The Privacy Enthusiast’s Guide to Using an iPhone
by Thorin Klosowski
Your privacy is important, and now more than ever, it seems like everyone is trying to put eyes on your personal data. That might include advertisers, governments, or some weird voyeur in your life. The good news is you can do a few things to your iPhone to make it more secure and privacy friendly without ruining the experience.
The System Settings You Want to Change for Privacy
First things first, you’ll want to go through your general system settings and change a few things. Here’s what we recommend, but pick and choose whichever features matter most to you:
- Set a strong, alphanumeric passcode: Head to Settings > Touch ID & Passcode and make sure you have a passcode. An alphanumeric passcode that includes both numbers and letters is usually seen as more secure than a numeric one.
- Don’t use Touch ID: Touch ID is great for convenience, but it’s a mess when it comes to privacy. Laws are still unclear about this, but right now, police can force you to use your fingerprint to unlock your phone, but they can’t make you cough up a passcode. To turn Touch ID off, head to Settings > Touch ID & Passcode, and disable the toggle for iPhone Unlock.
- Delete any widgets that displays personal info: iOS 10 introduced lockscreen widgets, which are great, but they also potentially display all kinds of information you might not want easily accessible. Swipe to the right on the lock screen, then tap Edit to remove any widgets you have installed that display private data you don’t want a stranger seeing.
- Disable certain home screen features: Head to Settings > Touch ID & Passcode and look for “Lock screen access.” Remove anything that gives someone access to your personal info, like the Today View, Siri, and Wallet. You might also want to disable Reply with Message here, since someone could reply to an incoming message without unlocking your phone.
- Disable tracking: Head to Settings > Privacy > Location Services > System Services and turn off Frequent Locations. This is a Maps feature that tracks where you go often under the guise of improving search.
- Turn off contact, photo, email, or calendar, location access in apps that don’t need it: Head to Settings > Privacy. Here, you’ll see a list of a bunch of different system services, including location, contacts, and more. These are the iPhone services you can grant apps access to. There might be some apps in here you don’t remember authorizing or you just don’t want anymore. Tap a service, then go through and disable any app you don’t want to access that service.
- Remove notification previews: Chances are you don’t want to disable notifications completely, but you might want to hide what those notifications display on the lockscreen. Head to Settings > Notifications and then disable previews for Mail and Messages.
- Turn on two-factor authentication: Two-factor authentication is the best way to lock down your accounts so a stranger can’t access it, even if they know your password. You can set it up for your Apple ID here. You should use two-factor authentication for all your other accounts as well.
- Enable Find My iPhone: Find My iPhone is a bit confusing from a privacy standpoint, but most people will benefit more from using it then not. With Find My iPhone enabled, you can track a lost phone using iCloud, and you can wipe your phone remotely. Apple will have access to the same information, so it boils down to whether you want to keep the data out of Apple’s hands (in which case you shouldn’t use an iPhone at all) or out of a thief’s hands.
- Turn off iCloud backups for select apps: iCloud backup is insanely helpful, and while an extreme privacy nut would disable them in order to keep that data off of Apple’s servers, and easier solution is to just turn off certain apps. If you head to Settings > iCloud > Storage > Manage Storage > Backups, you can choose which apps back up to iCloud and which don’t. Disable any apps that hold sensitive data.
The Productivity Apps That Protect Your Privacy
Most productivity apps completely disregard your privacy for the sake of convenience. This isn’t a bad thing, as cloud syncing and smart organization features are exactly the features you want from productivity apps. Still, you might not want all your data to somehow end up public, which is where these security-focused apps come in handy. Some, like a web browser or password manager are useful all the time, and others, like an encrypted notes app or VPN, are only useful for certain things.
Web Browser: Brave or Firefox Focus
You’ll find a ton of different web browsers in the App Store that claim to protect your privacy, but the two we like the most are Brave and Firefox Focus.
Firefox Focus is very similar to Brave, but goes a step further. It blocks ads, trackers, social media, cookies, and more. Firefox Focus also makes it easy to wipe your browser history with a couple taps, remove all passwords, and delete any cookies. Firefox Focus doesn’t feature tabbed browsing, so Firefox Focus is best as a supplement to Safari when you want to keep your browsing off the record.
Email: ProtonMail or Gmail
Email is a little harder to tackle from a privacy angle and what you do here depends on why you’re concerned about privacy. If you don’t want anyone looking at the emails you’re sending, then you’ll want to set up a free email address with ProtonMail. You cannot use the ProtonMail iOS app without a ProtonMail account, but it is the most secure and private app out there.
For everything else, keep on using the Gmail account you’ve always used. Despite Google’s data mining, the Gmail app does a good job of keeping your private data out of the hands of anyone else. Every email is over SSL, Gmail encrypts email from sender to receiver, and two-factor authentication can secure your email in case you lose your device. Of course, Google has its eyes in there, but if you’re concerned about some random person finding your phone then Gmail is a solid bet.
Aside from a service like ProtonMail or running your own server, there’s no great way to keep email private, at least on your phone. In that case, Gmail’s at least a secure option.
Messaging: Signal or WhatsApp
When it comes to secure and private messaging, you have two popular choices in Signal and WhatsApp. Both feature end-to-end encryption, neither stores messages on their servers after they’re delivered, both have voice-calling as well as messaging, and both are super easy to use. Which app is better for you depends on where your contacts are, because both parties in a chat need to use the same app.
Password Manager: LastPass or 1Password
The best way to keep someone out of your various online accounts is to have a good, strong password. The best passwords are too complicated for most of us to remember them, which is why you should use a password manager. We like LastPass and 1Password.
Your password manager generates random passwords for all your sites, which makes it pretty hard for anyone to get into your accounts to snoop around. This has the dual benefit of security and privacy, since you won’t know the passwords to your accounts, making it harder for anyone else to get to them. LastPass is free and syncs data across platforms. 1Password is $3/month if you want syncing, but can also store your password vault locally if you don’t want that data on a server.
VPN: Hideman, Tunnelbear, or NordVPN
A VPN is an easy way to secure and encrypt your basic web usage. When you connect to a VPN, all your traffic is secure, which is most useful when you’re on public networks. When you’re at the Starbucks on their Wi-Fi, you can connect to your VPN, then secure your traffic on a public network. This way, nobody can snoop on your traffic.
You have a ton of options for good VPNs, but when it comes to basic usability, we like Hideman, NordVPN, and Tunnelbear on iOS. All three require a monthly fee if you use a lot of data, but they also give you some free data, which is plenty for the occasional public web browsing at a coffee shop, hotel, or airport.
To be clear here, if you have sensitive data you want private forever, you shouldn’t keep it on your phone. You also should not store it on a cloud service like Dropbox or Evernote, since no cloud storage is completely secure unless you go through and encrypt all your data ahead of time.
Cloud Storage: SpiderOak
The iPhone app isn’t nearly as robust as something like Dropbox, but it does maintain SpiderOak’s level of security. If you need a secure online storage option to sync files up and make them accessible from your phone, SpiderOak is your best bet.