Apple 2021 Keynote: The Key Privacy Updates

Mapendo Team
May 26, 2022
Apple 2021 Keynote: The Key Privacy Updates

It’s been a year of big changes for Apple and 2021 keynote was just another step in a clear direction: privacy. Apple’s commitment to protect user’s data started with the announcement of ATT and IOS 14.5 a little over a year ago; two features that are somehow reshaping the industry, as marketers and app developers can struggle at times to cope with the new rules for tracking and attribution.

WWDC 2021, Apple’s annual developer conference, in fact, was focused not on hardware but on softwares, as various updates are on their way. We’ve put together an easy guide about the privacy-centric updates about to come with IOS 15.

Apple just introduced iCloud+

Apple’s privacy Relay explained

Announced at WWDC 2021, iOS 15 is set to bring a new service called iCloud+ — an upgraded version of the well known iCloud — the online storage service that Apple provides to its users. This new system combines services that Apple already offers — digital space for user’s files — with a couple of key features, which we will talk about in the next paragraphs.

Apple decided to integrate privacy options like Hide My Email, App privacy reports and Privacy Relay, to assure the protection of users data. iCloud users will automatically transferred to iCloud plus, without additional costs.

App privacy report and Hide My Email

Apple has created a new system that allows users to check when they — and if they gave — any tracking permission to apps. Moreover, it will also be possible to see how recently users have made contact to those apps. This new feature is called Apple privacy reports, one of the many new privacy-oriented features to come with IOS 15.

Another news is Hide My Email. Users have the possibility to decide whether or not they want to share their e-mail address. If they decide against it, then apple generates random e-mails that work as an intermediary between the user and a service. Hide my Email also protects users from potential threats. Now we can benefit from this new function instead of giving up our email to access services across Internet.

Private Relay is likely one of Apple most influential new features

Apple Private Relay — the biggest privacy news from WWDC 2021 — is a system-level setting for iCloud+ users built into iOS and macOS. Essentially, this new feature makes iPhone users “anonymous”. The Apple’s relay assigns users an IP address that will be indistinguishable from the others in the same region. This mechanism changed the “rules of the game” since contextual targeting will be harder and harder.

Without private relay, when someone access the internet, anyone on their local network can see the names of all the websites they access based on inspecting DNS queries. This information can be used to “fingerprint a user and build a history of their activity over time, therefore, when connections reach the servers that run the websites, those servers can see the user’s IP address. This allows servers to determine users’ location without asking for permission.

How private email relay works

Moreover, the servers can fingerprint user’s identity and recognize them across different websites, even when tools like intelligent tracking prevention in safari are preventing correlation via cookies. We are going towards a more privacy-oriented policy which sustains that no one should be able to silently collect all the users’ information.

Those issues for user’s privacy needed to be fixed, so Apple thought a new approach: iCloud Private Relay. A feature that adds multiple secure proxies to help route user traffic and keep it private. The proxies are run by separate entities, one is Apple, and one is a content provider.

How does Private Relay works?

Let’s see step by step how Private relay works:

  1. User accesses the internet.
  2. In that moment, the device sets up a network connection to the ingress proxy.
  3. This ingress proxy and the network provider can view the client IP address.
  4. Then, the name the user is requesting is visible to the second proxy, called egress.
  5. This proxy forwards these requests to the destination server by choosing an IP address that maps to the device’s city or region.

This means that Apple knows your IP address but not the name of the sites you’re visiting, and the trusted partner knows the site you’re visiting but not your IP — and therefore not who you are — . Neither party can see the complete picture; they can’t know who you are and where you’re going, so fingerprinting has been removed.

Why is Private Relay not a VPN

Private relay is focused on securing the most sensitive traffic on the system without impacting user experience. On iOS 15 and macOS, private relay will apply to all web browsing in Safari, all DNS name resolution queries, and a small subset of traffic from apps. Specifically, there are several categories of traffic that are not affected by private relay — as any connection your app makes over the local network or to private domain names, traffic using a regular VPN and Internet traffic using a proxy — .

For this reason, publishers are better served with apps than mobile websites due to Private Relay. This will force publisher to transition their content from web to apps. The App Store accretes more contents, and its pull will be intensified even further with the effect of ATT, which is decreasing the possibility to target users with specific marketing messages based on their past behaviour.

This is like how a VPN works, but iCloud Private Relay is not intended to be an VPN devised by the company. Apple says that the Private Relay guarantees that users can’t use the system to trick geo-localization, therefore developers will enforce region-based access restrictions. On the contrary, users could gain more advantage due to companies’ inabilities to offer different servicies according to users locations. For instance, it is not possible to pretend to be from a different country to access new movie or series available abroad on Netflix.

Apple though also for this eventuality since there are features that let developers access within iCloud Private Relay to ask for a user’s specific location; if the user allows, and if the app requires it. Otherwise location data is set by the egress server — the second proxy — . That third-party adds an IP address “that maps to the device’s city or region.” So an hypothetical service gets the location data in order to show prices in the right currency or the right content based on region.

WWDC developer’s poster

The latest privacy updates — iCloud Private Relay, Hide My Email and App Privacy Reports — are considered a huge change for online operators. It is said that those features will be introduced alongside macOS Monterey, iOS 15, and iPadOS 15 when they launch later in the year. As previously mentioned, it will require an iCloud+ subscription, and users will have to choose to turn on Private Relay