There’s also another notable change in the update and that’s Apple’s new App Privacy Report feature. Once enabled, you’ll be able to see what private data each app is accessing on your device, and how often it’s happening. My ZDNet colleague Adrian Kingsley-Hughes covered the early beginnings of this feature when iOS 15 was released back in September. Below I’ll walk you through where to find the new App Privacy Report, turn it on, and how to make sense of the information it provides.
How to turn on the App Privacy Report on your iPhone, iPad
Before you’ll find the switch to turn App Privacy Report on, you’ll first need to update your iPhone or iPad to iOS 15.2 and iPadOS 15.2. To do that, open the Settings app on your device and then go to General > Software Update and follow the prompts. After your device has updated, once again open the Settings app and then select Privacy from the list of options. Next, scroll to the bottom of the list where you’ll find the App Privacy Report option; tap on it. If you already had Record App Activity turned on, you won’t have to do anything. However, if you hadn’t turned that on, you’ll be presented with a brief description of what App Privacy Report is. Tap Turn On App Privacy Report. Since you just turned it on, you’ll need to wait until apps start accessing your data before you’ll see any information.
How to view your App Privacy Report and what it means
To get to your App Privacy Report, go back into the Settings app and then select Privacy and scroll to the bottom of the screen then tap App Privacy Report. After using your iPhone or iPad for a while, or letting it sit idle and allowing apps to access your data (as you’ll see they often do) while running in the background, the App Privacy Report will fill up with data. On the report screen, you’ll see several apps listed under four different categories: Data & Sensor Access, App Network Activity, Website Network Activity, and Most Contacted Domains.
Data & Sensor Access
Select an app or tap Show All under the Data & Sensor Access section. Each app that has accessed your private data in the last week will show up here. Tap on an app’s name to view more information about what type(s) of data the app is using, then tap on the category to see a complete timeline of how often it’s being used. For example, the Find My app on my iPhone has accessed my location and contacts during the past week. Both of which I would have fully expected it to use. But what was surprising to me is that it has only checked my location a handful of times over the last week, and it’s not constantly monitoring my movement. I can only guess that each time it’s accessed my location is when someone in my Find My family and friends list has opened the app on their phone, prompting Apple’s servers to query where I’m at and displaying it within their app. At the top of the screen, you can change how the list is organized. By default, you see the most recent apps that have used your data. However, you can change it to alphabetical order. To my surprise, the Mail app frequently accessed my Contacts information. I assume it happens every time I open the app and/or an email arrives so the app can show the proper name and information. But, still, it’s eye-opening.
App Network Activity
Under the App Network Activity section you’ll find a list of apps and the domains and similar network activity each app has conducted over the last week. The Facebook app had the most network activity on my phone over the last week. Its number one contacted domain is inappcheck.itunes.apple.com. A quick Google search leaves me with the impression that the domain might be used by Apple to verify in-app purchases, or as some form of verification for app developers. It’s hard to say, and I wish Apple would include information bout commonly used domains — especially the ones it owns. I know this domain is commonly used because if you tap on it, a list of other apps that have also contacted that domain will show up. The list on my iPhone is the bulk of the apps I use regularly.
Website Network Activity
Every time you visit a website, it contacts other domains to do things like serve ads or download pictures and videos that it needs to display a webpage. Apple now tracks which domains a website contacts whenever you visit it and provides a list of them. The number one domain websites have contacted during my normal use is mask.iCloud.com, which is yet again a very vague Apple-related domain. Another Google search makes me believe it has something to do with Apple’s Private Relay feature that’s currently available in beta. However, I have the feature turned off on all of my devices and only The New York Times, Reddit, and Safari are listed as having contacted the same domain. I would think every app or website would use that URL if it were active.
Most Contacted Domains
Finally, the Most Contacted Domains section is a list of domains your phone or tablet has accessed in the last week. Tap on a domain to see a list of apps and the last time it contacted that URL. Once again, some of the URLs listed on my iPhone appear to be Apple-related, while others appear to be related to serving ads from Google are at the very least collecting user data. It would benefit the end user if Apple added some additional context about known domains. By far my most-used section of the App Privacy Report will be the Data and Sensors section. It’ll be easy to see if Facebook really is listening to conversations to better serve ads (as has been rumored, but never proven for years). Are you going to turn on App Privacy Report? Let me know in the comments below why or why not.