Apple’s great new iPhone privacy feature is like an X-ray for apps

By Michael Grothaus

December 14, 2021

When Apple’s iOS 15 iPhone operating system debuted early this fall, it introduced a number of privacy enhancements. Mail Privacy Protection, for instance, hides your IP address from senders. On-device speech recognition for Siri processes voice requests on your phone, so they never get transmitted to the cloud. A host of iCloud Plus privacy features were also integrated into iOS 15, including iCloud Private Relay (Apple’s Tor-like web-surfing privacy service) and Hide My Email (which lets you generate random email addresses to give to sites and apps).

Yet, one big privacy feature was missing from iOS 15 when it first shipped: App Privacy Report. It’s one of Apple’s best privacy enhancements in years—and now it’s available in iOS 15.2. Here’s what you need to know about it.

All about Transparency

Some have likened iOS 15.2’s App Privacy Report to a type of privacy report card. However, I like to think of it more like an X-ray. That’s because App Privacy Report is a kind of transparency report that lets you see what your iPhone’s installed apps are doing with your data, just as an X-ray acts as a transparency report for what’s going on inside your body.

App Privacy Report shows you this X-ray of what apps are doing on your iPhone in two main ways. First, it tells you which apps are accessing your data and sensors on your iPhone (and iPad with iPadOS 15.2). Apps that have access to your various sensors can track your location or use your camera and microphone.

Second, it discloses when apps and websites are communicating with third-party domains, and likely sharing some of your data in the process. Many of those domains are likely aggregating statistics about you (anonymized or otherwise) to build advertising or analytic profiles.

Apple’s great new iPhone privacy feature is like an X-ray for apps | DeviceDaily.com

[Image: courtesy of Apple]

App Privacy Report doesn’t rate this data access and sharing as good or bad. Instead, the idea is to simply give users a way to view what an app is accessing and what third parties it’s connecting with. From there, it’s up to you to decide for yourself if you are comfortable with the amount of access an app has or with the number of third-party domains that it’s contacting.

How to enable App Privacy Report

App Privacy Report lives in the System Preferences app on iOS 15.2 and iPadOS 15.2 and later. You can find it in the Privacy subsection in the Settings app. But before you can see its report on what your installed apps are doing, you first must enable the feature. Here’s how:

    Open the Settings app

    Tap Privacy

    Scroll down and tap on App Privacy Report (it’s at the very bottom of the page)

    On the App Privacy Report screen, tap Turn On App Privacy Report

It should be noted that after enabling App Privacy Report you might not see an instant report. How quickly it begins showing information depends on how many apps you have on your device and what sensors and data they are accessing and sharing. However, most users can expect to see App Privacy Report information in just a couple of minutes.

Another note: App Privacy Report reports in seven-day chunks. That is, the information it shows you are always for the last seven days. It does not report on app activity that is older than that.

How To Use App Privacy Report

Once App Privacy Report is populated with information after the initial setup, you can return to it as often as you like to see the most up-to-date report on how apps are accessing your data and what domains they are contacting.

The App Privacy Report is divided into four different subsections:

    Data & Sensor Access: This section shows you which apps are accessing select sensors and data on your iPhone. Sensors include Location, Camera, and Microphone, and data include your Contacts, Photos, and Media Library.

    App Network Activity: This section shows you what internet domains the apps you use are contacting. Many of these domains will be third-party advertising and analytics platforms. Depending on which apps you use, you might also see that the apps are sending data to some familiar names—such as domains owned by Facebook.

    Website Network Activity: This section shows you the domains contacted by the websites you visited in an app (such as Safari, Apple News, and other apps).

    Most Contacted Domains: This is essentially a list of the most contacted domains, which is assembled from the App Network Activity and Website Network Activity reports above.

No matter which subsection you are viewing, you can tap on an app, website, or network domain to find out more about the data being accessed. For example, tapping on an app under the Data & Sensor Access subsection will show you a list of all data and sensors the app accessed. Tap on a specific sensor—for example, Location—to see time stamps of how often that app accessed your Location data.

And yes, App Privacy Report will show you all the sensors, data, and domains Apple’s own apps are accessing and contacting.

What do you do with what you learn?

App Privacy Report is just that—a report. It does not automatically block data or sensor access from apps, nor can it stop apps from contacting certain domains. It’s up to you to take action if you don’t like what you’re seeing.

Apple’s great new iPhone privacy feature is like an X-ray for apps | DeviceDaily.com

[Image: courtesy of Apple]

When it comes to data and sensor access, you can go into Settings>Privacy and restrict an offending app’s access to, say, the iPhone’s microphone. Of course, there may be a good reason that app needs microphone access: Just because an app like TikTok is accessing your microphone doesn’t mean it’s spying on you.

But even before App Privacy Report, it was relatively easy to see which apps you’d given sensor access. The real revelations of import in the new App Privacy Report are the third-party domains that apps and websites are accessing. Now you can easily see them and thus have an idea of how your data is being shared, and with whom. Unfortunately, there’s no way to block the apps or websites from contacting these domains, so your only option for stopping them doing so is by deleting the app entirely from your iPhone or never accessing the website again on your iPhone.

App Privacy Report is now available in iOS 15.2 and iPadOS 15.2 and later.

(31)