Abstract: Android has come a long way in enhancing its security features and building out privacy controls for users, including with its Android 12 innovations. But as Apple continues to crack down on ad-tracking in an iOS 14 feature, the bar is higher than ever—and in ways that increasingly complicate Google’s balance between the privacy its users deserve and the targeted advertising that drives its business.
Android 12 Lets You See What Your Apps Are Getting IntoA new privacy dashboard and “app hibernation” are coming to Google’s mobile operating system.Google’s new privacy dashboard breaks down app activity by category— like “Location,” “Camera,” and “Microphone”—and then shows you which apps accessed those mechanisms, and for how long.Photograph: Getty Images
“With this release we want to keep narrowing down the scope of what data apps get,“ says Android group product manager Charmaine D’Silva. „It’s taken some time to get it right, but the main focus of this release is giving a deeper level of transparency to users.”Android 12 includes a “Privacy Dashboard” where you can see which apps used potentially sensitive permissions in the past 24 hours. The dashboard breaks down app activity by category— like “Location,” “Camera,” and “Microphone”—and then shows you which apps accessed those mechanisms. Google will also be asking developers to provide additional information on what they were using the access for at that particular moment. And you can adjust or revoke app permissions through the dashboard. It gives more insight than you might be used to into how apps work in the background, especially because it includes not only that an app accessed, say, location data or your microphone, but when and for how long.
If you’re sick of opaque ad tracking and don’t feel like you have a handle on it, a new iOS feature promises to give you back some control. With the release of Apple’s iOS 14.5 on Monday, all of your apps will have to ask in a pop-up: Do you want to allow this app to track your activity across other companies‘ apps and websites? For once, your answer can be no.
A lot of the biggest data privacy crises of the past few years have come not from breaches but from all the opaque policies around how companies share user data and track those users across services for targeted advertising. Marketers assign your device an ID and then monitor your web and in-app behavior across different platforms to generate composite profiles of demographic information, purchasing habits, and life events. Apple has already taken a strong stand to disrupt ad tracking in its Safari browser; this iOS update brings the showdown to mobile. But while the step may seem like a no-brainer to iOS users, it’s been deeply controversial with companies built on ad revenue, including and especially Facebook.“This is a significant and impactful move,” says Jason Kint, CEO of the digital publishing trade organization Digital Content Next. (WIRED parent company Condé Nast is a member.) “The digital advertising business has been mostly built off of micro-targeting audiences. Facebook, as an example, has code embedded in millions of apps to collect data to target audiences wherever it wants as promptly as possible—and this cuts that off.”iOS already gave its users the option to turn off ad ID sharing completely, essentially zeroing out the unique identifier on your phone, known as IDFA, that iOS gives developers for in-app and cross-service tracking. iOS 14.5’s new requirements, though, compel each app to put the question to users individually through Apple’s AppTrackingTransparency framework, so you have more granular control. This allows you to grant the privilege to certain apps if, for example, you would rather see tailored ads on a particular service. But it also will simply expose how many apps participate in cross-service ad tracking, including some you may not have suspected.“We believe tracking should always be transparent and under your control,” Katie Skinner, an Apple user privacy software manager, said at Apple’s Worldwide Developers Conference last June. „So moving forward, App Store policy will require apps to ask before tracking you across apps and websites owned by other companies.“
The new iOS pop-ups can include a short message about why a developer wants users to enable tracking, essentially a pitch of what the benefits might be. And the popups won’t appear if a developer tracks you across its own services, like Facebook following you from its main platform across Messenger and Instagram. You probably assume that platforms owned by the same parent company would (or at least could) share data; the larger issue Apple wants to address is tracking across services that you wouldn’t intuitively think have any type of relationship.
If you notice Facebook popping up frequently in examples about the impact of Apple’s tracking transparency initiative, it’s because the company has been vocal, and aggressive, in its objections. Facebook chief financial officer Dave Wehner has mentioned privacy initiatives around IDFA as a concern in many company earnings calls since late 2019. And in December, Facebook ran a series of full-page newspaper ads with the line, “We’re standing up to Apple for small businesses everywhere.” A companion website for Facebook’s campaign says, “Apple’s latest update threatens the personalized ads that millions of small businesses rely on to find and reach customers.”
Facebook also disputes Apple’s characterization that this type of data sharing should really be called “tracking” at all. Facebook refers to it as “what Apple defines as ‘tracking’” in its support documents for developers and businesses.Apple CEO Tim Cook responded to the claims in December, tweeting, “We believe users should have the choice over the data that is being collected about them and how it’s used. Facebook can continue to track users across apps and websites as before. App Tracking Transparency in iOS 14 will just require that they ask for your permission first.”Announced in June 2020, Apple originally planned to start requiring developers to support ATT for the iOS 14 launch in September 2020. The company went ahead with rolling out another iOS 14 addition, its app “privacy labels,” in December 2020. But amid industry backlash, the company delayed the ATT requirement “to give developers time to make necessary changes.““This has been much needed. I wish it didn’t get delayed,” says Will Strafach, a longtime iOS security researcher and creator of the Guardian Firewall app. “Nonetheless it’s a fantastic step toward adding some level of plain-English user awareness about what apps are doing.”
For now, though, just download iOS 14.5 if you have an iPhone, and get ready to start tapping “Ask App not to Track” whenever you see it. Especially in places you never saw coming.