Apple has refreshed and expanded its privacy website, a month after its most recent iPhone and Mac launches.
You’re not going to see much change from previous years — the privacy pages still state the same commitments that Apple’s long held, like that privacy is a “fundamental human right” and that your information is largely on your iPhones, iPads and Macs. And, now with a bevy of new security and privacy features in iOS 12 and macOS Mojave, the pages are updated to include new information about end-to-end encrypted group FaceTime video calls and improvements to intelligence tracking protections — and, how it uses differential privacy to understand which are the most popular features so it can improve, without being able to identify individual users.
One key addition this time around: Apple is expanding its data portal to allow U.S. customers to get a copy of the data that the company stores on them.
It’s the same portal that EU customers have been able to use since May, when the new EU-wide data protection rules — known as General Data Protection Regulation, or GDPR — went into effect. That mandated companies operating in Europe to allow customers to obtain a copy of their own data.
Apple’s making good on its promise earlier this year that it would expand the feature to U.S. customers. Customers in Canada, Australia and New Zealand can also request their data.
But because the company doesn’t store that much data on you in the first place — don’t expect too much back. When I asked Apple for my own data, the company turned over only a few megabytes of spreadsheets, including my order and purchase histories, and marketing information. Any other data that Apple stores is either encrypted — so it can’t turn over — or was only held for a short amount of time and was deleted.
That’s a drop in the ocean compared to data hungry services like Facebook and Google, which compiled an archive of my data ranging from a few hundred megabytes to over a couple of gigabytes of data.
Since then, its pages have expanded and continued to transparently lay out how the company encrypts user data on its devices, so not even the company can read it — and, when data is uploaded, how it’s securely processed and stored.