You know that thing that you know? What if it wasn’t true?!
It is true, but what if it wasn’t?!
It is, though. But, still… whooooooooo.
Writing for Bloomberg, Sarah Frier is about to blow the lid off this whole “Is Apple really better on privacy?” thing. And find that wasn’t a lid at all, it was just a paper plate sitting on top of the lid that someone had written “Apple sux” on. In crayon.
“Is Apple Really Your Privacy Hero?” (Tip o’ the antlers to Alex.)
Is Apple a “privacy hero”? No. You can’t trust corporations to be “heroes” for you. But Apple is better than anyone else on privacy, silly pundit games notwithstanding.
Apple Inc. has positioned itself as the champion of privacy.
Well, we can’t allow that, can we? Quick! To the False Equivalency Machine!
Because would you be surprised to know that Apple is not perfect on privacy?! In other words, it is not a veritable Fort Knox, locking all of your information up solid and preventing any access at all?! It’s true! If you give apps access to your information—are you sitting down?—those apps will have access to your information! That’s the dirty secret Apple doesn’t want you to know.
The world’s most valuable company—its market value crossed the $1 trillion mark on Aug. 2—has some of the same security problems as the other tech giants when it comes to apps.
Where by “some of the same” we mean “we can lump them all into the umbrella of ‘privacy’”. We do not mean literally the same.
It has, in effect, abdicated responsibility for possible misuse of data, leaving it in the hands of the independent developers who create the products available in its App Store.
Independent developers and the user, which is kind of an important distinction that Frier glosses over.
Bloomberg News recently reported that for years iPhone app developers have been allowed to store and sell data from users who allow access to their contact lists…
That last bit is a pretty big deal. Compare that to how Facebook’s access token was letting unscrupulous websites scrape “your Facebook ID, first name, last name, language, gender, date of birth, profile picture, cover photo, currency, devices you use, when your information was last updated, your posts and statuses, your photos and your friends.”
These are categorically not the same thing.
According to some security experts, the Notes section—where people sometimes list Social Security numbers for their spouses or children or the entry codes for their apartment buildings—is particularly sensitive.
Yeah, that’s why you should never put social security numbers into Notes. It was never advertised for that purpose. Also shockingly, Apple doesn’t do anything at all to protect those sticky notes with all of her passwords on them your nana keeps on the inside of her iPad cover.
There are only so many user flaws a company can design around but Apple did add the ability to password-protect individual Notes, something Frier doesn’t mention. So, if a user insists on using Notes for something it wasn’t designed for, they can securely. Of course, you can lead a horse to water but you can’t make it put a password on it.
[UPDATE: On Twitter, Fries clarifies that she’s speaking of the Notes field in Contacts, not the Notes app, which explains why she wouldn’t bring up Notes.app’s password protection. It’s still using a field for something it was not designed for and the Macalope wonders how many people really do this.]
When developers get our information, and that of the acquaintances in our contacts list, it’s theirs to use and move around unseen by Apple. It can be sold to data brokers, shared with political campaigns, or posted on the internet. The new rule forbids that, but Apple does nothing to make it technically difficult for developers to harvest the information.
Go to Settings > Privacy > Contacts and you can turn on or off which apps can access your contact information. So, wrong, it does do something.
Apple has the ingredients for a Cambridge Analytica-type blowup…
It has nothing of the sort. Users could agree to give a company information on friends stored in Contacts, but what made the Cambridge Analytica data acquisition so powerful was access to all the other information such as the user’s timeline which included posts from those friends and allowed the company to build detailed profiles of each individual.
Although, maybe there are iPhone users who copy and paste all their friends’ Facebook posts into the notes section of Contacts. Apple isn’t doing anything to prevent that. Thus Apple is just as bad as Facebook.
…but it’s successfully convinced the public that it has its users’ best interests at heart with its existing, unenforceable policies.
The way Apple enforces policies is by reviewing apps before they’re accepted to the App Store and banning bad actors. Does it work perfectly every time? No. But that doesn’t mean the policies are “unenforceable”.
The company’s main argument for why it’s a better steward of customers’ privacy is that it has no interest in collecting personal data across its browser or developer network. It simply doesn’t need to, because it doesn’t make its money off advertising. The public wholeheartedly agrees with this “hear no evil, see no evil” strategy…
“I am unaware of anything Apple has done to protect users privacy. Time to start typing.” One of the reasons Apple had to roll its own Maps data is because Google wouldn’t give the company access to additional features without it handing over more data on users. Apple went to court with the FBI to protect the privacy of a terrorist because it knew the government was seeking to establish a precedent. You can argue it does this in a cynical attempt to use privacy as a selling point, but the same way people use headphones jacks to argue other phones are better than the iPhone, you must at least acknowledge that these things exist.
Frier conducts a master class in conflation, attempting to make Apple responsible for data that users share inside of apps. In which case you could blame Apple for the Cambridge Analytica scandal since Facebook is an app you can use on the iPhone and a site you can visit in Safari. Why not just go there directly?
Here, however, she steps over the boundary from logical flim-flammery and into outright falsehood.
The iOS app developer network is much more robust and influential than is Facebook’s. The programmers have produced everything customers have used on their iPhones in the past 10 years that Apple hasn’t made itself. Developers have made $100 billion in revenue in that time, even after Apple took its average 30 percent cut. Fortunes have been built on the personal data of Apple customers.
The link in that quote goes to a story about an increase in App Store revenue, not one cent of which was made through selling the personal data of Apple customers. These sales come from purchases. The Macalope is not saying that some people aren’t making money selling the personal data of iPhone users, but it is blatantly false to insinuate that money is coming through the App Store process when none of it is.
For all of Facebook’s privacy problems, it was at least able to alert people who were potentially affected by the Cambridge Analytica leak. Apple has no such mechanism.
Can you imagine the outcry if Apple insisted on getting its fingers into the internal data models of every app on the App Store? They say that in space no one can hear you scream, but you’d hear those screams from space. Possibly through the Force, the Macalope isn’t sure how it works, he’s not a physicist, he just knows a lot about screaming.
Despite how fun it is to declare a pox on all their houses, privacy is clearly one of Apple’s strengths compared to its industry peers, many of which consider it an afterthought at best, so this whole article comes off like whining “Why can’t Usain Bolt run faster?”