Knackpad

iPhone Privacy Audit

App Privacy Report
Viewer & Risk Analyzer

Drop your iPhone's .ndjson export to see which apps are accessing your sensors — with domain risk scoring, tracker detection, and per-app drilldown. Everything runs in your browser.

🔍

Drop your App Privacy Report here

Accepts .ndjson files exported from iPhone Settings

🔒 100% private — parsed locally, nothing leaves your device
How to export from iPhone: Settings → Privacy & Security → App Privacy Report → tap the Share icon (top right) → "Save to Files" → choose .ndjson. Enable recording first under "Record App Activity" and wait a few days for data to accumulate.

How it works

Apple's App Privacy Report exports a Newline-Delimited JSON (.ndjson) file — each line is one event record. This viewer parses the entire file client-side, groups events by type, and classifies network domains for risk signals.

1
Enable recording

Settings → Privacy & Security → App Privacy Report → "Record App Activity". Leave it running for a few days.

2
Export the report

Tap the share icon (top right on the App Privacy Report screen) → Save to Files as .ndjson.

3
Drop it here

The File API reads it locally — no upload, no server. The file never leaves your device. You can verify by going offline first.

4
Explore & export

Browse sensor access rankings, the full chronological timeline, domain risk scores, and drilldown into any app. Export to CSV anytime.

What the NDJSON contains: Two event types — access (sensor events with category, app bundle ID, timestamp) and networkActivity (domain contacted, hit count, app context, timestamp). This viewer surfaces both, then cross-references domains against a built-in classification list of known trackers, analytics providers, CDNs, and social networks.

Frequently asked questions

What is App Privacy Report and which iOS version supports it?
App Privacy Report is a feature introduced in iOS 15.2. It logs every time an app accesses sensitive sensors — camera, microphone, location, contacts, calendar, photos — and records every network domain the app contacts. You enable it under Settings → Privacy & Security → App Privacy Report → Record App Activity. After a few days of normal use, export the log as a .ndjson file.
What is an .ndjson file and why does Apple use it?
NDJSON (Newline-Delimited JSON) is a format where each line is a complete JSON object. Apple uses it for privacy reports because the log can grow to tens of thousands of events — streaming one record per line is far more memory-efficient than a single giant JSON array. This viewer reads the file line by line in your browser.
Is my data safe? Does anything get uploaded?
Nothing leaves your device. The viewer is entirely client-side JavaScript using the browser File API. You can verify this by enabling airplane mode before dropping your file — it will still parse and display results perfectly. The domain classification is done with a built-in lookup table, not a remote API.
What does the domain risk score mean?
Tracker — known advertising or cross-site tracking domain (e.g. doubleclick.net, facebook.com advertising endpoints). Analytics — analytics/crash reporting providers (Firebase, Amplitude, Crashlytics). Social — social media infrastructure. CDN/Infra — content delivery or cloud infrastructure. Apple — Apple-owned domains (expected). Unknown — unclassified; not necessarily harmful.
Should I be worried if an app contacts many domains?
Not automatically — many legitimate domains are CDNs, analytics tools, or cloud providers most apps use. Watch for: tracker domains in apps that have no reason to show ads (flashlight, calculator apps), a large number of unique domains relative to the app's function, or microphone/camera access from an app that should not need it. The Risk Summary tab highlights the most concerning signals.
Can I export the analysis results?
Yes — each table has an "Export CSV" button that downloads the currently visible data as a spreadsheet you can open in Excel, Numbers, or Google Sheets for further analysis.