating users about their data.
Common misconceptions about privacy
"I have nothing to hide."
Privacy is an individual's ability to seclude information and only provide what is desired to express themselves. There is little doubt that every individual has data they don't want to be made public. Be that health records, sexual preferences, or religious beliefs — everyone has some need for privacy.
Having or wanting privacy doesn't mean you've some criminal activity to cover or reason to hide. The right to privacy exists to protect you from bad actors, not to protect criminals from the good guys.
"Companies know everything anyway."
Companies like Facebook and Google collect a great deal of data about you and your loved ones, but they do not know "everything." The data's value relies upon constant collection and observation, so cutting companies off from that data collection is impactful. Data collection companies react with public campaigns or harsh criticism any time Apple makes a change that affects data collection standards — with good reason.
"Data collection enables a free and equal internet."
Advertising does eliminate the need to monetize every piece of content posted online. However, the scale at which Google and Facebook operate may be well beyond any real monetization need.
Apple proposes that indirect advertising using differential privacy and other tools enable just-as-good results. That the incredible amounts of data being collected for targeted ads are not only unreasonable, but it's also unnecessary.
Advertising will never go away, but it can become less targeted. Rather than showing an ad based on an ad profile, companies could show ads based on your region, webpage relevance, or key terms in a search. The web could remain free and open without sacrificing user privacy.
Search engines like DuckDuckGo use ad targeting based on general IP address location and search keywords. The company doesn't collect data about users, nor does it need a profile to find relevant results. For example, a user with an IP address in New York can search for iPhone repairs and be shown information about the nearest Apple Store.
Data that identifies you
There are many ways that a company can connect data to an individual, and most are not obvious. One common misconception about data surveillance is that companies tap into the microphone or camera on iPhone to gather data. Not only is this wrong, but it also turns out data mining and surveillance are much more lucrative than what can be learned through a camera or microphone.
Data brokers buy and collect data from sources for millions of users worldwide, and each user profile may have up to 5,000 identifying characteristics. Everything is tracked about you when possible, from what you bought at the supermarket to how long you visited a friend's house.
- Name, address, phone number
- Health and fitness metrics
- Credit card numbers or credit scores
- Location information
- Race, sexual orientation, religion, political disposition
- Contacts in your address book
- Photos, videos, recorded audio, or streaming data
- Browsing history
- Search history
- Purchase history online and in physical stores
- Device usage data
Apple labels these metrics as data that can identify a specific user. Developers are required to report what data is collected and how it is used in their App Privacy Labels on the App Store.
When using Google services like Google Maps and Google Pay, users can be tracked throughout their day. Google can learn where the user goes, what they buy, how much they spent, and when they get home just from an afternoon of data gathering.
Through constant surveillance, Google will develop trends that can be sold to advertisers for billboard placement and email coupons. Essentially, you've just traded a life of surveillance through free tools from Google for a 10% off coupon for a nearby hairstylist.
Data tracking doesn't stop at personal information or user interactions with apps or devices. Companies use other identifiers to track you like social media trackers, ID for Vendors (IDFV), and Google analytics.
These trackers follow you around your devices by using different technologies like cookies. For example, Facebook and Twitter will log your visit to a website whenever a social media button for the respective platform is present on a webpage.
Apple has taken steps to prevent cross-site tracking despite protests from Facebook and Google. You'll learn about some of the technologies Apple implemented below.
How Apple protects your privacy
Apple devices are built with hardware and software features that focus on privacy and security. From microphone disconnects in MacBooks to iMessage encryption, Apple has you covered.
Encryption and security
Some essential privacy protections provided by Apple happen in the background. Users do not need to know about the Secure Enclave, end-to-end encryption, or app sandboxing to know that their data is safe on iPhone.
The photos you take, messages you send, and health data you track are all end-to-end encrypted to prevent bad actors from getting to your important data. The Secure Enclave, coupled with biometrics like Face ID, keep your device locked and secure until you've authorized it.
Hardware disconnects prevent the microphone from working when the lid is closed on MacBooks with a T2 processor or M-series chip. Apple implemented a similar iPad feature that causes the microphone to disconnect when a Smart Keyboard or magnetic cover is closed.
The Secure Enclave is found in iPhones, iPads, and now Macs. This device operates as a physically isolated entity for storing secure data like passwords, health data, or encryption tokens. Data on the Secure Enclave can only be accessed when authorized via biometrics like Face ID or a password.
When your iPhone or iPad is powered off then back on, most of the data on the device is inaccessible and encrypted. This state is called "before first unlock" and can cause problems for hacking tools like those provided by Cellebrite.
Like Apple and privacy, Apple and encryption have a complicated history filled with controversy.
Apple utilizes a system called Differential Privacy that adds random bits of noise to data it collects to disguise the individual data's origin. This practice keeps Apple or anyone who observes the data from determining that a particular data point came from a specific user.
After collecting data on a metric from thousands or millions of users, a trend will appear, and the noise will fall off. Apple will still have a data trend to observe without the ability to trace any single piece of data back to its origin.
Apple's data collection policy differs from other companies that assign identification numbers or even accounts to the data stored in servers. If Apple is subpoenaed for specific information that has been hidden behind Differential Privacy, there isn't a reasonable way for the company to provide such information.
Features studied with Differential Privacy:
- QuickType suggestions
- Emoji suggestions
- Lookup hints
- Safari Energy draining domains
- Safari auto play intent detection
- Safari crashing domains
- Health type usage
One recent example of Differential Privacy in action came in an Apple Maps update. Apple will start using data obtained via Apple Maps users who opt-in to determine how crowded locations are. The feature arrived as a part of several efforts from Apple to combat the spread of coronavirus.
Apple can't control every aspect of privacy on a user's device without creating severe limitations. Instead, Apple attempts to educate users with pop-ups and advertising campaigns to develop privacy awareness.
Onboarding and user control
When new iPhone users set up their phones for the first time, they are greeted with several privacy configuration windows. They set up data collection controls for diagnostics, Siri, and learn about Apple's policies.
After initial setup, users run into several privacy-related prompts during regular use. Apps will request access to location, Bluetooth radios, and data like contacts. Pop-ups attempt to educate users about the danger of constant access to some portions of data, but that isn't always enough.
With each update to its operating systems, Apple introduces new roadblocks for data collectors and improved tools for users. These updates generate a lot of controversy among ad agencies and data brokers, but courts generally find that informed users and opt-in collection is favorable.
Privacy Labels were added with iOS 14.3 and act as "nutrition labels" for users. When a user goes to download an app from the App Store, a prominent box describing the app's privacy details is shown. Users can click on this box for more detailed information about data collection and how the app uses it.
This passive form of data collection shaming has had mixed effects so far. Companies like Google were reluctant to submit Privacy Labels and went weeks without updating their primary apps. Some users flocked to social media to post some of the biggest offenders in data collection, but most users don't know or don't care about the update.
App Tracking Transparency
Privacy Labels were a passive attempt to educate users about apps they install, but starting with iOS 14.5, Apple took a more active approach. App Tracking Transparency shows a pop-up for each app or service that attempts to track the user and gives them a chance to opt-out.
Users have a tracking identifier data brokers, and ad agencies use to track them across apps and the web. It is called the ID for Advertisers (IDFA), and it is unique per device. Users who opt-out of tracking via the App Tracking Transparency prompt will have an IDFA of all zeros.
Apps have been given the opportunity to educate users why they should opt into data tracking practices but ultimately must show the dialogue giving them the ability to opt-out. Apple will block any apps that attempt to fingerprint users with different methods.
Privacy Transparency Reports
As a part of Apple's push for data transparency, users can view data requests made by world governments on Apple's privacy website. The report is released annually and is separated by country.
The United States made thousands of requests across four categories — device, account, financial identifier, and emergency.
Most of the requests were made via search warrants or subpoenas. Government requests range from police requesting access to a device's data to the FBI seeking iCloud information about a suspect. Apple reviews each submission and requires that the requested data pertains to a specific portion of the account over a defined time range.
Only in the most extreme circumstances, like in the event of domestic terrorism, will Apple hand over all available data about a suspect. Most of the data Apple has on a person is stored in the individual's iCloud backup since backups are not end-to-end encrypted in the cloud.
Apple attracts a lot of attention from various companies due to its actions around privacy. With each update to iOS or its other platforms, Apple is targeted by ad agencies or other companies who think the changes are anti-competitive.
Apple versus Facebook
One significant case is between Apple and Facebook. Once Apple announced its App Tracking Transparency feature in 2020, Facebook started a major campaign against it. Facebook targeted people who don't have a fundamental understanding of technology and privacy with the hope to sway the masses' opinion.
Facebook claims that small businesses thrive when they can target specific demographics using data categories created by Facebook. The company harvests tons of data from users, sifts through it using algorithms, and presents advertisers with targeted groups for ads.
Apple claims that Facebook collects too much data and can accomplish the same goals using different collection tactics or by collecting much less. Tim Cook says that Facebook has an opportunity to convince users to opt into data tracking, so the move isn't anti-competitive.
Facebook started its campaign against Apple by taking out full-page newspaper ads stating that the feature would harm small businesses. It continued by contacting businesses and convincing them to provide statements against Apple's feature.
Ultimately Facebook's efforts have fallen short of legal action. Public reaction to Facebook's complaints has shown it to be a tone-deaf campaign that earned little sympathy from customers.
Apple and Privacy go hand in hand. Expect each update to iOS 14 and beyond to introduce even more controversial features that will give users control over their data.