perm_phone_msgUNDER ATTACK? S.O.S. LINE 0114 354 0054

Top Categories

Spotlight

today26/01/2021

Cyber security TechRepublic

Privacy budgets soared in 2020, doubling to an average of $2.4 million

93% of organizations turned to privacy teams to help navigate the COVID-19 pandemic, a new Cisco report finds. Image: Cisco Data privacy has become a top area of responsibility for security professionals, and 34% of respondents to a survey indicated privacy is one of their core competencies and responsibilities. More [...]

Top Voted
Sorry, there is nothing for the moment.

How to review App Privacy data on your iPhone, iPad, or Mac

Cyber security TechRepublic today08/01/2021

Background
share close

In organizations, Apple’s App Privacy data can start a conversation about privacy-respecting apps as well as help IT leaders stop the use of apps that collect more data than necessary.

On left, in a column: the 5 icons Apple uses to indicate App Privacy (Data to track you, Data linked to you, Data not linked to you, No details provided, Data not collected), with bracket pointing to right, indicating 4 options: Keep? Switch? Review? Delete?

Illustration: Andy Wolber/TechRepublic

In late 2020, Apple began requiring every developer to disclose data gathered by an app. Apple includes this developer-reported information in the App Store. The most privacy respecting apps report “Data Not Collected,” since “the developer does not collect any data from this app.” For apps that do gather some sort of data, Apple’s App Privacy policy groups the data into three categories: Data Used To Track You, Data Linked To You, and Data Not Linked To You. Apps not yet updated will simply indicate “No Details Provided” until the developer issues an update to the app. For more details, see: How Apple’s new App Store privacy requirements may affect users and app developers.

What’s Hot at TechRepublic

Apple’s easy-to-review privacy policies give IT administrators an excellent opportunity both to talk about privacy and to take steps to protect data. The following steps guide you through how to review currently installed apps, deliberate concerns and ultimately decide what action to take (if any) for each app.

SEE: Microservices: The foundation of tomorrow’s enterprise applications (free PDF) (TechRepublic)

1. Review privacy policies for all apps installed from the App Store

For every app on your iPad, iPhone, or macOS device, search for the app in the App Store, scroll down to the App Privacy section, then enter the key categories of data collected into a row in your spreadsheet (Figure A). In the App Store, you may tap See Details in the App Privacy section of an app to access all reported data that an app collects.

Figure A

Open the App Store on your Apple device, then search for an app (Instagram is shown). Select the app, then scroll to the App Privacy section to learn what data the developer reports the app collects. Select See Details for additional information.

” data-credit rel=”noopener noreferrer nofollow”>GIF that shows the process of tapping the App Store, typing "Instagram", selecting the app, scrolling to App Privacy, then tapping See Details, with several screens of data collected then displayed.GIF that shows the process of tapping the App Store, typing "Instagram", selecting the app, scrolling to App Privacy, then tapping See Details, with several screens of data collected then displayed.

Open the App Store on your Apple device, then search for an app (Instagram is shown). Select the app, then scroll to the App Privacy section to learn what data the developer reports the app collects. Select See Details for additional information.

If you want to track this information for all of your apps, you might create a spreadsheet with four columns: One for the app name, one for the most concerning app privacy category displayed, one for the data collected within the most concerning app privacy category, and another column for your initial identified action to take (e.g., keep, delete, replace, or investigate) (Figure B). 

Figure B

A spreadsheet can help you track the App Privacy details for a large number of apps. In my case, I gathered the privacy details for more than 220 apps.

” data-credit rel=”noopener noreferrer nofollow”>Screenshot of a Google Sheet with every row filled with a different app, along with App Privacy details in columns.Screenshot of a Google Sheet with every row filled with a different app, along with App Privacy details in columns.

A spreadsheet can help you track the App Privacy details for a large number of apps. In my case, I gathered the privacy details for more than 220 apps.

In my case, I reviewed the App Privacy information for 225 apps I had installed and identified the following number of apps in each category:

  • 28 apps – Data Not Collected (12%) 
  • 35 apps – Data Not Linked to You (16%) 
  • 24 apps – Data Linked to You (11%)
  • 33 apps – Data Used to Track You (15%)
  • 105 apps – No details provided (47%)

Of these, the first two categories are of little concern, since those either don’t collect data at all or don’t link that data to me. However, all apps in the latter three categories merit more detailed review to learn exactly what data each app collects.

2. Delete privacy-invading apps you don’t need or use

Often, you’ll identify apps you no longer need, use, or want. Some deserve deletion. In my case, I deleted 22 apps immediately after my app privacy review. These included a few travel-related apps, as well as some parking apps I haven’t used in months. I also deleted a few games that collected more data than I felt was merited.

3. Seek privacy-respecting alternatives

Another set of apps may collect more data than you like, but may also be important to you–for work, for information, or for specific features or functions. When I learned that a multi-page scanning app and an image resizing app each were actively collecting data, I easily identified alternatives. In other cases, such as eBay, Yelp, and Zillow, I decided to remove the app and access services in the browser.

However, you’ll likely end up with at least a few apps that aren’t easy to replace immediately. I have a list of six apps that I would prefer to replace with more privacy-respecting alternatives. I now have a “search for alternative apps” project on my task list. If you’re an IT leader, this search-for-alternatives task may be a service you and/or your team might provide to people in your organization.

4. As each app updates, review App Privacy information

When I completed my initial review, just under half of my apps (47%) lacked App Privacy data. I’ve added a weekly task to my to-do list to examine recently updated apps for App Privacy information. As this data is added, I’ll repeat the “keep, delete, or seek alternative” review process above.

5. Where merited, minimize or ban privacy-invading apps

My review identified three categories of apps that were quite likely to collect and/or track data: News apps, video streaming apps, and, (not surprisingly) social media apps. Organizations concerned about data privacy should take steps to prohibit, limit, or reduce the use of apps in these categories. For example, if your company owns devices, you might prohibit the installation of streaming video apps, limit the use of news sites to websites (instead of installed apps), or restrict social media app use to specific company-approved services. Facebook/Instagram, LinkedIn, Snapchat, and TikTok, and Twitter all link lots of data to you. In my case, I’ve decided that the features and utility of the official Twitter app outweighs my concern about the data the company collects, so the Twitter app remains installed.

What has your App Privacy review indicated?

If you use Apple devices, have you gone through a thorough review of the App Privacy data for your installed apps? What did you discover? How many apps did you delete, switch, or decide to tolerate based on the data they collect? In the comments or on Twitter (@awolber), let me know what you learned from your App Privacy review.

Also see

See the original article here: TechRepublic

Written by: TechRepublic

Rate it
Previous post