Now that's a good Apple.
As more companies learn (often the hard way) that users care a great deal about their data, their details and their privacy, they're making the once-indecipherable legal jargon of privacy statements more palatable.
Following the launch of its new iOS 9 operating system, Apple has updated its "approach to privacy" page.
From Apple Pay to Siri, the iCloud to Apple Music, the site offers a pretty comprehensive guide to just what Apple does with your data - and what it doesn't do.
"We build privacy into everything we make," explains the site. "When you pay for groceries, message a friend, track a workout, or share a photo, you shouldn’t have to worry about your information falling into the wrong hands. The personal data on your devices should be protected and never shared without your permission. That’s why we build strong, innovative safeguards into the things we make."
Here are some of the major take-home points...
There's also a neat guide to "managing your privacy", that allows you to do the obvious, like adding two-step verification, and the more obscure, like controlling the data you share with apps and limiting target-based ads.
It's a lengthy heap of information to read through, but if you've got a burning interest to know what Apple is up to with your data, it's worth your attention. If you want to read the stuff they're not shouting about, here's the new iOS Security white paper, which goes into things in exacting legal detail.
Best make a cup - no, a pot of tea if you want to work your way through that.
Siri and Dictation
The longer you use Siri and Dictation, the better they understand you and the better they work. To help them recognize your pronunciation and provide better responses, certain information such as your name, contacts, and songs in your music library is sent to Apple servers using encrypted protocols. That said, Siri and Dictation do not associate this information with your Apple ID, but rather with your device through a random identifier. Apple Watch uses the Siri identifier from your iPhone. You can reset that identifier at any time by turning Siri and Dictation off and back on, effectively restarting your relationship with Siri and Dictation. When you turn Siri and Dictation off, Apple will delete the User Data associated with your Siri identifier, and the learning process will start all over again.
When you use Siri to search by location or album name in the Photos app, we never send your photos or any information about them. Album names are only sent to Siri to help provide you with better results.
If you have Location Services turned on, the location of your device at the time you make a request will also be sent to Apple to help Siri improve the accuracy of its response to your requests. You may choose to turn off Location Services for Siri and Dictation in your Privacy settings.
Apple Pay lets you pay in an easy, secure, and private way. And it works on iPhone, iPad, and Apple Watch.
When you add a credit, debit, or store card to Apple Pay, we securely send your card information, along with other information about your account and device, to your bank. Using this information, your bank will determine whether to approve adding your card to Apple Pay.
Your actual card numbers are not stored on the device or on Apple servers. Instead, a unique Device Account Number is created, encrypted in such a way that Apple can’t decrypt, and stored in the Secure Element of your device. The Device Account Number in the Secure Element is walled off from your iOS device and Apple Watch, is never stored on Apple Pay servers, and is never backed up to iCloud.
Health and fitness
The Health app lets you keep all your health and fitness information in one place, on your device and under your control. The information you add about yourself is yours to use and share. You decide what information is placed in the Health app, as well as which third-party apps can access your data. When your phone is locked with a passcode or Touch ID, all of your health and fitness data in the Health app is encrypted. And any Health data backed up to iCloud is encrypted both in transit and on our servers.
So much of your digital life now lives in the cloud. And we’re committed to making that experience simple and secure. Some companies mine your cloud data or email for personal information to serve you targeted ads. We don’t.
All your iCloud content like your photos, contacts, and reminders is encrypted when sent and, in most cases, when stored on our servers. All traffic between any email app you use and our iCloud mail servers is encrypted. And our iCloud servers support encryption in transit with other email providers that support it.
If we use third-party vendors to store your information, we encrypt it and never give them the keys. Apple retains the encryption keys in our own data centers, so you can back up, sync, and share your iCloud data. iCloud Keychain stores your passwords and credit card information in such a way that Apple cannot read or access them.
iMessage and FaceTime
Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime, and with iOS and watchOS, your iMessages are also encrypted on your device in such a way that they can’t be accessed without your passcode. Apple has no way to decrypt iMessage and FaceTime data when it’s in transit between devices. So unlike other companies’ messaging services, Apple doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to. While we do back up iMessage and SMS messages for your convenience using iCloud Backup, you can turn it off whenever you want. And we don’t store FaceTime calls on any servers.