To get the latest security protections against viruses, exploits and whatever other nasty stuff is out there, it’s wise to keep the software for our devices updated.
For iPhones, that’s especially true now. That’s because Apple’s iOS 13, the most recent mobile software for iPhones, arrived last week. Similar updates to the operating system for iPads, iPadOS, was released this week. And they offer many new tools that help safeguard our digital privacy.
Apple walked me through a list of the new privacy features. Among them is a shortcut to automatically create a burner email address for signing in to apps. The software also has a call-silencing feature to shut down robocallers. And there are new buttons to minimize sharing of location data with third parties.
In an era when digital privacy is in the spotlight, these tools are more than welcome. So I tested iOS 13 for a week to figure out which of the new features are easy to use and how best to take advantage of those items that are buried in the system settings. (Android users, stay tuned for a similar how-to guide on Google’s new privacy tools soon.)
One word on when you should adopt iOS 13: New operating systems are typically chock-full of software bugs, and this one is no exception. So it would behoove most iPhone owners to wait a few weeks for those glitches to be fixed before installing the free update.
For now, bookmark this column to find out more about iOS 13’s top new privacy features. Then return to it after you download the update.
Signing in to apps with a burner email address
Apple’s most significant new privacy tool in iOS 13 is a button that lets you use an Apple ID to sign in to apps and websites. It’s called Sign in with Apple.
Versions of this already exist elsewhere. Google and Facebook, for instance, let you use your Google or Facebook accounts to log in to different websites and apps. But Sign in with Apple has a special privacy-centric twist.
When you use it to register for a website or app, iOS 13 will present you with an option to hide your email address that is linked to your Apple ID. If you choose to use it, Apple will create what is essentially a burner email address so that you can sign up for the app or website while hiding your real email address from the third party.
Whenever the website or app then tries to contact you, it will email the burner address and not your real email address. Apple will forward the note to you so you are aware of it. Then if a business starts sending spam to the burner email address, you can easily delete your account and the business won’t have your real email address.
I tested Sign in with Apple with a few apps like the travel-booking app Kayak. It worked smoothly. Here’s how: When I opened the Kayak app, the button labeled Sign in with Apple showed up. After clicking through, I saw the option to hide your email address. From there, Apple generated a random string of characters as a burner address and automatically set a password for the account.
Sign in with Apple then made logging in and out of the Kayak app a breeze. I didn’t have to memorize the burner email address or password; after signing out of the app or website, I signed back in by scanning my face and using Apple’s Face ID biometric system.
There are some downsides. If you try to sign in with the burner email account on, say, a web browser that lacks Sign in with Apple, you will have to manually enter the email address and reset the password.
So this feature is most convenient with apps and sites that you plan to use primarily on the iPhone, to spare you the hassle of jotting down strange email addresses and their passwords.
Robocallers can make random calls to you throughout the day, which is invasive. But a new option in iOS 13 lets you silence calls coming from all unknown numbers. I had mixed feelings about this tool, which I’ll explain in a bit.
To turn on the feature, you open the Settings app, open the Phone menu and toggle on the switch for Silence Unknown Callers. When an unknown caller then tries to call, you will see a notification on your screen, but the phone won’t vibrate or ring. The caller is sent to voice mail.
This is a brute-force approach to shutting out robocallers, which makes it imperfect. When I tested this feature, I blocked six spam calls — but also missed several important work-related calls from people who were not yet in my address book.
Still, Apple’s tool is a decent temporary solution compared with several robocall-blocking apps that I have tested over the last several years. All of those were ineffective and let plenty of scam calls through.
Stop apps and people from following your location
Unbeknown to many of us, thousands of apps have been collecting our location data and selling the information to advertisers, retailers and hedge funds.
New buttons in iOS 13 help address this issue. In the past, when opening a newly downloaded app that wanted access to your location, you had the option of always sharing location data, sharing it only when the app was in use or never sharing location. Now when you open an app that is asking for your location, you can tap “Allow Once.”
If you tap it, you are explicitly giving the app permission to share your location that one time. That eliminates the app’s ability to continue pulling your location data in the background when you are not using it.
The annoying part of this is that if you tap Allow Once, you will be asked how you want to share your location data every time you open the app. But it’s worth using for peace of mind if you don’t fully trust an app that wants your location — a weather app from an unknown start-up, for example.
Similarly, iOS 13 now requires that apps ask for permission to gain access to your Bluetooth sensor, the chip that you typically use to wirelessly connect to accessories like earphones. That can stop many retailers and brands that have deployed Bluetooth-sensing beacons throughout their physical stores from knowing when you have entered their location.
For some apps, leaving Bluetooth access on makes sense. Amazon’s Alexa app, for example, should be able to constantly use my iPhone’s Bluetooth to stream audio to an Echo speaker.
But for other apps that clearly don’t use this sensor for anything other than detecting your location — like the Macy’s app — you may choose to reject access.
There’s one more important new feature in iOS 13 related to location sharing that has to do with your camera.
When you take photos, the camera records metadata by default, including where the photo was taken. Photo apps use this feature to automatically organize your photo albums by place. But if you share an image containing location metadata on social media or in messages, you could give away sensitive information like where you live or work.
With iOS 13, you can strip metadata from a photo before sharing it. In the Photos app, you choose the photo and tap the icon of a square with an arrow pointing upward. Then click Options, and for the option that says Location, switch it to the off position. Then you can share the photo without revealing your whereabouts.
Over all, these are thoughtful additions to iOS. Although some of these features feel overdue, Apple’s software system is better equipped to protect our privacy than its main rival, Google’s Android.
Most important, Apple’s descriptions of the features are written in plain language for casual users. For example, when Macy’s asked for access to my Bluetooth, Apple’s notification warned that the app could use the sensor to know when I am nearby.
It’s disturbing to realize by getting all these new privacy tools now that our data was ever exposed like this to begin with. These are all features we have desperately needed in the constant struggle to protect our digital privacy.