Those who use “Sign in with Facebook” or “Sign in with Twitter” or “Sign in with Google” benefit from only having to click once to register with an app provider or similar services. At the same time, however, he discloses numerous personal data. In this way, the service for which he registers in this way can access a number of data stored in the respective social media profile – such as the name, age, profile picture, relationship status, preferences, etc. – and can then use this data to create a new profile. Which data is shared in detail can be read at the respective service provider. Another problem is that the data is often also passed on to third parties. The user agrees to this transfer by using the login-over-xy function.
Apple now wants to offer an alternative that combines the advantages of this one-click sign-in with consistent data protection. The login-with-apple function will aim at not passing on any personal data of the user. Apple uses the Apple ID for authentication. If “Login with Apple” is now used, Apple generates a random relay address that disguises the actual address of the user. The service provider only receives the relay address. This means that registration with the service can be largely anonymous.
The service providers concerned should certainly not like “Login with Apple”. After all, they do not initially receive any personal data with which they could earn money. They can’t simply boycott the new function, however, if they want to continue offering their apps via Apple. Apple requires service providers to offer “Sign in with Apple” if other one-click signups are offered by the service provider. However, Apple cannot prevent the service provider from collecting personal information from users after they sign in using “Sign in with Apple”.
Overall, however, the new function can be considered very useful from a data protection point of view. Apple is of course also positioning itself contrary to Google and Facebook, which are increasingly criticized by data protectors.