Apple prides itself as a privacy-focused company, but according to one research, the technology giant might be going against its own practices when it comes to collecting App Store data. According to one research, users can be identified and associated with their own iCloud account, despite Apple having reiterated otherwise.
Unique Identifier Is Apparently Tied With App Store Analytics Which May Associate Users by Their iCloud Account
A Twitter thread published by app development and research team Mysk found out that Apple sends a ‘Directory Services Identifier,’ or ‘dsId’ with its App Store analytics. This unique identifier is also tied to the user’s iCloud and is able to link your name, email address, and other credentials. What is alarming is that the revelations reported in the thread state that even if users switch off device analytics in the ‘Settings menu, Apple sends this dsId to other apps too.
It is worth noting that on Apple’s Device Analytics & Privacy document, the company states that none of the user information collected is tied to that individual, suggesting that as a user, you would appear anonymous.
“None of the collected information identifies you personally. Personal data is either not logged at all, is subject to privacy preserving techniques such as differential privacy, or is removed from any reports before they’re sent to Apple. You can review this information on your iOS device by going to Settings > Privacy & Security > Analytics & Improvements and tapping Analytics Data.”
🚨 New Findings:
Apple’s analytics data include an ID called “dsId”. We were able to verify that “dsId” is the “Directory Services Identifier”, an ID that uniquely identifies an iCloud account. Meaning, Apple’s analytics can personally identify you 👇 pic.twitter.com/3DSUFwX3nV
— Mysk 🇨🇦🇩🇪 (@mysk_co) November 21, 2022
Even though Apple continues to prattle that it does not sell user data to collection firms, it can still use its ‘Directory Services Identifier’ for its own goals, whatever those may be. Earlier this month, we reported that a lawsuit was filed against Apple, with the plaintiff stating that Apple violates user privacy while also financially benefiting from it. The lawsuit was filed based on Mysk’s research, but according to AppleInsider, the researchers were not able to examine the data in iOS 16 due to its encryption.
Some users might still be at ease that Apple is not sending that data to third parties, but in light of the latest findings, the firm might want to make changes to its Device Analytics & Privacy document as soon as it can.
News Source: Mysk