Skip to main content

Apple’s new privacy features are bad for Facebook, but great for everyone else

Image used with permission by copyright holder

(in)Secure is a weekly column that dives into the rapidly escalating topic of cybersecurity.

Apple had a lot to say about cybersecurity and privacy at WWDC 2018.

In light of Facebook’s recent data scandal, other data-reliant companies like Google have come under scrutiny for its data policies. Through it all, Apple has come out on top, staying in the good graces of both the public and governing bodies. With its newest updates and policies, has Apple solidified itself as the definitive ecosystem for those concerned about privacy and cybersecurity?

Cookies and trackers

While some of Apple’s software announcements were a bit mild, its cybersecurity and privacy updates were downright aggressive. The headline feature is what Apple calls Intelligent Tracking Prevention, a technology the company has built right into its Safari web browser.

How to clear cache, cookies and history on your iPhone or iPad — Apple Support

This feature will warn you if a website has implemented something like ‘Like’ buttons, or a Facebook comment field.

“It turns out these [like buttons and comment fields] can be used to track you whether you click on them or not,” said Craig Federighi, Senior VP of Software Engineering at Apple. “And so this year, we are shutting that down.”

Once MacOS Mojave is available to the public, Safari will give you a better idea of when you’re being followed around the internet. When you come across a website that’ll track you, you’ll be warned with a prompt that looks something like below.

Image used with permission by copyright holder

Of course, you can accept the terms, but the prompt is sure to dial back the omnipresence of Facebook across the web. At the very least, it should increase awareness about what these Facebook plugins do, and cookies will be automatically deleted from websites that haven’t been visited in the past thirty days.

Apple didn’t stop there. Federighi also detailed how Safari would be making it harder for advertisers to create a ‘fingerprint’ of a person on the internet. Fingerprinting is a way for advertisers to profile you without the use of cookies or trackers. Instead, this method relies on things like web browser, fonts, and other system configuration data to create a profile of you, and your usage.

“With Mojave we’re making it much harder for trackers to create a unique fingerprint. We’re presenting websites with only a simplified system configuration,” said Federighi. “And as a result, your Mac will look more like everyone else’s Mac, and will it be dramatically more difficult for data companies to uniquely identify your device and track you.”

Calling out Facebook, with a wink and a nod

Although this announcement didn’t call out Facebook by name, the social media company has historically had an unrestrained relationship with advertisers, giving them access to the personal data of millions for ad targeting. Pulling back fingerprinting is going to hinder advertisers, and by extension, Facebook as well.

“Less time on Facebook will equate to less ad views, which will mean less ad revenue for the social network.”

Both blocking trackers and fingerprinting are big deals, but there;s another feature announced at WWDC that might hurt Facebook even more — App Limits. This new iOS feature is supposed to empower people to use their devices less, providing access to a breakdown of how much time they spend in individual apps. App Limits also lets you set time restraints on your usage, closing apps when you’ve reached them.

That will certainly hurt the social network. “Less time on Facebook will equate to less ad views which will mean less ad revenue,” Michael Fauscette, Chief Research Officer at G2 Crowd, told Digital Trends. Once you see how many hours you’ve wasted scrolling through the News Feed, setting restrictions on your usage is a natural next step.

From friends to frenemies

Apple hasn’t always been at war with Facebook. Several years back, Apple touted baked-in Facebook features as advantages to MacOS and iOS. They used to be partners and beneficiaries of Facebook’s data empire.

Things are different now. A day before WWDC, the New York Times published a bombshell update to the web of controversy that is Facebook’s data policy. The report stated that Facebook made agreements to share data it had on users with a number of device manufacturers. Apple was at the top of the list.

Hi @SenBlumenthal, You raise an important issue but NYT is wrong on this point. Blackberry, Amazon, Microsoft etc could not integrate people’s FB information with their devices without that person’s permission. https://t.co/IXVTAScpww

— Meta (@Meta) June 4, 2018

Apple has denied any data-sharing, of course, but the integration it put so much effort into promoting is no longer desirable. Better integration with Facebook was once a must-have feature. For Apple, though, it’s become a liability.

That’s bad news for the social network, but good news for your privacy, even if you don’t use an Apple device. Where Apple goes, others tend to follow. This is likely the first trickle in a flood of companies that turn away from Facebook to boost their own fortunes.

Luke Larsen
Luke Larsen is the Senior editor of computing, managing all content covering laptops, monitors, PC hardware, Macs, and more.
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more