Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Craig Federighi Shares Apple's Four Privacy Principles in Conference Keynote

iamgalt said:
Anytime I see Google's name next to anything involving privacy, I have to laugh. Their "privacy policy" is basically, collect all they can so they can sell it. Same with Facebook, but I don't see their logo in the group of others.
Click to expand...

FWIW, when I read Google's privacy policy I don't see them selling your data. I do see them collecting data for targeted advertising, but that's not quite the same. It's more like this: A company wants to sell its widget to young, male adults with an interest in fashion. Google says, "We'll do that for you," and then takes said company's ad and places it in front of those people.

Google also has an option to opt-out of targeted advertising.

Facebook I haven't not read in detail but from everything I have read, they are the embodiment of pure evil.

ChromeAce said:
It’s hard to take Craig seriously when he has yet to flip the switch on iCloud Backup encryption. What good is locking down your phone in kryptonite if iOS simply decrypts the whole thing and stores it in the cloud?
Click to expand...
Exactly. Apple's privacy stance is a good marketing position. I believe they do most of what they say, but they say very little beyond vague generalities about their actual data usage. They know most other companies want data for monetization and so taking "a stand for privacy" is a good PR move.
 
Dave-Z said:
Probably their weakest area. Apple really needs to go into more detail about the data that is collected and how to control that.

For example, iOS/iPadOS system-wide Spotlight searches phones home to Apple. Even when looking up local information. You can turn off the "Siri"-type suggestions in Settings (about 4-6 toggles at the top of Settings > Siri at the time of writing this), but it still phones home. In fact, you have to go through every application in that Settings > Siri section and disable 3-5 toggles (again, per app) to get Spotlight search to truly be local. This is not documented anywhere that I can find and I only figured it out through proxying a device's requests along with trial and error.

There are other instances of this type of behavior, too.

Then there's the inability to opt out of certain analytics at all. For example, why can't I turn off Books and Podcasts analytics? I get that it's allegedly anonymized, but perhaps I don't want data reported at all? Not an option, apparently.

Apple does well and better than many other companies, but if people think they are the poster-child of privacy they are mistaken.
Click to expand...
While I have no reason to doubt what you say, you make a weak case that Apple is somehow not respecting your privacy because it may “phone home”. You do not even guess what data is sent/received, whether that data is anonymized, stored or analyzed. It is not a privacy violation if non-personal data is sent encrypted and then not stored anywhere. Maybe you are right, but as presented, your case is weak

I suppose you could turn off Siri altogether, or even better, not use a phone if you desire to have zero footprint. After all, phones ping towers just to know where they are, right? Non-zero footprint

the issue is not that data is involved in searches, the issue is if that data is archived, stored, analyzed, and sold. That is what has been publicly stated as not being done
 
MauiPa said:
While I have no reason to doubt what you say, you make a weak case that Apple is somehow not respecting your privacy because it may “phone home”. You do not even guess what data is sent/received, whether that data is anonymized, stored or analyzed. It is not a privacy violation if non-personal data is sent encrypted and then not stored anywhere. Maybe you are right, but as presented, your case is weak

I suppose you could turn off Siri altogether, or even better, not use a phone if you desire to have zero footprint. After all, phones ping towers just to know where they are, right? Non-zero footprint

the issue is not that data is involved in searches, the issue is if that data is archived, stored, analyzed, and sold. That is what has been publicly stated as not being done
Click to expand...
So what you're saying is that as long as a company doesn't tell you outright what they are doing with your data then it is ok. Since Apple apps are "phoning home" and Apple doesn't explicitly say what they are doing with that data then it is ok. Or are you saying its only ok if Apple doesn't tell you but other companies have to tell you what they are doing. For me, personally, if a company doesn't tell you what they are doing with your data then it's probably because they are not doing something good with it. Why would Apple apps phone home and Apple not say what they are doing with that data. Think of it this way, if a company was doing something "good" with your data or at least not bad with your data then they would come right out and say it. Especially a company like Apple which loves to toot its own horn in public. The fact that they are not forthcoming about what they are doing with all the "phoning home" data is a bit troublesome.
 
I always laugh at how self righteous people get when it comes to their digital privacy. I highly suspect that if Google came out tomorrow and said Fine we will no longer track and sell your data and so we will start charging monthly fees for YouTube, Gmail, Google Maps and all the other services that people would quickly change their tune and start begging Google to make the apps free again and collect their data. Same with Facebook; everybody and their grandma would start crying a river if they had to pay a monthly fee to post all their cleavage and food pics, but they love being adamant about Facebook tracking them for a free service that is so essential to their daily lives.
 
  • Disagree
Reactions: Kengineer and planteater
Now if Apple would let me use Siri without sending my audio recordings to store in their servers that would be great. They at least can translate my audio to text on device then send the text query. I believe currently even simple dictation or on device commands are sent to Apple to listen and analyze.

rk-apple said:
Apple's commitment to privacy is the major reason I allow myself (and my family) to get so sucked into the Apple ecosystem. I trust Apple way more than the Amazon or Google ecosystems.
Click to expand...

Careful, while its great and all remember that Apple is a "for-money" business. You never know what happens in the future. Remember Google's motto "Do No Evil". As they gain more market share, money, and power it can corrupt them. They will get arrogant.
 
Dave-Z said:
Not sure how you can be down-voted on this comment when, in fact, what you are stating is true: Apple exempts its own services and third-parties have indeed found a way to exploit that. 🤷‍♂️

Edit: Citing source:
https://twitter.com/x/status/1327726496203476992
Click to expand...

The Apple fanboi doesn't like reasoning, they just want to praise Apple all day, it makes them happier and smarter than the average android fanboi (apparently).
 
  • Haha
Reactions: Dave-Z
MauiPa said:
While I have no reason to doubt what you say, you make a weak case that Apple is somehow not respecting your privacy because it may “phone home”. You do not even guess what data is sent/received, whether that data is anonymized, stored or analyzed. It is not a privacy violation if non-personal data is sent encrypted and then not stored anywhere. Maybe you are right, but as presented, your case is weak

I suppose you could turn off Siri altogether, or even better, not use a phone if you desire to have zero footprint. After all, phones ping towers just to know where they are, right? Non-zero footprint

the issue is not that data is involved in searches, the issue is if that data is archived, stored, analyzed, and sold. That is what has been publicly stated as not being done
Click to expand...
You're conflating a bunch of different topics. I'm not going to address Siri (proper, the digital voice assistant) as my reference was more of the Siri suggestions (the on-device learning what apps you frequently use, etc.). Nor am I going to address phones or cell towers because that's a completely different issue that I was not even talking about.

I do not make a weak case. Apple said point #3 of their privacy principal is (emphasis mine):
MacRumors said:
Making it clear to customers what data is collected and giving them tools to control how that data is used.
Click to expand...

To which I stated:
Dave-Z said:
Probably their weakest area. Apple really needs to go into more detail about the data that is collected and how to control that.
Click to expand...

I then explained that a Spotlight search phones home to Apple. Apple doesn't detail the data that is collected, how it is used, or how to control it. I don't need to provide the content of my proxying tests because it's irrelevant to my point, which again is that Apple does not tell me a search will send data to their servers, what that data will contain, how it will be used, and how to control it. I experimented and discovered a way to turn off that particular aspect of the operating system, but it doesn't change that I was not able to find any documentation on Apple's site which explained that the data was sent or how I could control it. Considering that it is their third principal of privacy, I think they need to do better.

MauiPa said:
the issue is not that data is involved in searches, the issue is if that data is archived, stored, analyzed, and sold. That is what has been publicly stated as not being done
Click to expand...

No. That is not the case. It may be for you that "the issue is if that data is archived, stored, analyzed, and sold" but that is not everyone's position on the matter. If I am searching something locally, I expect that to stay to local; therefore for me the issue is "that data is involved in searches." I want to know how to keep searches local, that is important to me.
 
Principle #5 - Collect $11 Billion/year from a privacy-monetizing middleman named Google so you can keep your hands looking clean while enriching yourself on the back of your users' privacy.
 
  • Like
Reactions: brucemr and ozzymo
If a company is not archiving, storing, analyzing, or selling your data what else is left for them to do with it? Why would a company transmit your data if they were not doing at least one of those four things? I highly doubt Apple is selling customer data, but they are most definitely without a doubt analyzing it for whatever purposes are relevant to them. Now whether they are also archiving or storing that data and for what length of time no one really knows. But you can not honestly say that Apple is not analyzing the data.
 
BootsWalking said:
Principle #5 - Collect $11 Billion/year from a privacy-monetizing middleman named Google so you can keep your hands looking clean while enriching yourself on the back of your users' privacy.
Click to expand...
Shhh don't go spreading truth in here. People aren't going to like that. The fact that Google pays Apple around $11B a year to be the default search engine which they then use to collect and monetize Apple's customers' user data is the epitome of hypocrisy. Apple is the best company probably in history at PR and spin. They come out looking like an angel while the entire time they are in bed with the proverbial devil.
 
ozzymo said:
And what is the most probable reason for Apple to not do that? You have millions upon millions of iCloud backups unencrypted on their servers. I'm not saying Apple is doing anything nefarious with the data, but it is a wealth of data for them to mine and grab whatever relevant user info they can use.
Click to expand...

Wrong. Apple is not Facebook. They don’t touch that data until they’re served with a warrant. The reason is strictly political, so as not to further piss off the growing American police state.
 
ChromeAce said:
Wrong. Apple is not Facebook. They don’t touch that data until they’re served with a warrant. The reason is strictly political, so as not to further piss off the growing American police state.
Click to expand...
Wow so glad that you know exactly what Apple is doing. I'm glad that you trust Apple explicitly, doesn't mean that everyone does.
 
This is a perfect example of why regulation of industries is necessary. We can't have faith that industries will self regulate. Apple makes the correct choice to the consumers benefit and is responsible. But other companies make a choice against the consumer and is irresponsible. Regulation would force the responsibility and have accountability.
 
  • Like
Reactions: Starfia
MauiPa said:
I think you didn't think this one out very well. The uses are not being made to track you, simple as that
Click to expand...
It's my computer, I expect to be able to stop it phoning home, my next OS will be Linux Mint - Apple lost the plot when Scully ran it and again while Cook is ruining it. Little Snitch allows me to block Facebook, Google etc and now Apple has arrogantly stopped that, time to move on.
 
"Getting this right will take time, collaboration, listening--and true partnership across the entire technology ecosystem. But we believe the result will be transformative."

So in other words: stop, collaborate, and listen. I love when Craig channels his inner Vanilla Ice.
 
BWhaler said:
Nope; I meant what I said.

I genuinely believe we will look back years from now and realize how lucky we were to have the largest, more powerful tech company standing up for our privacy.
Click to expand...
Ha did you miss this entire thread? Apple phones home with all of their apps and collects data. You can't opt out of it and they are very vague about what they do with that data. Of course they are very stern and firm when other companies collect data. But they never really talk about their own data collection practices. Or how about the fact that Apple happily takes $11B each year from Google so that google search is the default option on all iOS devices. And what do you think Google does with that? Of course they turn around and collect and sell all the user data they can so they will have another $11B to give Apple the following year.
 
whyamihere said:
"Getting this right will take time, collaboration, listening--and true partnership across the entire technology ecosystem. But we believe the result will be transformative."

So in other words: stop, collaborate, and listen. I love when Craig channels his inner Vanilla Ice.
Click to expand...
But any time an Apple exec speaks you have to really stop and read between the lines. What he is really saying is we expect all you companies out there to stop and follow the new Apple Standard which we ourselves will not follow. We expect you to be very open and transparent about what you are doing with all that data, but of course we are Apple so we will not be open or transparent at all about what we are doing when our apps phone home. And of course all your apps have to go though the normal networking APIs on our machines so users can firewall and block what they want; but our apps will be exempt and go around those firewalls so no users can block our apps; cause hey we're Apple, we're the good guys why would anyone ever want to block our apps.
 
Here's another little morsel of thought regarding the whole Apple is the savior of privacy. If Apple really cared about privacy and the privacy especially of their iPhone users they could easily make another search engine default on iOS devices, a search engine with privacy in mind. They could easily make something like DuckDuckGo the default option as they have considerable more privacy at heart than Google. Why, may you ask, would Apple not do that? Well I can give you about 11 billion reasons why they don't. DuckDuckGo could only pay them a fraction of what Google is able to pay them every year for that privilege. Kind of opens your eyes to really how much Apple cares about privacy. They care about as much as billions of dollars allow them to care. Point is stop worshipping Apple like a cult, no company has your interests at heart. EVER. They care about the bottom line. Apple is just very, very, very, very clever at spinning everything so people think they care about their privacy and then open up their wallets to Apple as a result.
 
ChromeAce said:
It’s hard to take Craig seriously when he has yet to flip the switch on iCloud Backup encryption. What good is locking down your phone in kryptonite if iOS simply decrypts the whole thing and stores it in the cloud?
Click to expand...
Where exactly did you get the information that iCloud backups are stored unencrypted? I can find no evidence to support that claim, and Apple advertises that all data in iCloud is encrypted with "A minimum of 128-bit AES encryption"

iCloud Security Overview
 
Darth.Titan said:
Where exactly did you get the information that iCloud backups are stored unencrypted? I can find no evidence to support that claim, and Apple advertises that all data in iCloud is encrypted with "A minimum of 128-bit AES encryption"

iCloud Security Overview
Click to expand...

That very document you referenced actually explains it:

iCloud secures your information by encrypting it when it's in transit, storing it in iCloud in an encrypted format, and using secure tokens for authentication. For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where you’re signed into iCloud. No one else, not even Apple, can access end-to-end encrypted information.
Click to expand...

Emphasis, mine.

You'll notice that Apple distinguishes between end-to-end and other data. End-to-end is encrypted on-device, sent, then decrypted on-device. No one can read the data at any point. Everything not encrypted end-to-end is stored on Apple's servers in a manner that allows Apple (or anyone ordering them to under law or duress) to read the data. When Apple says the data is encrypted, they mean the hard drives holding that data have encryption and the communication channel to/from the device is encrypted, but their systems with the appropriate keys can read the data. That's how you can log in to your iCloud account and see files in the Files section, appointments in Calendars, etc.

Notice Apple says end-to-end encryption means "only you can access your information". For everything else, Apple does have access to it.

I searched "icloud backups not encrypted" and got a wealth of related articles explaining this. Here is one:

daringfireball.net

Regarding Reuters’s Report That Apple Dropped Plan for Encrypting iCloud Backups

This isn’t about Apple foiling law enforcement. It isn’t about Apple helping criminals. It’s about Apple enabling its customers to own and control their own data.
daringfireball.net daringfireball.net

But if you want you can cross-reference it with tens of other sites reporting the same thing.
 
  • Like
Reactions: Slarti.BartFast
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back