Security Director Believes The ‘Annoying’ Privacy Settings In iOS 6 Are There To Protect Apple, Not Us

Security Director Believes The ‘Annoying’ Privacy Settings In iOS 6 Are There To Protect Apple, Not Us

Should iOS 6’s new privacy messages actually look like this? (Image courtesy of nCircle.)

Following several security concerns over the way in which iOS apps access and record our data — with the recent Path scandal being the most notable — Apple decided to implement some new privacy settings in iOS 6, which allow you to fine-tune how much of your personal data each of your apps has access to.

Every time you open up a new app that wants access to your contacts, calendars, or any other data, you have to give that app your permission. However, one security director believes this approach will annoy iOS users more than it helps them, and that the new privacy settings are designed to protect Apple from lawsuits rather than its users from data theft.

Andrew Storms, director of security operations for nCircle, describes Apple’s new privacy features as a whack-a-mole game, and believes users will despite them:

Instead doing the difficult work of putting together a privacy policy that has some teeth, Apple has basically decided to annoy their users by requiring them to click through a dialog box for just about every app on their phone.

These dialog boxes are going to be like one of those whack-a-mole games – exactly the kind of thing users despise and ignore completely. This approach adds no value for Apple users, it’s nothing but a CYA for Apple lawyers.

Storms also believes that users are likely to just provide permission to certain apps without even reading the alerts just to dismiss them quickly. In fact, he believes Apple’s new notifications should look more like the mockups at the top of this post.

In some ways, Storms could be right. But unfortunately, his blog post doesn’t suggest any way around this issue, or a way in which Apple could improve its new system to benefit its users.

Personally, I feel Apple’s current implementation is a good one. It’s simple; you don’t have to read through pages and pages of terms and conditions — you just agree or disagree to provide access to your data. And it doesn’t stop there: You can dive deeper into these privacy settings within the Settings app, where you can then specify which apps can access which data. It’s hard to imagine how this process could be easier.

Sure, some users could just dismiss these notifications just to get into their app as quickly as possible. But I’m guessing those users are the ones who aren’t too fussed what’s happened to their data. Those who are more concerned are going to find out how to use iOS 6’s privacy settings properly, and be a little more careful when granting permissions.

What are your thoughts on this?

Related
  • Luis Garza

    I think you are right…if we want control of our data (and we do), then the way Apple is implementing it in iOS 6 is the simplest, easiest and most understandable way.

  • technochick

    This guy does get it. Apple had the policy and assumed the developers would act like grown ups. They were wrong so they are forcing what was supposed to be thereto actually be there by putting it in the OS

    And hell yeah it is in part to protect Apple. What’s wrong with that

  • Eric

    I think Apple’s implementation is a good idea. My only concern is if devs will implement their own permissions. Just like how you can’t use some apps if you don’t allow Location Service for them. What if devs don’t allow you to use their app unless you allow them access to your data.

  • Brian Whitney

    One or Two Dialogue Boxes, per app …and only the First time you open it. Oh my god, that’s tantamount to beating you over the head repeatedly with a whiffle-ball bat, right? Instead of that, they should be making one all-encompassing security/privacy doctorate no one will actually read, and letting the developers do as they please, ’cause the consumer ‘okayed’ the policy. Is that more your speed?

  • Brian Whitney

    I think Apple’s implementation is a good idea. My only concern is if devs will implement their own permissions. Just like how you can’t use some apps if you don’t allow Location Service for them. What if devs don’t allow you to use their app unless you allow them access to your data.

    Then that app would not be used. It would be reviewed poorly. It would fail. Where is the problem? And there are apps out there right now that are there to do only that: Take your information. With iOS 6 all their dirty laundry will be put on front-street.

  • baezfelipe

    Funny, Storms says then that every single app wants access to your contacts, calendar, location… but why that for? We never needed to provide such an amount of information before, developers are getting greedy with information access. One day they will want your social security number or whichever other information “this access is for us the use a special algorithm to figure out your monthly income and provide you a service according you how much you earn”. This is bullshit. Developers need to learn that they don’t need to access user’s information like that and I DO LIKE Apple’s implementation for me to know exactly what developers want to know from me. I could comment more, but I think I got the point across.

  • Macnetar

    Every time i read one of these security related articles i get the feeling that all these people want is a slice of the pie. Apple takes care of security on its devices itself (the OS’s are built and desgned that way) not third-parties like in the Windows world. This to the security-software companies means that Apple is cutting them out, not playing along. So now they’ve created this “the Mac/iOS is not safe” campaign so users can buy their crappy software. But you guys already knew that:)

About the author

Killian BellKillian Bell is a staff writer based in the U.K. He has an interest in all things tech and also covers Android over at CultofAndroid.com. You can follow him on Twitter via @killianbell.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News | Tagged: , , , , |