portrait picture

TIMO ZIMMERMANN

balancing software engineering & infosec

Screen recoding on iOS

posted on Sunday 10th of February 2019 in ,

When I wrote about Apple revoking enterprise certificates I complained that they missed a unique chance to make a strong statement for their users privacy. Now, a few days later, they actually did exactly this when telling companies to either disclose or remove screen recording from their applications. Except citing App Store review guidelines they point out the importance of protecting users privacy and commit to taking immediate action if necessary. This is exactly the kind of strong statement I asked for.

Looking at the timing I have to assume that some engineers will have a pretty bad weekend thanks to this. They have 24 hours to comply or the app will be removed from the App Store. While I already hear people chanting “they knew what they shipped, they deserve this!” – please keep in mind that not everyone is in the favourable position to freely change jobs with the same frequency as their underwear. There is even a good chance some of the people who now have to fix this did not even know of its existence or consequences. While this should not be understood as a general excuse of developing or shipping products that invade a users privacy – or other questionable things – it should serve as a reminder that there are a lot of grey areas in this discussion we should not plainly ignore.

Having worked on internal and public applications, B2B and B2C, even featured in the App Store I can tell for sure that the amount of times I wished I had a screen capture of everything the user is doing to either improve the app or fix a certain bug is exactly zero. We obviously always had proper bug and exception tracking and custom information attached to crash logs. But they never left our control and private information were scrambled. I can think of two instances where unscrambled user input would have saved us an hour QA time, but this would not have been worth the price every user would have had to pay. And I am talking about “submitted” input, not things that happened and were undone / changed before the user pressed a button. There are a lot of reasons various departments in a company might want screen recordings of user interactions, but not a single one of them will be “to improve the user experience”.

And based on Glassboxs marketing website, companies seem to understand that it might turn out unfavourable being associated with screen recording. Comparing the “who we work with” on archive.org with the one currently live a lot of customer logos disappeared. Guess why.