Apple's Approach to Privacy

Discussion in 'Technical' started by melbo, Jan 10, 2016.

  1. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Privacy - Approach to Privacy - Apple

    The most personal technology must also be the most private.
    As you add photos, messages, contacts, and credit cards to your Apple devices, they become more personal. So we design innovative ways to protect that data. And we build powerful safeguards into our operating systems, our apps, and the devices themselves. Because the things you rely on every day should keep your personal information safe.

    We build privacy into everything we make.
    When you pay for groceries, message a friend, track a workout, or share a photo, you shouldn’t have to worry about your information falling into the wrong hands. The personal data on your devices should be protected and never shared without your permission. That’s why we build strong, innovative safeguards into the things we make.

    Encryption protects trillions of online transactions every day. Whether you’re shopping or paying a bill, you’re using encryption. It turns your data into indecipherable text that can only be read by the right key. We’ve been protecting your data for over a decade with SSL and TLS in Safari, FileVault on Mac, and encryption that’s built into iOS. We also refuse to add a "backdoor" into any of our products because that undermines the protections we’ve built in. And we can’t unlock your device for anyone because you hold the key — your unique password. We’re committed to using powerful encryption because you should know the data on your device and the information you share with others is protected.

    Apple Pay
    Apple Pay lets you pay in an easy, secure, and private way. And it works on iPhone, iPad, and Apple Watch.

    When you add a credit, debit, or store card to Apple Pay, we securely send your card information, along with other information about your account and device, to your bank. Using this information, your bank will determine whether to approve adding your card to Apple Pay.

    Your actual card numbers are not stored on the device or on Apple servers. Instead, a unique Device Account Number is created, encrypted in such a way that Apple can’t decrypt, and stored in the Secure Element of your device. The Device Account Number in the Secure Element is walled off from your iOS device and Apple Watch, is never stored on Apple Pay servers, and is never backed up to iCloud.

    When you pay in stores, the Device Account Number and a transaction-specific, dynamic security code are used when processing your payment. So neither Apple nor your device sends your actual credit or debit card numbers to merchants. We may receive anonymous transaction information such as the approximate time and location of the transaction, which helps us improve Apple Pay and other Apple products and services.

    When you use a rewards card, we protect your identity. Anytime a card uses personally identifiable information — like your email address or phone number — we require that the data be encrypted when it’s sent. No rewards information is shared without your permission.

    When you pay in apps, we receive your encrypted transaction information and re-encrypt it with a developer-specific key before it’s sent to the developer. Apple Pay retains anonymous transaction information such as approximate purchase amount. This information can’t be tied back to you and never includes what you are buying. We also require apps using Apple Pay to have a privacy policy that you can view, which governs the use of your data.

    Learn more about Apple Pay security and privacy
    iMessage and FaceTime
    Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime, and with iOS and watchOS, your iMessages are also encrypted on your device in such a way that they can’t be accessed without your passcode. Apple has no way to decrypt iMessage and FaceTime data when it’s in transit between devices. So unlike other companies’ messaging services, Apple doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to. While we do back up iMessage and SMS messages for your convenience using iCloud Backup, you can turn it off whenever you want. And we don’t store FaceTime calls on any servers.

    Health and Fitness
    The Health app lets you keep all your health and fitness information in one place, on your device and under your control. The information you add about yourself is yours to use and share. You decide what information is placed in the Health app, as well as which third-party apps can access your data. When your phone is locked with a passcode or Touch ID, all of your health and fitness data in the Health app is encrypted. And any Health data backed up to iCloud is encrypted both in transit and on our servers.

    We also require apps that work with HealthKit to provide a privacy policy for you to review. Your data in the Health app and your activity data on Apple Watch are encrypted with keys protected by your passcode. And the Activity app can share your activity and workout data with the Health app on your iPhone.

    A lot of people would like to know where you go and what you do on the web. Safari helps keep them from finding out. The first browser ever to block third-party cookies by default and offer private browsing, Safari is built to offer the safest browsing possible. It also automatically prevents suspicious sites from loading, and uses sandboxing to help keep harmful code confined to a single browser tab so it can’t reach the rest of your data.

    Safari content blockers have been around a long time. They provide a platform for third-party developers to block unwanted content and better protect your privacy. Now we’re enabling app developers to bring these blockers to iOS and make them even more effective on OS X. You can use them to control what content is loaded onto your browser, and to block content from anyone attempting to track your activity on a website or across websites. And Safari content blocker support is designed in such a way that the content blocker can’t send information to developers about the sites you visit.

    So much of your digital life now lives in the cloud. And we’re committed to making that experience simple and secure. Some companies mine your cloud data or email for personal information to serve you targeted ads. We don’t.

    All your iCloud content like your photos, contacts, and reminders is encrypted when sent and, in most cases, when stored on our servers. All traffic between any email app you use and our iCloud mail servers is encrypted. And our iCloud servers support encryption in transit with other email providers that support it.

    If we use third-party vendors to store your information, we encrypt it and never give them the keys. Apple retains the encryption keys in our own data centers, so you can back up, sync, and share your iCloud data. iCloud Keychain stores your passwords and credit card information in such a way that Apple cannot read or access them.

    Learn more about iCloud Security
    Encrypted iCloud Data
    • Photos
    • Documents
    • Calendars
    • Contacts
    • iCloud Keychain
    • Backup
    • Bookmarks
    • Reminders
    • Find My iPhone
    • Find My Friends
    • Mail (encrypted in transit)
    • Notes
    Enjoy personalization
    without giving up privacy.

    We use only the necessary data to help create the best experience for you, whether you’re using Maps to locate a restaurant or Apple Music to discover a new artist. And we never sell your data. We know that the more personal your device becomes, the more critical it is to respect the data that’s on it.

    Siri and Dictation
    The longer you use Siri and Dictation, the better they understand you and the better they work. To help them recognize your pronunciation and provide better responses, certain information such as your name, contacts, and songs in your music library is sent to Apple servers using encrypted protocols. That said, Siri and Dictation do not associate this information with your Apple ID, but rather with your device through a random identifier. Apple Watch uses the Siri identifier from your iPhone. You can reset that identifier at any time by turning Siri and Dictation off and back on, effectively restarting your relationship with Siri and Dictation. When you turn Siri and Dictation off, Apple will delete the User Data associated with your Siri identifier, and the learning process will start all over again.

    When you use Siri to search by location or album name in the Photos app, we never send your photos or any information about them. Album names are only sent to Siri to help provide you with better results.

    If you have Location Services turned on, the location of your device at the time you make a request will also be sent to Apple to help Siri improve the accuracy of its response to your requests. You may choose to turn off Location Services for Siri and Dictation in your Privacy settings.

    You can also receive helpful suggestions before you even ask, based on the things you use often and when you typically use them. These predictions are kept on your device, not in the cloud, so the information is protected by all the safeguards that are built in. Which means private information like your email, contacts, app usage, and calendar can stay private. Suggested events from Mail do not leave your device until they are confirmed by you, and only then are they added to your calendar.

    Certain features do require real-time input from Apple servers. For example, event addresses and a user’s location are sent to Apple so that we can provide accurate Time to Leave predictions that take into consideration traffic and local transit schedules. Information like a user’s location may be sent to Apple to provide localized suggestions as well as relevant news and search results. When we do send information to a server, we protect your privacy by using anonymized rotating identifiers so that searches and locations can’t be traced to you personally. And you can disable Location Services, our new proactive features, or the proactive features’ use of your location at any time.

    Apple Music
    Apple Music delivers everything you love about music, including suggestions for albums, playlists, and songs you might like. In order for features like Radio, For You, and Connect to reflect your musical tastes, we collect some information about your activity in the app. This is spelled out in “About Apple Music & Privacy” during setup and is also available here. The songs you stream aren’t used by any other service to advertise to you. And if you don’t want to keep your music collection on our servers, you can opt out of iCloud Music Library.

    News delivers the stories and topics you’re interested in while taking measures to avoid intruding on your privacy. The more you read, the more personalized the News app becomes. We don’t link your reading activity to other Apple services. Information we collect about articles you read is used to improve News. This information is linked to an anonymous, News-specific identifier. You can reset your News identifier at any time by clearing your history. As a convenience, Apple News uses iCloud to keep aspects of your experience up to date on all your devices. Recommendations are created locally on your device and are not sent to Apple.

    While News is ad supported — ads are served based on the articles you read — this information cannot be used to target ads to you outside the News app. We never provide publishers with information to track you. And you can turn on Limit Ad Tracking to stop receiving targeted ads.

    Learn more about News and Privacy
    Other companies try to build a profile about you using a complete history of everywhere you’ve been, usually because they’re targeting you for advertisers. Since our business doesn’t depend on advertising, we have no interest in doing this — and we couldn’t even if we wanted to. We’re more interested in letting you know when it’s time to leave for your next appointment. You don’t have to sign in to use Maps, and it only knows you by a random identifier that resets itself frequently as you use the app. Maps is also engineered to separate the data about your trips — including public transit directions — into segments, to keep Apple or anyone else from putting together a complete picture of your travels. Helping you get from Point A to Point B matters a great deal to us, but knowing the history of all your Point A’s and Point B’s doesn’t.

    Spotlight Suggestions
    Searching with Spotlight goes beyond your device to give you suggestions from sources like Wikipedia, the iTunes Store, and local News and Maps results. Before it answers, Spotlight considers things like context and location. It also protects your privacy by only associating your location with a random rotating identifier that refreshes every 15 minutes. You can always opt out of Suggestions and continue to use Spotlight solely for local search on your device. You can also opt out of having Spotlight use Location Services anytime you want. If you opt out, Spotlight will still use your IP address to determine a general location to make your searches more relevant. Unlike our competitors, we don’t use a persistent personal identifier to tie your searches to you in order to build a profile based on your search history. We also place restrictions on our partners so they don’t create a long-term trail of identifiable searches by you or from your device.

    To make it even easier to get to just the right spot in your favorite app, we’ve built support for deep linking into iOS. A user can tap a link and it will open in the corresponding app if the app has been installed and supports deep linking. We do not associate this with your Apple ID, and Apple does not know which links you tap.

    We give developers the best tools to keep your data safe.
    We’ve given developers strong tools such as Touch ID APIs, 256-bit encryption, and app transport security so they can build secure apps. And all apps are sandboxed so your personal information is protected. We also require developers to ask for permission before accessing personal information like your photos and contacts.

    On the App Store, we require app developers to agree to specific guidelines that are designed to protect user privacy and security. When we become aware of an app that violates our guidelines, the developer must address the issue or be removed from the App Store. We make it easy for apps to connect to servers securely. Apple curates apps listed in the App Store to make sure that each app functions the way it’s described by the developer. To protect you even further, once an app is installed on your device, you are prompted for permission the first time it tries to access information such as your location or photos. Of course, you always have the power to make changes to the permissions you’ve granted.

    We also make sure that there are certain types of data on your device that apps simply can’t access, and that there is no way for an app to ask for complete access to all of your data. We were the first to provide this level of security, and we will continue to build strong safeguards into our platforms.

    HomeKit introduces a new way for you to control Wi-Fi – and Bluetooth-enabled accessories, such as your lights and thermostat. We’ve taken great care to make sure that convenience doesn’t come at the expense of your privacy.

    Apple does not know what devices you’re controlling, or how and when you’re using them. Siri only associates your HomeKit devices with your anonymous Siri identifier, not you personally. Apps supported by HomeKit are restricted by our developer guidelines to using data solely for home configuration or automation services. Data related to your home is stored encrypted in the keychain of your device. It’s also encrypted in transit between your Apple device and those you’re controlling. And when you control your accessories from a remote location, that data is also encrypted when it’s sent. So HomeKit doesn’t know which devices you’re controlling or how you’re using them.

    In addition, when apps perform automatic actions based on your location, such as turning on house lights, these actions are initiated by HomeKit, which makes your location invisible to the app. You can also disable use of your location at any time.

    ResearchKit is an open source software framework created specifically for the unique needs of medical research. Using the advanced technologies built into iPhone, it can help generate the type of robust data that is invaluable to medical researchers.

    But we also know that nothing is more important than the privacy of your information, and ResearchKit has been designed with that in mind. You choose which studies you want to join and share with researchers, and you control the information you provide to individual apps. Apps using ResearchKit can pull data from the Health app only with your consent. If you choose to back up your Health app data to iCloud, it is always encrypted when stored and transmitted. Any apps doing health-related human subject research must obtain consent from the participants and must provide information about confidentiality rights and the sharing and handling of data. These apps must also be approved by an independent ethics review board before the study can even begin.

    Learn more
    HealthKit allows health and fitness apps to share their data with the Health app and with each other. As a user, you have control over which elements of your health information are shared with which apps. Apps that work with HealthKit are prohibited by our developer guidelines from using or disclosing Health data to third parties for advertising or other data mining purposes. Apps can share data for the purpose of improving your health or health research, but only with your permission. We also require apps that work with HealthKit to provide a privacy policy for you to review.

    CloudKit helps keep your preferences, settings, and app data up to date across your devices. With an app that uses CloudKit, you are automatically signed in with your Apple ID, which means you don’t have to create a new account or provide other personal information. So you’ll always have access to your latest information in the app without having to remember new user names or passwords.

    By default, developers don’t have access to your Apple ID, just a unique identifier. If you give your permission, developers can use your email to let others find you in their app. You’re always in control of these permissions and you can turn them on or off at any time. Your data isn’t shared with developers, unless you choose to share or post publicly.

    When you’re behind the wheel, CarPlay takes the things you want to do on iPhone — like getting directions, making calls, and listening to music — and puts them on your car’s built-in display so you can stay focused on the road. Since everything you see in CarPlay comes from your iPhone, all the rigorous privacy measures built into your iPhone and apps carry over to CarPlay. Only essential information that enhances the CarPlay experience will be used from your car. For example, iPhone can combine its own GPS data with your car’s to make Maps as accurate as possible.

    Education Privacy
    Education has always been part of Apple’s DNA. We believe technology has the power to transform every classroom. We also know that parents and students make the best decisions about learning tools when they understand the products and services they’re using and how their information is handled.

    The way we manage your institution and student data reflects our strong commitment to privacy. We don’t sell student information and we never share it with third parties to use for marketing or advertising. And through Apple’s Volume Purchase Program (VPP), schools can purchase apps and deliver them to a student’s iPad without having to use an iTunes login.

    In addition, Apple has signed the Student Privacy Pledge, further underscoring our commitment to protecting the information students, parents, and teachers share in our schools.

    Read the Student Privacy Pledge
    Learn more about iTunes U and Privacy
  2. Mindgrinder

    Mindgrinder Karma Pirate Ninja|RIP 12-25-2017

    enloopious likes this.
  3. melbo

    melbo Hunter Gatherer Administrator Founding Member

    At Apple, your trust means everything to us. That’s why we respect your privacy and protect it with strong encryption, plus strict policies that govern how all data is handled.

    Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services like Apple Pay. And we continue to make improvements. Two-step verification, which we encourage all our customers to use, in addition to protecting your Apple ID account information, now also protects all of the data you store and keep up to date with iCloud.

    We believe in telling you up front exactly what’s going to happen to your personal information and asking for your permission before you share it with us. And if you change your mind later, we make it easy to stop sharing with us. Every Apple product is designed around those principles. When we do ask to use your data, it’s to provide you with a better user experience.

    We’re publishing this website to explain how we handle your personal information, what we do and don’t collect, and why. We’re going to make sure you get updates here about privacy at Apple at least once a year and whenever there are significant changes to our policies.

    A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product. But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy.

    Our business model is very straightforward: We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple.

    One very small part of our business does serve advertisers, and that’s iAd. We built an advertising network because some app developers depend on that business model, and we want to support them as well as a free iTunes Radio service. iAd sticks to the same privacy policy that applies to every other Apple product. It doesn’t get data from Health and HomeKit, Maps, Siri, iMessage, your call history, or any iCloud service like Contacts or Mail, and you can always just opt out altogether.

    Finally, I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

    Our commitment to protecting your privacy comes from a deep respect for our customers. We know that your trust doesn’t come easy. That’s why we have and always will work as hard as we can to earn and keep it.

    Tim Cook
    CEO, Apple Inc.
  4. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Yard Dart likes this.
  5. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Mindgrinder likes this.
  6. melbo

    melbo Hunter Gatherer Administrator Founding Member

    FBI to Apple: Encrypt these iMessages for us so we can investigate criminal actions.
    Apple to FBI: Sorry sirs, we cannot do this as we have zero knowledge of the end to end encryption these devices use. Would if we could but we can't.

    FBI and Apple's Encryption - Schneier on Security
    In an investigation involving guns and drugs, the Justice Department obtained a court order this summer demanding that Apple turn over, in real time, text messages between suspects using iPhones.

    Apple's response: Its iMessage system was encrypted and the company could not comply.
    enloopious and Ganado like this.
  7. Mindgrinder

    Mindgrinder Karma Pirate Ninja|RIP 12-25-2017

    Tully Mars, Motomom34 and Ganado like this.
  8. Tully Mars

    Tully Mars Metal weldin' monkey

    Yeah well Apple ended our long relationship when they decided they knew best what kind of music I should listen to and installed a frackin U2 album on my phone. Never could get that POS off of it.
    Motomom34 likes this.
  9. Motomom34

    Motomom34 Monkey+++

    I know what you mean @Tully Mars. I just got an Iphone. I had a former cloud and Apple won't even let Apple into it. Over an hour and 3 techs.... no one can still get in.
    Tully Mars likes this.
  10. Tully Mars

    Tully Mars Metal weldin' monkey

    I really liked the iPhone. I guess mainly just because I was comfortable with them after all these years. BUT I do like the fact that the galaxy lets me load music,ect without all the BS of iTunes. The more I use it, the better I like it.
    Mindgrinder likes this.
  11. enloopious

    enloopious Rocket Surgeon

    Mindgrinder, Tully Mars and BTPost like this.
  12. BTPost

    BTPost Stumpy Old Fart,Deadman Walking, Snow Monkey Moderator

    His LAW is... That he wants the ability to see ALL your Information and Documents, if he can get a "Hand Picked Federal Judge" to give him a Warrant.... Now Remember, there is NO WAY to get rid of a Federal Judge... He is appointed for LIFE... So if you get one that hands out Warrants, at the Drop of a HAT, you can only contest the Issuance of the Warrant, in the Federal Appeals Court, AFTER the FACT... They HAVE YOUR DATA, and even if you Win, on Appeal, you can NEVER be sure that there isn't a COPY of YOUR DATA, still in their HANDS...... And there is NOTHNG you can do to Stop the Federtal Judge from doing it AGAIN, and AGAIN, and AGAIN....

    So Apple and Goggle have set these OS's Up so that they can NOT Open them, PERIOD... They do NOT have that Capability... They can't give the .GOV something that they do NOT Possess...
    Aw Tough Luck, Mr. AG... Stick it where the Sun don't Shine.....[violin][finger][lolol]
    enloopious, oldawg and Tully Mars like this.
  13. Legion489

    Legion489 Rev. 2:19 Banned

    Well an advert for one of the most corrupt and venal corps on earth trying to stampede us into buying their conspiracy theories. You do know that Apple takes the price of data/storage and then multiplies it 2.5 times and then adds at least one zero to it and that is what they charge for it don't you? At least that is what Bloomburg (the rag) claimed in their article on Apple. Better read the article and then tell us how great they are.
  14. BTPost

    BTPost Stumpy Old Fart,Deadman Walking, Snow Monkey Moderator

    So... Just do NOT buy their Storage Space... Doesn't mean their Technology is bad....
survivalmonkey SSL seal warrant canary