0 Replies
      Latest reply on Jun 9, 2015 3:36 PM by rtrouton
      rtrouton Level 1 Level 1 (0 points)

        Apple views privacy as a human right


        App developers - be mindful of privacy


        Keeping the app ecosystem as a trusted place is important.



        Architecting for privacy


        • Data retention
        • Data privacy
        • Data storage
        • Identifiers


        Data Retention


        • Have a retention policy
        • Delete data when it no longer serves a user need
        • Collect the minimum data necessary
        • Balance storage of data against the risk of compromise



        Data Minimization Techniques










        What's the use of the data? What decisions are the collected data driving? If you can't come up with an answer, don't collect it. Minimize.


        Data transfer


        • Encrypt data in transit
        • Keep sensitive data on the device, do not transmit
        • Process sensitive data on-device


        A good example of sensitive data - health data for a workout app. Process it on the device.



        On Device


        - Data protection

        - Keychain - store your secrets inside a keychain's encrypted storage



        Server side

        - Encrypt data at rest

        - CloudKit





        Be clear about what data is being collected


        - Give users the ability to inspect data



        Explain how it will be used


        - Purpose strings

        - Privacy policy


        Give users control

        - Limit ad tracking






        OS X








        MAC Address Randomization - introduced in iOS 8, expanded in iOS 9


        App Detection


        - The apps which a user has installed is their business

        - Trying to detect which apps are installed is contrary to the iOS security model

        - Whether your app is installed is not another app's business







        Purpose is to determine whether an app can open a certain URL type


        50 distinct schemes for apps linked before iOS 9



        sysctl retrieves system info for processes with appropriate privileges

        In iOS 9, sysctl will be further restricted from checking certain kern flags (check session video for details.)



        OS X Cookie policy


        In OS X Yosemite and earlier, cookies are shared among all applications and are kept in sync.


        In OS X El Capitan, cookies are *not* shared. Current Mac App Store apps should already be in compliance for this change.





        Privacy in reporting


        • Report insights not data
        • Report aggregates
        • Require thresholds


        De-anonymizing your users is bad. Don't do it.



        Prompting well


        When prompting for something, fully inform your users why you need this data and ask them to allow it. Concise, clear explanations.





        App Transport Security in iOS



        • Secure - TLSv1.2 with forward secrecy - connections by default
        • Specify specific domains with insufficient security in your app's info.plist. Otherwise, those connections will fail.



        CoreSpotlight in iOS


        Protect your data in Spotlight


        When a user adds something to your app, add it to Spotlight for search. When they delete it, remove that data from Spotlight automatically and don't leave that data sitting in Spotlight.



        Leverage existing technology



        Apple Pay

        iOS encryption



        Privacy policy


        Required for some apps, for example those that use HealthKit or do purchasing.



        Data protection on iOS


        Uses hardware encryption to protect user data on iOS and watchOS

        Per-file encryption