Connect with us

Hi, what are you looking for?

Technology

“New claim: Google, Meta, Spotify break Apple’s device fingerprinting rules”

Apple recently implemented new requirements for iOS developers regarding the justification of using specific APIs that could potentially enable device fingerprinting. However, there are claims that Apple isn’t effectively enforcing these rules for major tech players like Google, Meta, and Spotify.

Device fingerprinting involves gathering data about various device settings and components to create a unique identifier, which can then be used for targeted advertising and other purposes. While some forms of fingerprinting have legitimate uses, such as bot detection, others raise privacy concerns by tracking users online.

Apple’s policy prohibits device-level fingerprinting on iOS, except when explicit user permission is granted. The company now requires app developers to provide reasons for using designated APIs that could be used for fingerprinting. Moreover, data collected through these APIs must remain on the user’s device to prioritize privacy.

Examples of these fingerprint-friendly APIs include File timestamp APIs, System boot time APIs, Disk space APIs, Active keyboard APIs, and User defaults APIs. Starting from May 1, 2024, apps that fail to provide reasons for using these APIs in their privacy manifest file won’t be accepted in the iOS App Store.

However, developers Talal Haj Bakry and Tommy Mysk claim that major app makers like Google, Meta, and Spotify are not adhering to Apple’s requirements. They allege that these companies are providing reasons for using these APIs but are not keeping the collected data on the device as required by Apple’s policy.

The Register reached out to Google, Meta, and Spotify for comment but received no response from the latter two. A Google spokesperson confirmed that the company is investigating the report but did not provide further details.

While it’s unclear whether these apps are using the collected information for fingerprinting, Apple has identified specific APIs that could potentially be misused for this purpose. Developers must declare the reasons for accessing such APIs, but there appears to be little enforcement from Apple.

Tommy Mysk argues that Apple’s “required reason APIs” may not effectively enhance user privacy if there is no oversight to ensure compliance. Without proper enforcement, these requirements could be seen as mere privacy theater rather than effective measures to prevent fingerprinting.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Business

Shareholders made significant decisions on Thursday regarding the leadership of Norfolk Southern, one of the largest railroads in the United States. While three of...

Technology

Apple is gearing up for a significant refresh of its iPad lineup in 2024, starting with the anticipated launch of the iPad Pro in...

Business

Microsoft Teams had a major hiccup on Friday, causing disruptions and various issues for users. The problem started around 11 a.m. EST and quickly...

Entertainment

Olivia Rodrigo’s Guts World Tour is gaining attention not only for her musical prowess but also for her distinctive fashion choices on stage. Styled...