WWDC 2020: App Clips, Data Minimization, and More
Apple’s Worldwide Developer’s Conference (WWDC) 2020 took place last week. The long-awaited conference, in which developers around the world can meet with Apple engineers and attend keynotes by speakers at the top of their fields, was a digital event this year, due to the COVID-19 pandemic. It took place from June 22-26, and over the course of the four days many high-profile upgrades were announced to Apple operating systems. Most exciting of all in the mobile engagement industry is the upcoming release of iOS 14 for smartphones. This brings with it a few key changes to how Apple deals with its mobile community, particularly data privacy and security.
In the wake of scandal after data scandal, Apple users are more conscious than ever of what data they are sharing, and with whom. Apple’s recent upgrades announced at WWDC 2020 have thus taken the approach of less is more. That is, they request apps not demand any more data than they strictly need to deliver a great UX. This both builds trust with users and minimizes data security risks.
iOS 13 let users control when and how apps could access their location in the settings. iOS 14 has gone even farther in bringing location authorization back to the user’s control. Its primary innovation in that aspect is to give users the option to provide their approximate location, rather than exact. This means their location would show up as a wide, blue circle as opposed to a specific pin. And this can be tailored to an individual user’s preferences, depending on how exact of their location they are comfortable with sharing, and for which apps.
For example, some apps require their user’s exact location in order to function properly, such as ride-sharing apps. But for others – say, dating apps, travel apps, and so on – it may be enough to just provide an approximate location, such as the user’s town. Users who prefer the hyper-personalization that comes with giving their exact coordinates have the option to do so, while users who would rather have more privacy can do that. What’s more, users can choose to temporarily share their location, and then revoke that permission once their app has performed the function they need it to do.
So with this new feature, users can choose the extent of their location data that they share. And they can choose whether the app receives that data on four different frequency levels:
- Only while they are using the app
- Requires the app to ask permission each time
Background Execution of Apps
Another criticism of iOS devices is that their battery life doesn’t hold up to that of Android competitors. At WWDC 2020, Apple made clear they are attempting to rectify that, as well as other privacy concerns, by addressing background execution of apps. Essentially, if an app doesn’t need to be running constantly in the background — don’t run it. If an app has to run in the background for performance reasons, make sure that you are transparent with the user about it.
Especially if a user has critically low battery, or puts their device into low-power mode, then most apps should not continue running. For example, your app can turn off auto-playing videos and other superfluous features to save battery usage. It’s better to prioritize only those systems that would be most useful to the user.
For iOS 14, Apple is giving users more control over which apps they allow to run in the background. Users can customize their preferences in settings, and they can set an allotment of how much of the battery and data budget each app receives. They can avoid using certain hardware that’s not always needed (like GPS). If a app does have to run in the background, it should send a signal once it’s completed its function, so that device can go into low power state.
Likewise, apps should minimize data usage:
- Only download what’s necessary for fresh UI
- Download thumbnails rather than full images
- Queue up remaining downloads as URL session background transfers
What’s more, Apple now offers background pushes that will wake up your app, sending low-priority notifications in a cloaked mode, without bothering the user. They are low priority and preserve battery life, and the user can interact with them on a later date. (For example, muted conversations, emails, a trigger to start downloading a new song or video.)
To read more about how OpenBack’s hybrid push model helps save device battery life, read our blog post: Reliability in Push Notifications: An Industry-Wide Challenge
The 4 Pillars of Data Privacy
As Apple looks to increase trust and transparency with users, during WWDC 2020 they outlined 4 pillars of data privacy.
- On-device processing (locally, not sent to server)
- Data minimization (only necessary data requesting)
- Security protections
- Transparency and control (give user understanding and control over data)
Taking a page out of OpenBack’s edge computing playbook, Apple are making a move towards more localized processing. This means that user data stays on the individual device, rather than going to a backend server. User data is integral to various machine learning (ML) models Apple is developing, such as quicktype keyboard, Siri’s vocal classifer, on-device dictation, facial recognition, and more.
Since the iOS 13 model, Apple’s private federated learning (PFL) has seen this data processed on user devices. This way, users retain control over their own data, and who is able to access it. With minimal data sent off-device, Apple is building trust with users, and always asking for consent before accessing private stores of data such as photo library, location, and contacts. A new iOS 14 feature also allows users to share a portion of their photos or contact list, rather than the entire cache.
The driving motivation of most of Apple’s upgrades for the iOS 14 have been to build trust with users. It’s no surprise that most users are skeptical of apps that invade their privacy by requesting tons of their data. Apple’s take on this is that users are right, and the onus is on the app developers to develop a fully functioning app with high-quality UX that can function on minimal data.
If you do need to request a user’s exact location, Apple recommends full transparency. Send the user a push notification requesting the data upgrade. Explain to them what that data will be used for, and how it will improve their app experience.
This ethos of temporary location authorization plays into the new iOS 14 feature App Clips. These are effectively a taster of an app for those who don’t want to commit to downloading it. By scanning a QR or App Clips code, the user will be able to use an app’s particular feature once. Any data authorization that activates will be short-lived. The same goes for any use of data that comes from the new iOS 14 widgets: authorization will have to come from the parent app.
Already at the top of the market for data security, Apple now provides added protection against server name tracking in internet protocols. DNS queries can expose users’ server names, and then use that information to learn users’ IP addresses. Third parties can then read and share these. iOS 14 supports two seaprate encrypted DNS protocols to prevent this practice.
Users can also disallow tracking of their IP addresses at any time.
In the interest of building trust with users, it’s important that you are clear and straightforward with them about how you intend to use their data.
- What data do you collect?
- How do you use that data?
- Is the data linked to particular user/device?
- Do you use this data to track users?
Apple will also require increased transparency within apps. They have launched new transparency feature as to when an app accesses your device clipboard. (Which TikTok has already run afoul of.)
There will be an orange light in the top corner of the device screen to indicate when an app is using your camera or microphone to record you. There will also be triggered prompts requesting user permission when an app accesses a local network.
Overall, the aim of WWDC 2020 has been to inform both developers and Apple users of the push for greater user control over their own data, and transparency towards what is being done with it. This will have enormous repercussions in the direction mobile technology takes in the next few years.
To read more about data security in mobile technology, and to download our whitepaper, read our blog post: The Radical Evolution of Data Privacy in Push Notifications
Otherwise, you can contact one of our experts, and we’ll answer any of your questions.