Sign in Subscribe

Apple: Is the new iOS17 Journal app a privacy risk?

Apple: Is the new iOS17 Journal app a privacy risk?
Source: Apple

When Apple launched its Journal app in December, part of the ease of use comes in the form of Journal's suggestions feature: Every now and then, the app sends you a notification recommending a journal entry based on something you recently did, whether a family outing you went on, or an event you took part in.

In theory, it's a wonderful way to get into journaling on a daily basis. You might not think to record your thoughts about a trip you are on with friends or a weekend staycation with your significant other, but a gentle nudge from Journal could inspire you to write about it. These suggestions from Journal are made possible by specific permissions you grant the app. In order for it to know that you were out to dinner Thursday night, or camping in Yosemite National Park, it needs to know where you're going at all times. Because the app suggests writing about other things in your daily life, it wants access to additional data points beyond your location, like your Health App data, Media data (the music and podcasts you listen to), your contacts, and your photos.

Apple makes it a point to say that any Journal entries are encrypted when your iPhone is locked, as well as when stored on iCloud, and that you can turn off access to any of these data points in the settings, as needed. If you look at it from high level, Its just a dumping ground for your memories. For example if you have a 500 journal entries, doesn’t give you any benefit. The photos app is an example of contrast. Photos at least gives you interesting insights such as "a year ago today", or "photos with mom". Journal is just storing them.

Apple went viral for stoping short of saying that they do not collect any of your data through this feature. Your data is already on your iPhone: Journal is just accessing it. One of the recent viral concerns online is really centered around the “Discoverable by Others” setting.

Is Journal's Discoverable by Others a privacy risk?

The Discoverable by Others option, silently enabled, allowing other iPhone users with the Journal app to detect your iPhone via Bluetooth nearby. Their Journal app uses that data to improve their Journal suggestions, as your Journal app will do for you when you get close to other iPhones in the wild.

Nobody wants their iPhones broadcasting something like "Hey! Alex Mercer, here. I'm also at this basketball game!"

The good news is it isn't nearly as predatory as it sounds. When enabled, Discoverable by Others will detect both the number of devices you're near, as well as any contacts you come within Bluetooth range of, without saving the details of those contacts on your phone.

Some of the backlash, and comments around this feature were:

  • Q. So Apple is recording who you’ve been hanging out with?
        • Well yeah.. they already do that.
  • Q. Why cant I just journal on my own? Why do I need to be prompted like this. Did they think I already forgot what I did that day?
        • Valid. I think Journal is meant as a way to help people learn a new skill such as developing Journaling/Diary habit daily. Its probably not a fit for experienced journalers.
  • Q. People share their entire life on Socail Media, why is an encrypted journal app going viral for this?
        • A. When privacy features are enabled by default without informing users, Apple enthusiasts are immediately on top of it. If Apple did a better job with this with real security and privacy concerns such a recent near crisis coverage of "NameDrop" online, this probably would have gone unnoticed.
  • Q. When using Journal, I enter very personal information about my experiences, thinking patterns, important private occasions., etc. How is Apple using this data?
          • As of right now, Appls line is that it uses on-device processing to intelligently group moments and events, in order to provide you with personalized suggestions. Using information stored on your device, Journaling Suggestions can recommend to you special moments to remember and write about.

My opinion aligns with the original LifeHacker author's NICK HOBSON, that its harmless and not a true privacy or security vulnerability. Still, I can understand it being questioned, especially when the vast majority of users didn't know it was a thing.

Where can I configure this?

Settings > Privacy & Security > Journaling Suggestions

Discoverable by Others can be enabled, or disabled from there.

Source: Lifehacker provided the following information in this original article here:

https://www.inc.com/nick-hobson/5-reasons-why-apples-new-journal-app-is-great-for-improving-mental-wellness.html

My opinions are my own

About this Author: Alex Mercer, Senior Sales Engineer & Former Professional Services Engineer @ Ivanti, Inc.
"I have experience either as a customer, partner, or engineer with Cisco Meraki, Ivanti Neurons for MDM (Formerly MobileIron), VMWare WorkspaceOne (Formerly AirWatch) & Microsoft Intune."