iOS Privacy Advances
Law and legislation take the lead in setting standards for protecting personal data, but the policies and norms established by companies also play a central role. This has been the case particularly for global platforms providing the services used by billions in the course of daily life. Apple’s 2020 Worldwide Developer Conference (WWDC) previewed a variety of privacy advances coming soon to various Apple products, including their most recent mobile operating system, iOS 14. Apple executives reiterated throughout the event that, “privacy is a fundamental human right at the core of everything we do” and a notable portion of their announcements directly reflect this perspective.
An overview of some of the notable changes include:
App Tracking Controls
As of iOS 14, Apple will require developers to obtain consent prior to tracking users across apps and websites owned by other companies, including tracking by user ID, IDFA, device ID, fingerprinting, or profiles. Apps are currently only permitted to track users for advertising purposes by using the iOS IDFA (Identifier for Advertisers) — an ID that is available by default and can be “zeroed out” by enabling the Limit Ad Tracking setting. In iOS 14, apps will need to affirmatively request access to the IDFA via the AppTrackingTransparency framework.
This new “just-in-time notification will provide users with two options: “Allow tracking” or “Ask app not to track.”
It is our understanding that apps can ask for this permission only once and cannot discriminate against users by restricting use of the app or key features for those who decline the permission.
The new functionality will also allow users to view and edit this setting for each app on the device within Settings. Users can also choose not to be asked for permission to track by all apps through the Limit Ad Tracking toggle within Settings. This setting is automatically disabled for child accounts and on shared iPads.
Apps will still be permitted to track users who do not “Allow Tracking” in circumstances where the app’s data is linked to third-party data solely on the user’s device and is not sent off of the device in a way that can identify the user or device. App data may also be sent to a third-party if that third-party partner uses the data solely for fraud detection, fraud prevention, or security purposes and solely on behalf of the app developer (for example, to prevent credit card fraud).
Attributing App Installations
Apps will be able to leverage Apple’s SKAdNetwork to attribute app installations via aggregate conversion reporting. Ad networks will need to register and provide campaign IDs to the App Store, and Apple will report the aggregate results of campaigns driving installations without sharing information about individual users.
Currently, users are presented with several options when an app requests access to location. These options include 1) Allow While Using App, 2) Allow Once, and 3) Don’t Allow.
A new, more privacy-preserving option will offer users the ability to share an approximate location that reflects an area of approximately 10 square miles, allowing for a personalized experience without sharing precise location information.
To help users understand the difference and the precision of location sharing, iOS will now provide a visual representation as part of the location permission dialogue. The option to share precise location with individual apps can also be managed with the device Settings.
Simplified App Privacy Notices
Since these declarations are effectively additional privacy disclosures provided by an app, companies will need to take care to ensure they are accurate legal representations of their practices.
Microphone & Camera Indicators
Indicators will appear on the status bar and within the Control Center when the camera or microphone is activated by an app.
Sign-In With Apple Upgrades
Developers will now be able to offer users the option to convert existing app accounts to Sign-in with Apple, which is tied to users’ Apple IDs.
As of iOS 14, Safari will support a broader selection of extensions distributed through the App Store. Just-in-time notices within Safari will notify users when an extension accesses information about a site the user is visiting, and users can opt to “Allow for one day,” Always allow on this website,” or “Always allow on every website.”
While ITP (Intelligent Tracking Protection) has been implemented in Safari for several years, new transparency enhancements will allow users to review a list of specific trackers blocked on a website through an icon in the toolbar.
In addition, a new “Privacy Report” will provide users with a summary of all cross-site trackers that have been blocked within the previous 30 days.
Photo and Contacts Library Access
New access limits to the Photo Library will enable users to share only specific, selected items with an app, as opposed to the previous default of providing ongoing access to the user’s entire library. Similar technical controls will also be applied to apps interacting with a user’s contacts, allowing users to select individual contacts instead of providing apps with ongoing, blanket access to all of the user’s Contacts.
While some apps need to be able to find and connect to local devices on a network in order to provide specific, related services, some apps have used access to this information to track users for other purposes. Apps will now be required to prompt users and obtain permission for such access. In addition “Use Private Address” will be enabled by default. This will result in Apple devices providing WiFi networks with a MAC address that is uniquely-generated daily, preventing multiple WiFi networks from correlating the behaviors of an individual user presenting with the same MAC address.
If text that has been copied to the clipboard is accessed by an app, iOS 14 will provide a notification to the user in a “Call Out” for each instance the app accesses the information, allowing users to know when and which apps are accessing the text stored on the clipboard. Previously, apps were able to access this information on demand and without any indication to users. Researchers recently flagged TikTok and other apps accessing clipboard data in this manner. Although some apps may have legitimate reasons to access clipboard data, the access by many others raises concerns.
Apple provided more detail about the changes and potential impact on existing and new apps in these videos and forums. The following two videos, in particular, provide more information regarding a number of changes which serve to encourage data minimization, reduce the likelihood of apps over-sharing data, and increase user transparency and control.