Apple takes data security and protecting your privacy very seriously. Remember when the FBI attempted to force Apple to create a “backdoor” version of iOS to access a known terrorist’s iPhone in 2016? Though they risked being accused of siding with the San Bernadino attacker, they stood they’re ground and opposed the government’s order:
The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.Apple: A Message to Our Customers
This is one of the many reasons I appreciate Apple. Unlike other tech giants who are in the business of selling your data, Apple is in the business of protecting it – seemingly at all costs.
In September, Apple released Safari 14 alongside iOS 14 and iPadOS 14. One change that alarmed some was the new Privacy Report feature.
Apple’s Privacy Report allows you to see who was blocked from tracking you in Safari.
To view this info:
- On your Mac, go to “Safari > Privacy Report…”
- On your iPhone or iPad, click on AA in the address bar of Safari and select “Privacy Report”
Apple uses something called Intelligent Tracking Prevention (ITP) to block cross-site tracking. On by default, you can toggle off Prevent Cross-Site Tracking:
- On your Mac, go to “Safari > Preferences > Privacy”
- In iOS/iPadOS, go to “Settings > Safari > Privacy & Security”
Okay, before jumping into the Privacy Report itself, let’s hit the pause button. We came out of the gate with two things that may need some further explanation: Cross-Site Tracking and Intelligent Tracking Prevention. Let’s address a few basic questions you may have.
What is Cross-Site Tracking?
Cross-site tracking is what it sounds like – companies collect the data from your browsing behavior across multiple websites. This is often done through scripts, widgets, or even invisible images. It isn’t inherently bad because it can enhance your browsing experience. The biggest reason companies do this is to target advertising. But it can also be used to create user profiles or “fingerprints” that can be passed along from site to site.
To clarify, Safari doesn’t keep these scripts, widgets, comment forms, etc. from working because that could break a site’s functionality. It keeps them from accessing your cookies and giving the data to any other site besides the one you are on. Should you block your cookies, then? You can, but that’s a bit extreme – cookies are essential for things like keeping you logged into a site or managing a shopping cart. Not allowing cookies at all could render many sites unusable.
What is Intelligent Tracking Prevention (ITP)?
In its Safari Privacy Overview, Apple states that “Intelligent Tracking Prevention uses on-device machine learning to block cross-site tracking, while still allowing websites to function normally.” It uses DuckDuckGo’s Tracker Radar database of trackers, which is regularly updated as new trackers are found, but it isn’t perfect. Just because something appears on the list doesn’t necessarily mean that Apple’s ITP algorithms have actually flagged it yet. Apple still bases what it blocks on your browsing behavior.
Read More: Developer Simo Ahava has an excellent and very detailed look at how ITP works.
Did Apple Just Start Implementing Browsing Privacy?
Though Apple’s Privacy Report feature is new, it is important to note that disallowing cross-site tracking and ITP aren’t. Apple has been integrating these for years, and user privacy methodologies in general with Safari as far back as 2005. It’s just that now, they give you an easy to understand summary of everything that’s been going on behind the scenes.
It’s hard to say. Apple has always done a decent job in corporate transparency regarding user data, so it’s not surprising they would make this information readily accessible. Perhaps it’s a simple PR play. There’s nothing wrong with leveraging your strengths and touting your differences. But Apple doesn’t typically implement a marketing tool without having thought it out well in advance. Could they be thinking about acquiring DuckDuckGo, or creating a social media platform to take on Facebook? Let us know your thoughts in the comment section below.
But I digress. Let’s return to our regularly scheduled programming...
Apple’s Privacy Report (cont.)
Tracker Profiling Badge
Immediately to the left of the address bar in Safari on macOS, you will see the Privacy Report button – it looks like a badge. Click on this, and you will see how many trackers were contacted and blocked for the site you are on. It will also show you a list of all the trackers on the site. The list may be long, so scroll away until your heart is content.
Want a little more info? No problem. Click on the info button and the full report will launch.
You will be presented with a host of information, including:
- the number of trackers prevented from profiling you in the past 30 days
- the percent of websites visited that contacted trackers
- which tracker was prevented from profiling you the most
If you select the “Websites” tab, you will see a list of all the sites you have visited in the past 30 days with trackers attempting to profile you. It will indicate the number of trackers on each site, and selecting the arrow next to any website will show which were blocked.
If you select the “Trackers” tab, you will see a list of all the trackers (and who owns them) that have attempted to profile you in the ast 30 days and the number of websites you visited where they were found. If you click the arrow next to any tracker, you will see which websites they were.
That’s really all there is to it. There is nothing inherently evil about user-tracking because it does help enhance your personalized experience. There is also nothing wrong with Apple pulling back the veil so we can see who is following us. In fact, it’s nice to have an easy way to see all the tracking we have known about all along. Though admittedly, it does creep me out a bit when I look at the list.
Is this tracking information useful to the average person? I don’t know. Will it dramatically change the way people live their lives? Probably not. Does it cause concern to those companies whose business it is to make you the product they are selling to others? I’d be willing to bet that they aren’t too happy about being openly exposed.
What do you think? Let us know!
As Steve Jobs would say, there’s one more thing…
I mentioned up top that the latest versions of iOS/iPadOS implemented the same browser tracking report as macOS, but it also takes things a bit further. You know all those apps you love so dearly? Especially the Social Media ones? Well, guess what… App developers now have to play a little nicer in the Apple sandbox as well. With the advent of iOS/iPadOS 14, Apple has beefed up the privacy requirements for what I guess you could call “cross-app” tracking.
It’s not exactly the same as cross-site tracking and ITP is to web browsing, but you can deny permission for apps to track and/or use your data. It’s relatively complex—so we can save it for another post—but let’s suffice to say that it has thrown a wrench in the way companies can so easily “use” you.
Today, Facebook shared how we’re addressing Apple iOS 14 changes, which includes not collecting the identifier for advertisers (IDFA) on our own apps on iOS 14 devices. This is not a change we want to make, but unfortunately Apple’s updates to iOS14 have forced this decision. We know this may severely impact publishers’ ability to monetize through Audience Network on iOS 14, and, despite our best efforts, may render Audience Network so ineffective on iOS 14 that it may not make sense to offer it on iOS 14 in the future.Facebook