"We don't build a profile based on your email content or web browsing habits to sell to advertisers," CEO Tim Cook said in a letter on a new section of its website. "We don't 'monetize' the information you store on your iPhone or in iCloud. And we don't read your email or your messages to get information to market to you."
Apple was blamed recently for the leak of celebrity photos from iCloud, which were thought to have been accessed by hackers, trying out different combinations of usernames and passwords. The company on Tuesday introduced an optional two-step verification for iCloud accounts that would require users to enter a numerical passcode sent by SMS to their phones, besides entering usernames and passwords.
Ahead of the public availability next year of its Apple Watch, a digital watch with a fitness tracker and other apps, the company has also come under scrutiny from Connecticut Attorney General George Jepsen, who wrote to Cook asking for a meeting with company representatives to discuss how personal consumer information collected through the device will be stored and safeguarded.
Apple moved to reassure users on the new website that their data in the Health app is encrypted with keys protected by their passcode, and does not leave the device unless the user chooses to back it up or grant access to a third-party app. "When you do choose to back up your Health data through iCloud, it is encrypted both in transit and on our servers," it said. Apps that work with Health are banned from selling or sharing Health data with advertising platforms, data brokers and information resellers.
The company also outlined privacy measures around allowing children under 13 to have their own Apple ID, and for Family Sharing, which allows up to six people in a family to share purchases from iTunes, iBooks and the App Store. The features were added in iOS 8, the update to Apple's smartphone and tablet operating system that was rolled out Wednesday.
Consent from parents or guardians will be required to set up the Apple ID for children under 13 years, and Apple may take additional steps to verify that the user giving permission for the child's Apple ID is the parent or legal guardian. The company said it will not knowingly collect, use or disclose any personal information from the child without verifiable parental consent. Parents are, however, advised that they should check separately the data collection practices of third-party apps before purchase or download.
Sign up for CIO Asia eNewsletters.