Privacy Guide to Using iPhone

Ryan IsbelliOS, iPhone, Tips and Tricks

privacy

The Privacy Enthusiast’s Guide to Using an iPhone

by Thorin Klosowski

Your privacy is important, and now more than ever, it seems like everyone is trying to put eyes on your personal data. That might include advertisers, governments, or some weird voyeur in your life. The good news is you can do a few things to your iPhone to make it more secure and privacy friendly without ruining the experience.

First things first: this is an Apple device and it’s a smartphone, so you’ll never hide yourself completely, but you can do a few things to shore up holes to make sure you’re not making it easy for someone to collect your private information. We don’t want to give you a false sense of impenetrable privacy here, but the below tips and various apps will at least lock down information as much as possible without disrupting your daily activities.

The System Settings You Want to Change for Privacy

First things first, you’ll want to go through your general system settings and change a few things. Here’s what we recommend, but pick and choose whichever features matter most to you:

  • Set a strong, alphanumeric passcode: Head to Settings > Touch ID & Passcode and make sure you have a passcode. An alphanumeric passcode that includes both numbers and letters is usually seen as more secure than a numeric one.
  • Don’t use Touch ID: Touch ID is great for convenience, but it’s a mess when it comes to privacy. Laws are still unclear about this, but right now, police can force you to use your fingerprint to unlock your phone, but they can’t make you cough up a passcode. To turn Touch ID off, head to Settings > Touch ID & Passcode, and disable the toggle for iPhone Unlock.
  • Delete any widgets that displays personal info: iOS 10 introduced lockscreen widgets, which are great, but they also potentially display all kinds of information you might not want easily accessible. Swipe to the right on the lock screen, then tap Edit to remove any widgets you have installed that display private data you don’t want a stranger seeing.
  • Disable certain home screen features: Head to Settings > Touch ID & Passcode and look for “Lock screen access.” Remove anything that gives someone access to your personal info, like the Today View, Siri, and Wallet. You might also want to disable Reply with Message here, since someone could reply to an incoming message without unlocking your phone.
  • Disable tracking: Head to Settings > Privacy > Location Services > System Services and turn off Frequent Locations. This is a Maps feature that tracks where you go often under the guise of improving search.
  • Turn off contact, photo, email, or calendar, location access in apps that don’t need it: Head to Settings > Privacy. Here, you’ll see a list of a bunch of different system services, including location, contacts, and more. These are the iPhone services you can grant apps access to. There might be some apps in here you don’t remember authorizing or you just don’t want anymore. Tap a service, then go through and disable any app you don’t want to access that service.
  • Remove notification previews: Chances are you don’t want to disable notifications completely, but you might want to hide what those notifications display on the lockscreen. Head to Settings > Notifications and then disable previews for Mail and Messages.
  • Turn on two-factor authentication: Two-factor authentication is the best way to lock down your accounts so a stranger can’t access it, even if they know your password. You can set it up for your Apple ID here. You should use two-factor authentication for all your other accounts as well.
  • Enable Find My iPhone: Find My iPhone is a bit confusing from a privacy standpoint, but most people will benefit more from using it then not. With Find My iPhone enabled, you can track a lost phone using iCloud, and you can wipe your phone remotely. Apple will have access to the same information, so it boils down to whether you want to keep the data out of Apple’s hands (in which case you shouldn’t use an iPhone at all) or out of a thief’s hands.
  • Turn off iCloud backups for select apps: iCloud backup is insanely helpful, and while an extreme privacy nut would disable them in order to keep that data off of Apple’s servers, and easier solution is to just turn off certain apps. If you head to Settings > iCloud > Storage > Manage Storage > Backups, you can choose which apps back up to iCloud and which don’t. Disable any apps that hold sensitive data.

The Productivity Apps That Protect Your Privacy

Most productivity apps completely disregard your privacy for the sake of convenience. This isn’t a bad thing, as cloud syncing and smart organization features are exactly the features you want from productivity apps. Still, you might not want all your data to somehow end up public, which is where these security-focused apps come in handy. Some, like a web browser or password manager are useful all the time, and others, like an encrypted notes app or VPN, are only useful for certain things.

None of these apps will keep your data private if you have a corporate managed iPhone with Mobile Device Management set up. If that’s the case, get a separate phone and do not use your work phone for anything other than work.

Web Browser: Brave or Firefox Focus

You’ll find a ton of different web browsers in the App Store that claim to protect your privacy, but the two we like the most are Brave and Firefox Focus.

By default, Brave uses HTTPS Everywhere. It also blocks scripts, cookies, phishing, pop-ups, and ads. You can turn any of those features off and back on again on a per-site basis, which makes it easy to troubleshoot any problems or whitelist sites. Brave’s desktop apps have an odd payment system to pay out publishers even though it’s blocking ads, but it doesn’t seem to be in place on mobile. Brave can be a replacement to Safari. Brave has the features you need in a browser, like bookmarks, history, and password manager support.

Firefox Focus is very similar to Brave, but goes a step further. It blocks ads, trackers, social media, cookies, and more. Firefox Focus also makes it easy to wipe your browser history with a couple taps, remove all passwords, and delete any cookies. Firefox Focus doesn’t feature tabbed browsing, so Firefox Focus is best as a supplement to Safari when you want to keep your browsing off the record.

Email: ProtonMail or Gmail

Email is a little harder to tackle from a privacy angle and what you do here depends on why you’re concerned about privacy. If you don’t want anyone looking at the emails you’re sending, then you’ll want to set up a free email address with ProtonMail. You cannot use the ProtonMail iOS app without a ProtonMail account, but it is the most secure and private app out there.

ProtonMail encrypts every message you send, which means the company can’t even read your emails. If you send messages between two ProtonMail accounts, this happens automatically. If you send an email to someone not on ProtonMail, they’ll get a link to the message that needs a password in order to read it. If you need to keep email messages private and secure, ProtonMail is the app you want to use.

For everything else, keep on using the Gmail account you’ve always used. Despite Google’s data mining, the Gmail app does a good job of keeping your private data out of the hands of anyone else. Every email is over SSL, Gmail encrypts email from sender to receiver, and two-factor authentication can secure your email in case you lose your device. Of course, Google has its eyes in there, but if you’re concerned about some random person finding your phone then Gmail is a solid bet.

Aside from a service like ProtonMail or running your own server, there’s no great way to keep email private, at least on your phone. In that case, Gmail’s at least a secure option.

Messaging: Signal or WhatsApp

When it comes to secure and private messaging, you have two popular choices in Signal and WhatsApp. Both feature end-to-end encryption, neither stores messages on their servers after they’re delivered, both have voice-calling as well as messaging, and both are super easy to use. Which app is better for you depends on where your contacts are, because both parties in a chat need to use the same app.

Signal does have a few added security features over WhatsApp. Signal doesn’t store metadata, but WhatsApp does. This means while WhatsApp doesn’t know the contents of a message, it does know who the messages are between and records the data, which it could then hand over to law enforcement with a warrant. Signal does not store any of this. If you back up your iPhone using iCloud, Signal will not store your messages in the backup, but WhatsApp will. Your iCloud backups are encrypted so this shouldn’t matter, but you’d typically want to keep this data local when possible. None of this matters to most of us, but it’s all worth noting nonetheless.

Password Manager: LastPass or 1Password

The best way to keep someone out of your various online accounts is to have a good, strong password. The best passwords are too complicated for most of us to remember them, which is why you should use a password manager. We like LastPass and 1Password.

Your password manager generates random passwords for all your sites, which makes it pretty hard for anyone to get into your accounts to snoop around. This has the dual benefit of security and privacy, since you won’t know the passwords to your accounts, making it harder for anyone else to get to them. LastPass is free and syncs data across platforms. 1Password is $3/month if you want syncing, but can also store your password vault locally if you don’t want that data on a server.

VPN: Hideman, Tunnelbear, or NordVPN

A VPN is an easy way to secure and encrypt your basic web usage. When you connect to a VPN, all your traffic is secure, which is most useful when you’re on public networks. When you’re at the Starbucks on their Wi-Fi, you can connect to your VPN, then secure your traffic on a public network. This way, nobody can snoop on your traffic.

You have a ton of options for good VPNs, but when it comes to basic usability, we like Hideman, NordVPN, and Tunnelbear on iOS. All three require a monthly fee if you use a lot of data, but they also give you some free data, which is plenty for the occasional public web browsing at a coffee shop, hotel, or airport.

Notes: Keeply

To be clear here, if you have sensitive data you want private forever, you shouldn’t keep it on your phone. You also should not store it on a cloud service like Dropbox or Evernote, since no cloud storage is completely secure unless you go through and encrypt all your data ahead of time.

If you have some stupid photos or notes you just want away from prying eyes, then Keeply is a good app to protect your data. Keeply gives you the option to link it up with Dropbox or keep data on your phone and lets you set up a special PIN to lock the app. Keeply stores notes, photos, passwords, and credit cards. I’d stick to only using it for notes and photos personally, but alongside the PIN protection is also encrypts all data, so it should be pretty safe. What matters here is the data in Keeply never leaves your phone (unless you turn on Dropbox sync), so there’s no chance it’ll end up online.
Cloud Storage: SpiderOak

Cloud storage is a bit tough to do securely and privately, but your best bet is SpiderOak. SpiderOak’s “zero knowledge” privacy policy makes it so encryption takes place locally, so they have no idea what you’re storing with them. The service doesn’t have free tier like Dropbox or Google Drive, but the service is priced to compete, with $5/month getting you 100GB of storage.

The iPhone app isn’t nearly as robust as something like Dropbox, but it does maintain SpiderOak’s level of security. If you need a secure online storage option to sync files up and make them accessible from your phone, SpiderOak is your best bet.

With that, your normal iPhone usage should be generally private and secure from people both online and who access to your phone. There are often ways around all this, but at least you won’t be making it easy for people to track you.
via lifehacker