Greetings from Brussels!
The privacy story that piqued my interest most this week was the Apple announcement on its next generation of privacy services. I recall the International Privacy conference in Brussels last October when Tim Cook passionately reiterated Apple’s commitment to privacy while spelling out public concerns over data collection, surveillance and manipulation. Cook said at the time that technology has led to the creation of a “data-industrial complex” in which information is increasingly “weaponized with military efficiency” affecting both individuals and society.
Fast forward to this week. The maxim “actions speak louder than words” comes to mind. Apple announced its improved mobile operating system, iOS 13, will launch this autumn. Notably, it will include an Apple sign-in capability that allows people to log in to apps without revealing any personal information. Aptly named as “Sign in with Apple,” this new augmented privacy service is about to change the way iOS users access apps. Instead of handing over a user’s email address in exchange for apps’ access — something we are obliged to do more often than not — or using a social account login, users will be able to sign in to apps with an Apple ID, provided, of course, the user has an iOS device. How will it work? The feature will authenticate with Face ID or Touch ID and will generate a unique random ID that keeps developers from accessing any personal data. If the app developer asks for an email address, the feature will also provide an option to initiate a unique random email address that will keep a user’s real email private. Any email correspondence the app decides to send will then get forwarded from that random email to the user’s actual inbox.
In short, the company is looking to provide its users with an optional mechanism that will stop third-party sites and services from getting their information when they sign up for an app. This is quite revolutionary in that it treats both privacy and security concerns. Principally, our email addresses serve as a critical link between what different databases know about us. If you remove the common email address (the common denominator), data aggregators may not be able to connect, for example, internet searches from one database to a credit card purchases from another. Moreover, the service has the power to thwart hacker efforts by randomly generated unique email addresses for login purposes, which reduces the probability — and risk — of login information being acquired to potentially access other more sensitive accounts. We all know it is largely the human condition to use the same logins and passwords for multiple accounts.
It is genius that Apple will now save time and effort by taking care of this for users in a secure, user-friendly and privacy-focused way. The big challenge will be to get the app developers to buy into the new feature for reasons that are all too obvious. However, the company has already stated in their App Store review guidelines that “Sign in with Apple” (we need a shorter term here…) will be required as an option for iOS 13 users in apps that support third-party social sign-ins.
This can only be a good thing for iOS 13 users who want to protect their right to privacy.
If you want to comment on this post, you need to login.