This thread got a bit off-topic, and into discussing Apple’s stance on privacy in conjunction with their deal with Google. But it’s an interesting discussion, so I though I’d move it over here!
One of the questions that started it, was (paraphrased) whether or not Apple “cares about the privacy of its users”.
I think these are some important nuances to Apple’s decisions surrounding privacy:
Sometimes Apple will make something more private because they hope it will be a selling point. I don’t mind that at all! That’s “just as nefarious” as them making something good because it will sell.
Other times, Apple will make something more private that just so happens to benefit Apple and harm their competitors. A good example here, is them locking down the NFC chip on iPhones. (Here’s a good post discussing this.)
And sometimes they’ll do something that benefits them even though it’s bad for their users’ privacy. For instance, they don’t mind tracking us to serve us ads, as long as they’re the ones doing it.
And the billions they accept from Google, to make their search the default in Safari, is another example of the latter.
If Apple really cared about our privacy, they would of course choose a default that doesn’t track us - like DuckDuckGo. And it feels a bit hollow when they’re like “Yeah, we care about your privacy - but not like not-accept-$20-billion-for-free-care, you know!”
So, while I do think “privacy” is an argument for choosing Apple products, I think they’ve proven that they don’t care about our privacy. Whether or not that matters, is a different question!
They support user privacy when they see it in their financial and branding interests to do so. So they’re generally better than other big tech companies because they have different business incentives. But it’s not a hill they’ll die on. They’re not the EFF or Signal.
Well put. I like to think of it in the sense that there’s a very broad set of often conflicting interests which push the creation, maintenance, or removal of features in any business and there’s a finite number of priorities a business (or part of a business) can feasibly focus on at any given time. Privacy is probably higher in the sorted list of priorities than other companies but not in the way Signal does.
I would say most large companies actually have a huge privacy (but it often this goes hand in hand with security) incentive in the form of not being liable for data. i.e. Google does a pretty good job of end to end encrypting things and I’m vaguely certain was doing so before Apple did.
At the end of the day though, it really comes down to the business models at play. Most places where Apple can provide “privacy” they can without any loss whereas an ads based would have such a feature fly in direct opposition of continuing to earn money.
Apple’s current privacy policies are the minimum acceptable for products I will voluntarily use in my personal life. Yes, I actually do read a company’s privacy policies before deciding whether to purchase and/or use a product. Who has access to and what my data is used for is far more important to me than flashy new features.
No one was surprised that, when faced with a choice of compromising user privacy or leaving China, Apple turned over all their iCloud data and the keys to decrypt it.
The post was written in a context of Matt discussing payments on the iPhone through the NFC chip - so I get that it might not be super clear on it’s own! I’ll explain:
Apple is locking down the NFC chip (which also just happens to hurt it’s competitors in the payment industry) because it’s “of course” impossible to give that access in a secure and private way. Also, it’s not a big problem, because Apple Pay is good. (Which it is!)
Matt then draws a parallell to password managers: Because while iCloud Keychain is good, things like 1Password is absolutely more powerful. And things like Bitwarden is open source, and both of them cross-platform. And if third party password managers didn’t already excist, it’s not hard to imagine Apple not allowing them due to privacy concerns. (I mean, what’s more private than all your passwords, and all the other stuff you can save in your vault!)
And going back to Apple Pay: It is good, just like iCloud Keychain is good. But how could could payment be on the iPhone (Apple Pay or others) with competition?
My point about governments enforcing privacy is that companies will not. Despite the best intentions of some companies, it just takes one to start an arms race, as we are currently seeing with the introduction of gen AI tools everywhere, even though they are not ready for prime time (what is the best glue to use with pizza by the way?).
Governments, being made of people, will exhibit similar faults and foibles. It is an imperfect system for sure.
But as we’ve seen time and time again, companies can not be relied upon to regulate themselves.
I don’t know if this is an English expression (but it is in Norwegian), but it’s kind of like how the government (hopefully) has “monopoly on violence”. They have to be watched not to abuse it (preferably through a functioning democracy) - but it’s probably better than the alternative.
I’m personally a big believer in regulation. Instead of crossing our fingers and hoping our tech overlords does the right thing, why not elect people to enforce that they do them?
How motivated are governments to protect the public from corporate privacy abuses when law enforcement and intelligence agencies can simply purchase data from data brokers in order to bypass restrictions on their own abilities to collect that same data?
When one “agrees” to terms that allow sharing & selling of personal data to third parties this may be part of what is inadvertently agreed to.
I’m not particularly hopeful that citizens will elect enough politicians who are willing to effectively regulate these valuable sources of intelligence.
