Skip to main content

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how messaging apps access background iOS data


Apple will limit internet voice call functionality

Share this story

Illustration by Alex Castro / The Verge

Apple plans to restrict how apps implement internet voice call functionality, which currently could allow mobile software to collect data while running in the background, according to a new report from The Information. Going forward, Apple will require that background access be used for VoIP calls and nothing else.

The change may have a big impact on messaging apps like Facebook Messenger and WhatsApp. Both use the specific Apple developer tool in question as a kind of workaround to iOS restrictions, so that an app can run features in the background while it’s not being actively used. For example, WhatsApp, per The Information, uses the current VoIP call tech for implementing end-to-end encryption. The Information reports that Snapchat and WeChat also relied on the current VoIP tech for purposes beyond voice calls.

Apps that perform internet voice calls can access data in the background

The change, which Apple quietly announced at WWDC 2019, is part of Apple’s continued privacy push, and it marks another punch in its ongoing feud with Facebook and other services that rely on data collection to make money. Facebook, on the other hand, claims it has never used the specific API for data collection. “To be clear — we are using the PushKit VoIP API to deliver a world-class, private messaging experience, not for the purpose of collecting data,” a company spokesperson told The Information.

Regardless, Apple is positioning itself as a privacy-first company willing to actively go after practices it deems unethical, even if it means intensifying feuds with Silicon Valley rivals. For example, iOS 13 will have a new “Sign in with Apple” feature that will let users log into apps and services without revealing an email address. It’s a direct competitor to the Sign in with Facebook button that has littered the web for years and allows Facebook to collect information on which third-party services its users log into.

At WWDC, Apple also shared that it would be tightening rules around enterprise certificates on its devices, after a TechCrunch report earlier this year found that Facebook was using the certificates to distribute VPN software that was siphoning user data in exchange for monthly rewards, which is a violation of Apple’s developer terms. (Facebook pulled the app after Apple revoked its access to the enterprise app program.)

The Information reports that developers have until April 2020 to update any apps making use of the VoIP API to take into account Apple’s new restrictions.