For Apple, privacy and data protection are very important, “Privacy by Design” is becoming increasingly important as a differentiating feature of its brand essence. Apple has heavily equipped the Safari browser in this regard in recent years – now third-party apps are also required.
Photo: Apple
Apple has been tightening thumbscrews for websites since iOS 11. The Cupertino-based company began to restrict the trackers that measure the behavior of visitors to a website, without blocking the actual content or functions of websites.
For this purpose, iOS only trusts external cookies if the user has previously actively visited the issuing web service with Safari. Safari no longer trusts other so-called third-party cookies. Any website with untrustworthy third-party cookies therefore does not recognize the cookies set. Third-party cookies that are not familiar are also regularly deleted. However, if the user interacts with the website of a third party and thus with their cookies, they are whitelisted (interaction = interest) and can therefore be used across all websites. In March 2020, Apple even announced that it would no longer allow third-party cookies in the Safari browser in the future.
Prior to iOS 11, Apple had already made efforts to prevent users from tracking their activity through the “Do Not Track” option. Major web services such as Google, Facebook and Twitter ignore / ignored the setting, as the search engine DuckDuckGo noted. With iOS 12, Apple has ended support for the specification behind “Do Not Track”.
With iOS 12, Apple has also introduced further technical measures to make it difficult for third parties to collect data. The Safari browser now offers a function called “Intelligent Tracking Prevention”. This function blocks embedded content and social media buttons. This counteracts the effect that personalized user data is passed on to social media networks.
iOS 12 suppresses repeated display of targeted ads by reducing the ability for advertisers to clearly identify iOS devices. The procedure known as browser fingerprinting is also made more difficult for advertising providers.
With iOS 14 and iPadOS 14, Apple is shuffling the cards. Technically, it’s all about the IDFA (Identifier for Advertisers). By default, this is shared with app publishers and advertisers. This tracking number is practically the only (legal) way for advertisers or analytics tools to track user behavior outside of their own iOS app, set up appropriate targeting in campaigns and thus track or personalize advertising.
Technically, this represents a unique ID (per device) for advertising / tracking activities. This value always returns a referenceable value, unless the user deactivates it (since iOS 10) in the depths of the iOS settings. In this case, the identifier always returns 00000000-0000-0000-0000-000000000000.
A lot changes here with iOS 14 and iPadOS 14. Every time an app is started, users of apps must give their express permission to be tracked across various apps and websites and thus pass on this identifier and the information collected to third parties. The core of this permission query for tracking will be the new “AppTrackingTransparency framework”. Here the app developer can at least give a reason for what the tracking should be used for. It remains to be seen whether this is conducive to user approval. If the user does not receive approval, the app and the services behind it do not have access to the IDFA mentioned.
But also the general deactivation of tracking – across all apps equally – is possible via a switch in the data protection settings. App marketers and analysis companies assume that users in the iOS ecosystem will only agree to 10 to a maximum of 30 percent tracking and will therefore be accessible for retargeting and personalized ads.
When it comes to transparency, Apple is also breaking new and rockier paths for app developers. With iOS 14, Apple offers an overview in the App Store to make the privacy of an app transparent.
Every developer has to fill out a self-assessment with iOS 14 or iPadOS 14. It records what data is collected for tracking within an app and is linked to the smartphone and / or the user. The publisher must not only provide this information for use in his own app – he must also access said app for all third-party services used. This applies to all services in the area of advertising and analysis options.
With iOS 14 and iPadOS 14, the user can see directly which data an app uses and can use for third parties (advertising partners, analytics tools) for tracking.
But Apple is also concerned about data protection in other areas. With iOS 14 and iPadOS 14, there are other new categories in the area of data protection.
To search the local network for services and / or devices in order to communicate with it, the user must now release it.
If an app accesses the user’s clipboard unnoticed in the background, the user is shown this as a hint. Hopefully, the “secret” reading of the clipboard is over.
Apple also changed the data protection settings when determining the location. Users can now also specify whether a location can be carried out precisely (with high accuracy) or only at regional level (several hundred meters).
The clear layout and the new data protection functions themselves are a further step towards transparency and trust in an app, but also in the platform itself. What effects this will have on the individual apps, the app developers, the advertising and analysis networks but only show up with the publication of iOS / iPadOS14 in autumn. However, the operators of relevant services are not really pleased and the further development in the area can be watched with excitement. (Macworld)