Your iPhone and iPad have become the center of your digital identity, and it’s easy to lose track of all the ways in which Apple and other parties access your data legitimately—or without your full knowledge and consent. While Apple nearly always errs on the side of disclosure and permission, many other firms don’t. This book comprehensively explains how to configure iOS 16, iPadOS 16, and iCloud-based services to best protect your privacy with messaging, email, browsing, and much more. The book also shows you how to ensure your devices and data are secure from intrusion from attackers of all types.
Take Control of iOS & iPadOS Privacy and Security covers how to configure the hundreds of privacy and data sharing settings Apple offers in iOS and iPadOS, and which it mediates for third-party apps. You’ll learn how Safari has been increasingly hardened to protect your web surfing habits, personal data, and identity—particularly with the addition of the iCloud Private Relay, an option for iCloud+ subscribers to anonymize their Safari browsing.
In addition to privacy and security, this book also teaches you everything you need to know about networking, whether you’re using 3G, 4G LTE, or 5G cellular, Wi-Fi or Bluetooth, or combinations of all of them; as well as about AirDrop, AirPlay, Airplane Mode, Personal Hotspot, and tethering.
Also available: You can save money by buying this book as part of a three-book bundle, which also includes Take Control of Wi-Fi Networking and Security and Take Control of Securing Your Mac. Buy all three books for $25.78, which is 40% off the combined cover prices of $42.97. Add 3-Book Bundle to Cart
You’ll learn how to:
- Master the options for a Personal Hotspot for yourself and in a Family Sharing group.
- Troubleshoot problematic Wi-Fi connections.
- Set up a device securely from the moment you power up a new or newly restored iPhone or iPad.
- Manage Apple’s new built-in second factor verification code generator for extra-secure website and app logins.
- Get to know Apple’s passkeys, a new high-security but easy-to-use website login system with industry-wide support.
- Protect your email by using an address Apple manages and relays messages through for you.
- Understand Safari’s blocking techniques and how to review websites’ attempts to track you.
- Learn about Apple’s privacy-challenging changes designed to improve the safety of children, both those using Apple hardware and those who suffer abuse.
- Optimize cellular data use to avoid throttling or overage charges, while always getting the best throughput.
- Understand why Apple might ask for your iPhone, iPad, or Mac password when you log in on a new device using two-factor authentication.
- Figure out whether an embedded SIM (eSIM) is right for you—or the only choice.
- Share a Wi-Fi password with nearby contacts and via a QR Code.
- Differentiate between encrypted data sessions and end-to-end encryption.
- Stream music and video to other devices with AirPlay 2.
- Deter brute-force cracking by relying on a USB Accessories timeout.
- Engage Lockdown Mode when directly targeted by high-end attackers, such as government spies—from your or another nation—and criminal organizations.
- Configure Bluetooth devices.
- Transfer files between iOS and macOS with AirDrop.
- Block creeps from iMessage, FaceTime, text messages, and phone calls.
- Secure your data in transit with a Virtual Private Network (VPN) connection.
- Protect Apple ID account and iCloud data from unwanted access at a regular level and via the new Safety Check, designed to let you review or sever digital connections with people you know who may wish you harm.
What’s New in Version 3.1
Apple threw us all for a loop in early December 2022 with several announcements, features changes, and updates. Some were enabled by the release of macOS 13.1 Ventura, iOS 16.2, and iPadOS 16.2 a few days later. This version of the book has major revisions to deal with these midstream operating system and iCloud direction changes:
- Advanced Data Protection (ADP): Apple added an option for U.S. customers with the operating system updates above to turn on end-to-end encryption for nearly all iCloud-synced and -store data that previously was only encrypted at rest. Only email, contacts, and calendar entries remain exempt. See “Cloud-Stored Data” and, in particular, “Pick One of Two iCloud Encryption Options” for background, and “Enable ADP for iCloud Data” on turning on the feature. Apple said other residents of other countries will gain access to ADP starting in 2023.
- Disable iCloud.com access to data: Whether or not you enable ADP, you can now opt in the latest operating systems to turn off iCloud.com access to photos, notes, iCloud Drive, and other data. See “Control iCloud.com Access.”
- Dropping CSAM device-based scanning: Apple said they would abandon their plans to analyze personal images on your devices for child sexual abuse material (CSAM) before they were uploaded to iCloud. I’ve revised the “Understand Apple’s Child Protection Approach” chapter to address Apple’s end to implementing a plan first announced in August 2021 and then delayed indefinitely.
- Everyone for 10 Minutes in AirDrop: The option to receive from Everyone now times out 10 minutes after you select it in the latest versions of iOS, iPadOS, and macOS. This was first deployed in China, possibly to disrupt protesters’ communication. Nonetheless, it has positive social effects. See “Configure AirDrop.”
- More dual-SIM and roaming info: After a trip to Europe, I’ve provided more detail in “Use Multiple SIMs” about managing two SIMs (eSIM or otherwise) while roaming.
- New data connection troubleshooting messages: iOS 16 and iPadOS 16 added a couple new error messages to help you when you can’t connect to data. I’ve updated “Turn Cell Service or Wi-Fi On or Off” to include those.
- Disable iCloud Private Relay while visiting a site: Apple added to iOS 16.2, iPadOS 16.2, and Safari 16.2 for macOS 12 the capability to turn off iCloud Private Relay while viewing a site in Safari. Previously, you had to disable the relay altogether. See “Protect Privacy with an Anonymity-Preserving Relay.”
What Was New in Version 3.0.2
This version reflected the release of iOS 16.1 (the second release of iOS 16), iPadOS 16.1 (the first release of iPadOS 16), and macOS 13 Ventura in late October 2022 by simply noting it here. Only a single change was required in the book besides adding this note: Apple appears to have removed the beta label from iCloud+ Private Relay. (See “Protect Privacy with an Anonymity-Preserving Relay.”)
What Was New in Version 3.0.1
This update added details about the new iOS 16/iPadOS 16 privacy access history in Control Center, which I (oops) missed including in the first release. See “Sensors and Receivers” and “Visualize Tracking Status.”
What Was New in the Third Edition
This edition thoroughly updates the book to reflect changes scheduled to arrive in fall 2022 with iOS 16 and iPadOS 16, changes to iCloud and iCloud+ services, and other updates to Apple’s ecosystem.
Note: Technically, Apple released iOS 16.0 but no similar iPadOS version. In August 2022, Apple said iPadOS would be delayed and released in an iPadOS 16.1 version at the same time as the first major update to iOS 16. This book will be updated as needed.
That includes references to macOS in this book, as Apple transformed System Preferences to System Settings in its macOS 13 Ventura release, and moved many security- and privacy-related settings to different locations or with different presentations. macOS apps now generally use the format App Name > Settings for their app-specific configuration items, too.
In addition to general changes, this edition covers the following:
- Limit IP Address Tracking: You can deter tracking via embedded images in email messages and webpages that can reveal your rough location. See “Limit IP Address Tracking,” particularly the sidebar that explains where it fits into other privacy-enhancing features, “How Limit IP Address Tracking Fits with Others Features.”
- Updated eSIM information: Apple expanded use of eSIMs (embedded carrier identification modules) with the iPhone 13 model series and eliminated of externally swappable SIMs in the U.S. models of the iPhone 14 series. I’ve expanded a sidebar into a section: “Use Multiple SIMs.”
- Passkeys: Apple incorporated an industry-standard method of highly secure website logins in iOS 16/iPadOS 16 that’s a replacement for two-factor security, but even better. Individual websites choose whether to allow passkey-based logins, and you have to use a process similar to two-factor authentication enrollment. See “Get To Know and Start Using Passkeys” for the full details.
- Share Wallet-based keys: Keys stored in Wallet can be shared securely with other people via Messages, Mail, and other apps. See “Share Keys in Your Wallet.”
- Protect hidden and deleted media in Photos: You have to authenticate with Touch ID, Face ID, or your device password to view images marked as hidden or in the Recently Deleted album. See “Photos.”
- Present ID in apps: In two U.S. states that let you store your driver’s license or state-issued ID, you can use the Wallet app to present your ID via an iPhone or Watch for official purposes, include identification to the TSA at an airport. See “Biometric ID Lets You Present Virtual Physical ID.”
- Safety Check: Apple added tools to help deter and reduce the danger of domestic and intimate partner violence. Safety Check lets you quickly either lock down or extensively review with whom you share data (like location) and which apps can access information on your device, and review or update your Apple ID security and password. See “Perform a Safety Check.”
- Lockdown Mode: To better protect vulnerable users, Apple added Lockdown Mode to iOS 16/iPadOS 16 (and Ventura), a special state in which inbound data through Apple and other services is limited to provide a smaller surface for attack by spyware employed by governments and criminals. Few people may need to use it regularly, but it’s worth understanding. See “Engage Lockdown Mode.”
- Cautionary tale on CSAM: Apple put a hold in August 2021 on its initial plans to roll out device-based detection of child sexual abuse material (CSAM). This remains in place as I write this. However, a cautionary tale about the problematic nature of private companies scanning private images arose in an August 2022 New York Times article I refer to in “The Danger of Private Standards for Criminal Offenses.”
- Privacy & Safety settings: One minor but consistent change is that Apple relabeled Settings > Privacy to Settings > Privacy & Security in iOS 16/iPadOS 16. Since this book focuses on version 16, I have changed all references Privacy/Privacy & Security to cover both menu items without adding textual complexity.