It's good to have a reminder of the nature of corporations so soon after that. Tools for users to take privacy and security into their own hands need to be made accessible enough to make it truly matter.
Its like herd immunity with vaccinations: it doesn't matter that you use encryption and block trackers if all the people around you provide enough data to make inferences about the private few.
This is not even remotely hypothetical. Making everyone's data accessible to organizations and people subject to US court orders is bad for privacy.
This kind of thing will be happening more and more, and not just China and Russia, but also the EU. So it won't just be that Chinese users can be spied upon by the Chinese government. It will also be true that it will be more difficult for the US to spy on citizens of other countries.
It's exponentially more difficult for the Chinese government to wield data against me than it is for the British government, as I do not live somewhere where the Chinese government has any power over me.
It depends mostly on the nature of the data, and how much interest they have in you. If the data is damning enough, and they would find value in using it against you, then the Chinese government is perfectly able to hire someone to do so.
Anyone in China who is significantly wealthy is effectively involved in politics, with potentially life and death consequences. To stay under the radar, you have to stay at the level of inconsequential small fry.
So it's (in some respects) safer to have your data managed in a foreign country than in the country you live in, as a counterpoint to the claim that "it makes so much more sense that your data is subject to the law in the country you reside in".
In the vast majority of cases, yes. In an absolute sense, no.
There is a point to that.
To clarify, I'm saying it makes sense from a legal and societal perspective, not from a personal privacy perspective.
That’s ,at best, less than clear, considering the actions attributed to PLA Unit 61398.
A good thing about these data regulations is that they can not only be brought to court by private individuals, but by also by dedicated officials from the nations.
They include a clause that both Apple and the Chinese firm will have access to all data stored on iCloud.
It makes me really worried about apples commitment to privacy.
What if the Communist Party of China was actually visionaries what the Internet could do for oppressive nation-states, if properly harnessed for the good of the party?
To be clear, I am not advocating that companies should bow down on their principles, just that it needs to be a more coordinated effort across companies, and might need new technical solutions to evade government firewalls etc.
While I am cynical that my wishes would come true, I do respect the companies that take a moral stance against their own business interests, which includes Google in China and Apple in the US.
That would seem to limit the scope of what Chinese authorities can access.
e: "strikes me as" == "is"; it's not really optional.
> The subtext I guess is that in my view it's worthwhile for Apple
Exiting the country might be the most worthwhile long term choice for a company. China has clearly indicated, through it's actions, that it's mainly interested in technology transfer to shore up it's domestic competitors. It's not really interested in giving foreigners a fair shot at its market.
This might not be very true for Apple (as it's really mostly a luxury smartphone maker), bit it is for a lot of the companies that would like to do business there.
Apple has always made clear that information stored on their iCloud service were subject accesses by a third party with the proper authority. Whether this third party is US or Chinese does not change anything.
Only the information that is resident on your phone with the Secure Enclave is tamper resistant.
Again, it's not so much about what the firm can actually do with the infrastructure (ideally, it's a black box that only the user can access with the correct key), but what compromise they're willing to make in order to conduct business. Privacy has become a selling point for Apple, and actions like these signal how serious they are about it.
Personally, I see this as a positive development, as it signals that the company is doing what it claims to, promoting the PRC to get the same accommodation that Office 365 delivered versus giving the state the level of access it demands.
If you feel strongly or have a requirement to control your account principal, you should not be using a third party identity store.
Apple to China: Here are the keys
This is not the case in China.
In both cases, they are protecting user privacy to the greatest extent they can by law.
Secondly, Apple is not handing the keys to their system over to China. Instead, they are deploying a separate system for Chinese accounts to preserve the privacy and security of all other accounts. And finally, they are not compromising the Secure Enclave or any device security features.
Google didn't miss out on much at all, it was clear way before they pulled out that they wouldn't be allowed to go very far in search. Also, Google only pulled out of search in China, they actually still do plenty of business in China.
The data may be stored with a Chinese company but it’s still encrypted isn’t it? They can’t read it can they?
If the Chinese firm couldn't read the data access would be pretty pointless me thinks.
Imagine when all the censorship and surveillance and the actions taking with personal data start surfacing, they're going to very quickly try to get out. Apple pulling VPN apps off the App Store is just the beginning.
It may be a big market, but I think Apple shouldn't be there under the Apple name, because stuff like this shows me that it's literally a different company.
It's simply not worth the business.
Unless you live in China in which case your fundamental human rights take a back seat.
I did a Google translate on their Chinese web page:
"At Apple, we treat privacy as the fundamental right of everyone."
Perhaps Google translate messed up and missed the "human rights" part from the Chinese translation, but I'm guessing it didn't.
A month ago, Apple noted that it has 1.8 million developers in China (and/or developers publishing to China -- not clear to me). At any rate, the Apple platform has made those developers $17 billion dollars.
So China is big business for Apple developers and I assume many of those developers are US/CA/EU/AU/etc. who benefit from the platform being available in China.
It's possible that someone could view Apple's decision to compromise its customers privacy to remain in the Chinese market as "morally strong". I would like to hear a defense of that position if someone held it.
Apple's decision appears to be legally compliant but morality must transcend legality in my worldview. i.e. the "good men" argument per Emerson or others
I hate to reference Orwell, but the fact that Apple convinced us all to lie by saying we'd read the T&C and now are telling us that there's "important" information in this unreadable document seems like classic Orwell.
ex. Facebook Germany should handle all its specific speech laws rather than trying blanket global speech to Germany or EU specific laws.
Though at that point you start losing advantages at scaling depending on implementation.
What exactly does this mean? What makes an online account registered in a geographic location? Is it determined by where the iphone is bought, the IP addresses when the registration is made, the email account used for the registration or something else?
To answer your question... I hope not. But perhaps we are already there. Boiling frog etc.
This link might come handy: https://support.apple.com/en-us/HT201389
All you need is a foreign credit/debit card.
Resistance is useless. WeChat, QQ, AliPay and other complied third-party online services are more than enough. As long as you are connected in the Matrix, it has you.
Apple sold out all China iCloud accounts
And don't give me the standard amoral shareholders whine. Apple is already on record as saying it would rather do the right thing than make money, and if investors don't like it they can go pound sand.
Now Apple's sold out a billion people.
How long until the Chinese government requires access to the Secure Enclave chips in iDevices?
I agree that the US/EU needs to be harder on China. Its been very one sided in recent years. The real issue, I think, is their disregard for intellectual property. You bend over backwards to get into their market, then a year later a government backed firm with an identical product puts you out of business. They won't get away with that for long, believe you me.
What year do you predict they will no longer get away with it?
You know what else is not going to make European tech industry globally competitive? The chronic lack of money, because it's all siphoned away by google, amazon, apple, and such. Do we need a global competition? Why?
An internal competition in a huge market is good enough. China encouraged the development of a strong internal market: and they are innovating like crazy. Europe is big enough to do the same.
European citizens have better English proficiency and no great firewall, hence the transaction barriers to consuming global services are easier.
I’m afraid you have to be globally competitive unless the EU wants a Great Firewall.
It's just a political choice. It's not a fact of life. Better regulation and better taxation of capitals would "firewall" Europe as well.
As I said below, language has never been an issue. Nobody is using google because is in English. Google is well translated everywhere.
Europe’s problem with tech investment isn’t because of existing big tech players.
"better" yes, but not good enough to make American products successful unless they are translated
It's a lot easier for a Western business to translate their UI to German or French, than it is to Chinese or Japanese. Input methods alone are an issue that calls for interaction UX to be designed differently.
The same is not true for China. It is easy for US firms to serve Europeans by localizing language, ergo European firms face global competition from US firms with a lower barrier.
It is more difficult for US firms to serve the Chinese market, even if you have perfect language localization. The cultural differences are larger than US<->Europe. Even before the Chinese government got protectionist, US firms had trouble competing in China.
We've seen lots of tech companies launched from the UK, Germany, and Scandinavia, but less so from other regions. Perhaps it would be better to ask what is it about say, Italy, or France's internal markets that makes tech harder to find investment for locally.
There was a time when Western companies were flying under the radar during the first half of Hu’s term allowing JV market share to expand significantly.
China’s economy hasn’t been communist since Mao.
But is it easy to get the EU countries to even agree on any of this stuff? (Genuinely asking, cuz I imagine it's insanely hard because each country has their own culture and priorities)
Is having a different language a big deal? Also no.
EU should start providing incentives to local companies to build their own business that serve its own people, other than becoming US's satellite states.
Could you link to some articles about this?