Privacy annoyance of the day... basically Apple knows about every app you launch for the first time. And for every every update you install, the first time you run it.
They make effort to forget these phone-home events, but it's a trust-me-bro privacy model. Which is not acceptable in a country with the Patriot Act. Even if that Act has some built-in protections, those are degraded by a declining appreciation for rule of law.
So when reading company statements like this, it's useful to replace some words - which I've done in square brackets. I'm still fully assuming good faith here, as well as no coerced lying.
> Privacy protections
> macOS has been designed to keep you and your data safe while respecting your privacy.
> Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked. We have never [but could] combined data from these checks with information about Apple users or their devices. We do not [but could] use data from these checks to learn what individual users are using on their devices.
> Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.
> These security checks have never included the user’s Apple Account or the identity of their device [but we can see your IP address]. To further protect privacy, we don't [but could] log IP addresses associated with Developer ID certificate checks, and we make sure that any collected IP addresses are removed from logs [but could stop doing that] .
Apple Support
Safely open apps on your Mac - Apple Support (QA)
macOS includes a technology called Gatekeeper, that's designed to ensure that only trusted software runs on your Mac.
There is a stapling mechanism that developers can use to (maybe?) prevent these phone home events, but it's not mandatory and not always practical. More importantly, it's intended as a convenience for users that are offline when they first run an application, it's *not* intended as a privacy measure.
