by Dave Moore, The Internet Safety Group
October 25, 2018
“At Apple, we believe privacy is a fundamental human right. And so much of your personal information – information you have a right to keep private – lives on your Apple devices. Your heart rate after a run. Which news stories you read first. Where you bought your last coffee. What websites you visit. Who you call, email, or message.”
Wow, what do you think of that? Apple, on their newly-designed “privacy” page at apple.com/privacy, has decided to give us a partial list of our private information that can be hoovered up by iPhones, iPads, iMacs and MacBooks.
Seriously, though, heart rate? Oh yeah, there’s an app for that. Before I got tired of counting, I counted no less than 30 apps in the Apple Store designed to monitor and record your heart rate. I wonder what my heart rate was at that point?
Some apps are designed to do even more, recording your calorie burn rate, body mass index, basal metabolic rate, resting metabolic rate, and walking activity (mapping exactly where you are and/or have been). Some can even predict your risk of cardiovascular disease, all from the convenience and privacy of your phone.
“Apple products are designed to protect your privacy,” blares the website, and, in an effort to prove that specious claim, Apple has, for the first time, set up a privacy portal designed to let you see how much of your private data Apple has collected. You can download a copy of your report and ask Apple to correct any mistakes you think are there. You can even delete your entire Apple ID and account, should you so desire.
“Your personal data belongs to you, not others,” the website continues. “Whether you’re taking a photo, asking Siri a question, or getting directions, you can do it knowing that Apple doesn’t gather your personal information to sell to advertisers or other organizations.”
When it comes to global mega-corporations like Apple, carefully crafted statements like these have been written and vetted by armies of lawyers, and they usually mean exactly what they say. In this case, Apple is saying they don’t sell your personal information to third parties. Instead, they take a different route with your personal information.
They give it away.
Apple is never going to tell you they give away your private data, but that is, in fact, what they do. How, you may ask, does Apple give away your personal information? They give it away by allowing third-party app developers to take it. It’s not so much that Apple is gathering up your data and selling it, but they have created an environment that allows other companies to harvest your information and do who-knows-what with it. Again, it’s not so much Apple that’s the problem, but what Apple app developers are allowed to get away with.
You may recall in July of this year when, in response to the Facebook Cambridge Analytica elections scandal, Congress’s House Committee on Energy and Commerce sent letters to Apple and Alphabet (Google) asking pointed questions about their information privacy policies. A month later, this is what Apple had to say for itself.
Question: “Please provide a list of all data elements that can be collected by a third-party app downloaded on an iPhone…” Answer: “Location services. Contacts. Calendars. Reminders. Photos. Bluetooth Sharing. Microphone. Speech recognition. Camera. Health. Homekit. Media & Apple Music. Motion & Fitness.”
Question: “What limits does Apple place on third-party app developer’s ability to collect information about users or from users’ devices? Answer: a very obtuse, long-winded, beat-around-the-bush self-aggrandizing non-answer, which pretty much side-steps the issue and places all blame and responsibility on app developers and phone users. Finally, we come to this nugget of actual information: “Users are free not to agree to provide developers with the data requested by the developer… ”
Well, we all know what happens when you don’t agree to the “agree or don’t use our stuff” agreement, which nobody reads, anyway: you don’t get to use whatever it is you’re trying to use.
The rest of the reply is more evasive blah-blah nonsense about what apps should do, until we come to this stunning disclaimer as to what’s really going on: “Apple does not and cannot monitor what developers do with customer data they have collected, or prevent the onward transfer of that data, nor do we have the ability to ensure a developer’s compliance with their own privacy policies or local law. The relationship between the app developer and the user is direct, and it is the developer’s obligation to collect and use data responsibly.”
I suppose Apple thinks Congress is buying their shady explanation of what is a very serious issue. My question is: are you buying it?
Dave Moore has been fixing computers in Oklahoma since 1984. As founder of the Internet Safety Group, he also teaches Internet safety workshops for public and private organizations. He can be reached at 405-919-9901 or www.internetsafetygroup.com