Compared to the rest of the tech world, Apple is very much in a league of its own. While other companies have been forced into the spotlight by data breaches and privacy scandals, Apple has mostly remained unscathed — sticking to its roots with a highly curated, “walled garden” approach that sacrifices transparency in exchange for privacy. At one time, the company even loudly proclaimed on ads and billboards “What happens on your iPhone, stays on your iPhone.” It’s a worthy agenda from the world’s most admired brand, but how much does this claim really hold up?
As it turns out, Apple’s privacy statements may not show the whole picture. A shocking new report revealed a number of Apple’s most popular apps regularly track user data and send it to third-parties — often while users are away from their phones or sleeping! This data includes location, emails, phone numbers, and even IP addresses.
Between app developers, software engineers, advertisers, and Apple’s own staff, it’s important to remember that privacy is a complicated subject with many moving parts. One single step out of line and the whole endeavor comes crumbling down. If you’re wondering how this data harvesting occurred in spite of Apple’s commitment to privacy, you’ll want to keep reading.
How did iPhone apps track and harvest user data?
Following public backlash to Facebook and Google’s entanglement with privacy issues, Apple began to emphasize its focus on privacy for iOS devices. According to Apple, messages would be encrypted by default, App Store apps would pass a stringent review process, and only Apple would have access to location and software data (for the sake of improvement, naturally.)
All this effort, it seems, failed to reckon with the tenacity of app developers and advertisers. In a new report from the Washington Post, a number of apps were found to be snitching on iPhone users — silently collecting private information and sending this data to marketing companies and “research firms.”
Apps involved include major names like Mint by Intuit, Nike, Spotify, and strangely enough the Washington Post app itself!
These programs pull a range of data from users phones, such as location, IP address, email addresses, and phone numbers from contacts. It’s strange to consider what these marketing research firms would be needing your contacts for, but as we’ve seen with mega-corporations like Facebook, Google, and Amazon, data equates to major dollars in revenue.
The harvesting issues were discovered with the help of Disconnect, a privacy firm with equipment that analyzes the data output of individual apps. Its hardware can determine what data is being sent from which app, and where this data is going.
Companies identified as recipients of app data include analysis firm Amplitude and marketing group Appboy, which now goes under the name Braze. The websites for these companies do not specify in exact terms how data is compiled, only that it’s used to help brands understand customers and prospects better.
Surprisingly, Apple’s own applications seemed to live up to its promise — with encryption enabled on several of them from the get-go. Apple does, however, collect software data like crash reports to help it improve its own software. The proprietary Apple Maps app tracks user data as well, but for the purpose of recommendations, frequent locations, and directions.
What can I do to stop data tracking on my iPhone?
Since Apple’s pledge seems to begin and end with its own products exclusively, it falls upon us users to screen apps for reckless data collection. Without advanced hardware and software tracking (like the kind that Disconnect uses,) you’ll need to outright cut off the flow of data to stop the trackers from peeking into your private life.
Luckily, this is easy to accomplish by turning off what’s called Background App Refresh on your iPhone. This feature allows apps to update in the background when your phone isn’t being used — which can be useful for things like inventory, traffic data, and other bits of live data.
Apps, however, can still be manually refreshed just by closing and re-opening them, so turning the feature off won’t negatively affect your experience.
To turn it off, open the Settings app, then select General, and finally Background App Refresh. Here, you’ll be able to turn the feature off for specific apps — or for the whole phone altogether.
Another thing you can check for peace of mind is whether your phone is limiting ad tracking.
Simply open up Settings again, tap Privacy, scroll down and tap Advertising, and make sure Limit Ad Tracking is turned on. This means your phone is preventing some data from being sent directly to advertisers. As a privacy rule of thumb, you should always keep this on.
As more people continue to adopt smart technology, it bears repeating just how numb we’ve become to companies using our private information. Perhaps it will take more scandals to truly bring the issue to the popular imagination, but for now, at least we have some ways to stymie the creeping surveillance from marketers and researchers.
As for Apple, it’s at least holding up to its word in some form. Hopefully, it’ll vet apps it offers more thoroughly in the future — that is if it wishes to retain its reputation for being privacy first.