Apple Unveils Stringent Disclosure and Opt-in Privacy Requirements for Apps

Originally published at: Apple Unveils Stringent Disclosure and Opt-in Privacy Requirements for Apps - TidBITS

Facebook is unhappy with the enhanced privacy requirements that Apple recently unveiled. Apple will soon require that apps ask for and get explicit consent from their users in order to track them across apps and sites—and that’s a good thing. Apple has already added detailed privacy disclosure requirements. Let’s dig into how Apple’s new rules will enhance your privacy.


In a not-unrelated development, Facebook corporation is now requiring Whats App users to share data with Facebook to continue to use Whats App. (Given the antitrust scrutiny on Facebook right now, this change is from a political and anti-trust/legal perspective, just insane…)

1 Like

Yes - there is an analysis here:

Consolidating data will enable more precise ad targeting, yielding hundreds of millions more in revenue. It will also make it harder for the EU or US to break up the company, maybe even enough to prevent the courts from demanding it. IIRC, Zuckerberg swore up and down that he would keep WhatsApp separate when he bought it, but I don’t think anyone in their right minds ever believed it. I’ll bet Facebook will slowly but surely consolidate all their products. Something else Facebook might be betting on is that more consolidation will make it even easier for individuals to rile up users across services to spread disinformation and incite violence.

I find this rather ironic…Facebook pulls this crap immediately after launching grenades at Apple for doubling down on its privacy policies.

Settings > Privacy > Tracking > Learn more reads “When you decline to give permission…App developers are responsible for ensuring they comply with your choices.”.

Developers can fingerprint by other means than the official advertising id controlled by Apple. And they do.

1 Like

Right, and privacy researchers and Apple are constantly finding out when this is done, and such app developers get suspended or permanently removed. These new rules will come with even tighter supervision.

1 Like

If I look at the source for the TidBITS mailing, I can see that it downloads a 1x1 pixel image. I’m assuming that this is used for tracking purposes. What does TidBITS do with that information.

This is my guess, and it comes from a background in ad sales and marketing, as well as from being a longtime TidBITS reader and a Talker from the day this list started. Embedded pixels are not necessarily evil. They are used for internal tracking and serving about as much as external. It how Discourse keeps track of the number of days and times you have visited the TidBITS site, which articles you read and which articles and posts you responded to.

It provides Adam & crew with vital information about what coverage readers and Talkers are most interested in. It lets them know which articles and Talk posts people return to, as well as articles that non subscribers stumbled upon via a web search; it will also let them know if a new visitor returns and/or becomes a paid subscriber. They also provide information about how many people are reading articles or posts via email or the Discourse site, and they can learn about how many email subscribers actually open every email, how many people respond to them.

Just a few days ago I asked for recommendations about keyboards and trackballs for my husband’s new M1 MacBook Pro, and I got some excellent recommendations. Although I am risking the Malocchio, I did a lot back and forth checking and responding, when moving around the web I did not see a single ad or email for keyboards, trackballs, mice, or any other related products having to to with Macs or iOS stuff. The moral of the story…don’t worry about TidBITS selling your cyber soul to the devil. I certainly don’t.

Sendy, the software we use for interfacing with Amazon SES for email distribution, uses that 1x1 pixel to determine whether or not the issue was opened. I like to see that information to get a sense of what percentage of our email subscribers are reading (or at least opening) the issue.

We average about 45% open rate for issues. For TidBITS members who receive every article (the other three lines in the screenshot), we usually see open rates a bit over 50% for Watchlist items and around 65% for other articles.

Interestingly, until this week, Sendy also modified all the links in the issue to track the number of unique clicks. We never cared about that data at all and didn’t want our links modified, but it wasn’t technically possible to shut it off until Sendy 5 shipped and our developer had a chance to change the API calls we use to create campaigns.

I appreciate your candor, but I still have concerns.

There are other issues besides what TidBITS does with the information. For example, what does Sendy do with the information? See I never signed up for this! Privacy implications of email tracking.

I use Apple Mail. In Mail > Preferences… > Viewing I keep “Load remote content in messages” unchecked because I just never know what anyone does with the tracking information.

1 Like

Absolutely agree! I never let remote content load automatically in incoming mail. So TidBITS may think I don’t read every article, but in fact I do, and only load images (and any tracking pixels) if there’s obviously something necessary to understand the content.

It’s much too simple for the site sending the pixel (or any content) to get a enormous amount of info about your browser and machine, usually enough to uniquely identify you. (As Facebook does, even if you don’t have an FB account.)

Nothing. Sendy is an app installed on our server and never gets the information.

If you avoid loading images, which is certainly your prerogative, you wouldn’t be counted in the open rate. That doesn’t bother me at all—I like to know roughly what percentage of subscribers are actually reading our work, but there’s no need for precision.

That may be true for other sites. The only data we get out of it is open rate. I don’t know, nor do I care about, what other information might be determinable through this method.

The only Web tracking we do is Google Analytics for analyzing article popularity and the only email tracking is this pixel for open rate. I doubt you’ll find many other tech news sites that do less. In particular, we don’t use any ad network for serving ads, so there’s no third-party tracking there, which you’d find on nearly every other site.


This is true! The only one I can think of is Daring Fireball, which to my recollection, uses a simple image + URL click for ads (no other tracking), and doesn’t send out email (only uses RSS and Twitter for pushing stories outside the site).

I love not loading images for lots of reasons, including this one. I use Mailsmith (32-bit, sob, will someday have to migrate off or virtualize it), which shows no rich contents (text only); and Postbox, which has good, granular image-loading controls. I can set it to allow images to load only from specific domains I approve, which has been useful.

1 Like

I would assume also that Amazon (who is preparing the dashboards you see) has a database of who has read each mailing, along with the HTTP environment that accompanies the request.

But, as has already been pointed out, these images accompany mailings from all kinds of sources. Fortunately, most mail clients (even web-mail ones) provide mechanisms for not downloading external images from mail messages. The only problem there is that it’s usually not selectable on a per-image basis, so you may be out of luck if the message has images you want to see in addition to the tracker.

On the other other hand, any image downloaded, even ones containing the content you watch, also create trail that can be mined by whoever is hosting the image, so a person who is serious about this shouldn’t be downloading any images at all.

It’s possible, but the screenshot I posted was from Sendy itself, running on

As far as I know, Amazon only knows about email addresses on my list in a transient fashion, while sending, or if they bounce. And with bounces, even I can’t see a list of bounced addresses. If someone bounces and needs to be reinstated, I can paste their address into a CAPTCHA-protected form on Amazon, and if I get the CAPTCHA right, Amazon SES tells me that, if the address was on the bounce list, it was removed.

This is why I personally never stress about loading images. I don’t care enough, and I don’t want to put the extra mental cycles into deciphering messages that assume graphics in some way.

We include a fair number of images in TidBITS issues, and we do so only when we feel that they illustrate what we’re writing in some useful way. No one is forced to look at them (or to read anything we write, of course), but not loading them will detract from the overall reading experience. And all it will do is hide from us the fact that the recipient opened the message; given that the recipient presumably trusts us enough to have subscribed in the first place, it seems excessively cautious. But hey, as I said, whatever floats your boat.

1 Like

I hear you, @ace. I would in principle like to turn off auto image loading (not because of mailings like yours), but I find it just too tedious to have to repeatedly select to load images from senders I trust. I’d love for Mail to allow a default setting and then on top of that a per sender setting that is preserved and overrides the default (kind of like how Safari does Reader view or content blocking). With something like that in place, I’d leave the default off. But as it is today, with one size fits all, I find leaving it off just interferes too much with my workflow.

Another new twist to the same old story:

Safari’s privacy report tells me uses one tracker only. Well done. I was shocked to discover to be the worse offender instead with well over 70 trackers. What they even do with so many is a mystery to me.

1 Like

By default, Thunderbird blocks all images, but you can turn it on for individual messages or individual senders.