
Apple’s New Privacy Technology May Pressure Competitors - kawera
https://www.technologyreview.com/s/602046/apples-new-privacy-technology-may-pressure-competitors-to-better-protect-our-data/
======
CaptSpify
Unfortunately nobody is selling the phone I want: an actual open-source
(probably linux) phone. I had the original iPhone, but won't get another one
unless they go open-source. I have an Android, but I hate it's closed-off,
blobby mess. I'm extremely glad Apple is pushing privacy, but I just can't
support them until they put their money where their mouth is. I'd love an
alternative to these, but I've yet to see any decent ones that are available
to me.

------
return0
Apple is on a PR campaign to sell privacy to users the past few years. Do
customers care though?

~~~
majewsky
> Do customers care [about privacy]?

A data point: Yesterday, a German net politics outlet published a
representative poll conducted on behalf of the German government, which showed
that 92% of citizens polled want the government to take a stronger stance on
data protection. Source: [https://netzpolitik.org/2016/bundesregierung-
befragt-bevoelk...](https://netzpolitik.org/2016/bundesregierung-befragt-
bevoelkerung-die-wuenscht-sich-mehr-netzpolitik-und-eine-staerkung-des-
datenschutzes/)

~~~
mattmanser
I can't read German, was the question:

 _Should your phone help protect against criminals stealing your identity?_

Or

 _Should paedophiles be allowed to swap photos of children in secret?_

~~~
Someone
Neither/both.

 _How much should politicians care about data privacy?_

Proponents of either of your examples would have answered "lots".

~~~
hatsunearu
Meh, that's phrased in a way that is hard to say "yeah" to. I mean, if you ask
someone "do you want ice cream?", who would really say no?

------
nxzero
Does anyone know if the "differential privacy" is done on the device before
send the data to Apple? Seems unlikely, but oddly couldn't get an answer from
Apple.

~~~
dalbin
It looks like it is done on the device based on the framework header :
[https://github.com/JaviSoto/iOS10-Runtime-
Headers/tree/maste...](https://github.com/JaviSoto/iOS10-Runtime-
Headers/tree/master/PrivateFrameworks/DifferentialPrivacy.framework)

~~~
yousry
Interesting. I thought that with DP the user data is anonymized by a random
function with the value range based on the complete sample set. I also expect
that the data is encrypted before transmission and I expect some kind of
unique signature which is somehow stored on the device. The transmission
itself is certainty logged on client and server side.

If I understand this framework correct the epsilon range for the randomization
can be selected by hand before the transmission and also the number of
collected parameters is not limited. Why is this called "differential
privacy"?

~~~
nicky0
Perhaps named because the system is based on differences between the true
value and the reported value .... and then summing the aggregate data removes
these 'differences'.

~~~
yousry
If a data collector can choose the epsilon range and the linked parameters by
oneself, s/he could choose small (irrelevant) or too large (expandable) ranges
and could try to cross reference the result via data-mining (already collected
data).

~~~
nicky0
True.

------
mark_l_watson
I am fairly happy with my "hardware stack" right now: iPad Pro, several Linux
laptops, leased Linux servers, and a nice Android phone. Great gear.

However, because of privacy issues, and even as a FSF member, I can imagine a
possibility of 10 years from now just using Apple solutions if they keep
promoting privacy and security.

My preference would be all open source in my hardware but I am not sure if
small production libre hardware will ever be competitive.

------
bitmapbrother
If Apple really cared about privacy they wouldn't ask for your data. But, they
quickly realized they needed your data to even be remotely competitive. It's
funny that they criticize Google and other companies for using your data, but
seem to think their impervious to the criticism because they're using
"differential privacy". Apple is no better than the other companies using your
data and trying to cloak their objectives with a PR campaign to justify their
actions is typical Apple hypocrisy.

~~~
CaptSpify
I have yet to see evidence of Apple selling personal data in the same way that
Google does. I don't trust them, because they are closed off, and could be
collecting it nefariously, but we really don't know if they are being genuine
or not.

~~~
bitmapbrother
Google doesn't sell personal data. I'm amazed how many people don't understand
this. Google makes their money by allowing advertisers to target certain
demographics - the same way Apple tried to with their failed iAds service.

~~~
CaptSpify
Possibly poor phrasing on my part, but that doesn't affect my point.

Also, Google _stores_ personal data, which makes it an issue. Privacy isn't
just about sales, it's also about malicious actors having access to it.

~~~
bitmapbrother
Apple, as do countless other companies, also store personal data and use it
for personal gain.

~~~
CaptSpify
I'm not defending apple, I'm just saying we don't know what they collect, or
how they use it. Google clearly has a business model that relies on gathering
the most data and using it.

~~~
bitmapbrother
And Apple doesn't have a business model, either direct or indirect, for
collecting and using your data? We're in the age of context. Every company
that wants to play in this game needs as much data as they can get about you.
Apple is no exception, but they're going to use their PR machine to deflect
the negative connotations surrounding it.

~~~
CaptSpify
Oh, I totally agree that it's possible, and even likely that they can and do
use your data. That's one of the reasons I don't use their products. I'm
saying that they don't rely on it nearly as much as Google, and at the end of
the day, we don't know what they collect.

------
amelius
How are they going to apply this to data sent to the iCloud? Is that data
encrypted client-side?

Something smells fishy here.

~~~
SG-
Its done on device before its ever sent to iCloud.

------
dijit
When people talk about apple they are always quick to call out that "Apple has
all your data", yet are complicit with google snarfing up everything they can.

Until Apple can fix this PR image, then they wont be pushing competitors to do
anything.

~~~
gnaddel
I don't think that Apple has a PR problem regarding privacy when compared with
Google. Especially looking at the privacy adverse stance Microsoft has taken
with Windows 10, Apple seems like the smallest privacy evil out there. I
personally will be switching back to iOS with my next phone after using
Android for three phone generations.

~~~
majewsky
The smallest privacy evil is still Linux. (Which, of course, is not an OS most
people consider.)

------
devsquid
But the same MS researcher that developed "differential privacy" has said and
explained how its not really effective except for in short terms studies. I'm
surprised a publication coming from MIT would not bring that up. It seems like
its just "clever" marketing on Apples part. Also Chrome already employees
"differential privacy" for w/e thats worth.

~~~
frankmcsherry
Do you have a quote for the first point? It doesn't sound (i) correct, or (ii)
like something Cynthia would say.

~~~
yladiz
More so, is there proof of the second quote that Chrome uses differential
privacy?

~~~
roninb
Not sure if this[0] is exactly what you're looking for but, I think it's baked
into chromium[1].

[0][http://static.googleusercontent.com/media/research.google.co...](http://static.googleusercontent.com/media/research.google.com/en//pubs/archive/42852.pdf)

[1][https://www.chromium.org/developers/design-
documents/rappor](https://www.chromium.org/developers/design-documents/rappor)

