How Apple’s iCloud helps protect your privacy

iCloud is one of the many ways Apple ensures user privacy

iPhone 14

Apple’s senior vice president of software engineering, Craig Federighi, said, “privacy is a fundamental human right” during a recent interview on John Gruber’s The Talk Show podcast post-WWDC.

Apple has always been a privacy-focused company. Steve Jobs famously defined privacy as people knowing what they’re signing up for in plain English. More recently, Apple’s ‘Privacy. That’s iPhone’ ad campaign has blitzed the message that iPhones are private and secure to consumers.

Nearly every Apple product and service is designed with privacy in mind. While the tech giant is by no means perfect 100 percent of the time, I’d argue that Apple’s privacy initiatives are incredibly impressive, considering we live within a technology landscape that continues to force users to unwillingly compromise their personal privacy to drive sales of tremendously invasive ads or have it resold. Meanwhile, nearly every user of an Apple device has an Apple ID and uses iCloud to back up and sync their data.

Here are six great features to help protect your privacy by leveraging your Apple ID and iCloud:

Sign in with Apple

When setting up a new account for a service, you’ve likely seen those “sign in with Google” or “sign in with Facebook” buttons. Using a third-party single sign-on service to create and manage new accounts is attractive. I mean, no one wants to remember another password. However, using a single sign-on service reduces your privacy by granting a company like Google or Facebook the ability to know every time you sign into another service. While single sign-on providers don’t see what you’re doing while logged into the service, they can still use your login behaviour as another data point for their advertising profile on you.

Sign-in with Apple is Apple’s privacy-focused solution to the personal data compromises imposed by other single sign-on providers. The feature works similarly to any single sign-on provider by creating an account for you with a third-party service while leveraging your Apple ID to manage authentication and security. Sign-in with Apple is different than alternatives by hiding your email address and replacing it with an email alias. Apple also doesn’t track you or create a profile on your behaviour. 

The company requires that any app distributed by the App Store that supports Sign in with Google, Facebook, or other providers, not only support Sign in with Apple but also place it above every other single sign-on option. Sign-in with Apple is free with all Apple IDs.  

Hide my Email

As fantastic as Sign in with Apple is, sadly, it is not available everywhere. Still, while a service may require you to create an account, you shouldn’t just give out your email without a second thought. Available to iCloud+ subscribers, Hide My Email allows you to create disposable randomly generated email aliases that forward to your iCloud email. This means that when prompted for your email, you can hop over to Settings on iOS and iPadOS or System Settings on macOS and generate a new email alias.

Emails are often used as a simple identifier to track you across the internet, and aliases mitigate an ad network from doing so. Plus, should a service sell this email to another vendor or begin to spam you with unwanted emails, you can simply delete the alias. Apple has a support article walking you through generating email aliases using Hide My Email. 

Private Relay

iCloud Private Relay is another iCloud+ feature. When enabled, Private Relay encrypts your Safari web traffic and relays it in a way that ensures that no one, not even Apple, can see both who you are and what website you are visiting. Private Relay works by encrypting your website request before it gets set to a relay server operated by Apple. The provider then passes along your request to a second relay used by a trusted third party that decrypts what website you are trying to visit and directs your request accordingly.

This way, the third party does not know who you are, but they do know what website is being visited. Apple, nor the third party, have both pieces of who you are and where you are trying to visit. 

By leveraging Private Relay, network administrators and internet service providers (ISPs) cannot view your network traffic; thus, your privacy is better protected. Private Relay sounds awfully similar to a VPN, but some significant differences exist. First, Private Relay does not vector all network traffic on a device like a VPN. It only supports traffic from Safari. Second, individuals can select their location while using a VPN to view content from a streaming service unavailable in their region, for example. Private Relay doesn’t do this.

Finally, while a VPN can offer a similar benefit as Private Relay by hiding your web traffic from network administrators and ISPs, you are simply shifting that information from your ISP to your VPN provider. So, hopefully, you trust your VPN provider more than your ISP. However, assuming you live in Canada, you probably shouldn’t. Private Relay is actually more private by having two relays, one by Apple and another operated by a trusted third party, ensuring that neither side has both who you are and the website being visited, providing a far more private experience. 

Fair warning, while Private Relay offers fantastic private benefits, in my limited testing, it is terribly slow. I experienced my download speed being chopped from 350mbps down to 9mbps and my upload speed from 150mbps to 50mbps. 

HomeKit Secure Video

If you’re interested in home automation and smart home accessories like I am, then privacy might be a big concern. Security cameras are a great way to help ensure the security of your home. However, many security camera vendors want to charge you pricy subscriptions and don’t always have the best reputation for handling our data. 

Apple’s HomeKit Secure Video (HSV) aims to be the solution for iCloud+ subscribers. Compatible HomeKit cameras such as the Logitech Circle View, Aqara G2H Pro, and eufy C24, among many others, can be configured to feed its data stream via HSV instead of handing it off to the camera’s manufacturer.

Once configured, footage is processed and encrypted on-device by your home hub, either an Apple TV or HomePod. The encrypted data is then sent to Apple’s servers for storage. Since the data is processed and encrypted on the device by your home hub, Apple nor any third party ever sees or can access your footage. Granted, HSV is not as feature-rich as some third-party offerings. Still, the privacy benefits and being included in my iCloud+ subscription make HSV a no-brainer to me. 

The 50GB iCloud+ plan includes support for one HSV camera, the 200GB iCloud+ plan provides support for up to five HSV cameras, and the 2TB iCloud+ plan includes support for unlimited HSV cameras.

Advanced Data Protection

Advanced Data Protection (ADP) has been a long-requested feature by Apple and privacy enthusiasts alike. ADP protects your data using end-to-end encryption, ensuring that all your iCloud data, including files, notes, and reminders, is secure from unauthorized viewing. iCloud mail, contacts, and calendars are the only three categories not encrypted by ADP to ensure interoperability with third-party apps and services. 

Before ADP, your data was still encrypted and securely stored by Apple. The difference was that the data was not “end-to-end” encrypted. Apple held a decryption key which it used when law enforcement presented a warrant and, in theory, could have been used should Apple have ever suffered a data breach. Previously to ADP, your iCloud Keychain and Health data were already end-to-end encrypted. ADP takes what Apple had learned from encrypting iCloud Keychain and health data and applies it to all of your iCloud data, ensuring that only you can ever access it. You can read more about how ADP works from the Apple Platform Security guide or learn how to turn it on via this Apple Support article. 

It’s important to consider whether ADP is right for you before enabling it because if you get locked out of your iCloud account, Apple cannot help you get back in once enabled. ADP is meant for those who are determined to put security and privacy above being able to receive support should they get locked out of their Apple ID.  

Pro-tip, if you never use iCloud on the web, you can disable access to it to help protect your account from unauthorized access. On iOS or iPadOS, launch Settings and tap your name > iCloud. Then, scroll down and toggle ‘Access iCloud Data on the Web’ off. 

App Store Privacy Nutrition Labels

Admittedly, this feature is not an iCloud feature but more an Apple ID feature, but it’s a great one nonetheless. Privacy Nutrition Label’s are an app developer’s self-declaration of what data their app collects on you and how that data is used, such as unique identifiers, usage data, purchase history, financial information, and so much more. 

There are three disclosure categories: data used to track you, data linked to you, and data not linked to you. ‘Data used to track you’ is information the app collects to potentially follow you across other apps and websites. ‘Data linked to you’ is data collected and could be used to build a profile on your usage and habits to deliver personalized ads or resell your data. ‘Data not linked to you’ is data that is anonymously collected by the developer, most often for usage analytics. For example, TikTok tracks you across apps and websites using your contact information and unique identifiers. TikTok then links purchases, location, and nine other categories of data to you. Like many apps, TikTok also collects usage analytics not linked to you. 

Conversely, an app like Feedly doesn’t track its users, so its Privacy Nutrition Label says, ‘Data Not Collected.’ Apple does require apps to submit Privacy Nutrition Label information, but if an app hasn’t been updated recently with its Privacy Nutrition Label information, the app’s App Store page will show “No Details Provided.” Next time you’re looking at an app in the App Store, tap on the app’s product page and swipe down until you see ‘App Privacy.’ The App Privacy section shows an app’s Privacy Nutrition Label. 

As another pro tip, open settings on your iPhone or iPad, tap Privacy & Security > Tracking and toggle ‘Allow Apps to Request to Track’ off. Disabling ‘Allow Apps to Request to Track’ doesn’t guarantee that apps won’t track you across apps and websites via other methods. Still, it does stop Apple from releasing your unique app tracking identifier to third-party apps.