This article was published on August 7, 2019

Apple will limit VoIP background data collection from WhatsApp, Snapchat et al in iOS 13


Apple will limit VoIP background data collection from WhatsApp, Snapchat et al in iOS 13 Image by: Chris Velazco/Twitter

Apple is reportedly planning a new feature in iOS that will restrict apps from runing voice over Internet protocol (VoIP) processes in the background when the programs are not actively in use.

The “small but significant change” — according to The Information — strikes at the heart of Facebook and other messaging apps, and could result in a fundamental rewiring of the applications on the platform.

By introducing this new privacy-focused feature, the iPhone maker hopes to prevent third-party apps from listening in the background to collect your data.

The feature is slated to go live in iOS 13, which is currently in beta and will be officially rolled out next month.

The VoIP loophole

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Many VoIP apps that offer this feature — including Facebook’s Messenger and WhatsApp — will be impacted by the change. Called PushKit, the background VoIP process is used to detect incoming internet calls without having to reopen the apps.

But app developers can also exploit the persistence mechanism to surreptitiously collect data, something Apple is putting a stop to in its upcoming software update.

Per The Information, WhatsApp uses the current VoIP framework to implement end-to-end encryption, while Snapchat and WeChat rely on the tech for purposes beyond the scope of voice calls.

With iOS 13, Apple will limit this background process so it can only be used for internet-based calls, with no access to other forms of background data collection.

The change, therefore, could result in companies rewriting their apps to comply with Apple’s new restrictions. Based on the report, developers have time till April 2020 to update their apps.

Facebook’s spotty privacy record

The Cupertino-based company has said the change will protect user privacy and will result in performance improvements for iOS devices, as background tasks can significantly drain battery and other system resources.

Facebook, for its part, said it’s working to address the issue:

The changes to the upcoming iOS releases are not insignificant, but we are in conversations with Apple on how best to address. To be clear — we are using the PushKit VoIP API to deliver a world-class, private messaging experience, not for the purpose of collecting data.

But then again, we already know the social network’s privacy record isn’t stellar and can’t quite be trusted with our data.

This is not the first time Apple and Facebook have fought over their contrasting approaches to user privacy. Back in January, Apple revoked the social media giant’s enterprise developer certificate after it uncovered that Facebook was improperly using it to distribute apps that monitored user activity in return for $20 a month.

Apple’s continued privacy push

Apple has long beaten the privacy drum, which it hopes will make it a crucial differentiator from data-hungry rivals like Facebook, Google, and Amazon. The move is especially crucial as it increasingly pivots to services for revenue and growth.

The company’s data collection practices are more private than its Silicon Valley counterparts. Its device-focused infrastructure ensures data separation, and it neither tracks users across the entire web, nor collects location, or purchase history for advertising purposes.

However, it does have a thriving ads business inside Apple News and the App Store that serves interest-based adverts based on App Store search history and Apple News reading history.

Regardless, Apple is in it for the long haul, positioning itself as the privacy-as-a-service company. Earlier this June, it announced a new single sign-on option that allows any registered Apple ID user to sign in to third-party websites without having to share any personal information, or create a website-specific password.

By inserting itself as the gatekeeper, the tech giant is acting as the mediator between users and third-parties, forcing them to play by its exacting data collection standards. And this can only be a good thing.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with