Academics reckon Apple's default apps have privacy pitfalls

Family sharing your location reduces your privacy?! Who knew?! This article would be better if they could tell me what nefarious things Apple was up to with my data, but that's not even mentioned in the article.

This is the best summary I could come up with:

"Our work shows that users may disable default apps, only to discover later that the settings do not match their initial preference," the paper states.

While users can ostensibly choose not to enable Siri in the initial setup on macOS-powered devices, it still collects data from other apps to provide suggestions.

"Specifically, we discovered that steps required to disable features of default apps are largely undocumented and the data handling practices are not completely disclosed."

The authors also conducted a survey of Apple users and quizzed them on whether they really understood how privacy options worked on iOS and macOS, and what apps were doing with their data.

Users were also tested on their knowledge of privacy settings for eight default apps – including Siri, Family Sharing, Safari, and iMessage.

The researchers suggest replacing Apple's jargon-filled privacy policy with descriptions that are in the settings menu itself, and maybe even providing some infographic illustrations as well.

The original article contains 881 words, the summary contains 156 words. Saved 82%. I'm a bot and I'm open source!

Surprisingly, I thought the article was a reasonable summary of the actual paper. I think some people might think this was a poke at privacy on Apple, but it really focused on how hard it is to create accessible settings despite the enormous number of options.

I have found that navigating the menus in Apple iOS is quite a bit easier than on my Android devices. Mac seems more difficult as the settings tend to be inside the individual apps and don’t surface as well through the search.

The paper hammered home the point that Siri configurations were particularly hard, but they also mention that Siri data is end-to-end encrypted. I thought all those points were fair.

I do believe settings need to be improved, but I have little faith they will ever be useful for 99% of users who will simply never change anything from the default. At this point I believe any meaningful improvements for the majority of users will come from useful defaults that include E2E encryption on basically all user data. I feel Apple is coming close with iCloud Advanced Data Protection that was introduced last year, but that needs to become a default. Maybe it cannot though—too many users will lose all their data and then the trade off of security to convenience will not be worthwhile.