Apple Shares Tim Cook's Recent Speech on Apple's Commitment to Privacy

[Homme]

Apple would NOT be the company it is today without third party apps !

in Steve Jobs era. Yes

in Tim Cook’s Era, possibly but differently

also it’s a bold claim since we are talking about iOS 2 era which was different back then to now

also with that logic I could also say that Android manufacturers can’t exist without third party apps as well (minus the fact Apple was there first)

 

[farewelwilliams]

Apple would NOT be the company it is today without third party apps !

Third party apps wouldn't be third party apps today without Apple.

 

[-DMN-]

It's a nice, sanctimonious speech, but Apple's not really here to protect anyone. Tim Cook is using the best strategies he can to make a profit. I'm glad about what they're doing with privacy, but they're not really doing it for the good of the world. Just ask the international workers they get their supplies from

You will get shamed and down voted by others for speaking truth of Apple. How quickly they forget when Apple was listening to people having sex with their wife and other personal matters, in 3sec sound bytes via "Hey Siri."
SOURCE: https://www.macrumors.com/2019/07/26/siri-human-analysis-voice-recordings/

 

[FrankieTDouglas]

Tim's using a Trojan horse of "privacy" to slip in suppression of speech.

 

[phalseHUD]

Are these privacy protections available to users in China, Tim Tim?

Yep, I was reading this article thinking the exact same thing...

 

[goobot]

Tell em Timothy

 

[Feyl]

I think Apple really is the best in this field, but that’s easy for them because others are so bad at it. That doesn’t mean they’re completely honest with us regarding how they handle our data. There’s been quite number of things that Apple was caught doing wrong. Unfortunately Apple systems are not open source, so nobody outside of Apple has the ability to check their code and verify their statements. So my take is, be cautious with your trust and judge Apple based on their actions. Don’t be naive.

 

[marco114]

Apple is only committed to the illusion of privacy. Make no mistake, when the FBI comes with a warrant, Apple will bend over and hand over whatever they want, which is a lot. They don't encrypt your Drive contents nor your Photo Syncing stuff to iCloud. And the fact that they control the password reset means they can get into it anytime they want.

 

[HarryWild]

Apple still track you and records it but will not sell your data yet? Everything is backup in the iCloud for each mobile device and Macs too. It how they generate $ each month.

 

[-DMN-]

Apple is only committed to the illusion of privacy. Make no mistake, when the FBI comes with a warrant, Apple will bend over and hand over whatever they want, which is a lot. They don't encrypt your Drive contents nor your Photo Syncing stuff to iCloud. And the fact that they control the password reset means they can get into it anytime they want.

Exactly, also Apple keeps all iMessages in the cloud for when you restore a device.

 

[I7guy]

Apple is only committed to the illusion of privacy. Make no mistake, when the FBI comes with a warrant, Apple will bend over and hand over whatever they want, which is a lot. They don't encrypt your Drive contents nor your Photo Syncing stuff to iCloud. And the fact that they control the password reset means they can get into it anytime they want.

There is no illusion of privacy, there is privacy. You're PII is safeguarded by Apple. Apple has maintained it's mission is not to protect your data, which is security, not privacy, in the cloud from authorized law enforcement requests. Apple is committed to protecting your data against common threats.

If you don't want the government to get your icloud backups, don't use icloud backups. Don't use imessage, don't register the phone with an Apple ID. Apple is not forcing any of this on you.

 

[mi7chy]

Marketing for suckers. Haven't logged into iCloud and have turned off all of Apple's data collection.

 

[JGoodish]

Apple is only committed to the illusion of privacy. Make no mistake, when the FBI comes with a warrant, Apple will bend over and hand over whatever they want, which is a lot. They don't encrypt your Drive contents nor your Photo Syncing stuff to iCloud. And the fact that they control the password reset means they can get into it anytime they want.

Apple’s stated commitment to privacy is wonderful, but a commitment to privacy requires accepting the risk that private data may be objectionable in some manner. Cook appears to be advocating for privacy while also advocating for censorship, and it is difficult for those two concepts to stand together. If you are committed to protecting my privacy, that means that you also have no idea what’s in my data (or possibly even who I am), and it could be something which is objectionable to you or someone else. Apple seems to want to have it both ways—be seen as a privacy advocate, while at the same time retaining the ability to scan and prohibit content, or take action against customers who use Apple systems to store data which Apple or others may not like. Privacy doesn’t mean that Apple gets to review and approve your data, just as free speech doesn’t mean that only certain viewpoints are protected speech. Otherwise, privacy is indeed illusory.

Apple does encrypt most iCloud data at rest, but they also hold the keys so that they can decrypt it, with the exception of iCloud Keychain. The greatest risk to privacy here is probably the iCloud Backup feature of iOS devices, where otherwise encrypted information from the device (such as iMessage content) is stored and accessible to Apple via keys which they hold. Of course, savvy users can enhance privacy and security by using tools such as Boxcryptor or Cryptomator, but with some loss of convenience, as these tools are not fully integrated into the iOS experience.

It would be interesting to know how Apple would respond to an allegation that someone was storing objectionable content in a zero-knowledge encrypted vault which resides on an Apple system such as iCloud Drive. Would Apple demand that the accused reveal data to prove their innocence? Would they summarily kick the accused off of Apple systems? It would be an interesting test of Apple’s position on privacy in practice. One thing is almost assured, though: Apple would likely look through every piece of content they could access for evidence.

I have not read through all of Apple’s EULAs, but these issues are likely addressed at least broadly in those agreements. The bottom line is that the most privacy and theoretically least risk results from retaining physical control of your data; once you give it to someone else, you give up control [usually] in exchange for convenience. This is why the insidious data harvesting practices of companies such as Facebook and Google are such a risk to privacy—in most cases, the user has no idea what information is being collected or how it is being used. Of course, the same is true with apps and websites in general, which is why Apple’s efforts toward data collection transparency in these areas are helpful.

 

[iGüey]

Tim starts to look really old and aged.

 

[MysticCow]

Apple would NOT be the company it is today without third party apps !

And now those same third party apps that "made Apple" now have to be honest with you when they try to call home to Facebook.

In other words, IF those same developers are scared of a little "tattle box" telling users their information is being sent out to Facebook and to them...maybe the "tattle box" isn't the problem...

 

[I7guy]

Apple’s stated commitment to privacy is wonderful, but a commitment to privacy requires accepting the risk that private data may be objectionable in some manner. Cook appears to be advocating for privacy while also advocating for censorship, and it is difficult for those two concepts to stand together. If you are committed to protecting my privacy, that means that you also have no idea what’s in my data (or possibly even who I am), and it could be something which is objectionable to you or someone else. Apple seems to want to have it both ways—be seen as a privacy advocate, while at the same time retaining the ability to scan and prohibit content, or take action against customers who use Apple systems to store data which Apple or others may not like. Privacy doesn’t mean that Apple gets to review and approve your data, just as free speech doesn’t mean that only certain viewpoints are protected speech. Otherwise, privacy is indeed illusory.

Apple does encrypt most iCloud data at rest, but they also hold the keys so that they can decrypt it, with the exception of iCloud Keychain. The greatest risk to privacy here is probably the iCloud Backup feature of iOS devices, where otherwise encrypted information from the device (such as iMessage content) is stored and accessible to Apple via keys which they hold. Of course, savvy users can enhance privacy and security by using tools such as Boxcryptor or Cryptomator, but with some loss of convenience, as these tools are not fully integrated into the iOS experience.

It would be interesting to know how Apple would respond to an allegation that someone was storing objectionable content in a zero-knowledge encrypted vault which resides on an Apple system such as iCloud Drive. Would Apple demand that the accused reveal data to prove their innocence? Would they summarily kick the accused off of Apple systems? It would be an interesting test of Apple’s position on privacy in practice. One thing is almost assured, though: Apple would likely look through every piece of content they could access for evidence.

I have not read through all of Apple’s EULAs, but these issues are likely addressed at least broadly in those agreements. The bottom line is that the most privacy and theoretically least risk results from retaining physical control of your data; once you give it to someone else, you give up control [usually] in exchange for convenience. This is why the insidious data harvesting practices of companies such as Facebook and Google are such a risk to privacy—in most cases, the user has no idea what information is being collected or how it is being used. Of course, the same is true with apps and websites in general, which is why Apple’s efforts toward data collection transparency in these areas are helpful.

What picture are you attempting to paint. If Apple is removed from the equation and replaced with Dropbox or Google. How would either of those companies respond if their infrastructure was used to host illegal content? There probably are protocols already in place for this type of event.

Additionally, icloud is not a risk to privacy. If one doesn't want the government snooping in your affairs, the only alternative is to leave the grid. There is no company out there that won't turn over customer information to law enforcement with legitimate paperwork.

What Apple claims is they will safeguard your PII. They never claimed to protect your "objectionable" content from valid law enforcement requests.

 

[SWAON]

Hm, let me see: Privacy is my human right, hell yeah. But who turned my choice of privacy into data collecting and selling for profit?! Oh wait, Apple did it, they invented this business model and strategy, which everyone followed afterwards. Who allowed third apps on the AppStore to collect our data without being notified and then even sold out? Where was Apple, when they made the trillions of it!?

Tim, who are you fooling with your word jugglery, you're nothing but a proficient salesmen, who would turn any human right to a desired feature (or product) for the sake of a sheer profit. Instead of doing it, why don't you explain to the audience how your greedy business model inspired the nowadays situation we're in!? What responsibility Apple will take to make sure this business model is changed. Those are the real questions. Apple won't change this business model, because at its core stands the goal of "profit" and Tim Cook is the profit personified. So in conclusion Tim talked about profit under the name of "your human right - privacy"..

 

[I7guy]

Hm, let me see: Privacy is my human right, hell yeah.

Have to admit, this is well though out hyperbole.

But who turned my choice of privacy into data collecting and selling for profit?! Oh wait, Apple did it, they invented this business model and strategy, which everyone followed afterwards.

Citation for apple invented data collecting and selling for profit? Are you telling me Apple beat the ISPs, google, facebook to the punch for that. And that Apple was actively engaged in this behavior in 2007?

Who allowed third apps on the AppStore to collect our data without being notified and then even sold out? Where was Apple, when they made the trillions of it!?

Citation again. What difference if Apple allowed it. That's like saying the police allow you to blow a red light.

Tim, who are you fooling with your word jugglery, you're nothing but a proficient salesmen, who would turn any human right to a desired feature (or product) for the sake of a sheer profit.

Tim walks the talk, but different strokes for different folks.

Instead of doing it, why don't you explain to the audience how your greedy business model inspired the nowadays situation we're in!? What responsibility Apple will take to make sure this business model is changed. Those are the real questions. Apple won't change this business model, because at its core stands the goal of "profit" and Tim Cook is the profit personified. So in conclusion Tim talked about profit under the name of "your human right - privacy"..

What greedy business model, can you please explain in detail their greedy business model. And why shouldn't Apple earn a good profit, they are not a 501c3 charity. Making a profit is not mutually exclusive with being the steward of your PII. Apple is doing both.

 

[MasterMaCanada59]

Privacy comes first no matter what! Apple knows it! Tim cook is very good about this. Facebook has no clue what they are doing.

Amen !

 

[SWAON]

Have to admit, this is well though out hyperbole.

Citation for apple invented data collecting and selling for profit? Are you telling me Apple beat the ISPs, google, facebook to the punch for that. And that Apple was actively engaged in this behavior in 2007?

Citation again. What difference if Apple allowed it. That's like saying the police allow you to blow a red light.

Tim walks the talk, but different strokes for different folks.

What greedy business model, can you please explain in detail their greedy business model. And why shouldn't Apple earn a good profit, they are not a 501c3 charity. Making a profit is not mutually exclusive with being the steward of your PII. Apple is doing both.

Apple didn't invented data collecting, but were first to do use it. Even if they encrypted most of their services, and not at 100%, they still can have access to what's been collected via their apps. No one can beat Facebook or Google in data selling, so obvious Apple is out of the joke. But what Apple didn't do is to limit the chances of those and many other apps, to gain user's data for own profitable interest, because, ironically it wasn't in Apple's interest to limit those apps, who were making millions of dollars in AppStore. That's the business model I was referring. Preaching about privacy and security is one thing, doing the actual thing in a clear transparent way, without backhand self-surving motives is another thing. Now that privacy is a must thing, Apple is taking advantage to the situation they contributed less or more, presenting how concern they are for our privacy. But we all know that's not what drives them. Apple is drived by gaining more profit, no matter how and what. Call it as you like, that's how I see it myself. The fact they didn't regulated the apps on their AppStore and make sure they comply 100% with security measures is still a prove of my theory. Either you're secure, either you're not, there is no middle ground for it.

 

[I7guy]

Apple didn't invented data collecting, but were first to do use it.

Citation for being the first.

I don't deny Apple doesn't collect your PII, how else is it supposed to provide a modicum of services to it's customers. Especially those who may purchase apple products and services with a credit card. Makes no sense that you are attempting to ding them for what is a standard practice. It's what they do with it after they collect that is important.

Even if they encrypted most of their services, and not at 100%, they still can have access to what's been collected via their apps. No one can beat Facebook or Google in data selling, so obvious Apple is out of the joke. But what Apple didn't do is to limit the chances of those and many other apps, to gain user's data for own profitable interest, because, ironically it wasn't in Apple's interest to limit those apps, who were making millions of dollars in AppStore. That's the business model I was referring. Preaching about privacy and security is one thing, doing the actual thing in a clear transparent way, without backhand self-surving motives is another thing. Now that privacy is a must thing, Apple is taking advantage to the situation they contributed less or more, presenting how concern they are for our privacy. But we all know that's not what drives them. Apple is drived by gaining more profit, no matter how and what. Call it as you like, that's how I see it myself. The fact they didn't regulated the apps on their AppStore and make sure they comply 100% with security measures is still a prove of my theory. Either you're secure, either you're not, there is no middle ground for it.

When you download an app, you are agreeing to the sellers TOS for the app. As I said, there is not way Apple can dig into the privacy policy, especially if there are untoward things in the back-end. Similar to cops stopping all instances of speeding...not possible. I do not take what apple is doing as preaching, but rather setting an example. But I guess different strokes for different folks.

Apple should be able to make a buck or a million or a billion bucks, without criticism that is binary in nature, but again to each their own. Security is not binary, privacy isn't binary security does not equal privacy. 100% security doesn't exist in the digital world.

 

[farkleboy]

Why isn't that a Homepod on the books behind him? Missed product placement opportunity.

Regardless, if I don't want to be tracked, then I like having that option. If he is using this as a market differentiator, then that makes him and Apple a smart marketing company that just so happens to be on the right side of the issue.

 

[SWAON]

It's what they do with it after they collect that is important.

Security is not binary, privacy isn't binary security does not equal privacy. 100% security doesn't exist in the digital world.

I agree on that and disagree with the rest.

 

[JGoodish]

What picture are you attempting to paint. If Apple is removed from the equation and replaced with Dropbox or Google. How would either of those companies respond if their infrastructure was used to host illegal content? There probably are protocols already in place for this type of event.

Additionally, icloud is not a risk to privacy. If one doesn't want the government snooping in your affairs, the only alternative is to leave the grid. There is no company out there that won't turn over customer information to law enforcement with legitimate paperwork.

What Apple claims is they will safeguard your PII. They never claimed to protect your "objectionable" content from valid law enforcement requests.

I didn't specifically reference illegal content, nor did I mention the government or law enforcement. Nor is anything I said unique to Apple, but Apple and Cook's comments are the subject of this thread. Apple also continuously advertises "privacy" as a distinctive advantage of their products and services versus the competition, but as you reference, the practical scope of that claim is rather limited.

Objectionable content could be illegal, but it could also be content which Apple or a third party simply doesn't like; removing such content or taking other action against the user is censorship, as is removing certain apps from the App Store which provide access to such content, and identifying such content through surveillance is by definition an invasion of privacy. As long as data sent to iCloud is accessible to Apple, law enforcement, or potentially anyone who would breach a users's account or Apple's systems to gain access to private encryption keys, there is no assurance of privacy. iCloud encryption (with the exception of iCloud Keychain) is not zero-knowledge.

Apple does not appear to surreptitiously collect user data for resale, and has advocated against others' ability to do so using Apple's platforms (such as the App Store). This is commendable. However, any data that a user willingly provides to them is not private, and Apple appears to make no meaningful guarantee that it will remain private.

The idea that a user needs to "leave the grid" or otherwise tacitly consent to snooping is ludicrous, not to mention that an individual's own connection to "the grid" is not the only point of risk--restaurants, retailers, appliance manufacturers, doctors' offices, employers, car companies--all have some amount of data which users voluntarily provide to them. There are numerous strong privacy protection methods which may be employed to protect a user's privacy, but it all boils down to this: The more unencrypted information that a user provides to someone else, the more privacy is surrendered.

 

[I7guy]

I didn't specifically reference illegal content, nor did I mention the government or law enforcement. Nor is anything I said unique to Apple, but Apple and Cook's comments are the subject of this thread. Apple also continuously advertises "privacy" as a distinctive advantage of their products and services versus the competition, but as you reference, the practical scope of that claim is rather limited.

Correct. If the government wants your data it will get it. If that is being called "limited" then that is correct. Apple, as google and facebook, takes law enforcement requests seriously. Apple never intended to protect your PII from lawful requests law enforcement requests. If one is concerned, don't use icloud backup in any way shape or form.

Objectionable content could be illegal, but it could also be content which Apple or a third party simply doesn't like; removing such content or taking other action against the user is censorship, as is removing certain apps from the App Store which provide access to such content, and identifying such content through surveillance is by definition an invasion of privacy. As long as data sent to iCloud is accessible to Apple, law enforcement, or potentially anyone who would breach a users's account or Apple's systems to gain access to private encryption keys, there is no assurance of privacy. iCloud encryption (with the exception of iCloud Keychain) is not zero-knowledge.

This is the within the purview of the platform owner. Censorship on private platforms is nothing new. For example, MacRumors heavily moderates it's forums, don't like the system, find another discussion board. There should never be in anyone's mind a 100% ironclad assurance of privacy. What man makes, man can unmake. If you are going to ding apple because they aren't protecting your data from the government, imo, you are barking up the wrong tree, but such is life.

Apple does not appear to surreptitiously collect user data for resale, and has advocated against others' ability to do so using Apple's platforms (such as the App Store). This is commendable. However, any data that a user willingly provides to them is not private, and Apple appears to make no meaningful guarantee that it will remain private.

Correct. As stated above, the government can present lawful requests to get your data. If your rational, is that then your data is not private, you should be off the grid because the government will get what it wants. Apple will protect your data from reasonable attempts to break your device.

The idea that a user needs to "leave the grid" or otherwise tacitly consent to snooping is ludicrous, not to mention that an individual's own connection to "the grid" is not the only point of risk--restaurants, retailers, appliance manufacturers, doctors' offices, employers, car companies--all have some amount of data which users voluntarily provide to them.

It's not ludicrous if the ask is ridiculous.

There are numerous strong privacy protection methods which may be employed to protect a user's privacy, but it all boils down to this: The more unencrypted information that a user provides to someone else, the more privacy is surrendered.

Fully agree. But I'm not worried that Apple will use my own data to deliver targeted advertisements or to send to some clearinghouse for money.