Is your iPhone giving away personal information to strangers?
Since the iPhone operating system was updated to iOS 17.2 in December 2023, have users of one particular official Apple app exposed their full identity and exact location information to passing strangers? It’s a viral claim that’s been spreading on social media platforms like Facebook and TikTok, but is it true and should we be worried?
Users are complaining that Apple’s Journal app is leaking information to complete strangers in viral posts
Following the release of iOS 17.2 in December 2023, users were advised to update as soon as possible thanks to the mitigation of known security threats, including the Flipper attack scenario. However, this was not just a security update for iOS, but one that brought new features to the table of iPhone users. Features like the new Apple Journal app. It didn’t take long for reports to start surfacing from those concerned about the privacy implications of using Apple’s journaling app.
Facebook has flagged the virus claims as false information
Three months later, the confusion and concern about the Journal has not abated despite the best efforts of those fighting misinformation online. A number of posts on Facebook in recent weeks, for example, have suggested that the app’s visible-to-others feature allows anyone with an iPhone nearby to get your full name and precise location if you enable it. Meta quickly responded to the posts by labeling them as misinformation that was verified by independent fact-checkers who confirm that the posts have no basis in fact.
The Truth About Apple Journal App Privacy Warnings
Fact-checkers like Snopes have debunked the Apple Journal leak’s false claims. As well as, it must be said, Apple itself. In a post posted on December 11th, 2023 under the legal department tag, and titled Suggestions for Logging and Privacy. While it acknowledges that the app’s suggestions feature for journaling can use “contextual information to determine which suggestions may be more meaningful or relevant to you,” and that it “uses Bluetooth to detect the number of devices and contacts around you,” it also adds that Apple does not store nor does it share which of the “specific contacts were nearby”.
As another fact-checker, PolitiFact, says, this contextual information “is not personalized and is not shown to you or anyone. And you won’t see a list of your nearby friends or strangers, as claimed in the social media post.”
Viral claims of iPhone privacy violations are unfounded
The truth is that the viral claims are baseless and remind me of a similar thing that happened in November 2023 when numerous US law enforcement departments copied and pasted a baseless warning about the iPhone NameDrop feature. This time it was a suggestion that any nearby iPhone user could grab your contact information out of the air as they passed by. As I wrote at the time, both iPhones would have to actually touch in the right place, and both users would then have to confirm the notification on the data sharing screen.
If you’re still not convinced, go to Settings|Privacy & Security|Journaling Suggestions on your iPhone where you can disable all journaling suggestions or choose which ones to enable, as well as turn off the preferred suggestions for others and those that others can discover options.
You can then provide customer suggestions that are used by the Journal app
Turn off contextual suggestions if you’re still worried
Finally, it should be noted that Apple’s previously mentioned privacy announcement clearly states that “when your phone is locked with a passcode, entries in the Journal app are encrypted. If you have default two-factor authentication and a passcode, all Journal entries are end-to-end end encrypted when stored in iCloud, so even Apple can’t read them. Plus, you can choose to enable secondary authentication and lock the Diary app with your device’s passcode, Face ID, or Touch ID.”
I think it’s therefore safe to say that, like many viral posts, those that claim that Apple gives away your identity and location to strangers when you use the Journal app have been well and truly checked and busted.