After reaching out to Apple’s Privacy Team in the EU on January 17, 2024, we received a response today regarding keyboard data synced with iCloud. Key points:
👉 The data is end-to-end encrypted
👉 Users cannot delete or reset this data unless they delete their Apple account
[#]iOS #security #iPhone #infosec #Apple #cybersecurity https://mastodon.social/@mysk/111771426942785879
=> More informations about this toot | More toots from mysk@mastodon.social
@mysk but end to end means apple end and the iphone end? wtf?
=> More informations about this toot | More toots from ludiofines@cyberplace.social
@mysk There is a setting to reset the keyboard dictionary, so is this something different? Or does that setting not fully clear the user’s keyboard history?
=> More informations about this toot | More toots from SolTwoOne@infosec.exchange
@SolTwoOne Very good question. No idea.
=> More informations about this toot | More toots from mysk@mastodon.social
@mysk Try sending a GDPR erasure request specifically for that data. Refusing to honor a scoped deletion request might violate GDPR's principle of fairness. Data being encrypted on Apple's end is also no excuse. They are a controller for that data and should have provided a self-service tool that operates on the user's device to pull and export data.
=> More informations about this toot | More toots from gateklons@eupolicy.social This content has been proxied by September (ba2dc).Proxy Information
text/gemini