When the Cambridge Analytica scandal broke, the world focus quickly shifted to the way in which big tech companies were collecting user data. The scary part was just how much user data was being collected, and how it was being used to target ads. Then we heard of Echo devices sending audio recordings to Amazon servers, after Jeff Bezos had clearly said that the company does not store user recordings. Then we learnt of how all big tech companies were collecting small snippets of users’ voice recordings which were then shared with external consultants. This, they said was to improve the natural language processing engines for their respective services. Whichever way you look at it, the last two years have been really bad for consumer privacy and amidst all this, Apple has taken a stand to clarify what it does for its consumers. Apple has today refreshed its Privacy website to include features in the latest versions of its operating systems, mobile and otherwise, and how they work on protecting user data.
One of the strangest experiences iOS users experienced after upgrading to iOS 13 was the strange Bluetooth permission requests being made by Apps like Facebook and Instagram, apps that no business asking for Bluetooth permissions. Bluetooth beacons can be incredibly accurate, down to a few centimetres, allowing for more precise tracking of users. Bluetooth beacons are little discrete devices that an be placed anywhere in, let’s say, a shopping mall. Then these beacons will send out a ping, which gets picked up by an app or two on your phone, the result being, someone knows exactly which mall, or rather which section of the mall you were shopping in. Now, iOS 13 users have access to this information and can allow or completely deny this permission to the app requesting this. You may wonder as to why Apple won’t just flat out deny access to Bluetooth beacons, and that is because it also has some great uses. An app called LaunchHere uses beacons to provide some extremely precise automation on iOS devices, and even Apple’s own Find My service uses a version of Bluetooth beacons to locate your device even if it has been turned off.
Across iOS 13 and macOS Catalina, Apple has also improved the control over location permission. Instead of being limited to “allow or deny,” the new location permission allow you to give location permissions to an app either for one time only, when the app is in use or deny. Do note that if you give one-time only permission, the app needs to be force closed in order to revoke its location permission. When it comes to location tracking in the background, iOS 13 now prompts users when an app requests location access while in the background. At this point, the user can choose to either allow the app to continue collecting information in the background or change it to “allow only while using,” preventing any background location tracking.
The one privacy feature that has received the most stage-time is Sign in with Apple. The feature was first announced at the World Wide Developer Conference (WWDC) earlier this year in June. The thought behind Sign in with Apple is that Apple wants to provide users an alternative to using social media logins for services, which results in data collection. Sign in with Apple will prevent apps from collecting your personal details such as your email ID. Since some services do require an email ID to be shared with them anyway, Sign in with Apple creates a scrambled email ID for you, which will be unique for every app. In case the app wants to send you any marketing mails, they all go to the scrambled email ID which forwards it to your Apple ID. This prevents your Apple ID ending up in places where it shouldn’t. After its announcement, Apple has started requiring developers to offer the option to Sign in with Apple on apps that also offer other social logins.
According to Apple, the version of Safari that ships on the latest versions of iOS and macOS is built to prevent fingerprinting, a practice where you are tracked across websites in order to build a user profile based on browsing habits. While it remains to be seen just effective Apple’s implementation is, it is nice to see that such methods are enabled by default.
Apple has asserted that it does not rely on collecting user information as that is not how its business model works. However, this does not mean that Apple does not collect any user information. Recently it was learned that Apple too shares snippets of audio recordings with third party companies for improving Siri’s NLP engine. With iOS 13.2, Apple allows you to choose whether you want to share these recordings or not. In the event that you do choose to share bits and pieces of your audio recordings, Apple strips the audio files of all personally identifiable information. Similarly, with Apple Maps, when Apple does collect information about where you’ve been and for how long, it strips that information of all personally identifiable information before shooting it off to Apple’s servers.
Most of the processing that Siri or even Maps do is all on-device. Apple’s approach to machine learning is rather interesting. Siri continues to learn based on how you use it, but all processing is done on-device. Once a new framework is created, it is uploaded to Apple’s server, but once again, devoid of any personally identifiable information. This framework is then anonymously added to other similarly trained models, from which Apple creates its next update for NLP and such. Even with the Photos app, Apple is using on-device machine learning to create the albums and label photos. The iCloud backup service is literally just that, a backup service, and Apple does not use the contents stored in iCloud Photos for any kind of inference.
Apple has always taken a stand for user privacy, although there have been instances where their approach has been open to criticism. The new Apple Privacy website has a very detailed breakdown of everything the company does to protect user privacy. You can go through it all here.
WhatsApp at risk by a specially crafted MP4 file that could trigger stack-based buffer overflow attack
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.