Apple to Limit Accelerometer and Gyroscope Access in Safari on iOS 12.2 for Privacy Reasons

by

Last month, Apple released iOS 12.2 in beta with several new features, including the Apple News app in Canada, a redesigned TV remote in Control Center, support for adding HomeKit-enabled TVs in the Home app, and more.

The upcoming software update also introduces a new Motion & Orientation Access toggle under Settings > Safari > Privacy & Security. Toggled off by default, this new setting must be turned on in order for websites to display features that rely on motion data from the gyroscope and accelerometer in the iPhone, iPad, and iPod touch.

safari motion access 2
To test this, we loaded the What Web Can Do Today website on an ‌iPhone‌ running the first beta of iOS 12.2. With the Motion & Orientation Access setting toggled on, the page shows real-time accelerometer and gyroscope data from the ‌iPhone‌. With the setting toggled off, no motion data is shown.

Another example is Apple's motion-based iPhone experience site. This page normally allows you to tilt your actual ‌iPhone‌ to swivel the ‌iPhone‌ XS Max on the screen with tech specs. With Motion & Orientation Access toggled off, however, only a static image of the ‌iPhone‌ XS Max is shown without tech specs.

safari motion access 1
This privacy-focused change could be in response to a WIRED report last year that claimed thousands of websites have unmitigated access to motion, orientation, proximity, and light sensor data on mobile devices. Software engineer Felix Krause also filed a radar and notified Apple's security team about this matter in 2017.

As noted by Digiday, the setting could have implications for AR/VR advertising:

For example, Samsung's "Samsung Within" web-based interactive experience, developed by R/GA to promote the hardware brand's legacy and its Galaxy Note 9 phone, uses the accelerometer to let people explore the night sky.

"It's definitely going to break things," said Kai Tier, executive technology director at R/GA.

These AR/VR experiences may have to rely on fallback versions that people can navigate with swipe gestures instead, but this largely defeats the purpose of motion-based, interactive campaigns.

It's quite possible Apple could tweak how this feature works in time for the public release of iOS 12.2. Perhaps the setting will be toggled on by default in a subsequent beta, for example, or Safari could prompt users for permission to access motion data when necessary as it does with location data.

Tag: Safari
Related Forum: iOS 12

Top Rated Comments

fredrik9 Avatar
fredrik9
45 months ago
Not sure how much this would preserve privacy, but at the same time I can't imagine accelerometer data is very largely used in mobile web dev in the first place.

Sounds more just like security theatre being put on by Apple, but if anyone out there knows something I don't, by all means feel free to enlighten me.
According to the WIRED report: ”the information could fuel various types of attacks, like using ambient light data to make inferences about a user's browsing, or using motion sensor data as a sort of keylogger to deduce things like PIN numbers”

So this seems like it could be a potential threat to privacy and the security of your personal information. Albeit a very small one.
Score: 11 Votes (Like | Disagree)
fredrik9 Avatar
fredrik9
45 months ago
One can hope that a pop-up appears when a website requires gyroscope access. Without one, and the setting off by default, many consumers would be at loss since most wouldn’t know how to turn it on.
Score: 10 Votes (Like | Disagree)
jayducharme Avatar
jayducharme
45 months ago
This article seems to be misleading. It doesn't seem to me that Apple is limiting access; it seems to just be making that feature "opt in" rather than "opt out".
Score: 7 Votes (Like | Disagree)
vicviper789 Avatar
vicviper789
45 months ago
Not sure how much this would preserve privacy, but at the same time I can't imagine accelerometer data is very largely used in mobile web dev in the first place.

Sounds more just like security theatre being put on by Apple, but if anyone out there knows something I don't, by all means feel free to enlighten me.
It’s legitimate, there are algorithms to figure out your keystrokes based on gyro and accelerometer data. MIT demo’d it a few years ago IIRC.

Update: done is 2011

https://arstechnica.com/gadgets/2011/10/researchers-can-keylog-your-pc-using-your-iphones-accelerometer/
Score: 6 Votes (Like | Disagree)
citysnaps Avatar
citysnaps
45 months ago
Not sure how much this would preserve privacy, but at the same time I can't imagine accelerometer data is very largely used in mobile web dev in the first place.

Sounds more just like security theatre being put on by Apple, but if anyone out there knows something I don't, by all means feel free to enlighten me.
I think there's some potential for collected accelerometer/gyroscope data to be exploited with respect to creating motion/location profiles of a phone user. It depends on the accuracy and drift of the sensors, time references, signal processing techniques employed, required accuracy, etc.

I wouldn't be shocked if a very clever individual/company could create something interesting of value (ie, sellable processed user information) from collected raw sensor data.

I'm glad Apple is thinking ahead with respect to the possibilities and privacy implications.
Score: 6 Votes (Like | Disagree)
VictoryHighway Avatar
VictoryHighway
45 months ago
Interesting. The limitations to interactive ad or experiential campaigns would be frustrating for many companies that have things in the works. But this would provide another potential opportunity for Apple, which they really should look into: an internally-hosted and -approved ad platform. Apple should offer a way to have interactive ads that rely on iOS device information to the company for review and eventual hosting once approved. This way, they keep control of where that data goes (I think many trust Apple more than any other company to keep the data secure and only used for the purpose of displaying the experience), and Apple can take a reasonable fee for the privacy and availability of such a service that it hosts, adding another service-based revenue stream. It's a good way to capitalize on its user base without "selling" its customer information... Instead, they're just getting paid to be a watchdog over your private device metrics to let you experience more types of media online worry-free.
They had that. It was called iAd and it was a major flop.
Score: 5 Votes (Like | Disagree)
Read All Comments

Popular Stories

airpods pro 2 1

AirPods Pro 2 No Longer Expected to Feature Built-In Heart Rate or Body Temperature Sensor

Sunday July 3, 2022 8:07 pm PDT by
While past rumors have indicated the upcoming second-generation AirPods Pro will feature a built-in heart rate and body temperature sensor, Bloomberg's Mark Gurman has cast doubt on those rumors turning out to be true, saying instead such a feature is unlikely to come anytime soon. "Over the past few months, there have been rumors about this year's model gaining the ability to determine a...
Read Full Article81 comments
top stories 2jul2022

Top Stories: M2 MacBook Air Release Date, New HomePod Rumor, and More

Saturday July 2, 2022 6:00 am PDT by
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks. Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
Read Full Article20 comments
Apple Watch 8 Unreleased Feature Thumb

Apple Watch Series 8 Model Rumored to Feature 5% Larger Display

Monday July 4, 2022 5:50 am PDT by
Apple is working on an Apple Watch Series 8 model with a larger display, according to DSCC's Ross Young and Haitong International Securities's Jeff Pu. In October last year, Young suggested that the Apple Watch Series 8 could come in three display sizes. Now, responding to a query about the rumor on Twitter, Young claims that the additional display size joining the Apple Watch lineup will be ...
Read Full Article209 comments
intel go pc justin long

Windows Laptop Makers 'Worried' About New MacBook Air Impacting Sales

Tuesday July 5, 2022 6:57 am PDT by
The upcoming launch of Apple's redesigned MacBook Air with the M2 chip has some Windows laptop manufacturers "worried" that sales of Intel-based laptops will be negatively affected, according to industry sources cited by DigiTimes. "A Wintel brand vendor pointed out that at a price point of US$1,000-$1,500, the MacBook Air will crowd out other high-end notebooks," the report claims, with...
Read Full Article320 comments
Apple Watch Series 8 What We Know Feature

Apple Watch Series 8 Might Be Able to Tell If You Have a Fever

Sunday July 3, 2022 6:36 am PDT by
The upcoming Apple Watch Series 8 will be able to tell a wearer if it believes they have a fever due to a higher than normal body temperature thanks to a new built-in sensor, according to Bloomberg's reliable Mark Gurman. Writing in the latest edition of his Power On newsletter, Gurman says that the Apple Watch Series 8 will feature a new body temperature sensor, given that the sensor passes ...
Read Full Article185 comments
macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
Read Full Article330 comments
European Commisssion

EU Approves Landmark Legislation to Regulate Apple and Other Big Tech Firms

Tuesday July 5, 2022 5:53 am PDT by
European Union lawmakers have approved landmark legislation to heavily regulate Apple, Google, Meta, and other big tech firms. The Digital Markets Act (DMA) and Digital Services Act (DSA) were proposed by the European Commission in December 2020. Now, collected in a "Digital Services Package," the legislation has been formally adopted by the European Parliament and seeks to address...
Read Full Article456 comments