> Personally, I'm fine with Apple having that kind of info as I generally trust them
...up until Apple decides to change their leadership, or their business model, or the mobile market implodes and they start looking for new revenue streams, or their relationship with the US government changes, or ...
I get that as a practical matter we are forced to trust somebody somewhere eventually, but at best we should be saying that "Apple doesn't seem motivated to abuse this information for now."
This is a common perspective, and it is generally correct and worth considering.
However, for a company like Apple to change its stance would take a long time. Culture is sticky and, furthermore, they simply don't have the mass data collection and processing pipelines necessary for such an about face. There would be a fairly long period (my guess is years) during which consumers would be able to change providers.
My comment was the work Apple would need to do before collecting that data. Anyways, GDPR gives you the right to deletion at any time. Apple has publicly committed to offering GDPR rights to everyone.
Which is why Apple protects your data in a way they can't access it - in the event that they change into Google and Facebook in future they have no access to the current information.
I don't think it's valid to say Apple can't access your data. Maybe I'm understanding it wrong, but wouldn't that mean all your data would have to be encrypted with a private key that only you have? All I use to access my Apple data is a password, which I can reset at anytime.
Correct, all your data on apple's services are encrypted such that apple can't access them. The final fallback for account recovery is the "iCloud key vault" which is covered in documentation they published. Those are essentially HSMs gated by your account password and passcode, and a counter that triggers recovery key erasure.
I think the primary security white paper describes exactly how it works, but essentially there's a set of shared symmetric keys that are encrypted to public keys for each of your devices. Outside of the key vault path, the way a new device gets access to those keys is one of your other 2fa devices encrypt a decryption key to the new device when you approve it.
The basic result is that there is no point in which the key material is transmitted unencrypted off a device.
Yeah, I do agree here - as much as I love to believe that this is a core belief of all the employees at apple - and in my experience this is a true statement - we have to remember that Apple is a company, and there is undeniably a huge marketing ability in privacy given that their business model doesn't depend on selling information.
But there's also a huge security benefit to apple not tracking this information: A hacker/angry-former-employee/creepy-current-employee can't access it either (eg. like the various stories we here about fb,uber,etc admins and employees spying on people).
To be perfectly cynical, I'm willing to temporarily give the benefit of the doubt to the company that's not currently selling my personal information to marketers, over the companies that are doing so flagrantly.
Exactly. With Apple it's "what if" their customers suddenly become advertisers, whereas Google and FB their customers already are advertisers.
Apple is in a unique position where they can sell hardware at profit making prices to a huge customer base. Even if we are at peak iPhone, current Apple users are not going anywhere (I tried to switch my wife to an Android phone once and it was a disaster hah). Privacy moves like Apple ID will only solidify the current user base. Best in class products like AirPods and the AppleWatch also lock users in - in a good way though.
I've noticed that since this announcement it is also pulling some stout Android users I know who have become disillusioned with how Google is slowly locking Android down. The constant bad press Google has received combined with the Apple privacy drum beat is starting to pay dividends for Apple.
While that's all true, again as a practical matter, a massive multi-decade-old denizen like Apple in some ways has more cultural and institutional inertia than even the US government. Especially now. Life is short; Apple's "for now" has been 43 years running.
The company has been around for over 40 years. Have they done anything to suggest that they’ll just randomly go rogue? Their brand is built on some amount of user trust, if they start violating that, there’d be significant market risk which makes no sense for them to do. They can and are already winning when it comes to privacy, violating that would be incredibly stupid from a business perspective. Privacy is one of their competitive advantages.
I feel more importantly they go to great lengths to create a brand image (because after all, everything else aside, they are a for profit company) and I imagine that reneging on the privacy angle would be considered to be damaging to the brand.
I feel of all the major tech companies, Apple is way more invested in retaining their brand image.
...up until Apple decides to change their leadership, or their business model, or the mobile market implodes and they start looking for new revenue streams, or their relationship with the US government changes, or ...
I get that as a practical matter we are forced to trust somebody somewhere eventually, but at best we should be saying that "Apple doesn't seem motivated to abuse this information for now."