Privacy-Enhancing Technologies in iOS, macOS, iPadOS 

Apple is committed to protecting user data. To that end, their products and features minimise user data access. Since Apple offers a really wide range of services, we’ll describe a few selected ones to showcase how the company incorporates PETs. 

Safari 

The Safari web browser prioritises user privacy with several privacy features, including Intelligent Tracking Prevention (ITP), passkeys, Privacy Reports, password monitoring, social widget tracking prevention, fingerprinting defence, Private Browsing, the Smart Search field, and extension control. 

To be more accurate, Safari leverages the following privacy-enhancing technologies: 

Most of these features are active by default, so users don’t have to take any additional actions to turn them on. However, it depends on the user whether they want to keep the features on or off. 

But how exactly do the key privacy features in Safari work? 

Maps 

Similarly to Safari, Maps offers a wide range of built-in safety features. 

Apple uses device data to create personalised experiences. However, data transmitted from your device to the Maps service is minimal and linked with random identifiers, ensuring that Apple doesn’t keep a record of the user’s browsing and location history. 

Moreover, Maps employs end-to-end encryption for the user’s personal data across all devices. 

Maps goes a step further to obscure the user’s location on Apple servers. A process known as “location fuzzing” converts the user’s precise search origin to a less precise one after 24 hours, safeguarding their identity. Apple also refrains from retaining a history of users’ searches or locations visited. 

The company applies privacy safeguards to Maps extensions used in ride-booking and reservation apps, as well. These extensions operate within their secure environments (sandboxes), sharing permissions with their parent apps. For ride booking, only the user’s start and end points are shared with the extension, while table reservations reveal only the tapped point of interest. 

Apple Maps leverages the following privacy-enhancing technologies: 

Image storage and management as well as communication applications are other services that utilise PETs. Below, you’ll learn more about specific data security technologies and techniques incorporated by Apple. 

Face recognition in Photos 

Face recognition, scene detection, and object detection are performed entirely on a user’s device rather than in the cloud. Additionally, apps can only access photos with explicit permission, putting the user in control of their data. 

The Photos app boasts features like locked Hidden and Recently Deleted albums, which require an authentication method (Face ID, Touch ID, or passcode) on the user’s device for access. 

Memories and Sharing Suggestions leverage on-device intelligence to categorise photos by faces and places, facilitating easy retrieval. All of this happens on the user’s device, without granting Apple access to the photos. 

When using iCloud Photos, a user’s photo library is safeguarded with encryption on Apple’s servers. While sharing photo data between devices with iCloud Photos enabled, the user retains control over including location, edit history, or depth data when sharing a photo. 

Furthermore, the user decides which images to share with third-party apps, offering granular control over photo access. 

Apple’s Photos service leverages the following privacy-enhancing technologies: 

Communication apps 

Apple’s iMessage, FaceTime, and Mail services put user privacy at the centre by leveraging PETs such as hiding IP addresses, end-to-end encryption, and random identifiers. 

The features that ensure privacy in Apple’s communication applications include: 

Siri 

Another service that has integrated privacy-enhancing technologies is Siri, a virtual voice-activated assistant developed by Apple. 

Siri is available on various Apple devices, including iPhones, iPads, Macs, Apple Watches, and HomePod smart speakers. Siri uses natural language processing and speech recognition technology to understand and respond to user commands, questions, and requests. 

Users can interact with Siri by saying voice commands or asking questions, and Siri provides answers, performs tasks, and offers information based on the user’s input. Siri can integrate with various apps and services to provide more personalised and context-aware assistance. 

To ensure user privacy, Apple incorporates various privacy-enhancing technologies into this product, such as: 

Payment services 

The convenience of effortless data guarding goes beyond the basic services of Apple. Applications for payments, health, and location ensure no less security than previously mentioned Safari, Maps, image management, and communication apps. 

Apple Wallet is a mobile app that allows users to store and manage various types of digital items, such as credit and debit cards, boarding passes, event tickets, loyalty cards, coupons, and more — all in one convenient location on their iOS devices. It uses encryption techniques and data processing in the device’s sandbox (Secure Element). 

Apple also offers payment services where a unique Device Account Number is created, encrypted, and stored in the Secure Element on the user’s device. 

To secure payment processing, Apple creates a dynamic security code, while Apple Card, another service of theirs, uses on-device intelligence to process any transactional information. 

The company requires all apps and websites using Apple Pay to have a privacy policy, so users can view and educate themselves on how their data is being used. 

Lastly, to protect users’ privacy when they use Apple Cash, Apple created Apple Payments Inc. to separate storing and processing information from other Apple services. 

Health-related services 

Apple’s health-related services incorporate a variety of PETs to prioritise user privacy and data security. One significant aspect is the encryption of health and fitness data within the Health app when a user’s device is locked with a passcode, Touch ID, or Face ID. 

Notably, any Health data backed up to iCloud is encrypted both during transmission and while it’s being stored on Apple’s servers. With two-factor authentication, passcodes, and updated versions of watchOS and iOS, health and activity data is backed up in a way that ensures Apple’s inability to access it. 

Activity sharing allows users to share their Apple Watch Activity data with others. Once sharing is stopped, the recipient’s iPhone deletes historical data stored in the Fitness app. Additionally, users can temporarily hide their activity. 

HealthKit enables developers to create health and fitness apps that can share data with the Health app or among themselves. Users retain control over which HealthKit data elements are shared with different apps. 

To ensure user privacy, apps leveraging HealthKit are prohibited from using or disclosing data for advertising purposes and can only share data for health improvement or research with user permission. Data shared with trusted apps moves directly from HealthKit to the third-party app, bypassing Apple’s network. 

ResearchKit and CareKit, open-source frameworks, harness the capabilities of iPhones for medical research and individual well-being. Users determine their study participation using ResearchKit and can provide information with individual research apps. Data access by apps using ResearchKit or CareKit requires user consent, while approval from an ethics review board is mandatory for certain ResearchKit studies. 

Apple utilises these PETs in their health-related services: 

All of this is done in compliance with HIPAA regulations. 

Location-related services 

Apple employs privacy-enhancing technologies in their location-related services to provide users with increased control over their location data. 

Location Services privacy controls serve as a potent tool for users to manage which apps are granted access to their location information. Fine-grained controls are utilised for app location permissions, allowing users to determine the location data shared with apps. Users can choose to grant an app access to their location once or on a per-use basis. 

With the introduction of iOS 14, iPadOS 14, and watchOS 7, users have the option to reveal their approximate location within an area of about 10 square miles to apps, as opposed to sharing their exact location. This empowers users to utilise apps for tasks like finding nearby restaurants or checking the local weather without divulging more information than necessary. 

Notifications are implemented for background tracking, alerting the user when an app is using their location in the background. This ensures that the user is aware of the app’s location usage and can decide whether to continue granting it permission. 

Wi-Fi and Bluetooth location privacy enhancements, introduced in iOS 13 and iPadOS 13, offer users heightened protection. API changes restrict the access of apps to Wi-Fi network names, limiting their ability to determine the user’s location without consent. As for Bluetooth, controls are established so that apps must request permission before accessing Bluetooth for purposes other than audio playback. Users also retain the ability to modify app access to Bluetooth. 

Furthermore, Apple enables users to exercise location controls when sharing photos. On macOS, iOS, and iPadOS, users can choose whether to include location information when sharing a photo with friends or apps. 

In essence, Apple integrates PETs to bolster the privacy of user location data, offering transparent controls and notifications for a more secure and informed experience. 

Privacy-enhancing technologies utilised here are: 

SKAdNetwork 

Aside from PETs incorporated in services for individual users, Apple also adapted their advertising technologies to be secure. 

SKAdNetwork is a framework that aims to validate and report on advertisement-driven app installations. It’s designed to help advertisers measure the effectiveness of their ad campaigns without compromising user data or violating their privacy. 

SKAdNetwork employs several privacy-enhancing technologies to protect user privacy: 

When an ad impression leads to an app installation, SKAdNetwork generates postbacks that notify the ad network of the successful conversion. These postbacks contain data tiers determined by Apple, which helps ensure crowd anonymity. The postbacks don’t contain user- or device-specific information. 

SKAdNetwork operates within an attribution time window. If a user launches the advertised app within this window after tapping the ad, the ad impression is eligible for install-attribution postbacks. This time window limits the data collected to a specific period and doesn’t track long-term user behaviour. 

The advertised app updates conversion values as users engage with the app. These updates provide a way to measure ongoing user interactions with the app without revealing individual user actions. This is achieved through multiple conversion windows, enabling up to three postbacks for an ad impression. 

The information included in the postbacks is cryptographically signed by Apple and doesn’t contain detailed user or device data. It may include values from the ad network and the advertised app only if they meet Apple’s privacy threshold. 

Developers can receive postbacks from the ad network if they choose to opt in. This allows them to gather insights about the performance of their campaigns while adhering to privacy guidelines. 

Unlike other tracking methods that require user consent through the App Tracking Transparency framework, SKAdNetwork APIs can be used without needing explicit tracking authorisation from the user. This ensures that user privacy is maintained without compromising the app’s functionality. 

SKAdNetwork APIs may not function in certain scenarios, on some devices, or within specific app environments, such as iPad or iPhone apps running in macOS or visionOS, Mac apps built with Mac Catalyst, or App Clips. 

App Tracking Transparency 

In iOS 14.5 and later versions, Apple introduced the App Tracking Transparency feature. This requires app developers to obtain user consent before tracking their data across apps and websites owned by other companies for advertising or sharing with data brokers.