View in English

  • Apple Developer
    • Get Started

    Explore Get Started

    • Overview
    • Learn
    • Apple Developer Program

    Stay Updated

    • Latest News
    • Hello Developer
    • Platforms

    Explore Platforms

    • Apple Platforms
    • iOS
    • iPadOS
    • macOS
    • tvOS
    • visionOS
    • watchOS
    • App Store

    Featured

    • Design
    • Distribution
    • Games
    • Accessories
    • Web
    • Home
    • CarPlay
    • Technologies

    Explore Technologies

    • Overview
    • Xcode
    • Swift
    • SwiftUI

    Featured

    • Accessibility
    • AI & Machine Learning
    • App Intents
    • Apple Intelligence
    • Games
    • Security
    • Xcode Cloud
    • Community

    Explore Community

    • Overview
    • Meet with Apple events
    • Community-driven events
    • Developer Forums
    • Open Source

    Featured

    • WWDC
    • Swift Student Challenge
    • Developer Stories
    • App Store Awards
    • Apple Design Awards
    • Apple Developer Centers
    • Documentation

    Explore Documentation

    • Documentation Library
    • Technology Overviews
    • Sample Code
    • Human Interface Guidelines
    • Videos

    Release Notes

    • Featured Updates
    • iOS
    • iPadOS
    • macOS
    • watchOS
    • visionOS
    • tvOS
    • Xcode
    • Downloads

    Explore Downloads

    • All Downloads
    • Operating Systems
    • Applications
    • Design Resources

    Featured

    • Xcode
    • TestFlight
    • Fonts
    • SF Symbols
    • Icon Composer
    • Support

    Explore Support

    • Overview
    • Help Guides
    • Developer Forums
    • Feedback Assistant
    • Contact Us

    Featured

    • Account Help
    • App Review Guidelines
    • App Store Connect Help
    • Upcoming Requirements
    • Agreements and Guidelines
    • System Status
  • Quick Links

    • Events
    • News
    • Forums
    • Sample Code
    • Videos
 

Videos

Open Menu Close Menu
  • Collections
  • All Videos
  • About

More Videos

  • About
  • Summary
  • Privacy and Security Group Lab

    Join us online for a deep dive into WWDC26 with Apple engineers and designers to ask questions, get advice, and follow the discussion about the week's biggest privacy and security announcements. Conducted in English.

    Chapters

    • 0:00:00 - Introduction
    • 0:02:48 - How is Apple ensuring that models are not hijacked through prompt injection techniques?
    • 0:05:04 - When my app sends user data to Private Cloud Compute or to a third-party model (e.g. Anthropic, Google) via the LanguageModel protocol, what happens to that data and what must I tell users?
    • 0:08:15 - What distinction does Apple draw between data I 'collect' versus data a third-party processor handles on my behalf, for features that send voice/photos out purely for processing?
    • 0:09:40 - AI models don't always do what you expect. What security risks come with the new agentic coding features in Xcode, and what are best practices to mitigate them?
    • 0:11:06 - What is the core architecture behind Private Cloud Compute, and how does Apple mathematically ensure no one can see the data — how do we verify there are no hidden flaws?
    • 0:17:23 - Are there new features to audit the privacy/security of my own app? I use SwiftData with CloudKit so users own their data — how can I audit that?
    • 0:22:24 - If we're starting to develop for Apple platforms, what main tools or frameworks should we focus on for privacy and security?
    • 0:28:06 - If a user stores highly personal journal entries in SwiftData, what are Apple's recommended approaches for protecting that data while still enabling search and synchronization?
    • 0:31:28 - With Xcode AI coding features, can Xcode run inside a VM on an air-gapped Mac, walled off from the internet, to improve security and privacy?
    • 0:32:23 - How does the new Siri AI ensure privacy and security (e.g. avoiding sharing private context with apps) — is it a combination of sandboxing, TCC, and more?
    • 0:37:55 - Will Siri AI have a new configurable policy in an MDM solution when released?
    • 0:39:02 - Are there new enhancements to Safari's Intelligent Tracking Prevention on the new OS?
    • 0:40:05 - How do you convey that your app is secure and privacy-preserving without it coming across as snake oil or unverifiable marketing — how do you make trust observable?
    • 0:48:14 - As a cybersecurity student, what Apple frameworks or security concepts should I learn first to build a foundation relevant to both app/platform security and the broader field?
    • 0:50:44 - Passkeys reduce password risk but introduce credential-lifecycle problems. How is Apple handling stale, expired, or revoked passkeys in the Passwords app, and will cleanup be surfaced to users?
    • 0:51:36 - What are best practices for protecting sensitive data in memory on macOS (passwords, tokens, keys) — should secrets be encrypted while in RAM, or are platform protections sufficient?
    • 0:55:49 - What approach do you take when balancing privacy with collecting telemetry that's useful for development?

    Resources

      • HD Video
      • SD Video
  • Search this video…
    • 0:00:00 - Introduction
    • Engineers from the privacy and security teams introduce themselves and set up a session covering agentic AI security risks, Private Cloud Compute, App Privacy Nutrition Labels, data protection and CloudKit encryption, passkeys, and secure-by-design development.

    • 0:02:48 - How is Apple ensuring that models are not hijacked through prompt injection techniques?
    • Agentic technologies introduce a new category of risk, notably indirect prompt injection — where malicious instructions are hidden in content the model processes rather than typed by the user. Apple designs these features secure-by-design, constraining what the model is allowed to do and treating untrusted content as data, not instructions, to limit what an injected prompt can achieve.

    • 0:05:04 - When my app sends user data to Private Cloud Compute or to a third-party model (e.g. Anthropic, Google) via the LanguageModel protocol, what happens to that data and what must I tell users?
    • Private Cloud Compute's guarantees — no retention, no access, verifiable — apply only to Apple's PCC path. When you route data to a third-party provider through the protocol, those guarantees don't carry over; that provider's own data handling governs it. Disclose third-party processing to users and reflect it in your privacy practices, since you can't promise PCC-level protections for data you send elsewhere.

    • 0:08:15 - What distinction does Apple draw between data I 'collect' versus data a third-party processor handles on my behalf, for features that send voice/photos out purely for processing?
    • This maps onto App Privacy Nutrition Labels, which let users compare apps' data practices at a glance. Data sent to a third party purely for processing on your behalf — not retained or used for their own purposes — is treated differently from data you collect. Understand each service's role and declare your practices accordingly so the nutrition label accurately reflects what happens to user data.

    • 0:09:40 - AI models don't always do what you expect. What security risks come with the new agentic coding features in Xcode, and what are best practices to mitigate them?
    • Like Siri and Safari's AI features, Xcode's agentic features are built secure-by-design with the prompt-injection risks in mind. Xcode adds mitigations such as allow-listing the common tools the agent may run and permission prompting, so the agent can't take sensitive actions freely. Review what tools you grant, keep the agent scoped to what it needs, and don't blindly trust generated actions.

    • 0:11:06 - What is the core architecture behind Private Cloud Compute, and how does Apple mathematically ensure no one can see the data — how do we verify there are no hidden flaws?
    • Read the in-depth PCC Security Guide on apple.com, which documents the architecture and guarantees at several levels of detail. PCC is designed so that user data is used only to fulfill the request and is not accessible to Apple or anyone else, with the guarantees made verifiable — the security guide is the authoritative place to examine the design and check the claims.

    • 0:17:23 - Are there new features to audit the privacy/security of my own app? I use SwiftData with CloudKit so users own their data — how can I audit that?
    • SwiftData with CloudKit is a strong foundation because data syncs through the user's own iCloud with encryption. A newly practical audit tool is AI itself: point a model at your code and ask it to enumerate your privacy and security guarantees and where they might break. Combine that with reviewing your data protection classes and encryption settings to confirm the guarantees hold.

    • 0:22:24 - If we're starting to develop for Apple platforms, what main tools or frameworks should we focus on for privacy and security?
    • For privacy, lean on CloudKit for syncing data within the user's own account, Keychain for secrets, and design so users own their data. For security, use CryptoKit for cryptography and encourage passkeys over passwords. These frameworks are fundamental building blocks that give you strong protections without rolling your own.

    • 0:28:06 - If a user stores highly personal journal entries in SwiftData, what are Apple's recommended approaches for protecting that data while still enabling search and synchronization?
    • Use data protection classes: when data is local (or in Keychain), create a key to encrypt it and set an appropriate data protection class so it's inaccessible when the device is locked. For sync, CloudKit offers encryption so sensitive fields stay protected in transit and at rest, while you keep the searchable structure you need on device.

    • 0:31:28 - With Xcode AI coding features, can Xcode run inside a VM on an air-gapped Mac, walled off from the internet, to improve security and privacy?
    • The existing code-completion features are entirely on device and work offline, so they're fine air-gapped. Features that integrate external agents like Claude Code or OpenAI's Codex inevitably need internet access, so those won't work offline. It varies by feature — on-device completion works walled off, cloud-backed agents do not.

    • 0:32:23 - How does the new Siri AI ensure privacy and security (e.g. avoiding sharing private context with apps) — is it a combination of sandboxing, TCC, and more?
    • Siri does as much as possible on device, and when it needs larger models it calls Private Cloud Compute, which extends the on-device privacy guarantees to the server. That combination — on-device processing plus PCC for heavier work — is what lets Siri use your personal context powerfully while keeping that information private, alongside the platform's sandboxing and permission systems.

    • 0:37:55 - Will Siri AI have a new configurable policy in an MDM solution when released?
    • Apple Intelligence and Siri features are manageable through MDM, so organizations can configure and restrict these capabilities via their device-management policies as the features roll out. Check the MDM configuration options for the specific controls available to your deployment.

    • 0:39:02 - Are there new enhancements to Safari's Intelligent Tracking Prevention on the new OS?
    • ITP is a long-evolving technology Apple has invested in for years and continues to advance. There were no specific new ITP features to highlight this year, but it remains a priority area of ongoing investment; the WebKit resources are the place to learn more about how it protects users from cross-site tracking.

    • 0:40:05 - How do you convey that your app is secure and privacy-preserving without it coming across as snake oil or unverifiable marketing — how do you make trust observable?
    • Make trust verifiable rather than asserted. App Privacy Nutrition Labels let users see, before downloading, exactly what data an app collects and whether it's linked to them — an at-a-glance, standardized signal. Back claims with observable facts (what you collect, how it's used, what stays on device) instead of marketing language.

    • 0:48:14 - As a cybersecurity student, what Apple frameworks or security concepts should I learn first to build a foundation relevant to both app/platform security and the broader field?
    • Start with the Apple Platform Security Guide, which goes deeper than standard documentation on how the OSes are secured. Build from there into the security frameworks (CryptoKit, Keychain, data protection). Apple also hires for security and privacy roles, so this foundation is directly relevant to the field.

    • 0:50:44 - Passkeys reduce password risk but introduce credential-lifecycle problems. How is Apple handling stale, expired, or revoked passkeys in the Passwords app, and will cleanup be surfaced to users?
    • There's a new Signal API through which a relying party's app or website can inform the system that credentials have changed and need updating — addressing stale, revoked, or invalid passkeys. This is part of the broader passkey standard Apple participates in, so the lifecycle cleanup is being handled in a standardized way.

    • 0:51:36 - What are best practices for protecting sensitive data in memory on macOS (passwords, tokens, keys) — should secrets be encrypted while in RAM, or are platform protections sufficient?
    • Start with Hardened Runtime on macOS — strongly recommended for any privacy- or security-sensitive app. It prevents other processes from reading your app's memory and blocks the common attacks (spinning up a thread to read process memory, or attaching a debugger). Before reaching for encryption, ask whether destruction is the better answer: if a secret like a token only needs to live briefly, use it and then destroy it rather than encrypting it in RAM — long-lived in-memory encryption is really DRM territory, not general security. For keys and other sensitive values, use CryptoKit, which zeroizes the memory backing those keys (rolling your own can't guarantee the Swift runtime will). And you can bind a key to the device's Secure Enclave so that even if your app, process, or the device is compromised, the key can't be exported off the device — with an attestation interface to prove it's Enclave-held.

    • 0:55:49 - What approach do you take when balancing privacy with collecting telemetry that's useful for development?
    • The guiding principle is great features and great privacy — both, not a trade-off of one for the other. Achieving that often takes extra engineering: collect the minimum you need, prefer privacy-preserving techniques (aggregation, on-device processing, de-identification), and design telemetry so it informs development without exposing individual users.

Developer Footer

  • Videos
  • WWDC26
  • Privacy and Security Group Lab
  • Open Menu Close Menu
    • iOS
    • iPadOS
    • macOS
    • tvOS
    • visionOS
    • watchOS
    • App Store
    Open Menu Close Menu
    • Swift
    • SwiftUI
    • Swift Playground
    • TestFlight
    • Xcode
    • Xcode Cloud
    • Icon Composer
    • SF Symbols
    Open Menu Close Menu
    • Accessibility
    • Accessories
    • AI & Machine Learning
    • Apple Intelligence
    • Audio & Video
    • Augmented Reality
    • Business
    • Design
    • Distribution
    • Education
    • Games
    • Health & Fitness
    • In-App Purchase
    • Localization
    • Maps & Location
    • Security
    • Safari & Web
    Open Menu Close Menu
    • Documentation
    • Downloads
    • Sample Code
    • Videos
    • Documentation Archive
    Open Menu Close Menu
    • Help Guides & Articles
    • Contact Us
    • Forums
    • Feedback & Bug Reporting
    • System Status
    Open Menu Close Menu
    • Apple Developer
    • App Store Connect
    • Certificates, IDs, & Profiles
    • Feedback Assistant
    Open Menu Close Menu
    • Apple Developer Program
    • Apple Developer Enterprise Program
    • App Store Small Business Program
    • MFi Program
    • Mini Apps Partner Program
    • News Partner Program
    • Video Partner Program
    • Security Bounty Program
    • Security Research Device Program
    Open Menu Close Menu
    • Meet with Apple
    • Apple Developer Centers
    • App Store Awards
    • Apple Design Awards
    • Apple Developer Academies
    • WWDC
    Read the latest news.
    Get the Apple Developer app.
    Copyright © 2026 Apple Inc. All rights reserved.
    Terms of Use Privacy Policy Agreements and Guidelines