And my response is - well duh. And this is supposed to be a problem how? Apple wants my money and nothing else. They aren't motivated to protect my privacy out of the goodness of their hearts. I am happy to pay money for more privacy.
The fact that they only do this because they want my money isn't really the interesting question to me. The interesting question to me is, why is it that they are literally the ONLY large tech company that is willing to offer me this tradeoff? I'm willing to pay a premium of probably hundreds of dollars on a phone because I want privacy, and nobody else will even consider selling me one? How much is my data really worth to advertisers? Like, a hundred bucks a year? Ok sure, where do I pay to get ownership of my data back?
Samsung, Google, Facebook, Amazon and Microsoft don't sell privacy, or if they do, they're sure doing a bang up job hiding it. None of them have any altruistic motives either, so I can only conclude that they either don't want my money or they're really bad at what they do?
Is there really no other company that wants to get in on this privacy game? Because the people who really care about this are probably affluent and willing to pay a lot for it.
Companies like Signal are founded on privacy and encryption, but with Apple, privacy is a nice-to-have, limited to its other business objectives (like how Apple is "committed" to reducing waste to the extent it can sell dongles, chargers, and earbuds separately, but not in terms of repairability). You can count on Apple to value the appearance of privacy, and in protecting information from third parties without user consent, but not so much being private from Apple itself.
For example, here's an article on Apple and privacy from a couple months ago https://www.politico.eu/article/apple-privacy-problem/ .
Is this true for every country where Apple operates? Especially where it's forced to host servers in? We know for certain that Apple cannot do its business in certain high value market(s) unless it offers unrestricted access to its customer's data.
But we don't see *privacy applicable to U.S. or X countries only disclaimer in any of it's marketing or promo materials. An uninformed Journalist or Human rights activist can be at severe risk due to this.
Especially when,
> Cook argued that people choose iOS specifically so they won’t have to make risky decisions with sensitive data.[1]
[1]https://www.theverge.com/2021/5/22/22448139/tim-cook-epic-fo...
You can't install your own apps. Safari is not fit for PWAs. Repairability is not encouraged. All of this is for your own benefit and privacy. Want those things? Go to Android and sacrifice your privacy.
With this approach, Apple comes out looking privacy-focused, justified for their App Store fees, and their stance on right to repair.
I'm not educated enough to know if those restrictions are absolutely needed for privacy or privacy is a blanket excuse for how Apple operates.
Maybe this is just a shallow read of it, but it feels like sort of a similar dichotomy to that between Apple's rhetoric about objectionable content on app stores and... well, its inclusion of a web browser.
I think the reason we don't see it from competitors is that Apple is years ahead of everyone else in terms of customer experience, and privacy is part of that experience, so they focus on it.
You just have to look at how many different models of phones Samsung sell vs how many Apple sell to see how unfocused Apple's biggest competitor is. They will throw anything and everything at the wall to see what sticks. There's no focus on privacy because there's no focus on anything.
If I might offer a less glowing perspective
Apple is a highly vertically integrated company unlike anybody else in the "top end" of SV. They don't "need" your data
Facebook only exists as a website, so of course they want to data mine you to death, use psychological tricks to keep your eyeballs scrolling their website so they can shovel ads at you
Google effectively gives away Android. They make money by data mining you for advertisements and through providing a wide array of services (Gmail, Maps, Search etc) to augment the things you do on a day to day, in exchange for the reams of data it provides about you
Amazon doesn't really data mine you nearly as much, since their business is more selling you physical goods (or the dominance of AWS, depending on your point of view)
Microsoft wants to chase after what Google and AWS are doing, though their products feel more like pale imitations than anything. Granted that isn't particularly new for them (Zune vs iPod then is Bing vs Google today)
Apple doesn't "need" your data. They have no reason to. They've created products that effectively half of the first world wants to buy through iPhones and iPads
They've spent two decades working to build themselves an outright fortress. They sell you a phone they make, which runs apps from their app store that requires developers to play by their rules
The amount of money Apple makes simply by collecting its 30% revenue cut on everything done on iPhones alone dwarfs what they could get if they even attempted to muscle in on Google in the ad revenue business
This is what Apple is trying to change, basically convince people (through ads) that they need to care about their privacy, because they know it's a competitive advantage they have when compared to the other big companies.
Right, I don't want Apple to help safeguard my privacy out of a sense of altruism. That company would be highly vulnerable to ambitious managers moving up the ranks.
And besides, nothing's a zero-sum game. Securing a better outcome for yourself doesn't require self-flagellation from your trading partner.
The better outcome is the one we have, where the company's motives are genuinely aligned with their customers' motives. Where there is bankable incentive to do the right thing.
[0] https://puri.sm/
I use a T500 I plucked from the trash for secure libre street cred. No blobs anywhere afaik.
how much of a premium are most of the target market willing to pay however.
Google, Facebook, and Amazon don't sell privacy because privacy goes directly against what their business strategy is.
Samsung has based their stuff on Android an OS that, heavily influenced by Google, I suspect might be difficult to make as private as Apple can make its stuff. I suspect Samsung does not care about privacy because it has determined it will not make much money from it, and that most of the market that cares about privacy will go to Apple.
I don't know why Microsoft doesn't care as I think it would totally align with their business goals.
Revenue-producing mass data collection by "tech" companies creates a "privacy" issue. Is the solution to "sell" privacy. Of course not. Data collection makes more money. That is why "tech" companies offer so many things to users for "free". There would be little or no money to be made in selling these things, relative to using them as fronts for data collection and surveillance.
Apple does not try to claim, "We make no money from collecting data on Apple customers." Instead they claim they protect customers' privacy from other companies, who also want to collect data on Apple customers.
When Apple itself stops collecting data about users, only then can I start to consider Cook's claims that the issue of privacy is so important. At present, Apple's actions do not match its statements. There is no privacy from Apple and the company has built datacanters to hold vast amounts of private data collected from customers.
These companies have certainly swooned some, judging by the comments I see on HN, into believing they must make "tradeoffs". How did we reach a point where anyone could believe that a company who is collecting vast amounts of data on users of its products is some sort of privacy crusader or privacy merchant. Anyone who cared about privacy would not be doing surveillance and data collection.
The only answer I can come up with is that these people who cannot see any alternative besides "tradeoffs" were born into a world of where companies were already engaged in dragnet data collection from the internet as a "business", and they never saw what the internet was like before this nonsense began. They honestly do not know what a reasonable level of "privacy" is because they never had it.
The idea of "paying for privacy" is no different than paying protection money to a mafia or paying ransom to a ransomware group. The solution is to stop the wrongful behaviour, not to make payments to the organisations that are engaged in it.
There are still countries where being LGBT is a capital crime, where the colour of your skin will be used against you, or where your political affiliations can be used against you.
When governments and societies start to turn against people who are different from them, the mass surveillance and profiling makes it much easier to locate all of these people to round them up.
1- Privacy should be the default, free as in beer, not a pay-per option
2- Apple is all willing to break its own encryption to cooperate with law enforcement. See the recent example https://www.theregister.com/2021/05/17/sci_hub_apple_fbi_cla...
So Microsoft's privacy is worth as much as its poorest paid employee with access.
Even worst, consumer products like Windows 10 and tools like Visual Studio Code come with extensive telemetry and tracking enabled by default. Remember recently the office 365 fiasco when they thought it will be ok to track employees and make reports out of it?
Maybe other corporations consider it unethical to charge their customers a premium for a false sense of privacy and security?
> Samsung, Google, Facebook, Amazon and Microsoft don't sell privacy
And neither does Apple, they just sell you on the promise of privacy. The reality is quite far removed from the perception most customers are given by their marketing and PR campaigns.
Apple might be a bit more stringent on enforcement of data sharing with third parties compared to other large tech corps, but that doesn't magically mean your privacy is invulnerable through their devices and services.
There have been multiple cases of them being caught out being hypocritical in regards to privacy, there have been multiple data breaches of Apple services and platforms to varying degrees of severity. Since the recent Epic lawsuit, it's also been revealed that Apple decided to not notify some 150 million of their customers who were victims of a data breach.
Anyone who actually thinks Apple cares even remotely about their privacy is living in a fantasy land. Unless you think being not alerted of your personal data getting exposed in a data breach of their systems is somehow not in your privacy's best interests.
What makes Apple different, is the decision to design all their products and services in a way that limits (or avoids all together) collection user information. For example, almost all of the "smarts" of the iPhone are executed on the device, without sending your data like location and pictures to Apple's servers for processing.
Apple also enforces through App Store review that app developers are mindful of user's privacy and every instance where data is collected needs to be explained and properly justified.
Regarding the story about the 128 million infected devices, it was a virus which infected developer Macs, resulting in some apps also including malicious code. No user data was leaked and it seems end-users suffered no ill-effects cf. https://www.macrumors.com/2021/05/07/xcodeghost-malware-2015...
Of course, no product and service can be 100% secure forever... hacks and malware happen sometimes. That's when practices like app isolation or sandboxing (which is very strict on the iPhone) and explicitly asking users for permissions (so apps can't just choose to get any sensor telemetry they want) comes into play. If an app has been compromised, then the malware is limited to the permissions already granted to the compromised app. Nothing more.
The line of thought goes, what's privacy worth to you? What's security worth to you? The price, likely, will fly upwards until it is saturated to nil.
That's a non sequitur.
But when apple introduced ads to the App Store, a part of me became quite sad.
Like no amount of money would ever be enough...
You can make a case that the ad targeting is just on App Store, News and Stocks but that is just for now, Apple used to have an ad platform iAd which wasn't that successful, so it was discontinued. Once they milk other revenue streams and are more of a monopolistic power in other web properties(like Maps), I am quite sure ads will make a return.
Bottom line is, at this point Apple is also building user profiles like Facebook.
Edit:
It seems like Ben has deleted his tweet. I will just update the link to Apple's support page and quote the relevant section.
"""We also use information about your account, purchases, and downloads in the stores to offer advertising to ensure that ads on the App Store, Apple News, and Stocks, where available, are relevant to you."""
Apple's profile of me, I imagine, is much less detailed than Facebook's, despite Apple's capability to build just as much of one (after all, they own iMessage and my iCloud contacts) if they wanted to.
I am not sure how much information Apple gets but if with an in app purchase of say a eBook, they get to know which eBook it was, it is creepy.
Apple really doesn't have to do any ad personalisation but still they are doing it as it is just more money for them. My fear is, eventually when they monetize more of their web properties, the data collection will increase.
While they might not allow others to sniff your data, they are in too much of a dominant position to not use it for themselves like the purchases data.
For me, this fight will always be, who will watch the watchmen? Regulatory hammer seems to be the only long term solution I can think of. As Apple's integration of hardware + software + software gateway + services, is just too scary and eventually will give them too much power.
Apple certainly is not shy about collecting biometrics. They have the most complete set of biometrics of the FAANGs. I'm not certain what their motive is.
Why a privacy focused company is into Advertising?
Once ads are off the table, what else can Apple do?
Even though the Twitter thread below is by a NYT reporter, it sounds directionally credible given how embedded Apple is in China, both from a manufacturing point of view and also as a growing market.
2021-MAY-18
"NEW: Apple is jeopardizing its Chinese users’ data and augmenting the Chinese government’s censorship to placate authorities and keep its business running. Here is our multiyear investigation into Apple's Faustian bargain in China: ..."
Also, Apple needs to comply with local legislation to be able to provide services in other countries. China also happens to be the country source for most of Apple's supply chain - it's not exactly viable to start fighting the local authorities.
Imagine if other big companies with impact in China (like Epic?) choose to align and apply pressure in the name of user privacy (instead of wasting time and money on pointless litigation)... then perhaps, it will be much harder for a local government to get its way.
We have to just assume that's still running. Businesses could keep a lot of secrets from us and they're not transparent or accountable to the public.
You live in the USA. All persons and companies are subject to whatever intelligence activities that we got a glimpse of which are happening.
You adjust your life accordingly and live on. Because I don't know where else you can go that has the similar benefits of being a US citizen and the environment we enjoy.
Or if you do, it's probably time to put your money where your mouth is and move there. There's not a lot of good in raising these impractical concerns when there's no good alternative or change you can effect.
I'm honesty surprised that in 2021 people still believe the US is the only good place to live/be a citizen.
No, I don't, yet i use tech made by American companies, and my (meta)data was also probably lumped in there for use by american intelligence agencies, who have zero jurisdiction over me.
It's definitely not common, but it happens.
They don't need to use weapons to spy on citizens. The constitutional right to privacy was stripped in the Bush era and it's been open season ever since.
And, how's this Apple's problem or fault? Vote and elect your interest. If you live in democratic country then vote and elect sensible smart honest representatives who will protect your interest.
When people are upset that a company violates their privacy with the government of their country, I feel as though their ire is misplaced.
We had a time in United States history when companies were essentially more powerful than the government that organized the structures in which they operated. John Rockefeller, through Standard Oil, became the wealthiest and most powerful single individual in the entire world. He routinely told governments to pound sand. He was a kind and generous person to those whom he felt deserving or who treated him well. He was ruthless to those whom he felt had slighted him or stood in his way. I don't want to go back to that.
Does it frustrate me that my government is essentially spying on me? Yes! Can I hold Apple responsible for that? Not for my government having made those decisions, no. That's asking that Apple be stronger than my government when, given a choice, I'd rather have an elected government operating transparently in free elections than a company that's primarily responsible to its owners.
Apple can very much fight this fight on behalf of its customers. Every time Apple refuses to write backdoors into its products at the behest of a law enforcement agency here, Apple is taking on that fight. Apple will sometimes lose that fight, as it is currently losing in China. Apple, as a participant in United States society, will sometimes win that fight, too. But ultimately it comes down to the decisions that our government(s) make.
Is that reasonable? If the government is your adversary and you suspect they aren't playing fair, then it's only a matter of time before the government puts the pressure on that company as well. Either they play ball, or they fold like Lavabit did.
At that point you need to self host all your infrastructure as well as you can, and it becomes difficult to trust anyone else.
Of course they'd have to want to do this.
For example: Apple Maps retrieves routes in segments, with changing identifiers. Apple can't figure out where you navigated to.
https://www.apple.com/legal/privacy/law-enforcement-guidelin...
> Personal Data Apple Collects from You
> Usage Data. Data about your activity on and use of our offerings, such as app launches within our services, including browsing history; search history; product interaction; crash data, performance and other diagnostic data; and other usage data
> Location Information. Precise location only to support Find My, and coarse location
> Health Information. Data relating to the health status of an individual, including data related to one’s physical or mental health or condition. Personal health data also includes data that can be used to make inferences about or detect the health status of an individual. If you participate in a study using an Apple Health Research Study app, the policy governing the privacy of your personal data is described in the Apple Health Study Apps Privacy Policy.
> Fitness Information. Details relating to your fitness and exercise information where you choose to share them Financial Information. Details including salary, income, and assets information where collected, and information related to
> Apple’s Sharing of Personal Data
> Apple may share personal data with service providers who act on our behalf, our partners, or others at your direction. Further, Apple does not share personal data with third parties for their own marketing purposes.
> Partners. At times, Apple may partner with third parties to provide services or other offerings. For example, Apple financial offerings like Apple Card and Apple Cash are offered by Apple and our partners. Apple requires its partners to protect your personal data.
That's the world right now.
It's possible to have nuance in these positions.
Maybe in theory "more stores" sounds like "more good" to you as a consumer.
But the large mass of consumers are not in a position to judge things like safety, performance, reliability, sustainability. They're only in position to judge things like "$3 is less than $4".
So the systematic effect of multiple stores will be that everyone will flock to the cheapest stores, which won't have the means or motivation to do what Apple does. Many of those stores will also be offering pirated applications.
So this will destroy many developers who will lose a lot more than 15% or 30% of their potential revenue to piracy, and it will also end up destroying Apple's own store.
This is what "be careful what you wish for" means. Eating fast food every day is cheaper and tastes better than whole foods, for you as a consumer. By the time your body is destroyed, it'll be too late to have some important realizations.
Sun Microsystems‘ Scott McNealy was vocal about this already in the late 1990s: „you have no privacy, get over it“
Look, even if you were able to get FAANG et al. to honor privacy, there will always be the one player that does not. Then, the people who write privacy laws have no clue what they are doing. Plus, I’ve seen software professionals copy/pasting encryption algorithms that contain errors from stackoverflow into production code.
It’s time to face reality, this ship has sailed, stop whining, finally start adapting to an environment without privacy: Treat all your data as if they would become public one day.
Use your energy to teach others to be tech literate to understand what this means, how to deal with this and how to behave.
The GDPR (very good legislation forming one of our rights to privacy), and a host of UK/Europe national Data Protection Acts preceding it would take issue with this statement.
https://m.twitch.tv/videos/1032025987
The source to complete it is on my GitHub. My IG of same handle has progress pics, recently marketing and sales.
I’m sure there are many more similar projects out there, unsure if like I they are angling for physical communities and local taxes.
TDC and iSL have initial docs, and the CarPuter machine is like $750 of parts.
I have many app designs up the stack. Captured as video or drawings or in slices as prototypes.
City Apper. IG, .com... still turning the lights on.
I picture each community having one, like a community center. B corp.
If others run with the idea then great.
I have some unique work constraints on the .com mockup modeled after a successful real life organization and my own experience bootstrapping and being close to it.
I’m my own customer for a few years, now homeless it runs at 4-9W even Twitch streaming screen cap, web cam, and using headset audio.
Ie. we can DIY and reasonably commercialize 1-off hardware. My favorite tacos seem more expensive than chain tacos, but are way more nutrient rich thus worth the cost.
Decentralized. In line with Internet OG. RSS friendly, merchant integration, XMPP, EmailInABox, iCal, LUKS, GPS, USB 3, LTE modem, CDN caching, ....
Apple doesn't care about protecting you. They care about protecting their own advertising market share. They don't want to stop tracking your iPhone. They want competitors like Google to stop tracking your iPhone (for free). Apple wants to get paid for that.
If Apple cared about you then tracking functionality would not exist.
Apple gives apps the ability to track and users the option to disable that feature, but they built it with dark patterns.
Now they've removed the dark patterns, but you can still have this awful feature that nobody wants. Why?
And why is Apple getting credit for removing dark patterns that they created earlier? Why does this feature exist if 99.999% of people don't want it in the first place?
1. zero tracking (not even sure you can do this)
2. apple tracking, and the ability to chose others who track you
To be equal Apple would have to allow blocking Apple's own tracking while still allowing user selected 3rd parties to track. Apple doesn't give this option. If you don't want them to track you you're required to turn off all tracking, not just Apple's tracking.
As for organisations that cater to personal privacy, I don't see any mention in the article about Purism, Mozilla, LinageOS, F-Droid, QubesOS etc.
The big consulting firms have monetized this. Silicon valley ad-tech too.
I keep hoping it can't last.
1. Is there a way to verify that Apple is not using or selling the user's data?
2. What is preventing Apple, after gathering all the users data, from changing its EULA/ToS and starting to sell the user data? Is an average user going to export all the data from Apple and jump to another platform (if there is one offering better privacy)?
One option is clearly better from a privacy perspective even if you have no control over what Apple does.
But now the most interesting thing to me is if FB/Google really are pushed by this privacy narrative to change their business model.
Ads are a sliver in the earnings pie chart.
FB and Google though are advertising companies with services and hardware sales to support their core business.
They definitely consider themselves more than that. They pride themselves in being the farm, to hen, to egg, to plate "lifestyle" service.
Maybe one day they'll start making decent software though.
The overwhelming majority of Apple revenue and profit is still hardware, app store and music etc. Whatever Tim Cook et al truly think about their customers privacy they can take the "moral high ground" when it comes to privacy because they are in a different business and it doesn't hurt their revenue (and perhaps helps it).
Apple sees all your data before it is ever sent to Facebook.
All that said, the level of privacy Apple offers in any of its devices is superficial at best. There are way more problems Apple needs to solve before any of its devices can be considered “private.”
Your IP still gives away your location, apps can remember if they were installed on your phone, you can’t turn off network or sensors for individual apps, etc.
I agree with your last point, but the first two is asking for the impossible. You'd need multiple technological breakthroughs for that to happen.
But the question I have is under what legal basis do companies use the tracking identifiers? Surely the only legal basis available to them is consent? So Apple has kindly made the consent collection infrastructure part of iOS (and therefore standardised and therefore user friendly).
So are the complaints about Apple forcing them to obey the law? That seems pretty strange to me.
The regulators should use any company's complaints about the change as evidence of past GDPR breaches, but then again the reason ATT was required and companies complain is that the regulators are so incompetent that the regulation is routinely broken in total impunity even 3 years down the line.
While you can’t “cook up” new laws as quickly as an engineer can a prototype, trusting a private entity - with only the power to regulate its own devices and activity - is foolish, if just merely in scope. The interests of a private org just complicate the picture further.
Y'all just need to get your elected officials to copy & paste CCPA to a federal level.
For one, it takes quite a bit more on an iOS device to jailbreak it and use an MITM proxy to inspect what apps are doing under the hood than it does for an Android device to do the same. I feel much more peace of mind that I know exactly what apps are sending to their servers and back and that I can inspect it at any time, and Android forks such as LineageOS provide for actually sending fake sensor data back to apps instead of just denying them permissions, which in many cases just cause apps to refuse to function.
Of course, if you need to do more than intercepting network traffic, then it gets a bit more cumbersome on iOS.
On Android it's much easier to intercept and modify the behavior of apps and tell the system to disregard signatures and things of the sort.
(also, iOS supports proxies)
> everyone who wants to manually inspect the bytes coming out of their phone
== everyone who actually gives a damn about their privacy
Do you even know what your phone apps are sending about you? I know what my apps are sending about me. Some of it is pretty scary, honestly.
Factual question: which apps in your experience "refuse to function" when you deny them permission to track you?
I'm not sure if that's the case still but I've run into several other apps that do similar things. It's pretty widespread.
In any case, it's awesome to have an OS that can make apps think they got permissions and just shove fake data at them.
But, can’t we infer from Apple’s earning statements how much they’re monetizing user data? Currently that seems like not much. Then again, they probably wouldn’t have recruited Antonio Garcia if they weren’t interested in milking that particular cow.
Apple’s services category made $16 billion in revenue last quarter and includes ads in addition to other businesses like music and TV. Apple’s growth story to investors hinges on the services category.
That only tells you how they're doing competing against the other ad networks, not how much they're trying to monetize the data. Instead since they couldn't compete, they drew a moat around their devices where other companies can't get the data apple can, now.
That guy was just fired by apple after a staff revolt described as "woke" which made news.
Separate to that, his alumn is facebook, specifically ads. Whatever spin they put on it he was literally hired to monetize for apple the private data they hold that belongs to you. There is zero contractual it enforceable commitment by Apple to prevent them from stealing and doing literally anything they like with your data for a reason. They will do it the instant it is worth the reputational hit for officially announcing their privacy marketing is knowingly dishonest. Which it is.
If they had any value at all on your privacy it would have contractual protection. Cannot be sold, cannot be provided to a third party without being legal compelled, cannot be used by Apple. It's easy to do this and they have chosen not to. It would cost dramatically less than their "these things are private" ad campaign. Orders of magnitude less. It would get orders of magnitude more reach than their ad campaign. They don't have this in contact for a reason. That reason is bait and switch. Their advertising overtures to privacy are worth even less than Google's lack of them. Apple are utterly foul.
The bar is so unbelievably low and apple, google, facebook, and all their ilk compete to get deeper below it and bash us harder.
It's our fault. We didn't do... Like they commanded. See what we made then do?
/Waves to apple zealots and gravy train riders.
