Apple’s mobile privacy letter to U.S. Congress omits an awful lot of context

“Apple’s official letter of response to the chairman of the U.S. House Committee on Energy and Commerce this month was designed to alleviate congressional fears about the company invading its customers’ privacy,” Evan Schuman writes for Computerworld. “But a close reading of the letter does the opposite, pointing out the many ways sensitive data is retained even when the consumer says no. And that retained data is only one crafty cyberthief away from getting out.”

“Vendors often forget — or, more likely, pretend to forget — that technology can behave very differently in the field than in the lab. In the field, where the tech has to interact with icky humans (also known to Star Trek fans as ugly giant bags of mostly water) and real-world environments, the difference between how the coding is supposed to work and how it actually works becomes evident,” Schuman writes. “Amazon discovered this when one of its Echo devices broadcast overheard conversations to a random person on the device owner’s contact list. Oops!”

“In short, any data collected is data that can be accessed by identity thieves and others,” Schuman writes. “No safeguard is perfect, as Silicon Valley reminds us almost daily.”

Much more in the full article here.

MacDailyNews Take: True, in theory, but Apple is so vastly better on privacy than other major tech firms (Google, Facebook, etc.) that it’s more than a bit picayune to devote reams to parsing Apple’s letter to Congress.

5 Comments

  1. My take on the article: don’t get a phone, any phone. If you recall in War Games (I know. I’m dating myself.), WOPPER was calculating the advantage in a nuclear war through the game of tic-tac-toe. He’s response: The only way to win is NOT to play. I’m paraphrasing it at bit. But that’s what this article is telling me.

  2. It is prudent to cast a skeptical eye on privacy claims made by corporations (and governments), because so many of them have proven to be misleading or ineffective. But this article by Evan Schuman is over the top in some areas.

    First, he denigrates Apple’s privacy policy as a “platitude.” His point seems to be that *any* data that is collected is a potential security hole. Fair enough, but data must be collected to perform certain tasks, or your iPhone will be about as useful as a brick. The fact that Apple collects less data and emphasizes “on-device processing” is a positive. Evans does not address the fact that Apple also strives to protect that data from “bad actors” using the Secure Enclave chip and other techniques.

    Evan then devotes a fair number of paragraphs to 911 and Enhanced Emergency Data (EED) services. He both praises Apple for its execution of Location Services and encryption and simultaneously raises the red flag of privacy and safety concerns. Evan raises valid points, but fails to explain how Apple or anyone else could do anything differently or better in this regard. The problems that he describes are systemic, not Apple-centric. Apple is implementing these features in the best way possible within the framework of emergency services.

    Evan then spends a while on “Hey Siri” functionality, concluding that section with “…anytime Apple says “users have control,” substitute the words “cyberthief with access to the phone potentially has control.” Privacy requires a heightened sense of paranoia.” While that is true, it pretty much applies to everything in your life – home, car, etc. Personally, I suspect that my “smart” TV and other devices are more of a long-term threat than my iPhone. Who knows what LG or Samsung or other predominantly SE Asian manufacturers have baked into their hardware and software, or how secure they are from intrusion?

    Clearly, Apple and other mobile device manufacturers have a huge challenge in preserving consumer privacy and safety such a complex, networked environment. Apple is certainly trying its best, as evidenced in this column (even though Evan seems to project a lot of negativity at Apple in between the reluctant approvals of Apple’s choices and actions).

    But Evan closes out with some sound advice on iPhone Settings/Privacy –> Advertising. I turned on the “Limit Ad Tracking” a long time ago. This is an area where Apple can improve – make that the default.

    Similar privacy and security analyses should be performed for Google Android, Android-based devices from other manufacturers, and Google’s other devices, such as Home and Echo. If Evan is paranoid about Apple’s iPhones, then just imagine his freak out after reviewing Google’s products.

    1. Yes: “If Evan is paranoid about Apple’s iPhones, then just imagine his freak out after reviewing Google’s products.”

      As an aside, the US’ implanting spy bugs into exported gadgets and devices is why China is developing its own tech more and more.

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.