iOS 14: New privacy and security features

Apple has released iOS 14, with a bucketload of new and improved functional features and a handful of privacy and security ones.

iOS 14 privacy security

New privacy and security features in iOS 14

The new iOS will tell you when an app is using your camera or microphone

It will show an indicator dot (green for when camera or camera+microphone is in use, orange for microphone) in the top right part of the device’s screen.

iOS 14 privacy security

The downside is that it’s fairly small and you might miss it if other things are happening on the screen. The upside is that you can check which app most recently used your camera or microphone via the Control Center.

Of course, you can deny access to your camera and microphone to any app through the Privacy settings.

You can share with apps your approximate location instead of the precise one

Go to Settings > Privacy and Location Services > Location Services, and you can configure for each app whether you want it to access your device’s location “only while the app is in use”, “always”, “never”, or you want the app to ask you for permission each time you run it (then you get the option to give it permission to access your location “Only once”).

When you allow location access for an app, you’ll get the option to provide your precise location or leave it to the app to determine your approximate location (the latter is good enough for apps that show local news or weather).

You can choose to share with apps just some photos

Under Privacy > Photos you can see which apps have requested access to your photos and you can choose to restrict each app’s access just to selected photos or photo albums (or none).

You can limit tracking

Each time you connect to a Wi-Fi network your phone will show a different MAC address. This is to prevent ISPs and advertisers to track your movements (i.e., see when and where you connect to a network), and this option is on by default.

In Settings > Privacy > Tracking, you can choose to not allow apps to send you a request to track you. If you do that, “any app that attempts to ask you for your permission will be blocked from asking and automatically informed that you have requested not to be tracked. In addition, all apps, other than those that you have previously given permission to track, will be blocked from accessing the device’s Advertising Identifier.”

If you allow tracking, tracking permissions can also be controlled on a per-app basis.

It has to be pointed out, though, that these app tracking options will start working as intended in early 2021, when these privacy controls become mandatory for developers.

“We want to give developers the time they need to make the necessary changes, and as a result, the requirement to use this tracking permission will go into effect early next year,” Apple explained.

Facebook complained earlier this year that these new privacy requirements would have a significant negative impact on its advertising business.

You will be able to see a summary of an app’s privacy practices before you download it from the App Store

You still can’t see these because app developers have yet to roll them out, but when they are ready, you’ll be able to peruse these summaries through a “App Privacy” button on the listing in the store, and they will look something like this:

iOS 14 privacy security

You’ll be able to see which tracking cookies have been blocked

The Safari mobile browser has been updated to show a Privacy Report, which shows all the cross-site tracking cookies it has blocked in the last 30 days if you turned on Prevent Cross-Site Tracking in Safari’s Privacy and Security Settings.

The report is accessible from the AA menu in the browser’s address bar.

You’ll be notified if a password you stored in the iCloud Keychain has been spotted in a known data breach

To turn this option on, go to Settings > Passwords > Security Recommendations and toggle on Detect Compromised Passwords. For the secure password monitoring to work, iCloud Keychain has to be enabled.

Fixed vulnerabilities

In iOS 14, Apple has also fixed a number of security vulnerabilities, including:

  • A vulnerability in an integrated drive electronics (IDE) component that could allow a remote authenticated attacker to execute arbitrary code on a paired device during a debug session over the network (CVE-2020-9992), and a
  • A logic issue affecting the sandbox that may allow a malicious application to access restricted files (CVE-2020-9968)

50% of people would exercise at least one right under the CCPA

As state houses and Congress rush to consider new consumer privacy legislation in 2020, ​Americans expect more control over their personal information online, and are concerned with how businesses use the data collected about them, a DataGrail research reveals.

control personal data

In a OnePoll online survey of 2,000 people aged 18 and above, ​4 out of 5 ​Americans agreed there should be a law to protect their personal data, and ​83 percent ​of people​ ​expect to have control over how their data is used at a business.

The request for more control over their personal data comes after many Americans experienced, first-hand, existing protections not working – ​62 percent ​of people continue to receive emails from a company after unsubscribing.

In addition, ​more than 82 percent ​of people have concerns about businesses monitoring or collecting data from their phone’s microphone, laptop webcams, home devices (such as Google Home, Alexa, etc.), or mobile devices (phone, laptop, etc.) with location tracking.

Consumers do not feel safe from privacy infringements

Further, the research shows consumers do not feel safe from privacy infringements wherever they may be: ​85%​ of those polled said they were concerned that businesses could be monetizing their laptops’ location.

In response to Americans’ demands, state regulators are listening. Several states have developed their own regulations, including California, Nevada and Maine, with Washington, New York and several other states following suit.

The ​California Consumer Privacy Act​ (CCPA) that went into effect Jan. 1, 2020, is one of the most consumer-forward, comprehensive and prominent data privacy laws. However, only ​24 percent​ of Americans are familiar or have heard of it.

“As people put more of themselves online, they expect to have more control and transparency over their personal information,” said Daniel Barber, CEO of DataGrail.

“The good news is that businesses are responding. Brands are already making big moves to show their dedication to privacy, and it’s paying off. Those that proactively update preferences and consent will end up with a more loyal customer-base.

“However, we still have a lot of education to do. It’s clear people want the regulations. Our research shows that 50% of people would exercise at least one right under the CCPA.”

Control personal data: Data security over affordability

If all Americans were given the rights included in the CCPA:

  • 65% of people would like to know and have access to what information businesses are collecting about them.
  • 62% of people would like the right to opt-out and tell a business not to share or sell personal information.
  • 58% of people would like the right to protections against businesses that do not uphold the value of their privacy.
  • 49% of people would like the right to delete their personal data held by the business.

People are also more than willing to take their wallets elsewhere, even if it meant breaking their shopping preferences if they discovered their private data was not protected or that their data was being sold. The survey found that ​77%​ would not shop at their favorite retailer if they found they did not keep their personal data safe.

Additionally, consumers said they would be willing to pay more for better privacy protections: 73%​ of people polled said they would pay more to online services companies (retailers, ecommerce, and social media) to ensure they didn’t sell their data, show them ads, or use their data for marketing or sales purposes.