Apple Privacy in 2020: iOS 14 and iPadOS 14 is more secure than ever

Apple has added significant privacy upgrades this year to protect us more and give up less.

Apple has been lauding privacy for many years now, and it's a part of the company's culture that has set it apart from other companies, companies that are only now seeing the writing on the wall and trying to jump on the privacy bandwagon. With iOS and iPadOS 14 and macOS Big Sur (releasing later this year), Apple has added even more features to give users control over who has access to their data and what's being done with it.

Apple has added five major privacy updates to its platforms. What does that mean for you and me? Let's go through the list.

Sign In with Apple ... again

Last year, Apple introduced Sign In with Apple, which lets users sign up for an account without having to share their email address or be tracked by a comparable service. It sounded like a really cool feature when it was first announced, but the entire premise fizzled out pretty quickly when Apple backed out of its initial requirement that any app that offered Google or Facebook sign-in would also have to offer Apple sign in. When the feature finally rolled out, I could count on one hand how many services provided Sign In with Apple. Today, a lot more services are offering it. Services I wish offered it six months ago when I first signed up with them.

In iOS 14, Apple has given developers the option to offer users to "upgrade" their account to Sign In with Apple. According to Apple, companies are seeing a higher rate of signing up (up to 20%) when Sign In with Apple was offered.

When you upgrade your account to a Sign In with Apple account, you can use Face ID or Touch ID to sign in to your account. And two-factor authentication keeps it protected.

There isn't any mention of whether a company will purge the data its already collected from you or how you can erase your email from a databank, but this is a step in the right direction.

Hopefully, developers will see how much we, as consumers of their products, want Sign In with Apple. It makes things easier, like Apple Pay, and makes new customers put our trust in them faster. We're better protected and these companies did the work to let us choose that.

Approximate location

Prior to iOS 14, when an app asked for your location — whether to give you the local weather, point you in the direction of the nearest bathroom, or tell you where your car is — it could access your precise location. If you're standing across the street, for example, from a subway entrance, an app could know which street corner you're on.

Sometimes, that's important, like getting directions, but other times, like when you're using a smart speaker, it's definitely not.

Take a look right now at all of the apps that want to use your location data. Go to Settings > Privacy > Location Services. Go ahead. I'll wait.

See how some apps, like social media apps, calendar apps, news apps, games, and even podcast apps want to know your location?

A few years back, Apple gave users more control over when an app sees your location. It went from either "yes or no," to, "yes, but with restrictions." We were no longer handcuffed by an app's requirement that we must turn on location services if we want to use the app at all (some apps will still try to bully you with this messaging, but it's just not true).

In iOS 14, Apple takes that a step further by adding the ability to hide your precise location from an app. By turning off "Precise Location" users don't have to share the exact street corner where they are standing.

When you only share your approximate location with an app, it will share your location within about a 10-square mile radius of where you actually are. The app will receive a random center and radius.

Apple says the location radius will be based on a nearby landmark, like a government building or a major intersection.

This option is great for things like a weather app or a news app. Carrot doesn't need to know which street I live on to tell me whether it's going to rain in Sacramento. Google News doesn't need to know where I'm drinking my morning coffee in order to provide me relevant local news.

And, this is a setting, so you can enable or disable Precise Location, depending on the app. You'll want to keep Precise location sharing with apps like Lyft or Postmates so they can find you, specifically.

Mic and camera awareness

We've all thought it. We've all wondered about it. Does my iPhone listen to me? Does someone have secret access to my camera that I don't know about? Apple's vice president of Software Enginnering, Craig Federighi, told Fast Company that he gets emails from customers saying, "I am sure this popular app I downloaded is secretly listening to me ..." You know the rest of this story. If you haven't said it yourself, someone you know has.

While the answer is, "probably not," it's still something we worry about, especially when Google or Facebook will suddenly start showing ads for baby diapers when you just found out that you're pregnant (your partner doesn't even know!).

Apple added a very clear indicator for when your iPhone's microphone or camera is being used. When an app is using your microphone, you'll see a tiny orange dot at the top of the screen, no matter which app you switch to. When an app is using your camera, you'll see a green dot. It's similar to how a web camera or the iSight camera on a Mac shows a status light to let you know your camera is on.

In addition to the indicator at the top of the screen, you can see what app is currently using the camera or mic in Control Center and which apps have recently accessed the camera or mic.

Privacy guides on the App Stores

You know when a new app comes to the App Store that's all the rage and suddenly celebrities are making themselves look old or like a deer or something? And then, suddenly people start talking about how those apps might be storing your information, audio recordings, or photos on their servers? Wouldn't it be cool if app developers had to display their privacy policies in a simple-to-read list, right in their summary page on the App Store?

Well, that's a thing now.

Apple asks developers to include information about 31 categories regarding privacy practices. This information will be displayed on the app summary of an app in the App Store when it's updated so it is easy to read and understand.

Categories appear as "Data Linked to You" and "Data Used to Track You" and include such things as your financial information, contacts, location, and more.

This information is self-reported, so we still have to trust a developer's intentions when we make decisions about whether to install and use an app, but at least there is some level of transparency we can easily to see before we decide. The App Store app review team will also work with developers to make sure they're reporting properly and address any conflict between what a developer says its app does and what it actually does in regards to privacy policies.

Safari Privacy report and saved password monitor

Apple added an intelligent tracking and prevention button to the toolbar on iPhone, iPad, and Mac in Safari. This tracking report includes such information as known trackers that Safari has blocked, websites that contacted trackers, most contacted trackers, and a list of websites and trackers by content. On macOS Big Sur (launching later this year) you'll also be able to see a 30-day report of trackers that have been blocked and companies that own those trackers. The report will also show the percentage of sites that contain trackers.

There is potential for this information to be misunderstood. It's like a doctor handing you your bloodwork test results. Without someone who understands the data there to tell you what it all means, it can seem a bit scary.

In addition to a privacy report accessible on a page in Safari, Apple is adding features to help protect your Safari Keychain passwords.

Keychain is a wonderful little storage space on your iPhone, iPad, and Mac that keeps track of websites where you've entered a password. It's nowhere near as robust as a dedicated password manager like 1Password or LastPass, but it's definitely helpful for people that don't want to be inconvenienced with that extra level of protection (I'm looking at you, family).

Safari will keep track of websites and services that may have been breached and let you know if your password may have been compromised.

Apple notes, Safari will use strong cryptographic techniques to check our passwords against known breached passwords. Safari will then notify you if your password was compromised. This information is not stored or shared, even with Apple. Similar to 1Password's Watchtower feature or LastPass' Sentry.

Safari is getting one additional big privacy update with app extension tracking permissions.

I love web extensions. I have Grammarly, 1Password, Bumper, and PiPifier locked into my toolbar at all times. They make things easier on the web in a number of ways. But, app extensions can also track our internet activities. Safari allows us to grant access to web extensions for one day, per website, or for all-time. If you use an app that needs to track your browsing experience, permission granted! If, however, you discover that an app wants to track you and you don't see why it should after it's done its job, restrict tracking to just an hour or a day. It's your privacy. It's your prerogative.

Apple's stance on privacy isn't new. It's a soapbox the company has been standing on for years. It's just that the world is finally starting to catch up with what Apple has been working on all along; How to balance user privacy with revenue-making marketing and advertising. iOS 14, iPadOS 14, and macOS Big Sur do more for our privacy than it does for advertiser needs. I call that a win.