I'd like to think I'm one of the good guys here. I was one of the inventors of RSS and Atom and worked to push open content and social media.
I started a social data search platform named Datastreamer (http://www.datastreamer.io/) which is basically a petabyte-scale content indexing engine.
We provide API feeds to search engines and social media analytics companies needing bulk data but don't want to have to build a crawler.
For the last 5 years we've had major problems with customers coming to us asking for data which we felt was unethical (at best).
We actually had Saudi Arabia approach us... It was clear that they were intending to something pretty evil with the data.
Their RFP questions were a bit frightening:
- can you track people by religion?
- can you give us their email address?
- can you provide their address?
- can your provide their ethnicity?
- can you provide their social connections?
We're actually losing business to other companies that are performing highly unethical and probably illegal techniques.
We just can't compete with data at that type of fidelity.
If you're a researcher and you want to access bulk data for combating this type of non-sense WE WILL PROVIDE DATA AT COST. We can provide up to 1PB of data but for now we have to charge for the shipping and handling of that data. We're reaching out to some other companies like Google and also the Internet Archive to see if we can provide more cost effective solutions.
I'm working on more tools to give the power back to the users.
Polar (https://getpolarized.io/) is a web browser which allows people to control their own data. The idea is that I can keep a local repository of data and eventually build our own cloud platform based on open systems like IPFS and encrypt the data using group encryption.
As a person living in the current world, I want to thank you for both standing up against these kind of requests, and for leaving money on the table, which other companies like Cambridge Analitica easily grabbed.
I don't know if there's any way for people/companies like you to defend against unscrupulous companies.
>We're going to need platforms that support group encryption and better security for apps.
Definitely. Though I also feel we need to give a shock to public awareness of just how evil people can be with this data. My perception is that people are trending towards "vaguely uncomfortable" with the news of foreign interference with targeted ads, election hacking, and so on, but we've a ways to go yet before most will give up supremely-engineered convenience in exchange for security.
As long as the modern world is democratic and the voting populace is subjecting itself to targeted manipulation by data-armed bad actors, we have a problem of not just national security, but international security.
Maybe some vigilante can create a website where you can type in anyone's name and it connects to these apis, server-side in a sovereign territory, then spits out redacted info about every facet of that person's life so you know it's legitimate and then get a few big news orgs to pick up the story about tech companies abusing data or something....
After the Cambridge Analytica news broke, I thought about writing an amnesiac evil quiz app that did all the CA stuff but then once the user was done, it told them exactly what it did as a way to educate people as to what was possible (and forgot everything it learned once the point was made). This way the evilness is restricted to the person who owns the data (and thus isn't really evil).
I do think there's potential in something along these lines, but I agree with child post that it would need to be done carefully so as not to cause collateral damage. The other question in my mind is how to market it such that people get their friends using it and thus spread the word rather than panicking and reporting it.
So the data is out there and nefarious people are going to be nefarious... but I'd be concerned that such an offering would lower the barrier to entry enough that terrible neighbors might blackmail each over by finding such information. I think a more reasonable approach might be to build up such a service behind a auth lock, execute it for yourself and a journalist and send those two reports and the tool to the journalist.
And people wonder why I've argued that, at some point, IT needs to be a certified and regulated profession like lawyers, doctors, engineers, nurses, pilots, accountants, electricians, plumbers, teachers, etc. If the future is going to be built using software and data, it's probably going to be essential that the general public have some agency -- public or private -- to safeguard the public interest.
It takes years of dedication to be a professional electrician or plumber, but anybody off the street can build an application that aggregates personal information and isn't subject to any sort of regulation or oversight or system of professional ethics.
That doesn't just safeguard the public. It also safeguards the employed individuals when they say, "No, that is not allowed under the ethics of my profession."
This isn't about "let's make the government save us," it's about creating a legal framework to protect the interests of the public and give ethical considerations in data management and software design some legal backing.
That won't help even a little bit in this case. That's like trying place the responsibility to reduce the amount of garbage generated on those who drive the garbage trucks. The decision to engage in the bad behavior usually doesn't come from IT staff or engineers, it comes from management. Hold the leaders of these organizations responsible and you'll see the problem fixed real quick.
Why not? The decision first comes from management, but engineers are the ones who implement it.
I think things would change pretty quick if engineers responded to such requests with "I can't do that, because my professional association would remove me from their membership, which would revoke my license to write software in this country at all".
That's how (AIUI) law, medicine, (real) engineering, etc., work today.
Unless you've got a legal/regulatory structure to enforce it, it can't work. And there is absolutely no will on the part of corporations or Congress to do such a thing as it runs contrary to their interests. Even if it were feasible, software development is one of the easiest things to jurisdiction shop since it can be done anywhere. So unless you further mandate where the development must be done, it still won't work.
Keep in mind that most law/medicine/engineering work has some local component anchoring it to local laws. (i.e. currently, someone typically needs to be 'boots on the ground' in the jurisdiction to provide the service) Software doesn't have that.
(edit: obviously, this is a U.S.-specific view of the situation. Other countries may not have the same issues)
1) Maintains a membership list
2) Maintains a list of software which is signed off on by members
3) Browser/OS/etc utilities which refuse and/or warn when trying to run software not in the registry
4) Member expulsion if registered software is found to be nefarious
This is basically the system Apple/Microsoft/Debian/etc/etc already use for official software distribution. We just need the organization to move out of their walled gardens.
The big leak here is users which have to use resources they don't control. I can imagine an IaaS company which won't run software unless its in the registry, and then companies can boast that your data is 'safe' (or at least not nefarious) because they run in this kind of environment.
“I can’t prescribe you this drug because it’s more expensive than the generic one ... despite their sponsoring me and my family to their annual conference in the Bahamas.”
“I can’t recommend this additional procedure for you despite it making me $8500 in a day.”
Regulation doesn’t seem to influence for profit medicine much.
How about also give citizens unrestricted access to their medical files through an online platform (possibly government maintained or possibly insurance maintained, or possibly self-maintained see below...)?
The whole conversation is logged or perhaps converted speech2text as they discuss, and both patient and doctor sign each statement they make. Then both doctor and patient have a copy of their interaction.
Any poor advice is now provable to a third party (say court).
I generally like the idea— it's probably a sign of maturity.
I'd add that it would be nice to be able to operate outside of certain fields and certain types of operations without that level of certification.
For instance, freelance web devs, small business software employees, etc who aren't dealing in things like personal or trivial data could continue operation. For example: you don't need to be a doctor to be certified in first aid, or even administer first aid—but you likely wouldn't attempt an invasive, life-threatening surgery.
I'd also like to see—if that kind of regulation were to pass—the inclusion of some kind of grandfather clause that would include the ability to test without formal education.
The reason being there are very many highly capable developers/engineers in the field who don't possess the exact formal background—and in many cases came from other formal backgrounds.
I'd definitely hear arguments for not requiring education at any time, but to keep it on par with the other professions you listed I'll leave it as is.
This might not be the thread for a larger discussion on this—because it seems like it would be a larger discussion. An interesting one, though...
Implementation seems like it would be a challenge, but then again I don't know the stories behind who more modern professions like electricians were regulated. I imagine that field grew much more slowly.
I agree, what do you think about some enforceable "do good" prior consent laws, in the same vein as scientists trying to do research on humans and requiring prior consent, where if you are caught being unethical towards the people on the other end of your work product, then there will be sanctions and steep penalties equal to how severe the work is judged against harming human rights etc.
How do you modify the above idea if you think it has merit?
"I'd also like to see—if that kind of regulation were to pass—the inclusion of some kind of grandfather clause that would include the ability to test without formal education."
Why not have some sort of certification process you can do while working that holds the individual accounts to the values of being unethical and will have consequences for not adhering to, at all levels like on the scale of GDPR violations.
Also there should be steeper penalities against companies acting in bad faith, similar to GDPR for human rights. Thoughts?
> Why not have some sort of certification process you can do while working that holds the individual accounts to the values of being unethical and will have consequences for not adhering to, at all levels like on the scale of GDPR violations.
Oh with regard to this one, I don't think my wording was clear. I meant with regard to testing or challenging to be certified without having a formal CS/related background. As: a doctor would have to have an MD to practice as a doctor amongst other certifications— I was contending that an explicit CS degree may not be an optimal equal designation for practicing software engineering/research, as it were. As a background— there are many talented and influential researchers who would be cut out of practicing if the line were drawn at a reputed CS degree. Aligning "software practice" (for lack of better wording) hard with a CS degree might be poor bounds for the field.
But I definitely think I agree, at least on a high level with what you're proposing. I hadn't considered it. Good things have come out of research using the large amounts of data available, so it should continue. But there definitely should be some sort of bounds and method for accountability. Also would include a special permissions and appeal process. There's I'm sure a lot of cost/benefit judgement as there is in many scientific experiments (there's seemingly a great deal of that in biological testing).
And you also might restrict certain entities from performing the research and instead be compensated for their collected data by a reputable research group. Said group can produce the hard/applied research, patents, and license them to groups to use them.
Yeah we are in agreement, background in CS doesn't matter for practicing or entry to field, only your work product would be held to some sort of ethical standard.
Maybe this would also undo some of the effects of outsourcing/offshoring US coding practices due to the need for ethical compliance (at the very least in mission critical systems e.g. vehicle software, hospital software, etc)
And people wonder why I've argued that, at some point, IT needs to be a certified and regulated profession like lawyers, doctors, engineers, nurses, pilots, accountants, electricians, plumbers, teachers, etc.
Awesome idea. The same governments who are sending RFPs to burtonator's company will then have the ability to decide who is even allowed to work in the industry.
How exactly do you think bridges and buildings are built? Who do you think operates the state bar for lawyers? Who do you think operates public school teacher certification?
Looking around the room, I don't see any bridges or chalkboards or courtroom paraphernalia. I see a personal computer. How exactly do you think the machine you're typing on was built?!
Do you want to go back to the 1970s? Because this is how you get back to the 1970s, when only a rarefied priesthood had access to computing power.
Don't expect to accomplish that without encountering strong opposition.
Very true. A "morally flexible" lawyer still has disbarment and legal sanction to worry about, and this may provide a natural balancing force against illegal or immoral client requests. A morally-bankrupt programmer has almost none of those strictures or formal obligations.
>> anybody off the street can build an application
No they can't. The closest is they can steal(copy/paste) portions of other people's applications, change some text, and attempt to take credit for them.
Also, we do have agency(private) that you suggested. Developer certification programs exist for nearly every language and platform. They aren't very popular. Red Hat will certify you as a java developer for JBoss, Oracle will certify you as a java developer as well. If you can't write code, but still want to feel geeky and have a career as a waiter, you can go get certified as an "ethical hacker" too.
There is no shortage of agency - employers and consumers simply do not care, and by that, I mean they do not want to pay(higher prices) for it.
PS: You can go be an amateur electrician or plumber today, without breaking any laws. However, if you'd like to touch private/public power or water/waste infrastructure, then you need endorsement. It's not illegal for you to hire me(a total amateur at those 2 trades) to both wire and plumb the new house you are building. The awkward moment will be when the water and power company refuse to connect your house, because the work I did was not the work of a licensed electrician or plumber. I understand the spirit of your analogy, but it doesn't translate as well with IT. For that analogy to work, then private/public internet infrastructure would have to refuse to inter-operate with your software if you didn't meet their licensing/certification standard.
I don't think regulation is necessarily required, but I think consequences are... and serious ones at that. Data misuse and "oopies" data breaches by shady companies that were about to go out of business are actions that should be seen as malicious and come with serious penalties. Judges aren't the best at tech stuff but if they're lacking we (techy people) should help inform guidelines and let the justice system do its job here.
What about having a designation that is independent of any one profession, but possibly applicable to any or all of them? It could (and probably should) be administered by a self-regulating body. Any government or NGO would be allowed to require work product be fulfilled by professionals holding this designation at their choosing. Something like "Privacy-first Professional".
First, thank you so much for the work you've done with RSS / Atom. I implemented it (and my own static site compiler) myself from scratch on my own personal site and it took me very little time. The only little trick was figuring out absolute vs relative paths.
Second, I've been fighting for regulations for over three years and I'm getting somewhere, but I'm also starting to think that we need technical solutions to many of these problems. One of the things I see as a problem is that people always want more, but privacy and security often require less.
For example, old charsets only supported Latin characters. With the introduction of Cyrillic characters many assumptions started breaking.
Each time I try to think through how to make the web / internet simpler I realize that it either requires pushing the complexity onto people unprepared to deal with it—an English speaking daughter may want to copy and paste her Russian mother's Cyrillic name, say—or it fails to handle the use cases we need it to handle.
I know this seems kinda abstract, but do you ever think about that interplay? Are there any insights or anecdotes you find useful?
> We're actually losing business to other companies that are performing highly unethical and probably illegal techniques.
And you always will. Principles and money are often at odds. This is not an easily fixable problem as the well-intended solutions often cause more problems. Enforcement of existing statutes and accepting legal-yet-unethical practices is unfortunately the most rational approach.
> We just can't compete with data at that type of fidelity.
Only in a situation where interminable growth is required in a race to the top. Otherwise, there's room for everyone and that's why there are thousands of software products that "compete" just fine. The key is just making sure there are platforms that allow everyone to build everything.
If they have a better product, so be it. But I'm not convinced that more engineers and more R&D necessarily lead to that, nor am I convinced that smaller, more niche products are always choked out. If that were the case, we'd only have huge companies and a bunch of choked out entrepreneurs. Rather, a bunch of us out here with small companies are doing just fine. Definitely not a give up situation like "we just can't compete". That mentality gives rise to nuclear options with unintended consequences.
This is very true. I have been a paying customer of Fastmail for many years, and in my opinion, they are the best in the industry and very small to boot.
OpenBSD is yet another example of a small(ish) team of people making some truly great software. On the Windows side, Fookes Software comes to mind, again small operation, great software.
As an engineer who used to work for other firms I would work at a significant pay reduction to do fulfilling work. Companies who have shady business practises are a significant turn off and I doubt I’m the only one.
Now as a manager who has to hire I find it pretty straightforward finding passionate people to work with me simply because the work is compelling.
It’s a matter of getting your story out as the ethical data mining company, or something :) you’ll find like minded clients and employees do exist and that being ethical can be a competitive advantage too.
Despite your intentions, I don't think it's possible for you to be one of the good guys. The mass collection and aggregation of the data in the first place is the problem, not merely a few bad actors downstream.
It's very easy to assign blame in hindsight. "Web 2.0" (i.e. data aggregation) was a fantastic tool and most of us did not have the imagination to see how it would be abused (just as any tool can be abused).
It was very easy to see where this was going from the very beginning and many did raise red flags but were largely disregarded because... FREE! There was plenty of user generated content for decades before Facebook/Google/etc came along (i.e. mailing lists/Usenet/forums/wikis/etc.) and one of the ways some chose to mitigate the risk was behind pseudonyms etc... which the big data collectors/aggregators have a problem with. Those who started requiring 'real names' and other personal details who then integrated disparate data sources to build profiles on users knew exactly what they were doing from day one... it's always been their business model.
That said, I have no issue with anyone who voluntarily trades their personal information for access to a service. That's their choice to make. But it also seems reasonable that there be full disclosure as to the scope and scale of the deal they're making so they can make an informed choice. This isn't even remotely the case today.
Ultimately, I think there are far too many actors involved to rely on the ethics of third parties to protect your privacy. If Saudi Arabia wanted to track down gays and apostates by mining the same data you did, they could do it themselves.
The first line of defense against this is, and always will be, not publishing so much information about yourself. They can not mine what you do not provide.
We can argue all day about the ethics of the conduct of companies and states looking at these data, but it's a non-issue if the data simply don't exist.
Even if you publish nothing about yourself, information will leak. Some of your friends will post things about you... for example they have a photo together with you, will upload it to a social network, enter your name, provide a date and place for the photo... with enough photos with your name, the social network can make a guess about which other unnamed photos contain the same person... and gradually a profile on you is being built.
And it will only get worse, as more data will be shared by other people. Soon the streets may be full of people using cameras all day long, just because it allows them to make cooler diaries or blogs, and then the data companies will get universal surveillance.
The only way to keep privacy will be to have your face covered in public (but hey, that will be made illegal, because terrorism or something), or avoid public places completely.
Disclaimer: I use Apple products, and trust them slightly more than anything Google/FaceBook/startups because they don't have a business front selling my data to advertisement companies or 3rd party miners(as much as I know of).
But, I'm baffled by this PR as if they are the privacy messiah. Didn't they just sellout their Chinese users icloud data to the Chinese government?
Yeah. "It's the law, and Apple has to obey the law" is an argument, but here is a company that is willing to compromise their user's privacy in order to be able to sell phones in China. So, if US govt finds a way to say "it's the law" to reveal user data, I'm sure they'll bend over. This grand stand in media is just sickening and theatric.
I struggle with Apple's China situation as well, but the more I turn it over in my head, the more I think it's that Tim is pulled between two parties:
1) His team + Apple Directors that I firmly believe, both in words AND in their action, are strong proponents of privacy of the user
2) The Apple Board + Sharedholders that would revolt if the privacy principles from (1) prevented access to a market of ~1.4 billion people, and potentially gave a competitor like Huawei a further leg up.
In this scenario, I don't see it as "grand-standing," but more of a necessary public act that US should move more in the policy direction of the EU, in spite of steep lobbying from most of the Valley / FANG group that would benefit from less-strict privacy regulations.
Yes, I agree that there is a nuance to it. But, if they said "We'd like the United States to stand up for the privacy of its citizens and create a law like that if GDPR. Apple is in full support of it because it helps our business too(it is our competitor's weakness)" I'd agree that they are talking the truth. But, writing that we "absolutely" care about your privacy, and that "caring for privacy is in our DNA" and so on just to turn around and give up the same principles to an authoritarian government(one that is building Social credit system nevertheless) is just plain hypocrisy IMO. I know several American and European friends that trust Apple as if they're infallible, and will protect their data in a war. That's what I think is wrong. Apple will give up its users, DNA, principles if there is enough money to be made or leverage to be taken.
I'm not sure I agree that it IS hypocrisy: if you want to operate in a place for business, and you have no choice (i.e. my point about Apple's Board + Shareholders,) you can rail against the policies in public as much as possible and hope that the law favors your principles.
That's what Tim Cook is doing here: hoping the US doesn't go in the direction of an authoritarian government, and lobbying as much as he can to prevent that. Imagine if the US adopted a similar law or set of policies that required "backdoors," or data pooling (a la social credit system) - what are his choices?
1) Not operate in the US? Not realistic
2) Ignore them and pay hefty fines up the whazoo? Maybe for a short period of time until Shareholders revolt or the Feds push to start pulling some folks in court.
You can make this exact argument for Google or Facebook or anyone else. Simply bringing up "evil shareholders" doesn't absolve any company or individual from criticism.
I think you misunderstood my argument - apologies for not being clearer.
There is a difference between a company's _incentives_ to do something that is permitted by law - for which I would agree that said company is worthy of criticism to a reasonable extent - and that which a company is _compelled to do so by law._
My point was that Tim Cook's speech was largely to prevent scenarios that would lead to law-makers wanting to create laws like the latter. And Apple _should_ get credit that they have a bunch of incentives to collect user data at will, like many other tech companies, but explicitly avoid that as company policy.
In the case of Google, I thought a handful of people had controlling interest. (Just Larry and Sergei?) Maybe similarly for Facebook, I haven't checked.
When thinking about this juxtaposition/hypocrisy, we should also consider the differences in consequences wrt collecting data for advertisement use vs giving data to an oppressive government.
I've posted this a number of times before but it's apparently not common knowledge (and for good reason Apple doesn't seem to talk about their situation in China often). Apple's position in China is completely consistent with the rest of the world.
In filings to a court during the FBI legal fight, Apple addressed this topic head on. The reason it was brought up in the first place was because national security establishment water holders were putting out the idea that Apple makes exceptions for China, and the Department of Justice parroted it [1].
From Apple's filing [2]:
>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.
and a declaration from Craig Federighi personally [3]:
>Apple uses the same security protocols everywhere in the world.
>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.
>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.
>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.
That was a few years ago, but Tim Cook basically reaffirmed that a few weeks ago in this interview with Vice [4]. The new law means Apple's Chinese iCloud data needs to be stored in local data centers, but Apple continues to maintain sole control of the keys. Whether you believe them or not, or whether you think that's a meaningful distinction is up to you. But end-to-end encrypted services like iMessage or iPhones itself, remain so and are still unblocked in China.
You might be wondering why Apple seemingly gets an exception when services like WhatsApp are blocked. The answer should be obvious: Apple being an old-world company that still makes products in meat space, (indirectly) employs a lot of people in China. That gives them leverage that other companies don't have.
So they have to comply with certain Chinese laws such as taking down the NYT app, VPN apps, being unable to operate iTunes Books or Movies in China, etc. But that's a small price if it means their core products remain uncompromised.
> That was a few years ago, but Tim Cook basically reaffirmed that a few weeks ago in this interview with Vice
At that time they were also storing iCloud data on their own servers, correct? To save myself and others from having to watch the Vice video, what did Tim Cook say that reaffirms no blanket Chinese government data access (honest, not sarcasm, I did not watch it)? Why are public statements about privacy always about the US or EU but never China? Surely the lack of consistency/transparency is clear here and causes mistrust.
Be open and honest to your users you claim to care about and there's no problem. Just simple statements like "We have privacy concerns with [insert country here]" or "We aren't allowed to talk about privacy concerns with [insert country here]" or "We do not give blanket data to [insert country here]" or "Although we follow the rules, we disagree with [insert country here]", etc would go a long way. Or continue to be secretive and hidden and anti-user.
>Why are public statements about privacy always about the US or EU but never China?
As much as Apple/Cook may believe privacy is a human right, and have seemingly extracted some important concessions regarding their products, they aren't going to shoot themselves in the head so everyone can feel good about Apple publicly standing up to the CPC. That's a job for governments (the recent efforts by the Trump administration to reset the relationship with China is a good example).
Had to watch with CC on, no audio for me atm. But he is saying the encryption is the same around the world and they own the keys. I'm afraid this doesn't allay fears of blanket data access. But a simple public statement on Apple's website like "we only provide icloud data on per user requests" or "we do not give the Chinese government large swaths of data". Or how about something as simple as "We disagree with the lack of privacy laws in China and the US and the [insert other country here]"?
What does it say that you had to link to segment of a YouTube video of an HBO show for Apple's policies left open to interpretation? To me the lack of clarity is 100% indefensible and not worth twisting your personal ethics to do so.
> so everyone can feel good about Apple publicly standing up [...]. That's a job for governments
Only in some cases where it benefits them. In other cases, they absolutely stand up. It is blatantly obvious that their principles are based on borders and are inconsistent here.
>Only in some cases where it benefits them. In other cases, they absolutely stand up. It is blatantly obvious that their principles are based on borders and are inconsistent here.
It's your prerogative if you want to continue to insist they're being hypocrites. I don't need Tim Cook to be a saint, I'm happy with the practical wins they've managed to maintain.
I like Tim Cook, I think his heart is in the right place and as much as a corporation can, Apple generally does the right thing.
I was having lunch with several lawyers at my company a few weeks ago. One of them was talking strongly about quality devices and Apple’s strong privacy stance. He literally said that we as a society should be grateful for having Apple.
Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a competitive edge, and does not necessarily reflect his own opinion, he is speaking to benefit the company.
Of course, it's very nice that Apple made the decision to pick this edge, but they did it because they could not compete with Google on web services. So now they're publicly speaking to try and take the sting out of Google's edge. And that's healthy competition, the direct result will be that the consumer benefits, and I can agree we can be grateful to have these powerhouses fighting for our satisfaction.
> Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a competitive edge, and does not necessarily reflect his own opinion, he is speaking to benefit the company.
That's my favorite thing about it: I trust their motives. If Cook were saying this but we knew that the board was getting pissed off about it, I would worry that it was just a matter of time. But Apple is making billions by protecting its users' privacy, investors are raking in cash, and I'd bet the board is thrilled with this. That makes it much, much less likely that they're going to announce one morning that they're abandoning privacy and going all Facebook.
That makes it much, much less likely that they're going to announce one morning that they're abandoning privacy and going all Facebook.
One other thing that I'm trusting to keep them from "going all Facebook" is that privacy is the only thing making them something other than "me, too". The day they jump in with the rest is the day I clean out a house full of Apple gear, and I'm pretty sure they know that (or likely more accurate, the day I quit buying more Apple gear).
Apple's virtual assistants, mapping, and other services are arguably inferior to other offerings. I trust they won't bail on their one distinguishing feature.
> Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a competitive edge, and does not necessarily reflect his own opinion, he is speaking to benefit the company.
Of course. This is how all companies work. I just really like that this competitive edge exists in the first place. If this competitive edge exists and works, it might actually be stronger as Apple can continue maintaining this stance in the future.
Although I'm not a big Apple user myself (I think/hope I can defend myself enough on other platforms that have a lower cost of entry), it's nice that you can point to iPhones if people are asking for on which they can take reasonable ownership of their privacy without needing to be very tech savvy.
I'm always baffled how even the tech-literate crowd here continues to give Apple a pass. This is the same Apple that gave up its encryptions keys to Chinese government for the servers located in China. If it actually had user's privacy in mind, it wouldn't give those up.
I think that’s an over-simplistic view. Failing to adhere to Chinese law would mean exiting the Chinese market. If the US passed a similar law, Apple would be forced to comply with it (although they would at least have recourse through the courts to eventually show that such a law was, perhaps, unconstitutional).
Sure, but when you make blistering attack on "data industrial complex" and advocate privacy, you are held to the golden standard in the entire world.
I personally believe that Apple complied to Chinese government's demands is because their bread and butter is in that country (the entire manufacturing of hardware devices).
Okay, Apple caved to save their bread and butter; I'm not nominating Apple for corporate sainthood. However, they are not building a business model based on exploiting our data. They should get credit for that and be allowed to point out the problem with that kind of business.
No, just observing the hypocrisy in their pro-privacy statements. Or is it that privacy of Chinese users is not worth the same as that of wester users?
So, maybe don't say hypocritical statements like this? Google's and Fb's core business is ad-tech. Do they have a choice when it comes to data-collection? (I say this as someone who has uninstalled both Messenger and Fb app)
> Failing to adhere to Chinese law would mean exiting the Chinese market
So? Failing to adhere to ad-tech needs would mean exiting the ad-tech market. Did I miss the other company CEOs' blistering attacks on the "Chinese anti-privacy cooperation complex"? Can we at least admit, since violation of privacy by chosen market is a choice, that Tim Cook is a hypocrite?
Why is that hypocritical? Apple does not require that you upload personal data to their cloud, and Apple has no say in Chinese law.
Additionally, Apple's participation in the market (or lack thereof) would have no impact on Chinese data privacy laws, but participation has positive global effects through economies of scale and R&D revenue.
A real hypocrite would actually have to enable oppressive behavior... selling data mining technology, surveillance cameras, etc.
> Why is that hypocritical? Apple does not require that you upload personal data to their cloud, and Apple has no say in Chinese law.
They have a say in whether they are complicit. That they choose to operate in that anti-privacy market while demeaning others choosing to operate in their anti-privacy market is hypocritical. Could be considered worse if you factor in the consequences of that data.
> A real hypocrite would actually have to enable oppressive behavior
We disagree on whether providing technology for oppressive behavior is "enabling" it.
You are right that Apple is complicit in Chinese domestic surveillance. I am not claiming otherwise.
However, a hypocrite's stated beliefs directly contradicts their autonomous actions, often with intent to deceive. China's state coercion voids any claims of hypocrisy.
Furthermore, from a privacy perspective I'd argue it is more ethical for Apple to participate than withdraw. Apple does try to provide as much privacy as possible within Chinese law, following the letter of the law and no more. Withdrawing forces people to use their competitors, which happily go beyond the law to appease state authorities.
Apple didn't hand over any encryption keys. They are stored on Chinese servers, per Chinese law.
Apple can't legally protect Chinese users from their government the way it can in this country--for now at, least. But Apple can protect Chinese users from other malicious actors.
From Apple's point of view, it was either refuse to follow the law and leave all Chinese users to the general security and privacy shitshow that is what every other phonemaker has to offer, or, play by the rules and give them something that's better in every use case except for the one where their government wants to hurt them.
Your argument is that locking your door can't stop a SWAT team from breaking into your house, therefore people selling locks don't care about keeping your house locked. It's a weirdly simplistic and uninformed argument coming from someone who claims to be tech-literate.
Apple is also the only major computing player that doesn't make its revenue primarily off of mining and exploiting user data. Maybe Microsoft, too? Certainly the rest of FAANG have huge financial temptations to misuse their data.
So Apple is the one big technology player whose interests are most closely aligned with the consumer in terms of supporting data privacy.
Amazon, fwiw, has giant revenue streams (AWS, retail) that they can pile on the privacy bandwagon and attack Google / Facebook / rest of the shitty adtech. In fact, it would be great if Apple, Microsoft, Amazon, Mozilla et al all combine their forces and propose strong privacy friendly regulations.
Amazon has gotten into the advertising business [1] and I believe are growing quickly. I find it a disturbing move on their part; I have to trust that they're not mining my purchase history for ad targeting. If they do do so, it may be susceptible to targeted discovery. (Run ads with unique URLs for each selection keyword; everyone who sees the ad is apparently someone who bought that kind of product.) I hope Amazon is smart about the risks they take.
> So Apple is the one big technology player whose interests are most closely aligned with the consumer in terms of supporting data privacy.
That's assuming that "the user" (whatever that means) is valuing their privacy more than the free services they receive. I don't think such a statement can generally be applied to the public at large. It's great to have options (ways to pay for services/phones/etc) that don't mean you have to give up your privacy and then let users decide what's best for them, but I wouldn't make generalizations that most users would definitely prefer one other over the other.
> Certainly the rest of FAANG have huge financial temptations to misuse their data.
I don't get this. FAANG have every interest in protecting user data as their moat is products users want to keep using, which would not be the case if they started sharing user data widely.
The ability of Facebook as an engineering organization to align with their business incentives has increased over time. The Cambridge Analytica data hoovering happened in 2014-2015.
No, actually trying to "compete" by PR and stifle competitors through public pressure and new laws doesn't seem like "healthy" competition to me, you are essentially attempting to change the rules of the game because you don't think you'd win if you play the game. I mean sure, it's your right to do whatever you legally can, but it's not "healthy" competition at all IMO.
EDIT: To see the equivalent from the "other side", timagine adtech companies starting a PR war against Apple's closed garden system, arbitrary app store decisions, labor conditions (I'm sure we can find some dirt somewhere in their vast business) to get laws enacted to regulate them on what they can do and not do.
> timagine adtech companies starting a PR war against Apple's closed garden system, arbitrary app store decisions, labor conditions (I'm sure we can find some dirt somewhere in their vast business) to get laws enacted to regulate them on what they can do and not do.
This is true but Apple is also vulnerable to the same type of "political" attack. I can imagine Google railing against the evils of employing a workforce of indentured servants to assemble high profit electronic devices. Facebook could begin publicly questioning the wisdom of supporting a technocratic dictator who may be the world's worst offender of oppression through the use of data. Hopefully, Tim is going down this road with his eyes wide open - glass houses and all.
Apple sells a walled garden that controls what software you can use, forces upgrades by forbidding repairs and slowing down old phones with software updates, and sells more dongles by eliminating features and changing ports in every generation of their products.
I admit they are better than Google on the privacy issue, but should we be grateful for having an alternative that abuses us in different ways?
Each of your complaints is because of a well-designed compromise (app quality/safety; preventing abrupt phone shutdown; removing a common failure point). You may disagree with the compromises, sure.
PS: I own zero Apple devices (partly because of the reasons you have, not for the way you are misrepresenting those reasons).
Apple's App Store policies are about far more than app quality or safety. Apple has banned many apps for political or financial reasons.
Slowing down old phones without notice or permission wasn't the best response to aging batteries. Even Apple didn't deny it was wrong. They apologized, once they were caught.
And the MagSafe connector was not a common failure point.
My problem with your first comment is that you misrepresent the issues. Your second reply is worse because you introduce other different issues, without addressing the point (that Apple chooses compromises that you might disagree with).
> Slowing down old phones without notice or permission wasn't the best response to aging batteries.
Sure, it wasn't handled well, but you said that they did it to force upgrades... That is patently incorrect in my opinion. Apple are far superior at keeping old devices updated than most actors in the Android world (as a comparison point).
> And the MagSafe connector was not a common failure point.
And your original post complained that "and sells more dongles by eliminating features and changing ports". What does replacing a proprietary magsafe connector with USB C have to do with Apple selling more dongles? There are now plenty of compatible third party options available in more than one category.
My second post addressed your claim that these issues are "well-designed compromises" by disproving it with counterexamples.
MagSafe was at once an example of a port changed (MagSafe 1 to 2) and a feature removed (replaced with USB) that didn't fit your explanation "removing a common failure point". Even Apple didn't try to claim that slowing down old phones was a well-designed compromise; instead, they apologized. And there are many examples of Apple removing apps for reasons other than "app quality/safety", for one such example, see my response to sibling reply.
These are not "other different issues", these are counterexamples. They may not be the issues you thought of when you read my first post but they were some of the issues I was thinking of.
"About a year ago in iOS 10.2.1, we delivered a software update that improves power management during peak workloads to avoid unexpected shutdowns on iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, and iPhone SE. With the update, iOS dynamically manages the maximum performance of some system components when needed to prevent a shutdown. While these changes may go unnoticed, in some cases users may experience longer launch times for apps and other reductions in performance."
https://www.apple.com/iphone-battery-and-performance/
Unexpected shutdowns vs. longer app launch times and other reductions in performance. a compromise.
That's a ... highly rose-colored ... definition of what the issue was.
And if it was such a good, but misunderstood feature, why wasn't it touted as such in the first place, but denied initially, and then only acknowledged apologetically with the removal of such?
Quote the whole phrase: a "well-designed compromise". What's well-designed about secret behavior that angers users?
But it's hard to trust that statement anyway. I'd be more likely to trust them if they'd reported that on their own, instead of hiding it for a year then issuing a PR statement when users proved it was happening.
And if that statement wasn't contradicted by their behavior in shutting down phones after the screen was replaced.
"First and foremost, we have never — and would never — do anything to intentionally shorten the life of any Apple product, or degrade the user experience to drive customer upgrades."
...
They forgot to mention the "unless the user tries to repair it" exception.
> Apple bans competing apps regardless of app quality or safety.
I don't know what criteria they actually use, but this is at best incredibly inconsistent. There's heaps of competing mail apps, calendars, camera apps, photo apps, weather apps, notes apps, reminders app, messaging apps on iOS, including a Google one in most of those categories.
I know that once upon a time they banned competing apps, including Google Voice. I don't know if that behavior continues but I think it's a bit too soon to forget.
When you're replying to a comment pointing out that there are, in fact, lots of competing apps, and your comment claiming that they're still evil points to an article from nine years ago, you don't demonstrate much credibility to your claims.
I didn't say Apple bans all competing apps. They're selectively "evil". And they've faced so much outrage about the app store, and still do (for example, there's a Supreme Court case pending and a recent lawsuit from Spotify) that they are slightly restrained at the moment.
Personally, I think the MagSafe connector was bloody brilliant and I'm not giving up my mid-2015 MBP until it absolutely won't function any more, because of that feature (it's saved my MBP several times when I was a bit clumsy or forgetful).
Another reason: the multiplicity of ports and bunches of things that all use USB-A.
I tried several MagSafe-like USB-C cables and found them lacking reliability, ending up having to re-seat the connectors multiple times to get them to connect properly.
Don't think USB-C and MagSafe are a good marriage.
The reason Apple moved to the USB-C charging on the MacBook is because it no longer served the purpose it was originally for. Older MacBooks and MacBook pros were a bit bulky and heavy. Tripping on a MagSafe charger cord connected to one of these would disconnect because the friction of the laptop on its its surface was stronger than that of the magnetic pull of the MagSafe connector.
With the new Macook, however, I believe it was much lighter to the point that it would have pulled the laptop down with it upon someone tripping on the cord. It wasn't doing anything to benefit the user at that point. Because of this, they probably opted for a slimmer charging port (USB-C), and it went well with the growing use of USB-C in the industry.
I do wish they included more USB-C ports, however.
I do not know exactly the reason they opted for USB-C in the new MacBook Pro, however. I believe it would still be heavy enough for MagSafe to be effective. However at this point, USB-C is saturating the market and consolidation in their products may be a more important issue for Apple at this point.
" Each of your complaints is because of a well-designed compromise (app quality/safety; preventing abrupt phone shutdown; removing a common failure point). You may disagree with the compromises, sure."
You should add "making more money" to the factors that went into this "well designed" approach. For example I don't see how not adding a MicroSD slot is nothing other than a method of forcing people into buying phones with larger internal storage (and making more money for Apple).
A microSD slot would have slower read/write access, would take up much more room per GB, and would compromise waterproofing.
Your point about money would be better made if you just complained about the cost of larger internal storage, except then it would be obvious - Apple is profit motivated.
Supporting MicroSD is most definitely a compromise. 1. I've lost photos on an Android because I used one (I bought the most reliable brand of card I could, from my most trusted store, with quite a low capacity). 2. Also the UX is crap - I know the Android universe well, and managing the options, the files, and the apps is not something I would recommend to my mum. 3. Finally any hardware interface is a point of failure (e.g. recently I had to reseat a SIM in my friend's iPhone that couldn't connect to it).
I can see your argument re profit in the past, but it is becoming less valid as the minimum flash memory size is increasing. I have just bought an ZTE with 32GB because that is all I need (32GB is the minimum you can get in a new iPhone.)
All these arguments that Apple is trying to "nickel and dime" their users is just tiring. Sure, they charge a lot, and they love profits, but that doesn't mean they are shitting on their users (like say cellular network providers do!) Edit: ironically it is probably because they charge so much for the device and it is so profitable that they don't need to chase every cent they could e.g. they don't provide payday loans to buy their phones!
Then use open source. if there's a hardware manufacturer that you trust, then that's all you need. you can install a version of android i.e. open source and without play services (eg. LineageOS) and then download apps from a store like f-droid. (all these apps as well as the f-droid app are all open source).
Your functionality though, will be severely compromised. So the choices are:
1. Apple - hurts your wallet and your choice of apps (only the walled garden and nothing else).
2. Google - you're the product. not the phone.
3. Something else like the open source solution. You'll spend a lot of time here and will be restricted to the limited choice of apps on the the f-droid store.
So take your pic. I'm mostly in #2, with a billion or so others. I'm fully aware that me and my data are the product here, and whenever I start feeling that I made a deal with the devil, I simply tell myself that they can't know what's happening in my head. I then quickly shift focus and start thinking about something else. :P
Being in a walled garden is not a concern of most users, and it often works to their benefit. If dear old grandma can barely tell the difference between the internet browser and Facebook, I don't think I care if she doesn't have root access to her phone.
To roughly quote another HN user who I don't recall, "Not everybody wants to sysadmin their phone".
"I think his heart is in the right place and as much as a corporation can, Apple generally does the right thing."
Don't assume moral disposition when a CEO is talking his book.
Maybe Tim is really a good person, who knows?
But if Tim were the CEO of Facebook he'd be singing a different tune.
Don't underestimate the ability of CEO's to align their personal views with that of he company.
Apple is sensing blood in the water on Google and Facebook, and this is a smart, basic PR move to go on the offensive against those companies.
Now - I do think it's likely that Cook does actually believe what he is saying - so I'm not fully calling him a hypocrite or anything. But he is a business guy, and were he to be the head of a company for whom this angle would not apply, I suggest strongly he'd have a different story to tell.
When businessmen speak, it's mostly 'just business'. I don't mean that cynically, just pragmatically.
I agree with you, but is it not better that the "talking head" follow the company line rather than their own moral compass? IOW, whether the CEO believes it or not, the company's moral compass says "we're all about privacy for the time being" and the CEO speaks as appropriate to that topic. But if it's the CEO using their personal moral compass, well, that could change with the next CEO. Additionally, the CEO might say one thing, but have a board fight them tooth and nail over it.
They are trying to place themselve as the company that produces hardware versus those software guys who are after your data to complement their income. The argument here is that the hardware guy always has a proper profit margin. Always look at the profit motive, Luke! (Also they have some stake in the data business by following on those apple IDs - i would not bet on the declared principles of their chairman; also Apple is on the stock exchange, therefore under constant pressure to come out with positive growth figures)
I would phrase it differently. I am grateful for Apple, but we should not be—asking companies to have morals is like asking rain to fall upwards. Regulation is the appropriate method for dictating companies to behave in a certain way.
The market is an appropriate method for dictating companies to behave in a certain way. The market could speak tomorrow and Facebook could be finished. That users are apathetic isn’t a failure of the market.
I'm not usually one for fanboyism (and I say this as a full time Linux desktop and Android user) but Apple really do seem to be trying to do right by their customers in most cases. Certainly more than the competition. I've been considering switching for a while, but it seems the quality of their hardware and to some extent their software has slowly been going downhill post-Jobs.
iTunes wasn't fantastic while Jobs was around, either. The first versions of OS X downright sucked. The build quality and aesthetic of the iPhone X rival anything from the Jobs era in my view, and the recent improvements on mobile performance have been nothing short of amazing.
I feel like people get these rose-tinted glasses when they look back on past Apple products, like they were all 100% perfect or something. Truth is - they all had little issues, but they were still often miles ahead of their competition.
My concern with a post-Jobs Apple is not their ability to iterate on existing product lines. I'm not confidant Apple can shift paradigms and disrupt whole industries the way the did under Jobs' leadership.
Here are some things I can think of off the top of my head that Jobs had a hand in during his career:
- Created the personal computer industry (Apple Inc)
- Revolutionized the personal computer industry (Macintosh)
- Revolutionized film animation (Pixar)
- Shifted the electronic device industry to minimalist industrial design (iPod)
- Changed the entire music industry's distribution model (iTunes)
- Completely shifted the paradigm of a cellular phone and arguably began the adoption of the mobile internet (iPhone)
There are several other things people may consider visionary (candy colored iMac, getting rid of floppy drives, OSX, Newton, stuff at NeXT, tech advertising with the 1984 & Think Different campaigns, etc). I'm not even including things like the iPad, Apple Watch, Apple TV, health metrics, etc which Jobs may have been working on before his death. Clearly Jobs had lots of help along the way and is not singularly responsible for each of these things - but he's the one who oversaw and, in many cases, drove the vision.
I'm no Apple fanboy and Jobs had a very dark side to his particular brand of genius, but I find it incredibly disingenuous to dismiss the impact that Jobs had on Apple and the industry in general. Tim Cook is a very solid Tech CEO, maybe even a great operational leader, but he is not a visionary leader and my concern is that Apple lost a fundamental element with the passing of Jobs.
> There are several other things people may consider visionary (candy colored iMac
Come on. "We changed the color. Visionary!"
> - Revolutionized film animation (Pixar)
Pixar was doing lots of work before Jobs was on the scene (after seven years, when Lucasfilm decided it was successful / profitable enough on its own to spin it off) - he was an investor.
Hey man, I know it's kind of ridiculous but bringing whimsy and a bit of fun into hardware design could be seen as somewhat visionary. Before this, the boldest thing hardware manufacturers did was change the beige case to black.
Even if Jobs was still here, I'm not confident Apple could do it again. That kind of thing is hard.
One place Apple has disrupted/built an industry is with the smart watch. I was skeptical, but got a Series 2 on sale to try it out and recently got a Series 4. When I got the Series 2 I wasn't sure what I would use it for, but it's something I would miss not having now.
> Apple really do seem to be trying to do right by their customers in most cases
Another possibility is that they don't have to take advantage of their users' data because their business is largely a hardware business, with the software a loss-leader.
It might seem like a distinction without a difference but one has to consider intent when scoring individuals and companies' moral high ground.
The cringe was more related to "we as a society should be grateful to Apple".
It's an utterly laughable statement. Not surprised it upset a few worshipers of the Tech Overlords. Apple, the billionaires it produced and the people it employs should be grateful to the rest of society.
The wording is cringeworthy, but essentially I agree with him.
It doesn't need to be Apple specifically, but I'm glad we have competition. If either of Apple or Google were the only real option, we'd be much worse off than we are now.
It's a shame it's come down to a duopoly, but at least they both have something to compete on.
It would be interesting if there were a civil penalty accessible to individuals if their personal data was divulged by someone to collected it. Lets say that it was $1,000 to $10,000. And that individuals need only file a simple form with the appropriate agency naming the company, identifying themselves, and the information divulged and get paid. The amount would vary based on how detailed the information was, more detail more penalty.
So someone like Equifax would be on the hook for $1.4T in civil penalties for losing the data on 143 million customers. That would have effectively put them out of business.
If you set up such a system, then it is very easy for engineering in an organization to explain why they need to invest in the security safeguards they need, and it is very hard for product managers to argue for collecting even more detailed information. All because you have created an existential threat to the company if they screw up.
It would be interesting if there were a civil penalty accessible to individuals if their personal data was divulged by someone to collected it
If you think the business community dislikes taxes, just wait until a law is proposed that gives people a private right of action against companies that leak their data. I don't think the term "white hot" would suffice.
I think the point being made was companies would add a statement in their terms of service. As always, you would likely agree to this without reading it and one the clauses would have you waive your right to sue for damages. and then we're back to square one.
It's sad how the introduction of a new class of devices "smartphones" brought along with it a surveillance software platform in the form of Android. Where it is clear that the only incentive for google to develop it is exfiltration of as much personal data as they can. In contrast in the case of Apple you have a customer relationship with the company that sold you the device and they have an incentive to keep you as a customer without having a need to extract as much advertisement revenue as they can.
As time passes I'm more and more wary of my Android phone (even though I have only a very limited usage compared to most "connected" people as far as I can tell). I just don't trust Google at all anymore. I think my next smartphone might well be the first Apple product I purchase in my life. Not that iPhones are without problems but as far as security and privacy are concerned they're pretty clearly the lesser evil these days.
It's not so much that I think that Apple is more virtuous than Google, that'd be naive. It's more that their business model seems to align better with actually respecting their user's privacy instead of siphoning as much data as they can even if that means using ridiculous defaults, nagging and dark UI patterns.
I've always had Androids, and my wife has always had iPhones. Recently I setup a Pi-Hole on my home network and I was floored by the number of network requests to various tracking services my android was making in comparison to my wife's iPhone. My wife has the facebook app and is always playing those junk free freemium games - but my relatively clean android was averaging at least double the amount of DNS lookups and blocked tracking domains. Apps that I hardly ever used, that I hadn't even opened since my last phone reboot - were almost constantly phoning in to some tracking service or another. It was an eye opening experience. I just recently switched to iPhone for my first time and have found replacements for most of the android apps I had become accustomed to. I want to be clear that switching devices isn't some magical button to disable all tracking, but I have seen a significant reduction in both the number of tracking domains on my network and the frequency that they are called. Now the blocked requests are much more in line with times that I have various apps open and not all the time whether I'm using it or not. I also feel better about the type of data apps have access to vs. the almost free-for-all of Android. Anyways, that my anecdotal experience with the two types of phones.
I'd love to read a full account of your experience... I feel like if more people had any clue this was happening they'd think a little more about what they are allowing on their personal network.
I would kill for a Linux phone, but until that happens I would settle for a phone that comes with root access (or at least allows technically capable users to get it) and let's me control my own data and device from the bare metal up. Because even if Apple has less incentive to exfiltrate data, I don't want to have to trust any company to do the right thing or to keep doing it.
You don't have to kill... but some compromises you'll have to do. Librem and (partly) Sailfish/Jolla give you much more control but they are by far not as polished/broad as iPhones or Androids. Here a link, maybe the Sailfish 3 version will get a bit more traction?
Can I buy a Sailfish phone ready to go that works on Verizon yet? The biggest thing about this niche OSes is you always have to flash them on a limited set of compatible hardware yourself, and they generally only work on GSM carriers.
Have you bought one? What are your experiences with PureOS as a phone OS, considering the underlying hardware? One issue with Firefox OS was the non-fit between phone hardware and OS hardware requirements...
They aren't out yet, but it will have similar hardware requirements. Phone manufacturers don't value a free driver availability when building their phones, making it difficult for alternative operating systems to support.
It's easy to get root on some Android devices. I think all Google phones purchased directly from Google make it a standard option; some others do as well, and still others have easy exploits.
While I think it's unreasonable that obviously hardware aspects aren't covered by some manufacturers after rooting, is there a straightforward better alternative? I'm honestly wondering, because I wouldn't expect a company to provide support for a device with software they didn't authorize and aren't familiar with. If you want a device that you own, then you need to be responsible for the full cost of ownership, though again that should ideally only extend to software and aspects of hardware controlled by software.
Personally, I don't have a need to root or install alternative ROMs until well after the warranty expires on my devices, so I don't mind the current situation as much as some.
It doesn't void your warranty, although the manufacturers have done a very good job spreading that lie. It is illegal in the US to void a hardware warranty because the user altered the software. If they can prove that your alteration led directly to damage, then they can refuse to cover that specific damage, but that's all.
The main problem is that custom privacy-focused Android versions have to be made compatible for every device and devices come and go all the time.
At some point, hardware progress will be so minimal and devices so easy to manufacture that small companies can offer their own high-end phones and can build for them some years without really being much behind the competition.
When that happens, custom ROMs can really lift off and I don't think we're so far away. One or two more generations of smaller chips and better batteries. We're already at the point where the only innovation is adding more cameras.
In contrast in the case of Apple you have a customer relationship with the company that sold you the device and they have an incentive to keep you as a customer without having a need to extract as much advertisement revenue as they can.
Do you acknowledge this comes at a huge cost? Apple has a fraction of the marketshare as Android in countries like India. Apple's iPhone prices out billions of people. Android-based phones don't. If Android-based phones adopted Apple's business model, billions of people would not have smartphones.
But I can’t help but wonder why there isn’t an alternative. Maybe a phone that is a bit more expensive then an equivalent android. It doesn’t need to have the hardware quality of iPhones or high end android phones but also has good, secure and privacy focused software developed by some company that doesn’t make most of their revenue from advertising.
But I suppose there isn’t a market for that. A majority of users would pick the phone that is only 289 instead of 319 Even if that means selling their data. And the few users that do care are willing to pay the premium for an iPhone. Considering that manufacturing a phone is expensive unless they can mass produce it in quantities such as Samsung and apple, there won’t be a company to make such a phone soon because it would be just as expensive as an iPhone with a lot less features.
And of course the Most important feature of any smartphone are apps and any new platform wouldn’t have any apps. Developer won’t develop for them unless there are enough users and there won’t be enough users unless there are apps. You could probably use googles play services and emulate android but as far as I know there isn’t a way to get around google’s push notifications without compromising the users privacy (which would defeat the purpose). Besides that would be expensive to make and gooogle might not license it at all because there is little in it for them.
>Look how many people willingly give their phone number to grocery stores in return for a slight discount.
If you're paying with a credit card, giving them your phone number in addition to your CC# doesn't make any difference at all. It doesn't even have to be your phone number, pretty much any 10 digit number will do.
It seems like a privileged position to argue that there's no downside to people having smartphones. Many people are unable to regularly access decent laptops or desktops. Internet access is essential.
The Internet lets you communicate with friends and family, access a massive trove of knowledge quickly (freeing up education), discuss current events, and all manner of other things.
Even personally as a well to do American, have saved many, many thousands of dollars by acquiring learning resources online.
Hello FOMO. I grew up in a world where I had to pay by the minute to access the internet or use a phone. I did not have access to a computer 24/7.
Not having/using/carrying a smartphone is a conscious decision one can make with positive and negative aspects. Bruce Schneier points that out in his book Data and Goliath.
Internet access is important, but not a panacea without any disadvantages. Furthermore, a smartphone assumes a device with GSM and data while an other device with on-demand WLAN (such as a cheap tablet) might suffice.
TL;DR if you mean computers and internet access instead of smartphones, use the correct terminology.
Cellular networks are sometimes the only option for people in the developing world. I meant smartphones. Obviously, as I said, if you have a capable computer of any kind without Internet access, that is usually enough.
Now that is the voice of privilege! Clean drinking water is essential. A smartphone is merely a luxury and one that is not without consequences - just as cigarettes are a luxury.
Internet access is not nearly a luxury in the same way cigarettes are.
Yes, it won't literally kill you not to have Internet, but that's a disingenuous argument. I did not say "essential to remain alive", I said "essential".
You are simply not at a level playing field if you do not have Internet access in 2018.
Family emergency while you're not at home? Resources to learn about the world, educate yourself? Increased job opportunities? Housing listings? Mobile financial services?
Personally, I find the introduction of devices with software and distribution lockdown to be much more concerning. As a customer, my relationship with Apple has always been a middle finger from them. The saddest thing is watching everyone cheer them on. Many would much rather be surveiled by Google than be treated as hostile by Apple, and that choice is ok.
It's rather absurd that it's pretty much only Apple that will sell you a product rather than seeing you as a data cow to be milked daily.
I'd like some competition that's actually with Apple (that is others who respect privacy, not Google, Microsoft et al) as I am increasingly disappointed in Apple hardware.
I hear what you are saying and agree in the sense that a lot of this is being misused by people who want to take advantage of what they know about you/us in whatever shape or form they can get the data to get away with.
Chinas use of data is definitely not the way to go.
However, I would also caution against the push for almost complete privacy as that IMO leaves out a number of potential advantages from systems having enormous amounts of data about us.
The primary advantage of technology is that it is able to automate and remove a number of things we would otherwise have to do manually, semi-manually etc.
To the extent that we do more and more in the digital space, our digital identity becomes much more important and that creates a new problem that can't be solved through privacy IMO but have to be solved by allowing digital identities to learn how to trust each other (which means exchange data/information).
I don't think there are many ways around that unless you want to get off the grid completely (which is certainly one way to do things).
This is where I think the decentralized part becomes really valuable. How can we own our own data but exchange it with others and build trust over time just like we would in the real world.
Cause in order to take advantage of the technology you will need to feed it with the primary thing that keeps it alive, data.
If they are getting the data from Gmail, then it is useful for the heuristics in understanding what is and what is not spam.
AFAIK, ebay don't use GA although most of the web do. GA is I'm sure largely to help with their advertising business. That is useful because it gives website owners (who choose to use it) analytics.
> If they are getting the data from Gmail, then it is useful for the heuristics in understanding what is and what is not spam.
Do you have evidence that they use their trove of personal data about you to improve spam filtering? No other email provider on the planet has the same amount of data, and they manage to filter out spam.
> AFAIK, ebay don't use GA although most of the web do.
eBay was an example, but my point was more about, if you used Google Pay on a shopping site.
> That is useful because it gives website owners (who choose to use it) analytics.
That isn't beneficial to the person whose data they hold, it's detrimental, and fucking creepy.
> I would also caution against the push for almost complete privacy as that IMO leaves out a number of potential advantages from systems having enormous amounts of data about us.
So I created an example. Forget my example if you wish, I still have the same question. What benefit is there specifically, from companies "having enormous amounts of data about us"?
"This is where I think the decentralized part becomes really valuable. How can we own our own data but exchange it with others and build trust over time just like we would in the real world."
So not sure why you are asking about about something that is only part of what I wrote when I elaborate further down.
It may be the incentive, it may have been the incentive. But it's not the only possible incentive.
Before they were public Google did a lot of stuff that was seemingly just "because we can". Give geeks a metric-shit-ton of money and that'sb what you get.
This line sounds like the "businesses aren't allowed to do things that don't maximise profits" myth.
and knowing that google will track and use their customers' data apple went ahead and made google it's default search engine for a couple of billion $ a year. from bing, who was their previous search provider. but not duckduckgo, the only privacy centric search provider.
I think you are right but then I was never saying anything about the points, I was saying personally I’d find it difficult to make statements in direct contradiction to my actions. Which wasn’t clear and logical fallacies are definitely worth consideration! Maybe you have show a little bit of cognitive bias assuming I was trying to undermine the points he makes.
I do get your point and agree but most users are uneducated and will most likely have problems with DuckDuckGo and be confused to what happened to their Google and why is it deleted. So I guess it’s another side to consider. That’s no excuse thou. Apple should at least ask the question in the onboarding.
Also you can't just forget the point, that you will not find the same results on DuckDuckGo and Bing and others that you find on Google. That is my #1 problem with switching to another search engine. It doesn't show me the results that I need, especially for technical questions. Google does.
I tried DDG a few years back and was of the same opinion as you until I decided to have another look back in August this year (which coincided with a switch from Chrome to Firefox). I'd say I find 90% of what I need now - ie I only end up using g! for one in ten searches. Probably fewer, actually.
(and like you, a lot of my work-related searches are technical in nature)
If it is a while since you last tried the switch, startpage is worth a go.
I recently built a new laptop and set it as the default, after several failed attempts in the past. I now rarely find myself struggling with tech related searches as I had done previously. Consequently, it has stuck this time. YMMV obvs.
I might give it another go. I also really really like the guys behind DuckDuckGo, so I'm still hoping they can get their search algorithm on par (or at least near) Googles'
With DuckDuckGo you can always use the !g syntax to switch to google if first results don't suit you need.
By my experience DDG usually provide way more appropriate answers when you are looking for a reference or a documentation entry. Google still is better for recently pushed contents like news and is still marginally better for finding result inside Q&A sites. After 1-2 years of DDG by default I tend to know in advance which query is best for which search engine and so I half conscientiously add the !g while typing when needed.
I don't know why so many DDG users use '!g' unless they're using Edge or just aren't aware that Chromium and Firefox both let you create an arbitrary keyword like 'g' for a search provider, which is a lot easier to type.
Some of the other bang commands do look useful, though.
Guess I have a "localized" deformation as french keyboard include a ! character accessible without any key modifier, so it's actually pretty straightforward to use.
They're literally the biggest tech company in the world. Couldn't they build their own? I mean, it wouldn't be great at first but seems like a worthwhile project (and Microsoft managed it with Bing, so there's precedent there).
I think the issue is that besides the money they don't really have a competitive advantage so it'd be difficult to catch up given how long Google has been doing this for.
First of all Search is well outside their domain expertise; they aren't really well known for doing either search/MI or even web services well.
Secondly, it takes a long time just to get all the infrastructure set up. There is an unbelievable amount of build/test/deploy infrastructure that Google has been able to set up over the many years of doing search. I certainly think Apple has engineers smart enough to make it happen but in the end building the stuff takes a large amount of time.
And this is all assuming they use AWS/GCP/Azure instead of deploying their own data centers.
It's very much the same difficulty that Google has trying to make hardware to compete with Apple. They have so much experience and expertise in that area already. There's no way Google could make a phone faster than the iPhone: Apple makes their own chips! So instead Google has to compete in the areas where they have a competitive advantage, for example by using AI to make very good cameras.
> They're literally the biggest tech company in the world. Couldn't they build their own?
A search engine is a big enough process—and difficult enough—that you can't just throw money at it and expect it to work in the end. They could try, certainly. And maybe they'd succeed, and maybe they'd fail. And maybe they'd succeed but end up with a successful business unit whose goals are opposed to the rest of the company's.
Bing or Yahoo. Google profits even after spending 12b. It’s a substantial amount of traffic and could help put one of the smaller guys back on the map.
The only problem is that Apple is the Mercedes of mobile devices. We really need a Honda and Kia version, a more affordable device that doesn’t track you.
Apple is never going to give up their premium position.
why not just buy an older device? bought a brand new iPhone se as soon as the new iphones x maxx was announced. mobile phone development as plateaued imo, there is nothing out there you really need unless you're fooling yourself.
photos - I bought a nice mirrorless with the money I saved.
apps - se runs everything tolerably fast except for snapchat and Instagram, which I've decided to cut down on anyways.comparison is the thief of joy and all the new social media apps promote comparison as the primary feature.
games - bought a Nintendo switch and it has fortnite as well.
all told 300+400+300 = 1000 which is STILL lower than the cost of the iPhone x max
This has been my strategy all along. I am always at least two versions below, sometimes more. I still own my iPhone 6, and get all updates. I bought it for 200 bucks, 2 years ago!!
Apple supports old devices well, but app developers seem to have different ideas. I upgraded my SE to an Xs recently, and I had the realization that iOS is not a bug-ridden piece of garbage... it's just that nobody ever tested their app for the SE's screen size and other capabilities. All the apps that I thought were buggy work amazingly on my Xs.
To some extent, I sort of blame Apple here. When you boot up an emulator, it's an iPhone X that you see. If it defaulted to the SE, I bet we'd see more apps that render correctly on its screen. But it doesn't, so we don't.
The faster CPU also eliminates a lot of problems. I am sure I am guilty of writing code that is only viable because I'm running it on a 32 core Xeon machine. So are app developers. The faster the CPU you have, the less likely you the user are to suffer because of their sub-optimal algorithm choice.
Apple, unlike many Android outfits, supports their hardware for a pretty long time. This chart (https://www.statista.com/chart/5824/ios-iphone-compatibility...) suggests that they're supporting devices up to 5 years old; since the SE is just 2, it has a good 3 years of software and security updates to look forward to.
Compared to OnePlus who stopped updated their OnePlus2 past Marshmallow after telling subscribers they would get the Nougat update. This effectively dead ends this model for users. Got rid of my 2 when I found out:
That's exactly the problem I have. I don't want the unblockable ads and spying but I need my phone to be some cheap thing I don't have to respect or worry about. Once I started buying $150 phones every 2-3 years, I realised how much I need a device that I don't lose any sleep over it getting beaten to death and possibly replaced prematurely.
Swappa. A less shady eBay specifically for phones and like gadgets (though as it gets more popular, we'll see if it stays trustworthy). I've bought three used iPhones and an Apple Watch, never a problem.
I personally wouldn't buy something like this from a classifieds site. But that's because I expect you're just as like to get a cardboard cutout of an iPhone as you are an actual iPhone. If you've used these sites before and are comfortable with them, I'm sure there's options there.
I don't know what it's like in the US, but here (SE Asia) there is a massive market for second-hand smart phones/tablets, usually from places that also do repairs of such devices. Go to any shopping mall in Thailand and (usually on the top floor) there will be dozens of places with devices of varying age.
I don't think Apple's official refurbished stuff will be in the price range you're looking (they only have 7's from what I can see) but I'm sure you can find them somewhere.
Speaking about unblockable ads, I had to set up a pi-hole to block ads at the network level because I couldn't block them on my ipad on any browser. Why does Apple make it so hard? Am I missing something?
Safari has supported third party ad blockers for a few years. I use 1BlockerX and it works well. There are dozens of other options. Including Firefox Gocus which blocks ads by default and also functions as an ad locker for Safari.
Not really. They own like 50% of the market. They position like 1960 GM. The $1,500 iPhone is the aspirational thing that everyone talks about. If you have money, you buy the iPhone Xs (ie the Cadillac), if you want to look "better", buy the Xr (Buick), if you don't care, you buy the iPhone 7 (the Chevy). There is almost nothing that the $1,500 phone does that the $1 phone does not.
The cheapo androids are more like the Yugo of mobile devices, and the nicer Androids basically cost the same or a little more. iPhone 7 is $1 on many promo deals.
If you go to companies with compliance requirements, iPhone owns the market, and is by far the cheapest solution. One of my "side hustles" in a very large org was managing about 40k iOS devices and 400 android devices... it basically cost about $9/year to manage, including staff. Staffing was basically 40-60% of two IT guys and half of 3 interns. If we broke the cost down further, the Androids would have been significantly more expensive, as additional 3rd party software was required as well as many more man-hours.
The iPhone is magic in that way, with sufficient scale, you deliver almost magical capability to your whole company, including network connectivity, for less than the run cost of a PC. And it costs something like 80% less to manage than a PC. If you look at companies in industries like field service, iPhones are almost a profit center.
If you have a long-duration, pre-negotiated contract with carriers, where you are essentially financing the $500 phone cost every 18-30 months via the service plan, the marginal cost is the metric that matters.
Where is your evidence supporting the claim that Apple owns 50% of the market? That is way above the figures I have seen. Seems to me you are just pulling metrics out of thin air in this post.
I focus on the US (and UK and Japan), it's a two horse race. You can segment it all sorts of ways. iOS is somewhere between 40-60% in a given segment, and usually around 43-48% overall. Overall share has been declining as the market growth slows and prepaid plans make total device cost more relevant.
Nothing I said means anything ex US, as the solutions, costs and requirements vary.
It seems extremely hard to achieve that though. Creating a new smartphone hardware is very difficult and expensive. Creating a new smartphone OS and ecosystem is probably even harder. In order to have a proper "libre" smartphone you'd need to basically do both things. If behemoths like Microsoft couldn't pull it off I'm not sure how a newcomer could.
I suppose the best path would be to create a new phone that could either boot Android or your privacy-respecting OS, this way you could still get the mainstream sales with Android and you'd target the niche users who value their privacy with your custom system. Still seems very difficult to achieve, if you want your phone to be cheap you need to target a high sale volume to dilute the cost of your R&D.
I think the big problem is that smartphones never really had an healthy open source ecosystem going because it was all about closed hardware and locked bootloaders. Without a decent open source stack available it's hard to bootstrap a new system. And even if you did manage to do it you'd still need to convince people to port their apps to it (because not having Whatsapp or Instagram is going to be a deal breaker for many).
If you want an example of how many people it takes to create a cellphone, Google bought HTCs Pixel phone team, which amounted to around 4000 people. This likely includes all the software engineers that do driver work as well, but it worth noting the size.
You can get away with smaller teams if you take the full package that Qualcomm gives (they do most or all of driver work for you). You saw what Essential Products was able to create with around 120 people, but they were heavily using work from other companies to launch it.
Doesn't fit the bill yet. It's not cheap enough (you can get an iPhone 8 for the same price) and it remain to be seen if it'll manage to generate a viable ecosystem of apps around its platform. We also can't judge of the quality of the finished product yet.
I genuinely hope they succeed but that's clearly not the "Honda or Kia" of smartphones the parent was talking about, at least not in this iteration.
I imagine part of the reason they can afford to be pro-privacy is that they make enough money on actual sales to matter. If your margins are how, you will start looking for other ways to generate revenue.
Yes, especially if you are a kid. Perfect phone to indoctrinate them with when they are young. Not too expensive to give to a kid and a perfect size. Don’t really understand Apples reasoning on this one.
I wonder if they could make a whole new company/brand that’s competes at the low end. If it ran iOS though, would that be enough to cannibalize too many iPhone users than would be acceptable?
Wondering if they could accomplish the same thing many car brands do i.e. Honda <> Acura
Apples 'cheap' iPhone is last years (or the year before). And it works, because unlike most Android devices that get very few updates, with long delays (or no updates, ever, for the very cheap devices), they support devices with newer OS releases. A 5S will still run the latest iOS.
I agree that appears to be the way they are going. If they are working to extend the life of devices even further in coming years that seems to support this direction.
Just buy an Android device and opt out of all the tracking?
People behave as if this is impossible, but the options are all right there in the settings. There are a few places you lose some features but not super significant ones, and mostly those are because the tracking is intrinsically involved in the functions of the app.
This is farm from the solution you present it to be.
Opt out of google maps history and try the maps search for few days. Then turn it on again and compare the results.
I've even had 'Saved Places' not render without search history being enabled.
My next phone will sadly be an IPhone. Not because I love apple(I don't), but just because I'm quitting google.
Search for places requires knowing your current location to give you the most relevant results. Google would have the same information if you used Google Maps on iPhone.
The difference is that on Android, it is possible to set a default maps app that is entirely local, which means that Android wins on privacy for location tracking. (This is before even considering that AGPS location data collection is mandatory on iOS and merely opt in on Android.)
You can only claim with a straight face that android wins on privacy if you completely ignore google. But since you can only do that in theory land it rings hollow.
Besides, most people upload their photos without removing exif data which makes your photo archive the best tracker - every place you went that you cared about at all. Most people also keep pictures forever. You an count the people who opt out of cloud storage for photos on one hand...
> You can only claim with a straight face that android wins on privacy if you completely ignore google.
The only way you can say iOS wins on privacy is if you listen to marketing instead of what the OS actually does.
1. Aside from losing on location privacy, as I showed above,
2. iOS also loses on message privacy because you can't use a secure messaging system like Signal by default,
3. on tracker and advertising privacy because you can't install a system-wide adblocker like Blokada,
4. on user privacy because you can't install an app without an Apple ID,
5. on developer privacy because you can't develop apps for your own device without an Apple ID (and even worse, without a credit card to give up a verified name and address if you don't want to re-sign your apps every week),
6. and on account privacy because Apple does not allow you to delete your account unlike nearly every other service (even Facebook, which comes a close second to Apple as a bad actor) on the Internet.
Nobody’s stopping you from installing those apps if you want - an offline Maps app, Signal, Firefox with uBlock. It might not be the system default app, but I’m not sure how that’s a fundamental loss of privacy.
Sure, you need an Apple ID, but how hard is it to generate a throwaway account for that purpose? Nobody ever said you had to use one that was tied to your actual identity. Heck you can even use different IDs for the App Store vs. iCloud, but anyone who is extremely privacy sensitive would already not be using iCloud. I don’t know where you read that Apple IDs can’t be deleted - on https://privacy.apple.com/ if you sign in there’s a nice big Delete your Account button.
> Nobody’s stopping you from installing those apps if you want - an offline Maps app, Signal, Firefox with uBlock.
I never said otherwise. Again, you can't install a system-wide adblocker.
> It might not be the system default app, but I’m not sure how that’s a fundamental loss of privacy
Because if it's harder to use on every use, you won't use it.
> Sure, you need an Apple ID, but how hard is it to generate a throwaway account for that purpose?
In that respect, it's exactly like a Google account. I never claimed otherwise. The fact that it's tied to things you do like apps you download and where you search allows deanonymization, just like in the Google case.
> Nobody ever said you had to use one that was tied to your actual identity.
Except if you want to build apps for your own device that you don't want to reinstall weekly. On Android, nobody has to know anything about you, even if you want to develop for your own device, which should not result in loss of privacy on a platform that respects privacy.
> I don’t know where you read that Apple IDs can’t be deleted - on https://privacy.apple.com/ if you sign in there’s a nice big Delete your Account button.
Thanks for this link. Somebody created an Apple ID with my email address, and after I took over their account, I could not figure out how to delete it from the Apple ID Account page, and a search doesn't return that privacy page. It's way harder to find than Facebook's delete account page.
Actually, I tried to create a throwaway Google account just the other day to test a Google API without it being tied to my identity.
Guess how hard it was? If you start from scratch (i.e. without an existing Google cookie thing your new account to your old one), you have to put in a valid, non-disposable mobile phone number and get a verification.
On the other hand, I just made an Apple ID with a disposable email address with absolutely no real-word verification required.
> Because if it's harder to use on every use, you won't use it.
I don’t see how a non-default app is really so much harder to use in iOS. I use Google Inbox and Facebook Messenger as my daily drivers (not claiming I’m a privacy focused person, hah), not Apple Mail or iMessage, and I’ve never suffered for it. iOS has surprisingly few places where a “default” actually matters.
> Except if you want to build apps for your own device that you don't want to reinstall weekly. On Android, nobody has to know anything about you, even if you want to develop for your own device, which should not result in loss of privacy on a platform that respects privacy.
This is a fair criticism. Apple developer policies have always been quite annoying - being a developer for the platform myself (own phone apps only, nothing released), it’s definitely not as smooth as Android. Plus with Android I get to do fun kernel hacking stuff which is strictly off-limits with iOS.
We must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. ....
Yet in holding scientific discovery in respect, as we should, we must also be alert to the equal and opposite danger that public policy could itself become the captive of a scientific-technological elite.
If anyone is interested in watching the Keynote speech for themselves and form your own opinions, it can be watched on YouTube here: https://www.youtube.com/watch?v=kVhOLkIs20A
Warning, Google will be tracking that you watch this speech :P
I wish I could separate his position from Apple's marketing stance. Unfortunately here he seems to use such hyperbolic language that it puts me on the side of "this is marketing". It seems very hard to separate cause and effect (is Apple's market strategy because of his beliefs on privacy, or is it the other way around?). But this kind of tilts me towards the latter.
Apple's market strategy was already primed towards a privacy-focused stance, since their profit center is selling physical devices. Thus, when privacy becomes a Big Deal in the world, Tim doesn't have to push hard to get Apple to line up with his beliefs. If Apple had been an advertising-focused company before Snowden, I doubt we'd be seeing as hard a push as they're giving right now.
Sometimes the stars align. Clearly Apple is in a good position to take this stance because they don't have a lot to lose if stronger privacy protecting regulations are enacted while their competitors, especially Google, would take a significant hit.
That being said I can totally believe that he genuinely believes what he says. Actually I'd wager that most tech people, including at Google and Facebook, see that we're having a problem with "big data" and the compulsive profiling of their users. The potential for abuse is tremendous.
Regardless of ulterior motives I think we should rejoice, having a behemoth like Apple taking such a clear stance on this issue could generate enough momentum to have an actual change in mentalities.
This is pretty much a textbook example of an attempt at regulatory capture, though more explicitly aimed at hurting competition than normal.[0] It's hard to take Apple as sincerely looking out for the best interests of consumers given their stance against repairs.
I think that it's ironic that Techcrunch make it so hard to read the article without agreeing to surveillance when they could just look at the Do Not Track headers.
I have owned couple of google phones (Nexus and Pixel). Today for the first time ever I am considering buying an iPhone. I would pay premium for privacy on Google devices if they make it available. And we now know what the price is - $40 in EU. Just sell it like this Google.
have owned couple of google phones (Nexus and Pixel). Today for the first time ever I am considering buying an iPhone
I was a BlackBerry die-hard until they switched to Android. A privacy-focused phone using a Google OS, what a joke. Switched to iPhone and it’s pretty good, only thing I miss is the real keyboard.
I have a Key2 which I bought because I like the physical keyboard, battery life, features, and physical appearance/feel, but I don't buy any of the security/privacy marketing for a second. The phone runs a boatload of services from Google and BlackBerry which I don't know what they're actually doing and you can't turn off or disable without breaking features. I operate under the assumption that Google can (and does) track what I'm doing and where I'm going, even though I've disabled as much of this tracking as the settings allow, and that BlackBerry could decrypt my "secure" file storage locker and bypass my fingerprint/PIN in an instant if they wanted/were compelled to.
I'm hovering in the same airspace (thinking about an XR), though not certain I'll go that way in the end vs buying a Pixel 2 for literally half the price once Google inevitably drops their price. Seeing a trillion-dollar company stand up for privacy, whether for altruistic reasons or not, really makes me want to support them.
Another price point: "Seeing as Google pays Apple $12bn to be the default search engine on iOS devices" divided by number of devices Google paid for.
The $40 should just be a number that would pass the lowest threshold the antitrust regulators will accept. My guess is that $40 doesn't have much to do with lost advertising revenue.
12bn divided by 1,3bn devices sold according to this [1], 2018 not included, gives roughly $10. So now we have another data point. Not sure about the contract length though.
That's also only for value they extract from being the default search engine (which probably means they are used by 95+% of users). On Android they can also count on being the default for maps, mail, browser, and app distribution (not to mention that Youtube is usually pre-installed, and that they have been forced to admit that they collect location data from Android devices even when location services are turned off). So they have the opportunity to collect vastly more data and target vastly more advertising.
Good to see. Also nice to watch Facebook and Twitter and Youtube employees being called out for what they have enabled.
If you are smart enough to get a job anywhere, why even work to keep these toxic machines propped up? Time to bail before things get worse. Or read a book about the decline of Yahoo.
Cook isn't arguing that companies should not be allowed to have access to data. He's arguing that there should be laws in place to prevent misuse and abuses of that data.
There's nothing inherently wrong with agreeing to give a company access to your data. But it's absolutely wrong that once you've handed your data over, that company can do whatever it wants with it, with no restrictions, as if they own it.
How is Google abusing the data collected in your context? You gave your consent when you setup your android device, right? You want Google voice or Siri? They surely benefit from all your data.
In the same way you cannot just sign a contract that is against the law, a company shouldn't be allowed to do whatever they want with your data, just because they made you click on an "Accept" button.
So basically consent to use your data is a lifetime contract. I think you should be able to delete(I don't mean disable) your data from the platform when you sever ties with a platform.
I get the impression that this is already happening to a certain extent and they are testing the water. On newer/faster devices, you’ll notice Siri transcribing on the screen nearly instantaneously, faster than any server round trip, but with poor accuracy. Then a few seconds later once the server connection is established you’ll see some of the transcription change to be more accurate.
They don't have the dataset needed to train the speech recognition engine, nor do they seem to be willing to deploy some of that $250b in cash to hire engineers smart enough to make a model which only needs the local user's input for training.
You misunderstand what the internet connection is for.
Right now most machine learning models run on server farms and your voice snppet is sent to the server, where the model processes it. They then send the interpretation back
"Local model" means the voice snippet is processed on your device. Never beamed off to a server farm.
The interpretation might be:
Action: internetSearch
QueryString: movie times for "Avengers" [near me || {userPreferences.movieTheater}]
UseLocation: true
Which then kicks off whatever process Siri has for handling internet search actions
I believe the "hey Siri" wake up works locally. For the rest that seems complicated as many of the questions you ask Siri requires Siri to fetch something online to find the response
I originally took this opportunity to critique the idea that Cook can stand to take a strong stance on privacy because their business model relies on selling an actual product and said product can only be affordable if you leverage cheap labor (and given historical context: very questionable working conditions).
However, for the sake of maintaining consistency with the article and staying relevant I have revised this post.
Tim Cook is there to give a speech at a Privacy conference. I thought his comments were consistent with how Apple has been presenting itself over the last years. This gives me some confidence that Cook will continue to lead and push for stronger privacy laws while fighting against politicians who look to weaken encryption
I'd like to take this opportunity to point out that Apple was in fact aware of those issues, and has in fact worked both on documenting them and fixing them: https://www.apple.com/supplier-responsibility/
This is transparency - following through and actually giving a damn about things like child labor. They found 2 cases of underage labor in 2017 after auditing 756 facilities and over 1.3M workers. They made it a core violation of their supplier code, meaning that if and when underage labor is found via audit, that supplier loses its business with Apple.
Go read the report - you might find that Apple is a pretty damn thorough company when it comes to responsible labor. Is there more they could do? Yes, there always is - but they're doing quite well so far.
Indeed, my original comment referenced the transparency reporting that I have grown to appreciate from Apple. I wish more companies did as thorough job showing every piece of the supply chain. I revised the comment because I felt like it was just bashing without relevance to the actual article content. Thanks for the follow up comment to further clarify the transparency aspect. I know not every company wants to show exactly where they get their material from, but it is pretty incredible to see where material is sourced from and how it is manufactured and ultimately made into a product. Supply chains need to be this transparent
• allow per-app VPN via Apple Configurator, without enterprise MDM
• once the above two are available, we can use Tor, IDS, DPI or pihole on a per-application basis, to reduce data harvesting
• bonus1: allow the open-source iOS MDM community OR the iOS Shortcuts community to make it easy for novice users to have one-click install of "privacy-plus configurations"
• bonus2: provide open-source code for on-device, silicon-enabled voice recognition using Neural Engine. In the meantime, allow anonymous (no iCloud login) use of Siri via Tor on a per-application basis
Political problems tend to be much harder to fix than technical problems especially if you're Tim Cook.
(Also, political solutions are more likely to incur severe unwanted side-effects, such as, for example, making it almost impossible for any new operating system to enter the smartphone market ever again).
Also, the options Tim Cook has at his disposal go beyond technical solutions: in particular, it would be straightforward for Apple to switch to a pricing strategy that gets iOS devices into the hands of 100s of millions or billions of people who will stick with or choose Android if Apple keeps its current pricing model.
Here is a writer who estimates that Apple could sell the iPhone X at at 40% discount from its current (at the time the web page was written) price without losing money on the sale:
Rather than switching pricing strategies, Mr Cook apparently prefers to lobby the government to help him maintain the iPhone's status as a premium or luxury brand, which in turn preserves the iPhone's very high profit margins.
You can’t solve a political problem through technological means, you can only provide workarounds. Geeky, awkward workarounds. TOR is an example of this.
I'm not saying it is the panacea, or that it only has consequences. Just that technology drives social and political developments, not the other way around. Our current technology does promote free speech[0], and does promote lack of privacy. That's why you see politicians fighting with the Internet on curtailing free speech, and promoting privacy.
Politics and social customs are all about taking particular spots on a landscape of choices. Technology shapes that very landscape.
--
- [0] - note how difficult it is to really censor anything these days, or curtail someone's audience; hell, if anything, technology is showing that ubiquitous free speech has some negative consequences too.
> Many programmers work to solve political problems through technological means.
The real-world effectiveness of any technical solution depends on the political will to enforce it. Without no political will, technical solutions are not effective or enforceable, or even deployable. A political solution on the other hands eliminates the need to even consider a tech solution.
And is Tor an example of a solution to the problem that has become widely adopted in society causing the problem to go away?
Because if not then maybe a political solution to the problem is in order.
Another example is encryption in general. Once export restricted in the U.S. as munitions, the rest of the internet simply routed around that censorship.
I’d like to see better sand boxing of the Photo album on iOS. Facebook, LinkedIn and others are known to raid your photos if they have access to it. Ideally you could limit their ability to read and write to just a specific photo album. Or limit write and read separately. At the moment your ability to enable and disable the permission is based on what permission the app requests and they show up together.
iOS has long had an API for allowing access to individual photos from the system photo picker. Unfortunately many apps eschew this because they prefer having access to all of the user’s photos.
That shouldn't matter. The OS should let you create a fake photo collection which gets shown instead of the real one to apps you don't trust. This idea is obvious and very old. At least in the case of Android contact lists people have been asking for this for as long as I can remember. Why has it still not been implemented on iOS at least? Or has it now been implemented? I've been avoiding both Android and iOS because of stuff like this.
Does anyone want to sell me a phone that runs Debian with the option of running Android or iOS in a VM with appropriate management functions that would make it very hard for an app to misbehave?
> The OS should let you create a fake photo collection which gets shown instead of the real one to apps you don't trust.
Many times yes. And even more important, the contacts!
Now it's you have to "give the app all the contacts" even if you know you want to give it only one or two. And of those one or two, just the number. Not the picture, not the date of birth, not the address.
In short we should be able to pre-select what any app actually sees of of all the databases, records and fields.
It sounds too technical but it could be done properly.
Ideally, the user would be able to force any app that asks for photo access to use the photo picker. Otherwise app developers are gonna ask for full access, because they can.
While I suspect the same thing (why wouldn’t FB access at least the meta data from all photos), I wonder if you have a source or proof for that.
Also, how does that work with GDPR compliance if the UI clearly doesn’t ask for my consent that all photos are somehow accessed and maybe even uploaded?
This is my most desired feature in iPhone. Disabling location service, when you don't need it, helps with both battery consumption and privacy. I don't understand why Apple doesn't want to implement an easy switch option, unless they want to track your location for some reason.
I would wager they think it's confusing and possibly dangerous.
How many people would leave it on as they drive away from home, and then struggle with their phones as they're driving?
Apple doesn't generally expose more options than it thinks a substantial number of people need. That's a UX decision, not a "Apple wants to track you forever" evil business decision.
I'll admit I wouldn't mind an option like this, but I'm fine with three levels of location service controls for apps.
There are ways to make it user friendly. iOS can provide some kind of API that apps can use to explicitly request user to switch location services on. Just like permissions.
They can also have an option is settings to ONLY allow foreground app to use location service.
I bet most people don't want random apps to know their location in the background. They only want location when they know what it's used for (e.g. Google Maps, Uber/Lyft etc). If Apple is really so pro-privacy, they can find a way to stop apps tracking location in the background.
That's not quite the same thing, because with that setting apps can run in the background and continue to track your location. Usually you want this (e.g., Waze), but not always (e.g., Uber).
No. That would quite literally be the “Always” setting... For example, for Messenger to share live location, it needs location sharing to be always, and not just “While using”. With while using though, you are still able to share a pin point of you current location.
Now that I've looked for Apple's document on the matter I'm more confused. I'd need some examples of what it means by "one of its features".
"Allows access to Location Services only when the app or one of its features is visible on screen. If an app is set to While Using the App, you might see your status bar turn blue with a message that an app is actively using your location."
I don't allow anything Facebook-owned to access my location, so I can't speak to Messenger, but perhaps FB simply doesn't want you to lose location sharing if iOS has to kill Messenger while running in the background.
Always: an app can always access your location
While using: an app can access your location until explicitly terminated by the user or the OS due to resource constraints
Fair enough, I seemed to have missed the background part from
> An app is considered "in use" when you're actively using it in the foreground, or when it's in use in the background, which the status bar will indicate.
It would help if they decoupled the so-called "end-to-end encrypted" iMessage from automatic backups to centralized iCloud servers to which all governments have access.
Apples' core business is not to violate your privacy left and right, which probably gives them an edge about the likes of Facebook and Google (at least in my book) in this sphere.
Apple makes their money by selling expensive premium devices. They don't earn anything from selling your personal information or data about your usage patterns.
Google on the other hand, is an advertising company that also makes software and a smartphone OS among others.
You can assume they have to cooperate with the US government at least, that's what Snowden risked his life for to share with us. The question you have to ask yourself is whether you care about that. I can see a near future internal conflict / civil war happening in the US though, in which case having the government - potentially your adversary - know everything about you is a bad thing.
I hope Google will at least analyze the idea of privacy, analyze what data they collect and if all of it needs to be collected or kept, when someone suggests let's collect everything there(and in other companies) should be some debate there before is implemented.
Google sets a pretty good standard over at https://myactivity.google.com/ IMO. But yeah the whole passive data collection e.g Wifi networks done the Street View cars, as one example, bears scrutiny. Likewise Android
How do you know that that's actually all data Google holds on you? Facebook has a shadow profile for every one of its users, one whose contents you cannot access. There's no technical reason Google can't build one, and they have been deceptive in how they collect your information in the past https://apnews.com/ef95c6a91eeb4d8e9dda9cad887bf211
I don't disagree with you, that was deceptive, but man, I could so see myself making that blunder; the developer meant they won't be stored by the Location History tool, whereas the users reasonably read it as meaning by Google.
Before you consider Apple as your next device provider, remember that they right now are completely shutting down third party repairs of their devices.
Also Apple's own "repair method" is to tell you that it's broken, without so much as opening the case and just replacing any component that seems to act up, costing you up to the device's original price in repair fees.
If I want to purchase a device, I'm going to take more into consideration than just the privacy policy of the company.. One of the important factors is, what happens with my device, when it's broken?
It is either fully repaired/remanufactured and resold/used in a swap out, stripped for parts for repair/remanufacturing or totally recycled by Apple.
The "It's broke, here is a new one" IMHO is convenient for the consumer having their mobile device repaired. They're not having to wait around for hours/days while the repair is done. IME, Apple only really swap for total hardware failure or screen replacement on the X series iPhone.
So long as there is no PII, what is the problem with that? If you mod something that's in warranty and you knowingly void it, that is your problem; same is true for every single manufacturer out there.
> If you mod something that's in warranty and you knowingly void it, that is your problem
The ability to fix your own phone isn't just your problem. It is also a problem for the person who you sell your "fixed" phone to. It is a problem for the second hand phone market (edit: the market clearing price for lemons). Allowing parts interchange is a problem for theft (if expensive parts from parted out stolen iPhones can be used to fix other iPhones then stolen phones have high value.)
Edit: that said, I do want to be able to fix my own phone. I just don't agree that I am the only person affected by that ability.
Sure, but also keep in mind that Apple has literally no way of knowing what a third-party repair shop might do. Apple does not want to end up on the hook if a third party shop uses a fake exploding battery, the wrong adhesive (causing e.g. antenna issues, excess heat, or flaky phone), a fraudulent or fake part, etc. If that phone blows up/dies/erases everything afterwards, an irate customer or the media might well pin the blame on Apple.
I don't blame them for not wanting random third parties doing repairs.
I would be fine with Apple doing the repairs themselves. But the fact is, right now, they're not repairing anything. They're swapping out parts without search for cause and charge you a massive amount for the hardware they've swapped.
If Apple started doing "Certified Repairs" and actually repair or fix the issue instead of swapping parts every time (there are a lot of problems that can be fixed by cleaning out gunk, swapping a wire etc.), I'd be completely okay with going to an Apple store (or certified partner) to do the repair.
The time cost for diagnosing the cause of an issue can be quite high, especially with these tightly integrated devices that have to be laboriously disassembled for repair and reassembled for test. That's a high cost of high-skilled human labor, when there's a much lower cost in just getting you a new part. It also means they don't need as many employees to execute repairs, nor do they need as much detailed training on repair procedures.
Apparently that's not the case, since a lot of skilled third party repair shops can charge you less by disassembling and fixing the issue instead of swapping out parts.
I do. Or rather, I don't care if they want third parties doing repairs or not but it should be the user's choice. All this is cheap talk to increase their profits.
That's very good. The more high-profile people speak up against what's happening, the more the general public realizes what's really going on. Frankly, most non-technical users have no idea how they're profiled and what the real and potential dangers are.
You know what's funny? We reached a point where 100% private conversation between two endpoints is finally possible, without the dependence on any third party (be it the Post Office, GSM operators,, Google, Apple, or anyone else). That's a huge step for communication privacy. And yet, most people choose the other way, they prefer to share their most intimate details with Facebook via Messenger and WhatsApp, with Google via Gmail, with Microsoft via Skype... Mostly because they're unaware of how things work and that other, more secure ways are available. So kudos to Cook for helping that cause just a bit.
As far as I understand this, correct me if this is wrong, this means the content of your messages is encrypted. There is still important data to fetch about who you talk to, how much and when.
I don't know why you're downvoted because that's exactly the point: the creators of closed-source applications may claim whatever they want, but you have no way of verifying their claims. Especially if the owner is the company whose income is based on profiling you, and the fight over FB<->WhatsApp profile linking is no longer a secret now.
Why doesn't he put the the money where his mouth is? I haven't seen Apple making any attempts to create funding model for publishers, even though the success of their products depends on the wide availability of free content.
Apple has put forward numerous systems for publishers of all types to make money on their platforms, some successful, some not. iTunes, app store, Newsstand, iAds, Apple music, News, iBooks.
I read this as "military industrial complex" and was positively surprised to see such a strong sociopolitical statement coming from Tim Cook, then I noticed the article talks about "data industrial complex" and realised this is still tame enough to count as aggressive marketing.
Publicly attacking the "data industrial complex" is in line with Apple's economical interests.
Publicly attacking the military industrial complex would be opposed to Apple's economical interests (because it might upset a segment of its customers).
It's difficult to judge the sincerity of moral outrage in an attack that aligns with your own economical interests. You may think of it as "empty posturing" but speaking out against a sociopolitical issue you're not directly part of can help bring about changes and can help shape cultural attitudes.
For example, coming out as gay in 2014 wasn't necessarily in Tim Cook's best economical or even personal interest (though those offended or upset by this are less likely to let that affect doing business with him because after all he's still the CEO of one of the largest corporations) but it may have played a small part in changing overall social attitudes (remember that the Supreme Court decision on equal marriage in 2015 only happened after most states had already passed equivalent legislation and public support had been fairly widespread).
You may not be able to change something by calling out. But you certainly don't change it by remaining silent about it and playing along with the status quo.
Cook is only making this statement because it's in Apple's business interest to cripple ad-based competitors by convincing policy makers to hobble them with regulation. He's not a neutral observer.
While I'm sure that's a consideration, it's incredibly cynical to claim that that's the only reason Cook is saying this.
Apple has been extremely firm and open about their commitment to privacy, when they could easily have just gone along with the crowd and harvested data, too. I think it's highly likely that they could have made significantly more money doing that than they do from the people who choose Apple products specifically because of their privacy stance.
Cynicism can make you feel really superior, 'cause you can see through all the BS everyone's spouting to the cold dead hearts inside, while all the people around you think that people actually care about anything but money and power.
But, see, there are actually people who care about something more. And when you fail to recognize that, you enable those who don't, those who benefit from all the not-caring, just that little bit more.
Does Apple really compete with Facebook and ad platforms? Does Apple even really compete with Google? Isn’t the Android competition mostly not Google, e.g. Samsung?
But non-stock Android still typically uses Google services and these integrations are built into the OS. So whether the Android devices are sold by Google or Samsung doesn't really make much of a difference, Google still gets the data it wants.
Apple's schtick has long been "technology without the bullshit"- and well, the behavioral data gold rush is basically bullshit for consumers, so sure, they're on the privacy bandwagon in the interests of their own company and it's market strategy.
Is that the same type of moral speech as he did when he said "Privacy is fundamental human right" and then gave keys to iCloud to Chinese government some time later?
He's a CEO of a multi-billion publicly traded corporation. Content warning applies for everything he (or any such CEO/PR service) says.
Apple's stance has been completely consistent. They comply with the law while making their ethical beliefs and stance as a company clear where they disagree with it.
What do you suggest Apple should do instead of comply with the law? Require it's employees to incriminate themselves?
I agree, and you can also tell that Apple is on the right side of this because of that FBI phone unlocking case. Apple fought the government tooth and nail, and they made it literally impossible to do for later models of phones. That whole incident really impressed me.
Of the "giant evil megacorporations that will dominate our cyberpunk future", I think Apple has slightly more moral sense and backbone compared to Google and Facebook. Not much, but it's something.
That's an interesting view, considering all the outrage on this site related to Google potentially entering the Chinese market under their law. It was deemed utterly immoral... and Apple gets a free pass although their own CEO it talking about human rights?
You are either utterly uniformed or intentionally misleading. Apple located the data center in China, as Chinese law requires while maintaining the same encryption standards they have for all of their customers. Google was collaborating with China in creating a censorial search engine behind the great firewall. Completely different things.
How is that any different? Google isn't doing anything different from any other search engine in China. Of course, they're collaborating with China, just like Apple in order to build a data center there.
Apple is complying to local standards while keeping their own moral standards. Google is making a moral compromise to work for the CPC. It would be comparable if Apple rolled out a chinese version of iCloud for which the CPC has the keys, which is not the case. By the way, when the Apple situation was reported, I was (and still am) critical of it, because it sets a bad precedent. But spreading misinformation in a forum where people are supposed to know better is not acceptable.
Please explain how are those two different things? Apple built a datacenter and gave keys to Chinese government to comply with law. Google is looking at (not even deploying!) a search engine that would comply with Chinese law and deploy it in China.
How do you think those things are different? Especially since Google did not deploy anything yet, while Apple gave up on the "human right" and handed over the keys?
Google is building surveillance and personal information harvesting systems designed to minimise individual privacy and maximise government control. It’s unavoidable because Google’s systems are based on the fundamental principle of gathering and analysing as much information about people and their behaviour as possible.
Apple have bent over backwards to ensure they themselves, and anyone in their data centres, have as little personal information about their customers as possible. FaceID and TouchID don’t Store face scans, only secure hashes of the data and only in an inaccessible local data store. AI analysis of most user data and activities is done locally on the device, pulling down reference data from the cloud as necessary rather than pushing the user data up. User activity data is protected by powerful new anonymising techniques. User personal data that is stored centrally e.g. for syncing, is encrypted end to end wherever possible so it’s only accessible to the user.
I’m not saying they store no unencrypted user data centrally or know nothing about user activities, but they have gone to crazily extreme lengths to avoid it. When law enforcement has gone to Apple with warrants to get user data or open up user phones, Apple has often been able to honestly say it has squat.
A lot of people here know all this and are just taking it into account, that’s all.
I mean, it's just my view, I don't speak for anyone else, much less "this site". I personally don't think it's realistic to require these companies to totally stay out of the Chinese market, that's just not going to happen.
they fought the govt where the only headlines would be positive. look at all the privacy features they're giving to Chinese citizens who actually need them. instead they literally gave the keys to everything to the Chinese government
Nope, he does the opposite. Here is his own words from a Chinese conference.
“The theme of this conference -- developing a digital economy for openness and shared benefits -- is a vision we at Apple share,” Cook said. “We are proud to have worked alongside many of our partners in China to help build a community that will join a common future in cyberspace."
What do you suggest Apple should do instead of comply with the law? Require it's employees to incriminate themselves?
I'm not the GP but I've seen this exact form of complaint many times. I think the usual response is "stop doing business in China." I don't know how that's supposed to work, though, since Chinese companies make all of Apple's hardware.
The phase of iPhone manufacture that’s done in China involves screwdrivers and glue, not high-tech fabs. It could be done elsewhere for a smaller price increase than you might expect.
I read somewhere that the issue is (for almost all electronics manufacturers) that all of those hi-tech fabs are also physically located in China, so you save a great deal of money and time.
Sacrifices for what, though? Let's say Apple does take a stand against China's human rights record. Then what? Apple pulls out of the country and a Chinese company fills the void in the market, possibly handing over even more user data to the government. What has been accomplished by Apple's "sacrifice"?
Apple customers elsewhere in the world are assured of Apple's integrity in this regard.
Of course, it is a bit unreasonable to expect Apple to actually do that, but it is also a bit unreasonable to believe that Apple will guard your privacy anywhere else when push comes to shove.
Apple is not a human being, it is a company. That means expecting it to have integrity the way you would a person will only lead to disappointment.
A better way to understand the actions of a company is to look at incentives. Apple does not have a huge incentive to collect and monetize user data the way Google and Facebook do. Therefore, Apple has an incentive to try to differentiate their product based on this fact. That's all that is going on here, morality does not enter into the picture.
How does sourcing in China require you to sell to the Chinese market? I don't see how Apple could be compelled to open their iCloud to the Chinese government if they're not operating iCloud in China and don't directly have Chinese customers.
China requires that the services be operated from within China and requires government access to the data centres.
I suspect this is one of the driving forces behind Apples efforts to do as much AI Balts is on the device, and employ encryption and advanced anonymising methods on data that is transmitted to the back end.
Yes, as I said, sourcing from China doesn't mean you have to sell your products in the Chinese market. If the only way to be an iCloud user in China is to trick Apple into thinking you're not in China, Apple can't recognise Chinese users and thus can't help the government spy on them.
Apple presumably doesn't provide iCloud in markets that the US has a trade embargo against, so why wouldn't they voluntarily abstain from providing it in China where it's not possible to provide the service without co-operating with the Chinese government to subvert their users' privacy.
I'm not saying that Apple should do this. I'm saying that it's dishonest to claim Apple's hands are tied. Unless the Chinese government is using the supply chain as leverage to force Apple to provide it access regardless of whether or not Apple intends to provide services in China, whether Apple is using China as supplier or not is irrelevant.
I think that framing these new requirements as rights is a really good approach.
Being able to find out what data is being collected and how it is being used is a prerequisite for any accountable system of balances that could create negative incentivizes for abusive practices.
Obviously preventing all abuse will prove impossible just as preventing all crimes of any other type is impossible — but as with other kind of crime, undesirable outcomes can definitely be reduced when deliberate will is informed by wisdom and fueled by effort ...
Well overall Cook is right but... apple needs to provide alternatives to the common people!
1. There is no equivalent for Facebook and apple cannot build a one with privacy
2. There is none from Google-Search and apple has not built one
3. About WhatsApp? (iMessages - yes only within walled garden!)
4. Google groups-?
5. Browser? Safari?
6. Calendar -> Even creating a icloud account needs iDevice
7. Cant create more than 2 Apple account from same iphone!
We should celebrate the transformative work of the European institutions tasked with the successful implementation of the GDPR. We also celebrate the new steps taken, not only here in Europe but around the world — in Singapore, Japan, Brazil, New Zealand. In many more nations regulators are asking tough questions — and crafting effective reform.
I disagree, I think technology should solve that pproblem, like Tim Berners-Lee's.
And how would this announcement have looked if Apple's iAd platform actually succeeded?
While the weaponization of data is a legitimate cause for concern, Apple - the company that maintains a score on you - is hardly the one to be believed as a defender of your data or privacy
> Advertisers grew increasingly frustrated with Apple’s unwillingness to grant them access to the wealth of data the company possessed from its customers and Apple’s hundreds of millions of iTunes accounts. Every decision in advertising is born in data — 70 percent of agencies and 73 percent of brands use data to target the desired audience. Strong analytics tools are becoming ever more important as advertisers strive to keep ads relevant.
It's likely that the incumbents, Google & Facebook, were both much further ahead and entrenched for Apple to break through. Apple also tried social networking (ping) and failed. And self diving cars. I don't see any real evidence for Apple not sharing data out of some moral high ground. If they could actually boost their bottom line and not drive away existing customers, they'd do it. They rolled over like a timid puppy when China asked for all, that's ALL of China's iCloud data. They could've walked away from the China business if they had a sliver of moral turpitude, but they obviously don't, which is also evident from their tacit tolerance of child labor and unreasonable working conditions from their suppliers in China
While I agree with this in principle let's also be frank and say that this is a much simpler stance to take when your company doesn't exist based on data.
What's hard is to not base a company on data. When you have more than a billion of active users, and you don't have just another app, you have the entire operating system and you are the sole gatekeeper to third party applications.
How many investors did Apple lose for not data mining users?
Look at the P/E of Google and Facebook and then look at the P/E of Apple... Apple sweats every dime of their $1T valuation.
I generally agree with Tim Cook's words here as I also believe the large amassing of personal data and the aggregation of it there of is potentially (and I believe as to many others, already is) very dangerous territory indeed. We have already seen the downsides of this with things like Cambridge Analytica for instance.
I have to call out Apple on something here, and this is something that Tim Cook could personally do something about very actively, however. And it has nothing to do with customer/consumer privacy, which I think Apple does a wonderful job with, typically. It has more to do with the ethos of the corporation.
Apple is just as guilty as anyone else about actually buying and using this data. It may not always be the case that is sourced from wherever, but they use the same tactics in their hiring and keeping tabs on employees that they are so deride in the media. For instance, if any of you are Apple employees, go ahead and check out the HR policy and procedure for publishing your information including your salary. I think you'll find that to be very eye opening. I can't recall the firms name off the top of my head, but they report that information to one of these firms that aggregates this information and in turn sells it in turn.
Oh and use a personal device at work? Apple's own employee contract states that if you connect a personal device to their network, even once, they have the right to demand any contents of that device subject to termination.
I get some of that is for secrecy, don't get me wrong. I understand that i'm highlighting things from a point of view that I don't agree with these policies and that I'm not, and it is quite intentional, discussing why these policies may be in place. For what its worth, I'm okay with secrecy, in the sense of protecting investments, IP, etc. I get business need. What I don't understand is why Apple's own policies don't reflect these values they often tout in public. I personally feel like they have this dual face a lot, where they say things publicly that I agree with but I know `privately`, if you will, the corporation does not reflect these values when its not convenient for doing business
Don't even get me started on Apple not being at the forefront of the Net Neutrality debates, where I think Apple could have real impact (the general population as a whole tends to listen to Apple/Tim Cook more so than any other CEO I can recall in recent memory, as do politicians of all stripes, its quite a trip how must esteem they hold in the public mind, which is why I think its so important they talk about something that should, at least according to their public statements, be right in line with their ethical underpinnings Tim Cook talks about very often).
Rubs me the wrong way, I guess. Am I glad he's at least a CEO of a huge public company that has weight and is talking about this in a way that is agreeable (mostly) and likely far better for the average person? Yes, yes I am, but I think its important we remember the other facts too.
Disclaimer: I did work at Apple, and for what its worth I left on good terms, and I would generally recommend working there, I just want to be honest about the things I saw and felt. There is a lot of good too, believe me.
Fun fact: I emailed Tim Cook in August after reading this story in the NYT, asking him to publicly oppose a weak federal privacy bill in the US [1].
I thought they might do it when Bud Tribble, Apple's privacy czar, testified in Congress at the hearing about privacy [2]. He was mostly non-committal until about the time when someone asked if California's law should be preempted, and he answered 'yes' but only if the law is strong enough, so I kind of had a feeling that Apple would at least advocate for it in a minor way. Now it makes sense why he was so non-committal, they were saving it for Tim Cook.
This is a full-on endorsement of GDPR in the best possible forum for this, a keynote speech at a conference for data privacy regulators. This is more than I could have hoped for. Crucially, this removes any possibility of a united front as the ad-tech lobbying machine kicks into gear.
I don't know if this was already planned or if it was my email, but I'm ecstatic either way.
Apple blew it's lead with Siri and is now trying to hamstring it's competition from passing it by with features that aren't animated emotions or only allowing certified Apple parts in repairs.
And can someone please fix the garbage fire iTunes desktop UI? It makes zero sense for the "description" bubble to be some tiny 20 character wide chat bubble for podcasts.
> Prove that localized models built on small datasets work.
> Invest in cryptography and user anonymity technologies.
That’s what they literally do. Much of iOS’s “proactive” features are done on-device, as is things like photos analysis. And most of Apple’s products utilize at least some sort of cryptography and anonymized logging.
Clearly they're not doing enough, if they were, Siri wouldn't have fallen so far behind. I know it's a new and difficult field (I work in it) but it's also one where you could throw buckets of cash at the problem and get better results.
Siri is far behind because Apple has a pro-privacy stance.
They've effectively hamstrung themselves by anonymising the data and not cross-correlating between users as much as Google does.
Google on the other hand has no qualms about using the mountains of data they collect on every single user on their platforms. They can teach Google Assistant stuff that Siri can't even try to do yet.
siri is behind because apple thought buying a natural language assistant startup was enough work/money spent to get into the smart assistant game. there is literally no research coming out of apple on smart assistants or machine learning(that isn't photos) and it shows
It must be difficult to uphold such strong principles for the free world while routing all your Chinese customer data through government surveillance servers. I guess it's better than the alternative- not selling in your (2nd?) largest market.
Well done everyone. Never let the actual content of an article get in the way of some good old Apple bashing.
At the time of writing, I can only find one top level comment (by 'dvfjsdhgfv') that's making any attempt to discuss or expand upon the content of Cook's comments.
This is one of the most important issues facing mankind, and the ball is very much in our court. We all get plenty of opportunities to criticise our favourite tech companies and their practices, but if every single mention of them becomes an invitation to shoehorn in our gripes and complaints then this entire endeavour is just a massive waste of time.
Hmm, I mean I'll take climate change, racism, education, and some particularly nasty geopolitical issues above it, but other than that, I would say it ranks pretty high.
I'd argue that the weaponisation of personal data and hyper targeted advertisements/disinformation are making all of those issues worse. It's what has created the current wave of climate change denying nazi sympathising maniacs to grow.
“Our own information — from the everyday to the deeply personal — is being weaponized against us with military efficiency,” warned Cook. “These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded and sold.
If personal data has value, and companies are making billions or even trillions of dollars from it, shouldn't these firms be paying the source (us) to use it? Real cash, as opposed to discounts or in-kind exchanges?
Not all. Certainly not brokers serving the ad industry, credit bureaus, and retailers. And for others such as Google business services and Microsoft, we pay them. Even for the "free" services, is it a fair exchange of value?
Cambridge Analytics isn't an ad company but very much working with personal data.
All that health data in healthkit would be a treasure trove for insurances, even without using it for adverts (but for determining premiums, for example)
A design/branding company that designs their own chips? Sure then they are a design company. A company that builds brands, also sure.
What proportion of hardware do they have to "make" themselves to be considered a hardware producer? Having TSMC fab silicon doesn't make Apple any less of a hardware company than BMW not being a car company because they buy ECU's from Bosch.
I've no idea about BMW but if they did the design and someone else did the manufacture, then BMW would still be a car company; they would 'just' be designers and not manufacturers. What's wrong with that?
So, if Apple make [all] their own hardware except the silicon then you could have answered the question rather than composing a strawman.
Yes, if BMW don't make their own electrical systems it makes them less of a car company. Is that controversial to you? It's supremely sensible for a company to buy expertise by outsourcing elements of manufacture of complex products IMO.
> I've no idea about BMW but if they did the design and someone else did the manufacture, then BMW would still be a car company; they would 'just' be designers and not manufacturers. What's wrong with that?
In a nutshell, it ignores modern reality. BMW isn't in the business of building ECU's, they leave that to Bosch. Similarly to how Airbus and Boeing both don't build their own APU's and buy/contract out the building of that to experts.
> So, if Apple make [all] their own hardware except the silicon then you could have answered the question rather than composing a strawman.
Strawman how? You've an absolutist view of manufacturing that no manufacturer could meet. I'm almost certain that any phone you have has an 8 bit micro that guaranteed wasn't designed or built by the people that put it in. Same as capacitors.
Apple designed their A series chips, their faceid stuff, touchid, security enclave, ac chargers, etc... They contracted out to someone else to build it and used other things like qualcomm LTE chips when there isn't much other choice. I work at a company that does the same for custom hardware as well. I'd be hard pressed to hear that we didn't "design" our own stuff.
> Yes, if BMW don't make their own electrical systems it makes them less of a car company. Is that controversial to you? It's supremely sensible for a company to buy expertise by outsourcing elements of manufacture of complex products IMO.
Is it controversial to me? Yes only in that you completely contradicted your own viewpoints in a single post. Your end is sensible, the start is not. Mostly as its not a very useful view of modern manufacturing. Lots of components are off the shelf from other companies. More than you might think.
Doesn't mean BMW isn't a car company, or Boeing isn't an aircraft company. It is no different than pulling in a shared library for xml or json parsing instead of rolling your own.
This is really a pedantic point. By your metric, most companies we know today as making “hardware” are not hardware companies because they don’t make every component that goes into their products themselves.
Not every component, I did put in specifiers to emphasise that.
If I design a chip and you fab it then I'm a designer and you're a manufacturer.
I'm not accusing them of white-labelling or anything.
So, perhaps someone can say how much they manufacture in their own fabs/factories as I asked?
Meta HN can be very anti-truth, just post "Apple actually own 95% of all their manufacturing", or whatever with a source -- surely the question is valid??
If Apple thought an eventual about-face on this issue was a business strategy they might need to employ, they'd hardly be pushing so publicly and loudly on it.
Growth may stall, but throwing away one of their primary advantages over nearly every other tech company is a pretty stupid strategy.
Personal information is extremely valuable. I don't understand why people are opposed to collecting and making use of it. Not doing so would be inefficient and foolish.
While I believe that those who collect such data would make the world a better place if they freely distributed it, I don't think they should be forced to.
I'm sure that whatever hypothetical problem that could result from such collection of data could be solved more efficiently in a different way.
Edit: OP changed his comment, so my response is looking off-topic now
Sure, please paste here your email and other accounts logins.
Maybe you say you can't trust some random stranger on the internet but why would your trust companies, they have no morals, they want only to make money for themselves and on top of that they are incompetent and they can lose your data and random people on the internet will have it.
Facebook sure doesn't seem to. 50,000,000 of their accounts were breached just last month, apparently by spammers intent on harvesting private account information.
And Google supposedly shut down their Google+ service over a potential security bug that could have exposed a few hundred thousand accounts, but of course there were more reasons than that.
> I don't understand why people are opposed to collecting and making use of it.
Because:
> Personal information is extremely valuable.
The main problem isn't making use of personal information, but using it in such a way where it is not clear to the user as to what is being collected by whom, and what is the value they're getting back for that information.
Moreover, is is extremely hard to know about and control leakage of that info to parties you didn't consent to directly.
Personal information is information about a person. We already collect information about things. Why not collect information about people, which are arguably more interesting?
If your children were followed around with someone recording them with a personal video recorder as soon as they left their house, that’s just public information right?
While I agree with the sentiment and am also strongly against this mass surveillance, I don't think that a "please think of the children" argument helps our case here.
>You can get paid in the form of a free OS for your smartphone?
I paid full price for my phone, there was no warning or contract for me selling my data. I also do not remember a clear EULA about me selling or paying with my data, usually this EULAs are emphasizing that data is collected to give us better services not that is sold/shared with third parties.
Add to that, even Android is not so free. Google requires manufacturer to pay a premium to include Google Play Service, which is proprietary, and Android Support. This cost will be transfer to customer, so Android + Google Play bundle is not a free OS. It cost something, just not having a price tag to buy separately.
It means I paid for Google Play Service to be included in Android and they also required me to pay by personal information to use their cloud, which is fine, but I don't have a choice to opt out, or choose to pay Google and not selling my data. The problem is the implicit contract with no opt out or alternative payment to respect my privacy.
That said, I do think people should not be surprised that when they reveal pieces of information to a company that that information is used by that company in ways that they don't 100% agree with. If you give up information, you're giving up (some amount) of control over how that information is used.
I don't think that's true, I expect to be told up front, clearly and unambiguously, the true cost of something.
Stores that have hidden charges and gotchas are reviled, just like we should be outraged by websites that sell your data without your explicit consent.
I don't think you should be surprised because I think you should assume (as I do) that all information will be used in the maximally worst case way. Once you do that, you're never surprised.
I don't believe that people are generally against the collection and use of personal information, per se. To me, the problem lies in a couple key areas, which coincide pretty well with Cook's statement:
1) No opt-out. Some companies and institutions are decent about this, but the overwhelming majority of companies who are collecting information about me I've never heard of and couldn't name. I'm not asked if tracking, etc. is okay, OR am presented with some dense glacier of legalese when my only interest is to read some article.
2) No transparency. Who has what information about me and how are they using it? I haven't the foggiest clue, if I'm being honest about it, and I'm a relatively technologically sophisticated and aware user.
3) No deletes. Even when a company offers to "delete your data", how can this be verified complete? It is difficult for me to trust a company or institution's word on this having so insidiously collected the data in the first place. Now, before you take issue with "insidiously", consider the information asymmetry present when an average person (non-lawyer/engineer superstar hybrid) signs up for FB or Gmail. There is definitely a sense in which it is clear that you aren't getting something for nothing, but at 16 that didn't occur to me, and now the damage is done.
4) What, precisely, is this data going to be used for? Creepy ads are one thing, and have been pervasive enough long enough that I think many folks see they as normal now. I don't like the advertising economy, and take steps to shield myself and my family from it to the degree that is possible within our inconvenience tolerances, but the scary thing about this data goes beyond shitty frothing-mouth marketing efforts. When the advertisers are done with it (hah!) it is still there, waiting to be exploited in a political, judicial, or military effort of some kind. Google "Sesame Credit" for info on China's bone-chilling weaponization of social media. And yes, I know, China isn't a beacon of human rights, that isn't the point. I suspect that if China can do this out in the open, there are closed doors in DC behind which a more subtle, similar effort is at least an on-again/off-again discussion.
So no, I can't agree with you that "whatever hypothetical problem that could result from such collection of data could be solved more efficiently in a different way". I work at a 2nd tier retailer whose "Customer 360 Experience" is a surveillance program a lesser nation state would be envious of (I was very surprised to learn how much collection efforts have evolved for in brick and mortar stores). Once the data is collected, it's damned near impossible to "uncollect". Genies don't like to go back into their bottles.
5) your data is sold or shared with a third party and they leak it, ex Equifax so you have a lot to lose when your data is leaked (imagine if all our browser history would be collected for years and then somehow leaked, that would suck a lot, probably lives would be destroyed)
I started a social data search platform named Datastreamer (http://www.datastreamer.io/) which is basically a petabyte-scale content indexing engine.
We provide API feeds to search engines and social media analytics companies needing bulk data but don't want to have to build a crawler.
For the last 5 years we've had major problems with customers coming to us asking for data which we felt was unethical (at best).
We actually had Saudi Arabia approach us... It was clear that they were intending to something pretty evil with the data.
Their RFP questions were a bit frightening:
- can you track people by religion?
- can you give us their email address?
- can you provide their address?
- can your provide their ethnicity?
- can you provide their social connections?
We're actually losing business to other companies that are performing highly unethical and probably illegal techniques.
We just can't compete with data at that type of fidelity.
If you're a researcher and you want to access bulk data for combating this type of non-sense WE WILL PROVIDE DATA AT COST. We can provide up to 1PB of data but for now we have to charge for the shipping and handling of that data. We're reaching out to some other companies like Google and also the Internet Archive to see if we can provide more cost effective solutions.
I'm working on more tools to give the power back to the users.
Polar (https://getpolarized.io/) is a web browser which allows people to control their own data. The idea is that I can keep a local repository of data and eventually build our own cloud platform based on open systems like IPFS and encrypt the data using group encryption.