Exercise (Some) Control over How Much Your Location Is Tracked

The New York Times recently published a bombshell article revealing just how completely our every movement is tracked by companies in the business of selling our locations to advertisers, marketers, and others. Anonymous sources provided the Times with a dataset from a single location-data company that contained 50 billion pings from the phones of more than 12 million Americans over several months in 2016 and 2017. 

This data enabled the Times reporters to track numerous people in positions of power, including military officials, law-enforcement officers, and high-powered lawyers. They were able to watch as people visited the Playboy Mansion, some overnight, and they could see visitors to celebrity estates. Once they identified any particular phone, they could track it wherever it went. Imagine what that data could be used for in the wrong hands.

No one intends to let unknown companies track their locations constantly. But code built into smartphone apps does just that, often without our knowledge. Many of the apps that request access to location services have an entirely legitimate reason for doing so—for example, Google Maps can’t provide navigation directions unless it knows where you are. But others want location access for less practical reasons—do you really want to let a coffeeshop app know your location at every moment in exchange for the occasional free latte? And some apps—notably weather apps—may have a legitimate need for location information but use that data for far more than users expect.

Even if you’re not too perturbed about companies you’ve never heard of knowing your exact whereabouts at all times (mostly to serve you more targeted advertising), there’s no guarantee this data couldn’t fall into the hands of foreign governments, organized crime, or hackers willing to sell your movement patterns to an aggrieved employee, corporate spy, or jealous ex-lover.

Steps You Can Take to Protect Your Location Privacy

Luckily, Apple provides controls in iOS that let you limit your exposure. For most people, going completely dark isn’t realistic. Too many iPhone capabilities require location services, ranging from turn-by-turn directions, to geotagging photos, to using Find My to see if your kid has left the soccer tournament yet. 

Nevertheless, going dark is a possibility: go to Settings > Privacy > Location Services and disable the Location Services switch at the top. That turns off location services for all apps, although iOS will turn them back on temporarily if you use Find My iPhone to enable Lost Mode.

Here’s what we recommend instead.

  1. Go to Settings > Privacy > Location Services and scroll down to see a list of every app on your iPhone that would like to know your location. (The same is true on the iPad, but fewer people use their iPads as much while out and about.)
  2. For each app in the list, tap the app’s name to bring up the Allow Location Access screen, which has up to four options:
    • Never: Prevent this app from ever determining your location.
    • Ask Next Time: The next time the app wants permission to track you, make it ask again.
    • While Using the App: Allow the app to track your location as long as you’re actually using it. 
    • Always: Let the app track your location at all times, even when you’re not using it.
  3. Tap one of the options to select it, and then tap Back to return to the list.

We can’t tell you exactly how to configure each app since everyone has a different set and different levels of privacy worry. However, here is some advice:

  • Apps and other entries from Apple are generally safe because Apple has an extremely strong privacy stance and excellent security against hacks. But, down in System Services at the bottom, we’d turn off Location-Based Apple Ads and Popular Near Me—even if Apple is collecting this data anonymously, it’s still being used to sell things to you, not to provide useful services to you.
  • For most apps, change the Allow Location Access setting to Ask Next Time to force each app to prompt you again. If it asks at a point where it’s reasonable that it would need to know your location, such as Yelp wanting to show you nearby restaurants, grant it. If you don’t understand why it’s asking, or if the request seems weak (“To show you which wines are available for purchase in your area.”), deny the request.
  • With apps that obviously need location services, such a parking app that needs to know which area you’re in, change the setting to While Using App and see if that meets your needs.
  • Only if you clearly need to allow a particular app to track your location in the background—turn-by-turn navigation apps are the most common—should you change that setting to Always. Almost no apps should be given such power, and many won’t even provide the option.

There’s one unusual item in the list: Safari Websites. It’s a master switch that lets Web sites loaded in Safari ask for your location. That’s probably not a major privacy concern, but few Web sites provide sufficiently useful location-based features (mostly for finding nearby chain store outlets) that it’s worth bothering.

In the end, go with your gut. If thinking about a particular app or company potentially recording your location constantly gives you the creeps, turn it off and either find an alternative or do without. Legislation may be the only solution in the end, but for now, we can take steps like these to protect ourselves.

(Featured image based on an original by Garik Barseghyan from Pixabay)

Use macOS’s Guest Account & Protect Your Privacy from Temporary Users

Guest-user-photo

We’ve all had it happen. “Can I use your Mac for a minute to check my email?” The answer can be “Yes,” but to keep people from poking around on your Mac, have your visitor log in as Guest. To enable the Guest account, go to System Preferences > Users & Groups. If the lock at the bottom left is closed, click it and enter your admin credentials. Then click Guest User in the list, and select “Allow guests to log in to this computer.” To switch to the Guest account, go to the Apple menu and choose Log Out YourAccountName to access the login screen. Your guest can then click the Guest User icon, at which point they’ll have a clean account to work in. When they log out, the account—including any files they created or downloaded—will be deleted, thus protecting their privacy as well.

(Featured image by Apple)

Privacy Request Dialogs in Mojave Explained

With macOS 10.14 Mojave, Apple has beefed up the Mac’s privacy so it more closely resembles privacy in iOS. You’ve noticed that when you launch a new app on your iPhone or iPad, it often prompts for access to your photos or contacts, the camera or microphone, and more. The idea behind those prompts is that you should always be aware of how a particular app can access your personal data or features of your device. You might not want to let some new game thumb through your photos or record your voice.

macOS has been heading in this direction, but Mojave makes apps play this “Mother, May I?” game in more ways. As a result, particularly after you first upgrade, you may be bombarded with dialogs asking for various permissions. For instance, when you first make a video call with Skype, it’s going to ask for access to the camera and the microphone. Grant permission and Skype won’t have to ask again.

Skype’s requests are entirely reasonable—it wouldn’t be able to do its job without such access. That applies more generally, too. In most cases, apps will ask for access for a good reason, and if you want the app to function properly, you should give it access.

However, be wary if a permission dialog appears when:

  • You haven’t just launched a new app
  • You aren’t doing anything related to the request
  • You don’t recognize the app making the request

There’s no harm in denying access; the worst that can happen is that the app won’t work. (And if it’s malicious, you don’t want it to work!) You can always grant permission later.

To see which permissions you’ve granted or denied, open System Preferences > Security & Privacy > Privacy. A list of categories appears on the left; click one to see which apps have requested access. If you’ve granted access, the checkbox next to the app will be selected; otherwise it will be empty.

You’ll notice that the lock in the lower-left corner is closed. To make changes, click it and sign in as an administrator when prompted.

Most of these categories are self-explanatory, but it might not always be obvious why an app wants permission. In the screenshot above, for instance, Google Chrome has been granted access to the Mac’s camera. Why? So Google Hangouts and other Web-based video-conferencing services can work.

There are five categories (including three not showing above) that could use additional explanation:

  • Accessibility:Apps that request accessibility access want to control your Mac. In essence, they want to be able to pretend to click the mouse, type on the keyboard, and generally act like a user. Utility and automation software often needs such access.
  • Full Disk Access:This category is a catch-all for access to areas on your drive that aren’t normally available to apps, such as data in Mail, Messages, Safari, Home, and more, including Time Machine backups and some admin settings. Backup and synchronization utilities may need full disk access, in particular. An app can’t request full disk access in the normal way; you must add it manually by clicking the + button under the list and navigating to the app in the Applications folder.

Automation:The Mac has long had a way for apps to communicate with and control one another: Apple events. An app could theoretically steal information from another via Apple events, so Mojave added the Automation category to give you control over which apps can control which other apps. You’ll see normal permission requests, but they’ll explain both sides of the communication.

Analytics:The Analytics privacy settings are completely different—they let you specify whether or not you want to share information about how you use apps with Apple and the developers of the apps you use. For most people, it’s fine to allow this sharing.

Advertising:Finally, the Advertising options give you some control over the ads that you may see in Apple apps. In general, we recommend selecting Limit Ad Tracking, and if you click Reset Advertising Identifier, any future connection between you and the ads you’ve seen will be severed from past data. There’s no harm in doing it. It’s worth clicking the View Ad Information and About Advertising and Privacy buttons to learn more about what Apple does with ads.

Being an Apple User Means You’re Not the Product

There’s an Internet saying: “If you’re not the customer, you’re the product.” The point is that, if you’re getting a service for free, the company providing it sees you not as a customer, but as a product to sell, generally to advertisers.

This is how Google, Facebook, and Twitter operate. They provide services for free, collect data about you, and make money by showing you ads. In theory, the more that advertisers know about you, the better they can target ads to you, and the more likely you’ll be to buy. Personalized advertising can seem creepy (or clueless, when it fails), but it isn’t inherently evil, and we’re not suggesting that you stop using ad-supported services.

This ad-driven approach stands in stark contrast to how Apple does business. Apple makes most of its money by selling hardware—iPhones, Macs, and iPads, primarily. Another big chunk of Apple’s revenue comes from App Store and iTunes Store sales, iCloud subscriptions, and Apple Pay fees. Knowing more about you, what Web pages you visit, what you buy, and who you’re friends with doesn’t help Apple’s business, and on its Privacy page, Apple says bluntly, “We believe privacy is a fundamental human right.”

Of course, once your data is out there, it can be lost or stolen—in June 2018, a security researcher discovered that the online data broker Exactis was exposing a database containing 340 million records of data on hundreds of millions of American adults. Ouch!

Let’s look at a few of the ways that Apple protects your privacy.

Siri and Dictation

The longer you use Siri and Dictation, the better they work, thanks to your devices transmitting data back to Apple for analysis. However, Apple creates a random identifier for your data rather than associating the information with your Apple ID, and if you reset Siri by turning it off and back on, you’ll get a new random identifier. Whenever possible, Apple keeps Siri functionality on your device, so if you search for a photo by location or get suggestions after a search, those results come from local data only.

Touch ID and Face ID

When you register your fingerprints with Touch ID or train Face ID to recognize your face, it’s reasonable to worry about that information being stored where attackers—or some government agency—could access it and use it for nefarious purposes. Apple was concerned about that too, so these systems don’t store images of your fingerprints or face, but instead mathematical signatures based on them. Those signatures are kept only locally, in the Secure Enclave security coprocessor that’s part of the CPU of the iPhone and iPad—and on Touch ID-equipped laptops—in such a way that the images can’t be reverse engineered from the signatures.

And, of course, a major goal of Touch ID and Face ID is to prevent someone from violating your privacy by accessing your device directly.

Health and Fitness

People with medical conditions can be concerned about health information impacting health insurance bills or a potential employer’s hiring decision. To assuage that worry, Apple lets you choose what information ends up in Health app, and once it’s there, encrypts it whenever your iPhone is locked. Plus, any Health data that’s backed up to iCloud is encrypted both in transit and when it’s stored on Apple’s servers.

App Store Guidelines

A linchpin in Apple’s approach to privacy is its control over the App Store. Since developers must submit apps to Apple for approval, Apple can enforce stringent guidelines that specify how apps can ask for access to your data (location, photos, contacts, etc.). This isn’t a blanket protection—for instance, if you allow a social media app Facebook to access your contacts and location, the company behind that app will get lots of data on your whereabouts and can even cross-reference that with the locations of everyone in your contact list who also uses the service.

In the end, only you can decide how much information you want to share with the likes of Google, Facebook, and Twitter, and only you can determine if or when their use of your details feels like an invasion of privacy. But by using Apple products and services, you can be certain that the company that could know more about you than any other is actively trying to protect your privacy.

iOS 11.3 Introduces New Battery Health Feature, Business Chat, & More

At the end of March, Apple released updates to all four of its operating systems, but iOS 11.3 was the most notable. It boasts a variety of new features and other changes—you can think of it as the midpoint update between iOS 11’s first release and iOS 12, probably coming next September. All remaining updates to iOS 11 are likely to be minor maintenance updates. Here’s what’s new.

iPhone Battery Health

The most anticipated change is the Battery Health feature that Apple promised to add in the wake of revelations that the company was quietly reducing the performance of older iPhone models (starting with the iPhone 6) to lessen the chance of unexpected shutdowns with weak batteries. You find the new Battery Health screen in Settings > Battery > Battery Health, and Apple explains it in detail here.

If your iPhone battery is aging, you may see a lower maximum capacity, and if your iPhone has shut down because of a weak battery, the screen will tell you that performance management has been applied. You can disable performance management, if you prefer the iPhone shutting down to degraded performance, but it will turn on again the next time your iPhone shuts down. Finally, if your battery is bad enough, the screen will recommend replacement.

Also note that iPads running iOS 11.3 can better maintain battery health when they’re plugged into power for long periods of time. Be sure to upgrade if you have an iPad that stays plugged in all the time.

Business Chat

New in both iOS 11.3 and macOS 10.13.4 High Sierra is Business Chat, an Apple service that lets you chat with participating companies directly within Messages. If you look up one of these companies in Maps, Safari, or Search/Spotlight and see a Messages button, just use it to start a conversation. Only you can start conversations, and Business Chat can be a fast way to ask questions, get support, schedule appointments, and even make purchases using Apple Pay.

Apple’s launch partners are 1-800-Flowers, Ameritrade, Discover, Hilton, Home Depot, Lowe’s, Marriott, Newegg, and Wells Fargo, although not all of them seemed to be active out of the gate. And, of course, you can use Business Chat with Apple itself.

Health Records

Most people won’t be able to take advantage of iOS 11.3’s next new feature—medical records in the Health app—right away, but we have high hopes for it. Apple has partnered with over 40 healthcare systems to bring your medical records into the Health app, centralizing them and making them easier for both you and healthcare professionals to access. The records include lab results, medications, conditions, and more. Health Records data is encrypted and protected with a passcode so it remains private.

Data & Privacy

We haven’t yet seen this, but Apple says that iOS 11.3 (and macOS 10.13.4) will display a new privacy icon whenever Apple asks for access to personal information, as it might do to “enable features, secure Apple services or personalize an iOS experience.” The icon should be accompanied by detailed privacy information explaining the situation. In an era when every company seems hell-bent on collecting and exploiting our personal data, it’s nice to see Apple increasing the transparency of its data collection practices.

Safari

iOS 11.3 tweaks Safari in several small ways that make it easier to use and more secure:

  • Autofill now inserts usernames and passwords only after you select them on Web pages.
  • Autofill now works in Web views within other iOS apps.
  • Safari warns you when you interact with password or credit card forms on non-encrypted pages.
  • Safari now formats shared articles sent via Mail as though they were in Reader mode.
  • Favorites folders now show icons for the contained bookmarks.

Other Improvements

Apple made lots of other minor improvements in iOS 11.3. You can see a full list in the release notes, but those that we find most noteworthy include:

  • iPhone X users get access to four new animoji: a lion, dragon, skull, and bear.
  • iOS 11.3 adds support for the Advanced Mobile Location (AML) standard, which provides more accurate location data to emergency responders when Emergency SOS is triggered.
  • Podcasts now plays episodes with a single tap, and you can tap Details to learn more about episodes.
  • Apple Music now streams music videos uninterrupted by ads.
  • Apple News has improved its Top Stories feature and includes a new Video group in the For You collection.

iOS 11.3’s improvements may not change the way you use your iPhone or iPad, but they’re welcome nonetheless, and Business Chat and Health Records should become more interesting as additional institutions sign on. And, of course, anyone with an older iPhone should check the Battery Health screen right away.

How to Lock Down Your Facebook Privacy Settings

Facebook privacy has dominated the news headlines of late, but not for good reasons. There were the 50 million Facebook profiles gathered for Cambridge Analytica and used in the 2016 presidential election. Facebook has long been scraping call and text message data from Android phones. And within the Facebook iOS app, the company pushes the Onavo Protect VPN, an app made by a subsidiary that literally collects all your mobile data traffic for Facebook.

Because of this, many have encouraged Facebook users to delete their accounts. That even includes the billionaire co-founder of the WhatsApp messaging service, which Facebook bought in 2014. If you’re done with Facebook, you’re welcome to deactivate or even delete your account. Facebook provides instructions for both actions. Deactivating your account basically just makes you invisible on Facebook, whereas deleting your account may eventually (up to 3 months) result in most of the data being removed.

The problem is that Facebook is useful. It may be the only connection you have with certain friends or family members, and many informal groups use Facebook for meetup logistics. For many of us, losing access to Facebook would hurt our real-world relationships and activities. Plus, lots of companies have Facebook pages, and taking those down might result in a loss of business from customers who would find out about the firm only through Facebook. What to do?

If you’re a business, the most sensible tack is to keep your Facebook page but avoid relying on it. Remember, Facebook is not your friend. Earlier in 2018, Facebook announced that it would be prioritizing posts from friends and family over public content, which is a nice way of saying that Facebook is deprecating business-related posts. So make sure you have a Web site that you control, and make sure that customers can easily find it and contact you through it. It’s also a good idea to offer customers multiple ways to contact you, including via email.

On a personal level, there are two ways to think about privacy on Facebook: limiting the information you share with other people on Facebook, and limiting the information that you’re willing to provide to Facebook at all. If Facebook doesn’t have certain data about you, they can’t sell it to the highest bidder, let it be harvested by hackers, or use it in ways you might find creepy.

To control who on Facebook can see what you share, click the ? button on the Facebook Web site on your Mac, or tap the hamburger button in the bottom right corner of the Facebook iOS app and tap Privacy Shortcuts. Then click or tap Privacy Checkup and run through the steps to make sure you’re sharing the right info with the right people. Be sure to lock down or remove any apps that you don’t need, since they can leak all sorts of data.

Also, go to Facebook’s Privacy Settings & Tools page. Click the Edit button next to each item, and make it as specific as you can. You also might want to review the posts you’re tagged in and remove those that you don’t want on your timeline.

But what if you don’t want to give information to Facebook for it to use? Go to Facebook’s page for Uploading and Managing Your Contacts, and delete them all. You’re just giving away your contacts’ personal information without their permission otherwise.

To ensure that contact uploading doesn’t happen again, in the Facebook iOS app, tap the hamburger button, scroll to the bottom, and then tap Settings & Privacy > Account Settings > General > Upload Contacts and make sure the switch is off. (Some versions of the Facebook app just have Settings, not Settings & Privacy, and show a popover for Account Settings.)

Also, in the iPhone Facebook app, tap the hamburger button again and then Settings & Privacy > Account Settings > Location > Location, and make sure it’s set to Never. And whatever you do, keep Location History off—Facebook doesn’t need to know everywhere you’ve ever been.

If you’re perturbed by the way Facebook’s iOS app is trying to capture your contacts and locations, you could delete it from your iOS devices and rely instead on the Facebook Web site, which can’t access nearly as much information about you. To make it easier to open, in Safari, visit facebook.com, tap the Share button, and then tap the Add to Home Screen button in the bottom row of the share sheet.

Let us leave you with one thought. Always assume that anything you post to Facebook or allow Facebook to have access to could end up on the front page of your local newspaper… or the New York Times. Nothing on Facebook is ever completely private—Facebook has shown it isn’t trustworthy or reliable—and the best way to ensure confidential information doesn’t leak inadvertently is to avoid posting it to Facebook in the first place.