| > What about the IP address used to communicate with the app’s server? Yes. I've been wanting Apple to launch a VPN service for a long time. A commercial VPN service can aid privacy by aggregating thousands of users behind a single IP address. The problem is that you have to trust the VPN provider. Commercial VPN providers are inherently shady -- after all, their entire business model is aiding and abetting copyright infringement or perhaps even worse activities. (No logging, wink wink!) I see no reason to trust them. By contrast, Apple has a valuable brand (i.e., a reputation) and has made privacy a core part of their sales pitch. Unlike the inherently fly-by-night commercial VPN industry, Apple would have billions of reasons not to betray their customers by selling VPN usage data. I think there's a market for an existing, known, reputable business to come in and offer a VPN service that explicitly does keep traffic flow logs for a short time, in the same way that ISPs retain dynamic IP assignment logs for a short time. By retaining logs, you avoid the shady elements that are otherwise attracted to no-logging VPN services. If not Apple, I think one of the few remaining reputable independent ISPs would be a great fit. Sonic.net comes to mind. Sonic makes [clear, explicit claims](https://www.sonic.com/privacy-policy) that they do not sell usage data, but they do retain IP assignment logs for up to 14 days and will provide that data to law enforcement with an appropriate court order. That's exactly what I want: my adversary is P&G and their ilk, not law enforcement with a court order. |