This article originally appeared in TidBITS on 2014-09-24 at 9:00 a.m.
The permanent URL for this article is:
Include images: Off

Apple Goes Public on Privacy

by Geoff Duncan

Last week Apple published an Open Letter on Privacy [1], in which CEO Tim Cook emphasized how Apple products are designed with customer privacy as a top priority. The letter and accompanying site detail some of Apple’s privacy-related practices and technologies, as well as the policies that the company mandates and follows with advertisers, partners, and governments. Apple also posted the same content to its various international sites. It’s worth a look.

In part, the site and the letter are a public relations move. Apple has taken a flogging in recent weeks in the wake of attackers accessing several celebrities’ iCloud photos. (Apple claims the attacks are due to compromised passwords and security questions [2], not inherent security flaws, see “iCloud Flaw Not Source of Celebrity Photo Theft [3],” 2 September 2014.) As a result, Apple is currently trying to reposition itself as a company worthy of consumers’ trust. Of course, the site also highlights new privacy-related technologies in iOS 8: it’s no coincidence this open letter was published alongside a massive Apple product launch.

At one level, the site shows how Apple is in the same boat as other technology companies: Apple is constantly storing and processing sensitive data for hundreds of millions of people, and must comply with lawful government orders [4] to hand over information. However, Apple’s privacy pages also highlight how it is different from other technology giants, primarily because Apple earns most of its money selling products, rather than by selling advertisers access to its customers.

Do these differences matter to you? The answer depends on how you (and those you know) use technology and online services.

Apple’s Main Privacy Points -- Apple’s new privacy site details how individual Apple technologies [5] (like iCloud, Maps, Siri, FaceTime, Messages, Apple Pay, HealthKit, and more) manage and store personal information. Equally important, Apple also details how users can control how their personal information is stored and shared [6], and offers some basic advice on safeguarding privacy and avoiding phishing scams. Notably, the site uses accessible English rather than technospeak or legalese, even in the still-dense privacy policy.

A few key points emerge:

How Apple Compares -- Apple seeks to differentiate its products and services from companies like Google and Microsoft on one primary point: selling access to advertisers. Google algorithmically monitors its users’ email, Web searches, contacts, and other online activity [12] to compile information for advertisers. (Yahoo [13] and Microsoft do much the same, although Microsoft no longer scans email [14].) Google users can tailor their ad preferences for a bit of control over what ads they see, but cannot opt out of Google scanning their data, doing everything possible to determine their location, and compiling those profiles which Google users cannot view, correct, or delete. Many of Google’s products and services may be free to users, but as Tim Cook noted in his open letter, “When an online service is free, you’re not the customer. You’re the product.” Google’s customers are advertisers. During the first half of 2014, 90 percent of Google’s revenue came from advertising [15].

This isn’t to say Google wants Android or its services to be insecure. Google has always made security a high priority, and has redoubled its efforts in recent years following cyberattacks and mass surveillance revelations. Android has offered user-data encryption on devices as an option since 2011, and Google will be making device encryption a default setting in Android L [16], due out in a few months.

The distinction is that while Google, Yahoo, Microsoft, Amazon, Facebook, and others want your data to be secure, they don’t want it to be private. They need to know as many specific things about their users as possible to feed their business models. Conversely, Apple claims to access only data it needs for specific features and services, use it only with users’ consent, and (where possible) extends that stance to data that can be collected by third parties. If you don’t have a problem with an app (or a company) tracking your every move, that can be done on an iOS device as easily as an Android phone. But that’s not how Apple’s apps and services behave by default.

To be fair, since Apple designs and markets products for the masses, little that Apple might learn about individual customers could help them sell more products. While there’s no reason to suspect Apple’s public commitment to user privacy is insincere, the company is certainly spinning this basic business model fact into marketing gold.

Of Courts and Canaries -- Last year, Apple published its first transparency report on government information requests, which included a so-called “warrant canary:” “Apple has never received an order under Section 215 of the USA Patriot Act.” The untested idea is that while Apple can be barred from disclosing whether it has received an order to disclose information from the mostly secret Foreign Intelligence Surveillance Court (FISC), it cannot be compelled to lie about having not received such an order. If the language were to vanish from an updated version of a document, the reader would be free to infer Apple had received at least such one secret court order.

Some hay has been made of this warrant canary going missing [17] in Apple’s transparency report covering the first half of 2014; in fact, Apple dropped it in the latter half of 2013 [18] following changes that Google, Microsoft, Facebook, Apple, and other companies worked out with the U.S. government that enable aggregate reporting on both FISA requests and National Security Letters [19] (NSLs). In its place, Apple now says “To date, Apple has not received any orders for bulk data.” The implication is that while Apple may well have received FISC orders to disclose information, any such orders have not involved the kind of massive handover or continual monitoring implied by things like the NSA’s PRISM program. If this language disappears in the future, readers could infer Apple has been ordered to hand over data en masse.

Does a Privacy Policy Matter? Although Apple’s revamped privacy information site is high-profile, it is basically a statement of intent rather than a set of legal commitments. If any part turns out to be inaccurate or untrue, the worst Apple could face is a civil suit for misrepresentation. (Few U.S. laws apply to privacy: the one most relevant to Apple is the Children’s Online Privacy Protection Act (COPPA).) Apple can change any of its practices at any time, with no warning, and plans to update the site once a year or when there are “significant” changes to its policies. There’s no word on how Apple plans to let people know about changes.

Nonetheless, if any part of this highly public privacy site and policy proves to be untrue, the damage to Apple’s brand and reputation would be immense — Apple is putting its neck on the line.

Another thing is clear: Apple now considers privacy consciousness a feature of its product ecosystem, just like high-quality displays, good cameras, speedy graphics, and elegant design. Apple doesn’t think the Googles, Facebooks, Microsofts, and Amazons of the world can compete.