Apple's Tim Cook calls upon US' congress to create federal law that follows GDPR's lead and reigns in data brokers

[Delicieuxz]

Apple's CEO Tim Cook has long been an outspoken advocate for data privacy and has given multiple speeches / interviews about why big-business claims of needing data to operate are fraudulent. And now in a recent article he is calling on the US' federal lawmakers to introduce nation-wide GDPR-like rules.

 

 

You Deserve Privacy Online. Here’s How You Could Actually Get It

Quote

 

We all deserve control over our digital lives. That’s why we must rein in the data brokers

In 2019, it’s time to stand up for the right to privacy—yours, mine, all of ours. Consumers shouldn’t have to tolerate another year of companies irresponsibly amassing huge user profiles, data breaches that seem out of control and the vanishing ability to control our own digital lives.

 

This problem is solvable—it isn’t too big, too challenging or too late. Innovation, breakthrough ideas and great features can go hand in hand with user privacy—and they must.

 

...

 

That’s why I and others are calling on the U.S. Congress to pass comprehensive federal privacy legislation—a landmark package of reforms that protect and empower the consumer.

 

...

 

One of the biggest challenges in protecting privacy is that many of the violations are invisible. For example, you might have bought a product from an online retailer—something most of us have done. But what the retailer doesn’t tell you is that it then turned around and sold or transferred information about your purchase to a “data broker”—a company that exists purely to collect your information, package it and sell it to yet another buyer.

 

The trail disappears before you even know there is a trail. Right now, all of these secondary markets for your information exist in a shadow economy that’s largely unchecked—out of sight of consumers, regulators and lawmakers.

 

Let’s be clear: you never signed up for that. We think every user should have the chance to say, “Wait a minute. That’s my information that you’re selling, and I didn’t consent.”

 

...

 

Meaningful, comprehensive federal privacy legislation should not only aim to put consumers in control of their data, it should also shine a light on actors trafficking in your data behind the scenes.

 

 

This would not be the first such legislation for the US, where in June 2018 California passed its own state-level data privacy rights legislation that is more strict than GDPR and also gives people more control over their data than GDPR does.

 

California's new data privacy rights legislation legislation takes effect January 2020, and here is a thread about it:

 

In his TIME article, Tim hints that other states might also working on their own data privacy legislation.

 

 

For anyone wanting to hear more of Tim's appeal, here's his impassioned October 2018 keynote speech as well as some previous articles.

 

 

Apple CEO Tim Cook says data tracking is 'totally out of control'

Apple CEO Tim Cook: ‘Privacy to us is a human right...a civil liberty’

Apple’s Tim Cook: ‘Don’t believe’ tech companies that say they need your data

 

[Fasauceome]

He's definitely onto something with the whole "companies don't need all the data they say they do." 

[GDRRiley]

Well one of the few reasons I stuck with an iPhone is still true good cus I just replaced mine. 

Dat care for privacy. 

 

But it I seriously doubt the federal gov will do sh*t 

[Bouzoo]

It feels weird agreeing with Apple so strongly. But this is the one thing that I give them credit for, compared to all other big players. 

[Bouzoo]

2 minutes ago, fasauceome said:

He's definitely onto something with the whole "companies don't need all the data they say they do." 

I have no idea what you're talking about.

 

Spoiler

 

[captain_to_fire]

7 minutes ago, fasauceome said:

He's definitely onto something with the whole "companies don't need all the data they say they do." 

Because as far as I know, iOS and macOS telemetry data is depersonalized with the exception of iTunes and signing up for an Apple ID. https://www.apple.com/lae/privacy/docs/Differential_Privacy_Overview.pdf

 

Also, unlike the consumer versions of Windows 10, macOS and iOS allows you to opt out of telemetry. 

 

[RejZoR]

If only Apple products weren't so god damn expensive and just getting even more expensive every year. Their locking down of eco system ain't helping either. Sure privacy care is great, but when you realize you'll also have to deal with countless Apple specific bullshits, they all of a sudden aren't all that great anymore.

[Taf the Ghost]

12 minutes ago, Bouzoo said:

It feels weird agreeing with Apple so strongly. But this is the one thing that I give them credit for, compared to all other big players. 

Cook has been a weak CEO in a number of ways, but he's had a really good read of the way the consumers are moving. Probably a good bit because Apple actually uses their data for customer feedback. Apple cares about it's Brand, and that Brand requires trust with the end user.

 

But also don't let Tim get off too cleanly. This is also a business move. Google's big Net Neutrality push was mostly about Data Collection and more control for themselves. When it comes to Big Data and Apple, they don't need the revenue from it, but their competitors do. And Tim would also know a big chunk of that revenue is actually "dark money". That is, it's money that filters out from Intelligence Agency funds to buy up the data they can't collect legally, and it gets filtered through all of their contractors. Silicon Valley has to play long with the charade because their businesses don't work. Apple doesn't have that issue, being one of the most profitable businesses in human history.

[captain_to_fire]

Just now, Taf the Ghost said:

 

But also don't let Tim get off too cleanly. This is also a business move.

Obviously. Apple's depersonalized macOS/iOS telemetry data is not coming from the kindness of their hearts, it's from the fact that their business model is selling devices (Macs, iPhones, iPads) and services (Apple Music, iTunes, in-app purchases).

[DrMacintosh]

[DrMacintosh]

48 minutes ago, captain_to_fire said:

Because as far as I know, iOS and macOS telemetry data is depersonalized with the exception of iTunes and signing up for an Apple ID. https://www.apple.com/lae/privacy/docs/Differential_Privacy_Overview.pdf

Yep, the data that associates you with the telemetry is literally destroyed before it gets sent to Apple. If a company claims to anonymize your data and they don't destroy the data that links it all back to you, they are lying. 

[Billy Pilgrim]

36 minutes ago, RejZoR said:

If only Apple products weren't so god damn expensive and just getting even more expensive every year. Their locking down of eco system ain't helping either. Sure privacy care is great, but when you realize you'll also have to deal with countless Apple specific bullshits, they all of a sudden aren't all that great anymore.

Welcome to 2019. Privacy is now a luxury.

[Sauron]

1 hour ago, fasauceome said:

He's definitely onto something with the whole "companies don't need all the data they say they do." 

It's funny when his company was the first to popularize the always on microphone that's connected to the internet and saves your requests in a database.

[Curufinwe_wins]

8 hours ago, captain_to_fire said:

Because as far as I know, iOS and macOS telemetry data is depersonalized with the exception of iTunes and signing up for an Apple ID. https://www.apple.com/lae/privacy/docs/Differential_Privacy_Overview.pdf

 

Also, unlike the consumer versions of Windows 10, macOS and iOS allows you to opt out of telemetry. 

 

Except for iTunes/app store... like your viewing, app usage data, buying history, and purchases. Apple collects all the same times of telemetry as the other people. The only difference is that they want the entire pie for themselves and so only use their data internally. Still in the same abusive hyper-targeted manner that google gets in trouble for. If different in overt intensity.

 

Oh and if you use an apple device to share something (with no stipulation as to how you share it), apple grabs all the available personal information of the people you contact from your device. And reserves the right to target them for advertising as well.

 

Apple's stance is that if only they have the data, they stand to make the most profit out of it, and can dictate terms with highest efficacy. Which is true of course. 

 

 

https://www.apple.com/legal/privacy/en-ww/

 

Let's be real here people.

 

EDIT: Obviously stronger data privacy laws do need passing. But explicitly targeting the sharing of information while allowing the broad-scale gathering, as has generally occurred, merely serves to entrench the already powerful companies with a super-majority control over data analytics. So good on Tim Cook, but 'nullius in verba' everyone... 'nullius in verba'.

[Tenelia]

I think you guys (and gals) need to make distinctions between data brokers and companies making use of the data they themselves own. Additionally, even the GDPR (which is very strict) says that no data privacy consent is required for essential transactions.

[Curufinwe_wins]

56 minutes ago, Tenelia said:

I think you guys (and gals) need to make distinctions between data brokers and companies making use of the data they themselves own. Additionally, even the GDPR (which is very strict) says that no data privacy consent is required for essential transactions.

Quite the opposite. I think the distinction needs to be made between data a company 'owns' (limited solely to that which is required for a 1st party transaction, and should not be allowed to leave payment processing with any identifiable information), and data the company harvests outside of first-party transactional information. Using and abusing mass transactional data to sell groups of people as targets for advertising (even without the individuals being 'technically identified individually' is the basically same issue as directly selling the individuals.

 

It is more of an issue even (from a competition perspective), because the companies that already have the data then are in an even more privileged position to profit and abuse that position of power, thus unfairly accumulating further market and mind share (both of potential products and of total advertising) in unlimited cycle of self-reinforcement without limit. All we can currently do is 'trust' in their generosity and ethics. 

 

Like Apple (and some others) harvesting from your device the personal information of people you share anything with, on any application. Apple is not involved in that transaction (US and other laws strictly state YOU own the device, YOU own the software) and has no business being able to harvest any of that. Particularly because the other party has not signed ANY consent forms: implied, informed or otherwise.

[Blademaster91]

5 hours ago, Curufinwe_wins said:

Except for iTunes/app store... like your viewing, app usage data, buying history, and purchases. Apple collects all the same times of telemetry as the other people. The only difference is that they want the entire pie for themselves and so only use their data internally. Still in the same abusive hyper-targeted manner that google gets in trouble for.

 

Oh and if you use an apple device to share something (with no stipulation as to how you share it), apple grabs all the available personal information of the people you contact from your device. And reserves the right to target them for advertising as well.

 

Apple's stance is that if only they have the data, they stand to make the most profit out of it, and can dictate terms with highest efficacy. Which is true of course.

So this seems like more of a business move then, not surprising with their lower phone sales because of increasing prices. Apple makes a ton of cash on services, they really don't have any reason to be collecting app data or purchase history.

[Curufinwe_wins]

18 minutes ago, Blademaster91 said:

So this seems like more of a business move then, not surprising with their lower phone sales because of increasing prices. Apple makes a ton of cash on services, they really don't have any reason to be collecting app data or purchase history.

Well, they have little reason to be selling app data or purchase history (directly).

 

And none of their competitors are integrated in the same way, so any ruling allowing them to continue to harvest the data, but not allowing them to directly sell it, hurts Apple less than it does any other company. Furthermore since advertising is in many respects zero-sum (advertisers fight for percentages of mind/view share), they stand to make their position stronger by those specific policies.

For example.

Spoiler

 

If you had a Samsung phone... which of the two (google or samsung) is allowed to collect the data Apple does? Samsung made the device, but has basically no app store and dramatically fewer opportunities with which to target you with advertising (even something as simple as showing you a cash-grab game so you get hooked on it, spend money on it, and thus feed the coffers through revenue sharing).

 

Google has many more opportunities to capitalize on the investment, but if Samsung takes Android (as they are allowed to) and modifies all of those things away from stock bundling in their own phone and messaging service (as they do) does Google have the right to leverage administrative privileges within Android to harvest contact information of people you contact the same way Apple does?

 

 

The point of the two previous paragraphs are not to suggest a direct solution, or to imply that any company should be allowed to harvest all that extraneous information... but the fact that Apple operates a closed walled garden with a large, highly profitable, user base means that they are the least impacted by any of these things, and thus most advantaged.

 

 

EDIT: A second example... suppose Facebook has been harvesting the exact same information (like that of the people you contact) as we know they have. They harvest that because targeted advertising is profitable. In a situation where right now Apple and Facebook both harvest that information, moving to one where only Apple gets to harvest it gives Apple a large carrot over other companies.

[LAwLz]

5 hours ago, Curufinwe_wins said:

Except for iTunes/app store... like your viewing, app usage data, buying history, and purchases. Apple collects all the same times of telemetry as the other people. The only difference is that they want the entire pie for themselves and so only use their data internally. Still in the same abusive hyper-targeted manner that google gets in trouble for.

I am pretty sure Apple collects some user information, and only some of it is opt-out, but you can't look at privacy in black and white terms like that. What Apple collects is a drop in the bucket compared to what other companies like Google and Microsoft collect.

Apple saving your search history on iTunes does not make them the same as for example Google who saves the location of WiFI networks so that they can track user location accurately even when the GPS is off for example.

 

Privacy is a spectrum, and if Apple is 1 centimeter away from "perfect privacy", Google, Microsoft and lots of other companies are 1 mile away.

 

 

It's like going "why is Apple trying to fight bank robberies? They themselves stole a pack of gum so they are just as bad as the bank robbers from Google and co".

[Curufinwe_wins]

35 minutes ago, LAwLz said:

I am pretty sure Apple collects some user information, and only some of it is opt-out, but you can't look at privacy in black and white terms like that. What Apple collects is a drop in the bucket compared to what other companies like Google and Microsoft collect.

Apple saving your search history on iTunes does not make them the same as for example Google who saves the location of WiFI networks so that they can track user location accurately even when the GPS is off for example.

 

Privacy is a spectrum, and if Apple is 1 centimeter away from "perfect privacy", Google, Microsoft and lots of other companies are 1 mile away.

I'm not suggest that Apple is worse for privacy than others, or that they are all the same. I'm suggesting that Apple is FAR farther away from ideal than reasonable, and their 'position on supporting privacy' is quite strongly convenient from a business perspective. Because clearly Apple in all of its endeavors has consumer interests at heart. We have absolutely 0 evidence to the contrary...

 

The example that personally concerns me the most (as mentioned previously) is the collection of personal information of those you contact, with the reserved right to also use that information to serve those people advertising. I know FB also does such a policy, and they got into huge trouble about being exposed to the extent of it quite recently.

 

https://www.apple.com/legal/privacy/en-ww/

 

EDIT: If I haven't made it clear yet, I am, to be perfectly honest, more concerned about the potential monopolization of data gathering than the data gathering in and of itself. And the way Apple has been pushing legislation lends itself quite well towards those behaviors, with it being by far the largest benefactor (even if not the only ofc, Amazon would be another GIGANTIC benefactor).

[Ashleyyyy]

privacy has always been a great advantage of Apple's products. 

this is the privacy setting of macOS. how simple can it be. 

[Curufinwe_wins]

2 minutes ago, firelighter487 said:

privacy has always been a great advantage of Apple's products. 

this is the privacy setting of macOS. how simple can it be. 

The privacy settings of Windows are no more complex and similarly detailed (or more) in their explanations. You can even see all of the diagnostic data that Microsoft collected through the same section of the menu.

 

The problem was that it had been proven that even selecting the opt-out on some of them didn't prevent Microsoft from ACTUALLY sending the data.

 

Having a setting.... and being transparent about what is actually going on are not necessarily linked. I am not accusing Apple of lying about what they gather... I have seen no evidence of that. But it isn't like macOS has any particular advantage in 'having the settings simply lain out'.

Spoiler

 

 

 

[Ashleyyyy]

@Curufinwe_wins the difference is the complexity. on macOS it's 4 checkboxes if you include location. how many are there on Windows?

[Curufinwe_wins]

45 minutes ago, firelighter487 said:

@Curufinwe_wins the difference is the complexity. on macOS it's 4 checkboxes if you include location. how many are there on Windows?

8, if you include location and the one that lets you view all the collected data and the one that is 'turn on voice interaction' (hidden away in its own siri preference menu with 8 settings on macOS).

 

Though the section of the permissions that is directly identical (covering the exact same conditions and permissions) to the analytics section of Mac OS (with 3 settings) has 4 settings and a delete button. So much more complex.

 

 

Again though... window's problem wasn't that the settings were hidden, or that they were unclear. The problem is that regardless of the selection, Microsoft was/is still collecting data.

[RejZoR]

I've predicted that Apple will push privacy as their "special feature". Because lets be honest, they are pretty shitty at innovations by selling existing innovations and marketing them as their own and that's showing by slow sales recently, but privacy thing is something Android is a lost cause by default. All phones are riddled with Google's junk, hoarding all your data. Even if you opt for a custom ROM without any Google framework (Gapps) you're basically removing the only benefit of Android, which is wide selection of apps. If you remove that you might just as well stay with a feature phone because selection of "clean" apps that don't need Google framework is just shitty. So, Apple clearly can pull this off. The problem is still the price. Their lowest end XR costing over 900€ is absurd, with or without the privacy because I don't think presence of Google on device is giving manufacturer a financial gain from Google. I mean, it only costs 650€ more than the phone I currently have (Xiaomi Mi5 which thankfully runs LineageOS, but with Gapps coz I need the apps)...