New privacy features on Safari prevent user data collection
Apple launched a series of new privacy features for Safari, including controlling cookies, which will make it more difficult for companies such as Facebook to track users. All along, companies are accustomed to using cookies to record past visits by users. This helps save login information and preferences. But today, these cookies are also used to draw user portraits to push ads based on user preferences accurately.
However, the new Safari feature will make this wave of operations more difficult.
- NO MORE GRACE PERIOD
Safari used to wait 24 hours from your last visit to a service before blocking that service’s cookies on third-party sites. That effectively exempted Facebook, Google and other services that people visited daily. Now, Safari will either block the cookie automatically or prompt you for permission.
Apple says Safari will still be able to remember sign-in details and other preferences, though some websites have had to adjust their coding.
- THWARTING FINGERPRINTING
Browsers typically reveal seemingly innocuous information about your device, such as the operating system used and fonts installed. Websites use this to make minor adjustments in formatting so that pages display properly.
Browsers have historically made a lot of information available, largely because it seemed harmless. Now it’s clear that all this data, taken together, can be used to uniquely identify you. Safari will now hide many of those specifics so that you will look no different from the rest.
It’s like a system that digitally blurs someone’s image, said Lance Cottrell, creator of the privacy service Anonymizer. “You can tell it’s a person and not a dog, but you can’t recognize a person’s face,” he said.
For instance, Safari will reveal only the fonts that ship with the machine, not any custom fonts installed.
- MASKING WEB ADDRESSES
When visiting a website, the browser usually sends the web address for the page you were just on. This address can be quite detailed and reveal the specific product you were exploring at an e-commerce site, for instance.
Now, Safari will just pass on the main domain name for that site. So it would be just “Amazon.com” rather than the specific product page at Amazon.
- CLOSING A LOOPHOLE
Some ad companies have sought to bypass restrictions on third-party cookies — that is, identifiers left by advertisers — by using a trick that routed them through a series of websites. That could make a third-party cookie look like it belonged to a site you’re visiting. Safari will now try to catch that.
The changes come Tuesday as part of the iOS 12 update for iPhones and iPads and a week later in the Mojave update for Mac computers.
Many of the safeguards will be limited to cookies that Apple deems to be trackers. That’s being done to reduce the likelihood of inadvertently blocking legitimate third-party cookies.