New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple's New Differential Privacy Feature is Opt-In

When Apple introduced iOS 10, macOS Sierra, watchOS 3, and tvOS 10 at the 2016 Worldwide Developers Conference, it also announced plans to implement a new technology called Differential Privacy, which helps the company gather data and usage patterns for a large number of users without compromising individual security.

At the time, Apple said Differential Privacy would be used in iOS 10 to collect data to improve QuickType and emoji suggestions, Spotlight deep link suggestions, and Lookup Hints in Notes, and said it would be used in macOS Sierra to improve autocorrect suggestions and Lookup Hints.

There's been a lot of confusion about differential privacy and what it means for end users, leading Recode to write a piece that clarifies many of the details of differential privacy.

First and foremost, as with all of Apple's data collection, there is an option to opt out of sharing data with the company. Differential data collection is entirely opt in and users can decide whether or not to send data to Apple.

Apple will start collecting data starting in iOS 10, and has not been doing so already, and it also will not use the cloud-stored photos of iOS users to bolster image recognition capabilities in the Photos app.
As for what data is being collected, Apple says that differential privacy will initially be limited to four specific use cases: New words that users add to their local dictionaries, emojis typed by the user (so that Apple can suggest emoji replacements), deep links used inside apps (provided they are marked for public indexing) and lookup hints within notes.

Apple will also continue to do a lot of its predictive work on the device, something it started with the proactive features in iOS 9. This work doesn't tap the cloud for analysis, nor is the data shared using differential privacy.
Apple's deep concern for user privacy has put its services like Siri behind competing services from other companies, but Differential Privacy gives the company a way to collect useful data without compromising the security of its customer base.

As Apple's VP of software engineering Craig Federighi explained at the WWDC keynote, Differential privacy uses hashing, subsampling, and noise injection to enable crowd-sourced learning without simultaneously gathering data on individual people.

Top Rated Comments

(View all)

40 months ago
I'll be opting IN for this. Apple put forth a tremendous amount of effort to obfuscate this data, and I trust it will remain that way. This is a great method for improving the quality of their services without compromise. This is what makes Apple great and why I'm a customer. Apple is far from perfect, but privacy is what matters most to me. Luckily they're also pretty good at UX and industrial design.
Rating: 28 Votes
40 months ago
Apple's focus on privacy is going to become increasingly important as Apple disrupts the health field and becomes itself a health company. Apple's hiring patterns, the importance of the Apple Watch to the company and the time dedicated to health in keynotes and on its websites shows that Tim Cook's Apple is about Health. Establishing itself as trustworthy with regards to privacy is critical to its future.
Rating: 15 Votes
40 months ago
"...then go see my ?" That certainly needs a Privacy feature.
Rating: 12 Votes
40 months ago

Differential privacy without compromising individual security.. hmm.. I know I've heard this promise before and then it was later discovered, that people could in fact derive info from all that "anonymous" data...

Apple is not Google or Microsoft.
Rating: 11 Votes
40 months ago
The first thing I do with any new device or software is shut down all "share information with..." options. I run Little Snitch to open up the bare minimum number of talk back channels. I generally do my best to protect my anonymity where ever I can.

I will be opting in to Apple's new system.

It may not be perfect yet, but it's important that they're taking this step and making a concerted effort to do away with the tradeoff between convenience and privacy. If those of us concerned with privacy don't support their effort, then Apple and others will decide the effort isn't worth making and then the only options left will be complete lack of privacy or complete lack of networked intelligence.

Differential privacy is different than "user identifiable information has been removed" because it is statistically secure in the way that encryption is statistically secure. Just like most security measures, there will be occasional breaches, I'm sure, but for the same reason I bought a hybrid early-- to support development of a new technology-- I'll be turning on these services.
Rating: 9 Votes
40 months ago

So.... Where is the opt in? In each individual app? Is there a universal setting? Not seeing anything specifically in beta 1

It will come, relax. They haven't started collecting data from beta yet.
Rating: 7 Votes
40 months ago
They really framed this well. MS should take notes.
Rating: 7 Votes
40 months ago

You've heard of anonymizing data, which is NOT differential privacy. One can be proven mathematically to work (Apple's approach) one is just buzzwords with weak security features.
I could tell they were heading this way from two WWDC's ago when they starting randomizing MAC addressing so places like malls couldn't scrape data from passerby's and the including on DuckDuckGo as a search engine. It's been fascinating to watch the roll out of privacy features ever since.

It's a strategy that both enables Apple to get into the health field where privacy is critical and at the same time offer something that Android and it's biggest hardware competitor Samsung simple cannot offer without completely changing Google's culture and business model. It's a brilliant strategy. Check mate for Tim Cook on this!
Rating: 6 Votes
40 months ago

for the same reason I bought a hybrid early-- to support development of a new technology-- I'll be turning on these services.

Same here. Now on my fifth hybrid vehicle. Next car will be Tesla Model 3.

doesn't matter what kind of privacy it is... the words "occasional breaches" are not in my dictionary...

Those are the ones you put on when there's a cold snap at your nudist colony.
Rating: 5 Votes
40 months ago
For those worried about the privacy stuff, there's a brief explanation about it in this video.

They talk about how Differential Privacy works. Seems like it's impossible to retroactively identify someone. Also, the whole video is pretty interesting.
Rating: 4 Votes

[ Read All Comments ]