January 25, 2024 at 01:38PM
iOS apps are using push notifications to collect user data, bypassing Apple’s background app activity restrictions and posing a privacy risk for iPhone users. The practice involves transmitting device data to servers, potentially allowing persistent tracking. Apple plans to tighten restrictions on APIs for device signals to mitigate the issue, but until then, users can disable push notifications to evade fingerprinting.
The meeting notes are focused on the discovery of privacy risks for iPhone users stemming from certain iOS apps using background processes triggered by push notifications to collect user data for creating fingerprinting profiles. The actions bypass Apple’s background app activity restrictions and have been found to be more prevalent than previously thought. The notes also cover Apple’s plans to address the issue by tightening restrictions on using APIs for device signals. Additionally, there are instructions for iPhone users to disable push notifications to evade fingerprinting, with a note about the US government’s requests for push notification records and Apple’s response.