![Page 1: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/1.jpg)
These are confidential sessions—please refrain from streaming, blogging, or taking pictures
Session 714
Protecting Your Users’ Privacy
David Stites and Katie SkinnerApple Product Security
![Page 2: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/2.jpg)
Agenda
• Reputation• Identifiers• Data isolation• Privacy best practices
![Page 3: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/3.jpg)
Privacy and Reputation
![Page 4: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/4.jpg)
Identifiers
![Page 5: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/5.jpg)
UDID Replacement APIs
![Page 6: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/6.jpg)
Changes in iOS 6
Scope
Application ID App
Vendor ID Developer
Advertising ID Device
UDID
![Page 7: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/7.jpg)
UDID vs UUID
• UDID■ Unique Device IDentifer■ Unique hardware identifier
• UUID■ Universally Unique IDentifer■ Unique random identifier
• A single UDID, but many UUIDs
![Page 8: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/8.jpg)
UDID
• New apps or app updates that reference UDID no longer accepted• As of iOS 7
■ API removed■ Existing apps will receive the Vendor Identifier
![Page 9: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/9.jpg)
UDID
• UDID—46b74f03b8de6726e5f9c2889e84e32fe938e24c• In iOS 7—FFFFFFFF<Vendor Identifier without dashes>
![Page 10: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/10.jpg)
UDID
• UDID—46b74f03b8de6726e5f9c2889e84e32fe938e24c• In iOS 7—FFFFFFFF<Vendor Identifier without dashes>• Vendor ID—• In iOS 7—FFFFFFFFBBBDD211B69B4FB49CB36D7A42FB5A6B
BBBDD211-B69B-4FB4-9CB3-6D7A42FB5A6B
![Page 11: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/11.jpg)
UDID
• Third-party libraries may contain the reference• To locate the reference
■ Create an .ipa file that matches what you submitted to the App Store■ Change the extension to .zip■ Expand the .zip■ Use the strings tool to search for uniqueIdentifier:
■ $ strings - -a -arch armv7 "Payload/YourApp.app/YourApp" | grep uniqueIdentifier
The future "UDID" would look like FFFFFFFFBBBDD211B69B4FB49CB36D7A42FB5A6B
![Page 12: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/12.jpg)
Vendor Identifier
• Introduced in iOS 6•[[UIDevice currentDevice] identifierForVendor]
■ UUID
• Provides a device-unique identifier per Team ID• Mapping stored and managed by iOS• Erased with removal of the last app for that Team ID• Backed up• Will not be restored across devices
![Page 13: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/13.jpg)
Vendor Identifier
![Page 14: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/14.jpg)
Vendor Identifier
53BDBF59-43E3-4B6E-A5C8-52F2102931BA
App 1 App 2
![Page 15: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/15.jpg)
Vendor Identifier
53BDBF59-43E3-4B6E-A5C8-52F2102931BA
App 2
![Page 16: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/16.jpg)
Vendor Identifier
53BDBF59-43E3-4B6E-A5C8-52F2102931BA
App 2
![Page 17: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/17.jpg)
Vendor Identifier
![Page 18: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/18.jpg)
Vendor Identifier
App 2
02C3EBF3-2951-4D4E-8048-03A5C1FF6C79
![Page 19: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/19.jpg)
Vendor Identifier
App 2
02C3EBF3-2951-4D4E-8048-03A5C1FF6C79
App 1
![Page 20: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/20.jpg)
Advertising Identifier
• Used for advertising• Limit ad tracking
■ [[ASIdentifierManager sharedManager] advertisingTrackingEnabled]
■ Required to check the value of this property before use■ If the value is NO, the identifier can only be used for the
purposes enumerated in the Program License Agreement
• Backed up• Will not be restored across devices
![Page 21: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/21.jpg)
Advertising Identifier
• Limit ad tracking under Settings > Privacy
• Can be controlled by restrictions• Do not cache the Advertising ID
■ The ID can be changed via the reset button in Advertising
![Page 22: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/22.jpg)
Advertising Identifier
• Limit ad tracking under Settings > Privacy
• Can be controlled by restrictions• Do not cache the Advertising ID
■ The ID can be changed via the reset button in Advertising
![Page 23: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/23.jpg)
Scope Lifetime Backed Up Restores Across Devices
Application ID App Uninstall app Yes Yes
Vendor ID Developer Uninstall developer’s apps Yes No
Advertising ID Device Erase all Content and Settings Yes No
UDID Replacement APIs
![Page 24: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/24.jpg)
Other Identifiers
![Page 25: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/25.jpg)
MAC Address
• Access to the device’s MAC addresses is restricted• The API is not deprecated
■ sysctl(NET_RT_IFLIST)■ ioctl(SIOCGIFCONF)
• A constant value is returned for all devices■ 02:00:00:00:00:00
• Applies to existing apps
![Page 26: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/26.jpg)
gethostuuid()
• API removed• Existing apps will receive the vendor ID
![Page 27: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/27.jpg)
Push Token
• Push tokens are scoped to an application • The push token was never guaranteed to be a stable value• Do not cache the value of the push token• Always use the value provided in application:didRegisterForRemoteNotificationsWithDeviceToken:
![Page 28: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/28.jpg)
Pasteboard
• Named pasteboards are scoped per Team ID• No change to system-provided pasteboards
![Page 29: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/29.jpg)
Identifier UpdatesUnderstand the impact, test on iOS 7
![Page 30: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/30.jpg)
Data Isolation
![Page 31: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/31.jpg)
Consent and Transparency
![Page 32: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/32.jpg)
Consent
![Page 33: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/33.jpg)
Transparency
![Page 34: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/34.jpg)
Transparency
![Page 35: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/35.jpg)
Data Isolation
• OS mediates between application and data• Transparent to application• Existing APIs trigger user consent
■ Application receives no data if denied
![Page 36: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/36.jpg)
Managing Data Isolation
![Page 37: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/37.jpg)
Data Class Mountain Lion Mavericks
Contacts
Location
Calendars
Reminders
Existing and New Support on OS X
![Page 38: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/38.jpg)
Existing and New Support on OS X
Data Class Mountain Lion Mavericks
Sina Weibo
Tencent Weibo
![Page 39: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/39.jpg)
Existing and New Support on iOS
Data Class iOS 6 iOS 7
Contacts
Location
Calendars
Reminders
Photos
Bluetooth
Microphone
Camera (only some regions)
![Page 40: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/40.jpg)
Existing and New Support on iOS
Data Class iOS 6 iOS 7
Sina Weibo
Tencent Weibo
![Page 41: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/41.jpg)
New Support
• Applies to existing applications■ No resubmission, recompilation
• Changes can improve user experience
![Page 42: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/42.jpg)
Privacy Support in OS X
![Page 43: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/43.jpg)
OS X
• For purpose-specific API, user permission gathered by OS X■ e.g., Address Book framework
[ABAddressBook sharedAddressBook][[ABPerson alloc] init]...
• Aid to developers• Call blocks while permission is requested from the user
■ Wrap in a dispatch block■ Subsequent calls return immediately
![Page 44: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/44.jpg)
OS X
• Granted access—populated object• Denied access—nil return value • For explicit data access, user permission gathered by OS X
■ Sync Services■ Spotlight■ AppleScript
![Page 45: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/45.jpg)
OS X Sandbox
• Sandboxed apps have additional checks• Access is disallowed without proper entitlement• If permissions change, OS may kill your app• Build with only the entitlements your app needs
![Page 46: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/46.jpg)
OS X
![Page 47: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/47.jpg)
OS X
![Page 48: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/48.jpg)
Privacy Support in iOS
![Page 49: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/49.jpg)
iOS
• Participation is obligatory• Initial access will synchronously return• Access permission will come later• Data returned in block or via delegate call• Need to handle change notifications
■ A good idea anyway
![Page 50: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/50.jpg)
Data Type System Authorization Support
Location +[CLLocationManager authorizationStatus]-[CLLocationManager startUpdatingLocation]
Photos, videos, and other media
-[ALAssetLibrary enumerateGroupsWithTypes:usingBlock:failureBlock:]-[[UIImagePickerController alloc] init]
ContactsABAddressBookGetAuthorizationStatus()ABAddressBookRequestAccessWithCompletion(ABAddressBookRef, ABAddressBookRequestAccessCompletionHandler)
APIs in OS X and iOS
![Page 51: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/51.jpg)
Data Type System Authorization Support
Reminders-[EKEventStorerequestAccessToEntityType:completion:]+[EKEventStore authorizationStatusForEntityType]
Calendars-[EKEventStorerequestAccessToEntityType:completion:]+[EKEventStore authorizationStatusForEntityType]
Bluetooth -[CBCentralManager initWithDelegate:queue:]-[CBCentralManager scanForPeriperhalsWithService:options:]
APIs in OS X and iOS
![Page 52: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/52.jpg)
Data Type System Authorization Support
Social-[ACAccountStore requestAccessToAccountsWithType:completion:]-[ACAccountType accessGranted]
Camera -[AVCaptureDeviceInput deviceInputWithDevice:error:]
Microphone -[AVAudioSession setCategory:error]-[AVAudioSession requestRecordPermission]
APIs in OS X and iOS
![Page 53: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/53.jpg)
Microphone
AVAudioSession *audioSession = [[AVAudioSession alloc] init];[audioSession setCategory:AVAudioSessionCategoryerror:&error];
Record
![Page 54: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/54.jpg)
Microphone
AVAudioSession *audioSession = [[AVAudioSession alloc] init];[audioSession setCategory:AVAudioSessionCategoryerror:&error];
RecordPlayAnd
![Page 55: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/55.jpg)
Microphone
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{ BOOL granted = [audioSession requestRecordPermission]; // do something with the audio session // or handle permission failures...});
![Page 56: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/56.jpg)
Microphone Routing
![Page 57: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/57.jpg)
![Page 58: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/58.jpg)
Headphone
![Page 59: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/59.jpg)
Headphone
Microphone
![Page 60: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/60.jpg)
Headphone
Microphone
Lightning
![Page 61: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/61.jpg)
Tencent Weibo
![Page 62: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/62.jpg)
Tencent Weibo
ACAccoutStore *accountStore = [[ACAccountStore alloc] init];
ACAccountType *tencentWeiboAccount = [self.accountStore accountTypeWithAccountTypeIdentifier:ACAccountTypeIdentifierTencentWeibo];
![Page 63: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/63.jpg)
[accountStore requestAccessToAccountsWithType:tencentWeiboAccount options:nil completion:^(BOOL granted, NSError *error) { // do something with account access or // handle failure... }];}
Tencent Weibo
ACAccoutStore *accountStore = [[ACAccountStore alloc] init];
ACAccountType *tencentWeiboAccount = [self.accountStore accountTypeWithAccountTypeIdentifier:ACAccountTypeIdentifierTencentWeibo];
![Page 64: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/64.jpg)
Tencent Weibo
ACAccountType *socialAccount = [accountStore accountTypeWithAccountTypeIdentifier: ACAccountTypeIdentifierTencentWeibo];
if([socialAccount accessGranted]) { // do something with the account}else { // handle denied access request}
![Page 65: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/65.jpg)
Testing
• Just run your app• Test on device
■ Data isolation will be supported in the Simulator in a future seed of iOS 7
• Apps can only trigger the prompt once■ Settings > General > Reset > Reset Location & Privacy on iOS■ tccutil on OS X
• Test all cases
![Page 66: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/66.jpg)
Test Cases
Permission beingsought and denied
Permission beingsought and granted
Permission previously denied Permission restricted
![Page 67: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/67.jpg)
Failing Gracefully
• OS can help■ Fallback behavior when denied■ Keep the user engaged
• Code should be resilient to lack of data returned• Restrictions can prevent users from changing privacy settings
■ Enterprise and on-device restrictions
![Page 68: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/68.jpg)
Restrictions
![Page 69: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/69.jpg)
Conveying Purpose
![Page 70: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/70.jpg)
Consent Dialogs
![Page 71: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/71.jpg)
Purpose Strings
![Page 72: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/72.jpg)
Purpose Strings
![Page 73: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/73.jpg)
Purpose Strings
![Page 74: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/74.jpg)
Conveying Purpose
• All consent dialogs support developer-specified purpose strings• Optional, highly encouraged• One purpose per kind of data• Set in your app’s Info.plist
■ Add localized versions in Localizable.strings
• Look for “Privacy – “ keys and provide a value■ e.g., “Privacy – Contacts Usage Description”
![Page 75: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/75.jpg)
Conveying Purpose
![Page 76: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/76.jpg)
Conveying Purpose
![Page 77: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/77.jpg)
Data Class Info.plist Key iOS Only
Location NSLocationUsageDescription
Photos NSPhotoLibraryUsageDescription
Calendars NSCalendarsUsageDescription
Contacts NSContactsUsageDescription
Reminders NSRemindersUsageDescription
Bluetooth NSBluetoothPeripheralUsageDescription
Microphone NSMicrophoneUsageDescription
Purpose Strings
![Page 78: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/78.jpg)
iOS Sample Code
• Available on the iOS Developer Center today• “PrivacyPrompts” project
![Page 79: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/79.jpg)
Key Points of Data Isolation
• Think about privacy and build it into your applications• Start today• New categories: Microphone, Tencent Weibo, camera (only some regions)
• Data isolation applies to both iOS and OS X (OS X has additional work to do)
• Utilize purpose strings• Test, test, test
![Page 80: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/80.jpg)
Best Practices
![Page 81: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/81.jpg)
Best Practices
• Transparency• Control• Data collection techniques• Avoid fingerprinting• Data protection
![Page 82: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/82.jpg)
Transparency
• Gives the user opportunities to inspect data • Privacy policy or statement
■ Important to have one■ Can submit a link to Apple in iTunes Connect■ Link visible on the App Store
![Page 83: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/83.jpg)
Transparency
iTunes Connect Mobile
The iTunes Connect Mobile app allows developers andiBookstore providers to access their catalog and sales dataanywhere on their iPhone, iPad, or iPod touch. iTunesConnect users can also view the metadata for all of theirtitles and set specific titles as Favorites for easier tracking.
Minor bug fix for push notifications.Adds support for iPhone 5.
iTunes,Connect,Sales,Trends,Apps,Updates,Revenue,Developer,Tools
itunesconnect.apple.com
itunesconnect.apple.com
![Page 84: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/84.jpg)
Transparency
iTunes Connect Mobile
The iTunes Connect Mobile app allows developers andiBookstore providers to access their catalog and sales dataanywhere on their iPhone, iPad, or iPod touch. iTunesConnect users can also view the metadata for all of theirtitles and set specific titles as Favorites for easier tracking.
Minor bug fix for push notifications.Adds support for iPhone 5.
iTunes,Connect,Sales,Trends,Apps,Updates,Revenue,Developer,Tools
itunesconnect.apple.com
itunesconnect.apple.com
A URL that links to your company'sprivacy policy. Privacy policies arerecommended for all apps collectinguser or device related data, andrequired for apps that offer auto-renewable or free subscriptions, or asotherwise required by law.
![Page 85: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/85.jpg)
Transparency
![Page 86: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/86.jpg)
Transparency
![Page 87: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/87.jpg)
Control
• Ask for permission with context• Ask at the time you need it
■ Bad idea—everything right at launch time
• Allow post-hoc changes• Fail gracefully
![Page 88: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/88.jpg)
Data Collection
![Page 89: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/89.jpg)
Data Collection
• All data collection reduces privacy to some extent■ Does not imply all collection is bad/evil/wrong/misguided
• Weigh the positives of your collection against the negative• True both for apps and servers• Holding on to rich data has risks
![Page 90: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/90.jpg)
Anonymize
![Page 91: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/91.jpg)
Anonymize
• Initial log—<Error>: Illegal token in "/Users/JohnAppleseed/Documents/ProjectZanzibar/FY2013.keynote"
![Page 92: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/92.jpg)
Anonymize
• Initial log—<Error>: Illegal token in "/Users/JohnAppleseed/Documents/ProjectZanzibar/FY2013.keynote"
• Better—<Error>: Illegal token in “FY2013.keynote”
![Page 93: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/93.jpg)
Anonymize
• Initial log—<Error>: Illegal token in "/Users/JohnAppleseed/Documents/ProjectZanzibar/FY2013.keynote"
• Better—<Error>: Illegal token in “FY2013.keynote”
• Even better—<Error>: Illegal token in com.apple.keynote file
![Page 94: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/94.jpg)
Aggregate
![Page 95: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/95.jpg)
Aggregate
• Initial log—<Error>: Illegal token in "/Users/JohnAppleseed/Documents/ProjectZanzibar/FY2013.keynote"
![Page 96: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/96.jpg)
Aggregate
• Initial log—<Error>: Illegal token in "/Users/JohnAppleseed/Documents/ProjectZanzibar/FY2013.keynote"
• Better—<Error>: Illegal tokens {com.apple.keynote: 21; com.foo.doc: 3}
![Page 97: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/97.jpg)
Sample
![Page 98: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/98.jpg)
Sample
• Initial log—<Error>: Illegal token in com.apple.keynote file
![Page 99: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/99.jpg)
Sample
• Initial log—<Error>: Illegal token in com.apple.keynote file
• Better—Collect data from only 1 computer in 10 (or 100, or more)
![Page 100: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/100.jpg)
Sample
• Initial log—<Error>: Illegal token in com.apple.keynote file
• Better—Collect data from only 1 computer in 10 (or 100, or more)• Even better—Collect data from only 1 operation in 10 (or 100...)
![Page 101: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/101.jpg)
De-Resolve
![Page 102: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/102.jpg)
De-Resolve
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
![Page 103: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/103.jpg)
De-Resolve
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
• Better—<Info>: May 4 15:00: Action succeeded, processed 22 kB
![Page 104: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/104.jpg)
De-Resolve
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
• Better—<Info>: May 4 15:00: Action succeeded, processed 22 kB
• Even better—<Info>: Friday 15:00: Action succeeded, processed 20 kB
![Page 105: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/105.jpg)
Decay
![Page 106: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/106.jpg)
Decay
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
![Page 107: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/107.jpg)
Decay
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
• After 7 days—<Info>: May 4: Action succeeded, processed 22341 bytes
![Page 108: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/108.jpg)
Decay
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
• After 7 days—<Info>: May 4: Action succeeded, processed 22341 bytes
• After 30 days—<Info>: [Redacted]: Action succeeded, processed 22 kB
![Page 109: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/109.jpg)
Minimize
![Page 110: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/110.jpg)
Minimize
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
![Page 111: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/111.jpg)
Minimize
• Initial log—<Info>: May 4 15:03:19: Action succeeded, processed 22341 bytes
• Better—no collection
![Page 112: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/112.jpg)
Collection Techniques
• Anonymize• Aggregate• Sample• De-resolve• Decay• Minimize
![Page 113: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/113.jpg)
Avoid Fingerprinting
• A collection of many static metrics form a unique, persistent “fingerprint” for a specific device
• Does not need personal information• Easy to do accidentally
![Page 114: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/114.jpg)
Data Protection
• Store important application credentials in the keychain■ Make a conscious decision if the data will be synchronized among devices
• Encrypt client-server communication using SSL/TLS• Use Data Protection for data your application stores to disk
NSFileProtectionComplete, NSFileProtectionCompleteUnlessOpen, NSFileProtectionCompleteUntilFirstAuthentication
• WWDC 2012 Session 706, Protecting User’s Data
![Page 115: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/115.jpg)
Best Practices
• Transparency• Control• Data collection techniques• Avoid fingerprinting• Data protection
![Page 116: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/116.jpg)
Protecting Secrets with the Keychain MarinaWednesday 11:30AM
A Practical Guide to the App Sandbox Russian HillWednesday 2:00PM
Related Sessions
![Page 117: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/117.jpg)
Labs
Privacy and Security Lab Core OS Lab AFriday 10:15AM
![Page 118: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/118.jpg)
More Information
Paul DanboldCore OS [email protected]
Sample CodePrivacyPrompts http://developer.apple.com/library/prerelease/ios/samplecode/PrivacyPrompts/index.html
DocumentationBest Practices for Maintaining User Privacyhttps://developer.apple.com/library/ios/#documentation/iPhone/Conceptual/iPhoneOSProgrammingGuide/AppDesignBasics/AppDesignBasics.html#//apple_ref/doc/uid/TP40007072-CH2-SW7
Apple Developer Forumshttp://devforums.apple.com
![Page 119: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/119.jpg)
Summary
• Ensure identifier changes do not have user impact• Test all cases of data isolation access• Add purpose strings• Submit a privacy statement link to the App Store• Collect only data needed to drive specific decisions• Maintain your reputation by thinking through privacy implications in your design
![Page 120: Protecting Your Users’ Privacy - Apple Inc.€¦ · UDID •Third-party libraries may contain the reference •To locate the reference Create an .ipa file that matches what you](https://reader034.vdocuments.net/reader034/viewer/2022052010/60208972e513f5176f2ef47d/html5/thumbnails/120.jpg)