A new document on Apple’s support site details information about its Gatekeeper system the week after a server outage caused many Mac users systems to encounter issues. In particular, it responds to suggestions that the company is collecting users’ information via this system:
Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.
The outage in question, which saw some users unable to launch apps or experience interruptions to their work, spawned a few different concerns, such as the existence of a single point of failure for Macs, as well as privacy concerns over what information was being transmitted back to Apple as part of the system. In the document, Apple says Apple IDs and device IDs were never logged as part of Gatekeeper, but that IP addresses were; going forward, the company will no longer log IP addresses and will remove any that it has collected in the past.
Apple’s also promising new features to further enhance the privacy of Gatekeeper, including replacing the certificate check with a new encrypted system, better server resilience, and a preference that lets users turn off these protections.
The last is particularly notable, given the company’s touting of privacy as one of its central tenets in recent years. If Apple is giving users the option to keep this data private at the expense of security, it certainly indicates a seriousness about privacy that backs up the claims the company makes.