Hacker News new | past | comments | ask | show | jobs | submit login
Apple vs. Meta: The Illusion of Privacy (growth.design)
393 points by Summershard on Sept 8, 2023 | hide | past | favorite | 347 comments



I think it's unfair to compare Facebook actively screwing us to Apple not adopting your proposed metric on their product and passively allowing a very popular app in their app store.

Not a huge fan of Apple, but they aren't Facebook.


Apple does not have a tracking pixel on half the popular web. Apple's main source of income is through luxury hardware and subscription services. Facebook sells your information and attention to willing buyers.


Apple's ad business, however, is growing all the time. And in significant margins.

https://www.wired.co.uk/article/apple-is-an-ad-company-now

https://www.statista.com/statistics/1330127/apple-ad-revenue...


Apple shows ads for apps in the App Store sans behavioural targeting. If there is a kind of “ethical ads” that’s as close as it gets.


Apple advertising extends beyond the app store, both for iOS and macOS, and is personalized by default. You can disable this in Settings -> Privacy and Security -> Apple Advertising on both platforms.


You’re right, it’s a bit more than the App Store.

AFAIK it also includes ads in the News app and apps that load articles from the News app (e.g. Stocks app).

Their fine print also mentions the TV app, but I haven’t seen ads there, so perhaps they’re referring to content suggestions.

This seems to be confirmed further down the line in the fine print when it says:

> We create segments to deliver personalized ads on the App Store, Apple News, and Stocks.

I’d say the main difference between Meta and Apple is that the latter doesn’t combine data from different source and only relies on their own data (what Apple calls “tracking”):

> Apple’s advertising platform does not track you, meaning that it does not link user or device data collected from our apps with user or device data collected from third parties for targeted advertising or advertising measurement purposes, and does not share user or device data with data brokers.


The ads on the TV app I think are 30s trailers when playing episodes or movies (only once per session as I’ve experienced) which can immediately be skipped like a recap.

It’s the only ad on a streaming service that has never annoyed me (I also like the fact that it’s not targeted). Zero ads are better but their implementation on tv plus is the least irritating I’ve experienced.


I have been getting them on every episode on specific series. But yeah, could be worse.



> If there is a kind of “ethical ads” that’s as close as it gets.

A news paper ad? A builtin board? I think advertisements that hijack your attention are always unethical. You should have to look for ads to see them.


I picked up a copy of Popular Mechanics yesterday and it took me a solid 2 seconds on half a dozen pages to determine if it was an ad or an article. The styles have sort of blended together and I don't think that's an accident.


It is the same in some digital newspapers. It is also harder to block them as ads. So called ”sponsored” articles.


Isn't looking at an Apple device just like looking at a newspaper? I seem to recall papers being chock full of ads outside the front page to a far greater extent than the Apple News app.

Our society depends on advertising for promoting new services, gaining new customers, and building trust. I would call it a social necessity which makes it very ethical as long as it is truthful. The hijacking that occurs is consensual as you should not visit sites if you disagree with their advertising habits. Even with the App Store almost never open it directly.

The ones that cannot be avoided are in the outside world. I would celebrate if every billboard, postal mail item, and other real world advertisement were banned completely as that is the part I have no direct control over.


This is a super fascinating comment, because why wouldn't you just want better advertising regulations across the board instead of trying to justify one form while proclaiming the other is harmful?


> I would call it a social necessity which makes it very ethical as long as it is truthful.

Disagree on this one. Blogs, media, social, word of mouth, etc. would still exist without advertising and would serve the purpose of all of those things. PR teams would become as large as marketing teams, things would get exploited (they already are), but we wouldn't be subjected to distraction and manipulation.

I don't think ads are the most evil thing there is, but society would be fine without them and you would probably see a much smaller imbalance of power in wealth and companies. I'll take 1000s of small forums compared to one big Meta.


Honest question: what kind of "blogs" and "social" would survive without advertising? What kind of content creator can produce quality content in the long run, for free?

The Verge? Nops. Techcrunch? Also not. AnandTech or Business Insider? No and no. Hackaday? Dead. NYT and Bloomberg? Maybe, and likely not. And what about your top 20 favorite YouTube creators? The majority would be gone.

Sure, the long tail of quirky small bloggers would be unaffected -- they don't really make any money today from advertising. But a lot of them are bottom-feeders; they consume content produced by others, and re-hash to add their own takes.

And we're not even talking about the second order effect -- all the ecommerce companies that would be wiped out without qualified leads and traffic. Go to any site - The Verge, Hackaday, Daring Fireball - and see the ads. Most of those companies would disappear.

Is this really the web you want to live in? A web with only a handful of publications with large followings who can command premium subscription (read: The Information, NYT, Stratechery, etc), and the top x% of privileged wealthy folks who can afford paying for a bunch of subscriptions?

Yes, I would call advertising a social necessity. It's like a multi-dimension version of prisoner's dilemma - it may not feel you're winning, but the alternative option is much worse.


I already don't see ads on any of the sites you mentioned and I haven't for a decade thanks to Raymond Hill. Clearly they're able to survive with a significant percentage of users saying nope.


Out of curiosity, in these flights of fantastical hypotheticals where “advertising” doesn’t exist, or at least the advertising industry, why are we assuming the other features of capitalism would remain?


Sure I agree. But there has to be some distinction between annoying but more or less harmless ads, like magazine ads and bus stop ads, and annoying ads, like the ones that might end up under your car wipers, in your bicycle basket, or mail box --- and internet spyware ads, that spy on you and sell your privacy to whoever got a dime.


What's with the pathetic apple fanboyism? They are one of the biggest vaccuums of data. They will use that data for money just like everyone else. Apple's just late to the ad game.

Years ago it was google fanboyism with 'don't be evil'. Now it's the unbearable apple privacy fanboys and the insufferable tesla/spacex cult members.


What's the point of this name calling? I could call you a dead-end Apple cynic, of which there are plenty (and they're often wrong).


If I'm going to see an ad, I would way rather see an ad about something I care about vs not. Have you watched the evening news on broadcast TV? That is what untargeted ads look like. I don't have IBS but I know the names of every drug that would help me if I did.

I've actually found furniture I'm looking for on websites I didn't know existed on Instagram. Why is targeted ads a bad thing?


There are ads in the Apple News app that are the same kind of garbage you'd see on Google ads.


> In 2022, Apple generated 4.7 billion U.S. dollars with its global advertising business.

> By 2022, Facebook's ad revenues had hit $135.94 billion.

$4.7B is not a small number but no where close to Facebook’s.


Also, not all ads are the same from an ethical standpoint.

Displaying an app ad in the appstore upon searching for a similar term is very different than displaying ads based on your whole life, collected in malicious ways.


But is it ok for Apple to show you an ad in the first party Stocks or News app based on what you've searched for and purchased in the App store?


I don't own an apple device now but why does app store have ads ? After paying upwards of $1000+ on a iPhone, why can't you expect an ad free experience on a first party app store?


Perhaps there is some sort of pressure by stockholders to have the ability to promote their own products and services on the device or just some sort of backroom dealings.

My personal hope is that Apple course corrects at some point that they do not need to extract the extra cash while damaging the customer experience. The company feels much less customer oriented now and has lost a lot of the premium feel. I have already stopped using their TV app because they have made it nearly non-functional with the amount of promoted content. The News app has an exceptional number of subscription only items in the feed to where I am about to go back to pure RSS. The feeling is like what Google would have done with Google Reader if it was still going stuffing in promotions.

I agree first party apps should be advertisement free if they are advertised as being included in the price of the phone. Otherwise it is a hidden bill you are paying with hours or days of your life that you can't get back.

I would pay for a service that just disabled all first party promotions advertisements. Give me the real price instead of wasting my valuable time with advertisements I would never click.


Because Apple has decided so, because it makes them lots of money, and it isn't a big enough dealbreaker for consumers to not buy iPhones. I believe the Google Play Store has ads, too.


That's kind of arbitrary though. Why if they wanted to price it at $2k if it were to be ad free? Would the consumer then prefer ads if offered with such choice?

They are taking the risk of repelling their customer who paid $1k+ and still sees ads and they are entitled to the courage of their conviction to take that risk.


> why does app store have ads

Because it's useful.

It helps users discover apps that the developer believes is relevant to that keyword.

I can't think of a better mechanism for doing this without an auction style system.


You could just provide better search interface instead. But that does not bring money.

Or show a button to open separate window which shows related apps.

But instead, we always want to bring everything instantly under our attention [in same screen, close to the line of sight].


They’re promoted apps, the developer pays to promote their app. This tends to help startups that name their company off some random word like _bumble_.


Even settings app on iphones has adds.


This is the bullshit I'm talking about in another thread. No it doesn't. Telling you about icloud which is like an inherent feature and partially the reason some people buy their phones is absolutely in no way comparable to actual ads.

Do you know what has ads in settings? Xiaomi. A relative bought one and I helped him set it up, and you literally had to see an ad to listen to your ringtone!!!


If people bought their phone because of iCloud there's no need to advertise it to them.

What's really annoying on iOS is that persistent notification badge to "finish setting up your account" even when I choose not to use some apple services.


it also advertises news, music and apple tv (and probably all their services, those are just the ones i've noticed)


That is simply untrue.


Velocity is often more important than the absolute amount in a business context. If velocity is 100% growth, year over year, it holds true for a couple of years, it's going to draw significant attention.


This isn’t really a business context though, it’s an ethical one.

I think most people would agree that velocity hardly matters here, what’s been actually done is generally what gets judgement, not where you will be in some time if you do everything the same.

What you are describing is essentially pre-crime.


Apple is worth 3.5x as much as Facebook, so the expectation of revenues is 3.5x higher.

If Facebook were Apple's size they'd be doing 450 billion in ads.


If we're going to get technical, Facebook doesn't sell your information, it sells access to its ad network. Apple has an ad network it sells access to, too.


'Apple's main source of income is through luxury hardware and subscription services.'

So why not keep it that way? I understand the temptation of veering from the path of 'do no evil' but Apple are not exactly short of revenue?

Apple, Google and Meta are currently all three sides of the same coin. Take your pick but don't claim any virtue for doing so.


> So why not keep it that way?

That's like asking "This company's stock is doing well. Why not dump everything you've got into it?"

Apple is diversifying their income stream, and leaving money on the table if they don't take it.


On the one hand, Apple has some potential ad business ceiling.

That ceiling number varies according to how well they can target.

On the other hand, Apple has some amount of iPhone et al. sales that occur because they respect privacy.

Eventually, increasing the former will decrease the latter. I think Android shows us the link is weak (because most people don't care, if tracking is hidden), but it exists.

My impression would be that right now, Apple is targeting far less than their customers would allow (while still buying equivalent amounts of hardware).

The issue is +5 or +10 years, when Apple has a few bad product launches and needs to find a revenue stream, and selling a piece of their privacy soul to juice revenue is an easy bargain to make.

Google's central evil was allowing ad revenue to metastasize and dominate the company, which in turn meant that ad execs have more pull than is healthy.


> So why not keep it that way?

Because capitalism incentivizes unsustainable growth at all costs.


Dead on. No corporation in the world can stop this once they are big enough.

Maybe if you had an already rich individual keeping his company private and making an active effort to not be evil. But come on, let's be real...


I'd doubt anyone would get that rich without a) being incredibly lucky b) lacking any notion of "good enough".


Most of the time, that growth is good for us, so we continue to keep that economic system around.


What the difference between Meta's tracking pixel and Apple's IDFA?


From the top hit for IDFA (the wikipedia article):

> Starting in iOS 14.5, iPadOS 14.5, and tvOS 14.5, users are prompted to decide whether to opt-in or out of IDFA sharing before apps can query it. This choice can be altered in Settings.[2][3] In May, 2021, Verizon-owned advertisement analytics company Flurry Analytics reported that 96% of US users opted out of IDFA sharing.[4]


> 96% of US users opted out of IDFA sharing

If it's so clear that users don't want to be tracked online, why don't we just ban it altogether? It would solve a lot of problems.


> why don't we just ban it altogether?

There has been a setting to turn the IDFA completely off for well over a decade.

Previously, apps on iOS or Android had access to the unchanging hardware ID number of the device.

> Apple notes that it will be phasing out access to the unique device identifier, or UDID, on iOS devices such as iPhones and iPads.

This is a big deal, especially for any mobile ad networks, game networks or any app which relies on the UDID to identify users.

https://techcrunch.com/2011/08/19/apple-ios-5-phasing-out-ud...

Apple replaced the hardware ID with a random number (the IDFA) that could be reset by the user at any time, or turned off completely.

Google eventually followed suit, although any app that received the. READ_PHONE_STATE permission was immune to the protections.

> READ_PHONE_STATE is one of the Android permissions categorized as dangerous. This is because it “allows read only access to phone state, including the phone number of the device, current cellular network information, the status of any ongoing calls, and a list of any Phone Accounts registered on the device”.

... it is often requested and misused by other types of applications that do not have any reason for needing it, including malware.

https://file.scirp.org/Html/1-6101658_80235.htm

The recent changes at Apple were to make the IDFA opt out by default and to track the permission to use it per app instead of per device.


...we don't ban it 'because lobbying'. God forbid we inconvenience the capitol holders and the advertising business.


Who has a better chance of getting a meeting with your political representatives to discuss this? You, or Google/Facebook?


Sure, but that requires legislation or executive action.

Apple doing it unilaterally on their platform might invite anti-trust concerns.


It's by default opt-out and am pretty sure the prompt doesn't apply for Apple's own apps.

And since you brought out the opt-out option, one can also block Facebook's trackers through uBlock and/or DNS filters.

The defaults are what matters. From the same Wikipedia article,

> Users can opt-out of IDFA via the "Limit Ad Tracking" (LAT) setting (and an estimated 20% do).

80% users never change the defaults.


On iOS tracking and access to personal information is always opt-in. It’s literally a modal alert asking if you want to give permission when an app requests to access the IDFA for the first time.

Apple’s own apps don’t need to display the prompt because as per their privacy policy they don’t collect or use information for tracking purposes (which is also visible in the privacy labels of their apps in the App Store).


> Apple’s own apps don’t need to display the prompt because as per their privacy policy they don’t collect or use information for tracking purposes (which is also visible in the privacy labels of their apps in the App Store).

This is the privacy policy [0] of an example of their app, Apple News. I quote:

"Advertising

In order to deliver great content to you from leading publishers, Apple News is ad supported. If the Personalized Ads setting is on, Apple’s advertising platform may use information about your account, the topics and categories of stories you read, and publications you follow, subscribe to, or turn on notifications for to serve ads that are more relevant to you. We may also use information about your subscriptions to personalize your ads on the App Store."

[0] https://www.apple.com/legal/privacy/data/en/apple-news/


The summary of each app's privacy practices is easier to see at a glance using the App Store Labels: https://www.apple.com/privacy/labels/

In this case, you're referring to "Data Linked to You". "Data Linked to You" is based on the account you used to sign in to the News app + your activity within the news app - to create suggestions within the News app.

This does not allow Apple to track you from the News app e.g. access the IDFA of the device, sharing it with third parties or other apps.


It's made clear from the policy which I took the liberty to quote here that Apple News tracks your interests and uses it to personalize ads not only inside the same app but also Apple's App Store. Same policy states that whether you are logged in on the app or not, you will still receive ads.

They claim they do not share this data with other third parties but they sure as hell use it for their own advertising ecosystem.


Using an opt-out is completely different from using third party ad blocking technology and is much more friendly. I can set the IDFA opt-out on my father's iPhone and nothing will break, but if I set him up with ublock or dns blocking and it starts breaking websites, he will be totally confused and not recognize what's happening. Also, using hacks to block tracking is not 100% reliable and allowing the user to have a specific option like Apple does is better for the user.


> and am pretty sure

Trust me bro.


Meta wants to know everything it can about you because other people will pay them for the information.

Apple doesn’t.

It’s really that simple.


To my knowledge, Apple has not invented a new form of advertising that works without tracking users.


I’m fairly sure there are many forms of advertisement that works without tracking.. like a billboard.

Displaying an ad next to search results based on the search query for example is similarly benign.


>that works without tracking.. like a billboard.

Billboards still require tracking. If you had the option of putting a billboard up in 1 of 2 neighborhoods and it would get 10k impressions in either location which one would you choose? The optimal strategy is not to pick randomly. The optimal strategy is to predict the conversion rate of both locations. In order to do that you need to investigate who is likely to see your billboard and learn about their interests to see if they would be likely to be interested.


Couldn't one say the same of any brick and mortar store? If a shoe store is going to open in my neighborhood, for example, how much data do they need for it to be optimally located? I guess they could seek out the online browsing history of all the friends of all the people living within 1 mile from the shoe store and analyze it.

I don't doubt that billboards are placed with some careful thought, but tracking is certainly not "required" - some aggregate stats about an area should work, especially as there isn't much feedback on who saw the billboard and bought a product etc.


tracking: the act or process of following something or someone

I haven't seen a billboard that would follow me around before. Placing them at popular location depends on existing data (or often just plain-ass thinking, like obviously a hub in the middle of the town will have more people see it compared to the middle of nowhere), and only very very indirectly generates any sort of new data (e.g. if you only place a single ad in a specific place and can correlate that placement with an increase in product sales.. but that is thoroughly unrealistic and I only write it to be nitpicky with myself).


>I haven't seen a billboard that would follow me around before.

I've never seen a png file follow me around either. It's the people who are selling the advertising space that are doing the tracking. They want to show how valuable of a location they can offer you.


> Billboards still require tracking.

What billboard is tracking individuals?


Smart billboards available through Gannett (largest billboard company in US) and track license plate numbers. I used them in Florida until they were banned in 2020.

Billboards that identify car types are still legal AFAIK.

https://www.bmediagroup.com/news/vehicle-recognition-billboa...


Sure. But Apple didn't invent billboards and you can be rest assured it (billboard advertising) is never coming up in an iOS update in the future!

Enough with carrying water for a megacorp that makes money from selling advertising services.


I am no bootlicker for any corp, but I do value and appreciate Apple’s focus on privacy, and I think that many criticisms of it is just nitpicky and doesn’t help anyone (e.g. calling that buy icloud service label an ad..).

On the other hand, I very much await sideloading to be forced out of Apple by the EU.


> I am no bootlicker for any corp, but I do value and appreciate Apple’s focus on privacy, and I think that many criticisms of it is just nitpicky and doesn’t help anyone (e.g. calling that buy icloud service label an ad..).

Many of the same people who see no issue with this mock and insult Microsoft for promoting Edge etc., in Windows. And will pretzel themselves into explaining how "that's different".


> I think that many criticisms of it is just nitpicky and doesn’t help anyone

This is true, but many criticisms are valid. Apple News is user-tracking adware that cannot be uninstalled on MacOS. You cannot install an app on any of the iDevices without telling Apple. You cannot get your GPS location on an iDevice without telling Apple. Apple is spending considerable resources growing their ad business, so expect this to grow worse over time; and combined with Apple's inclination to deny user control, there is no way to opt out without opting out entirely of iDevices.


Meanwhile, the only competitor(Google's Android) tracks everything you do everywhere.

So Apple's privacy perspective is way better than Android's. Could it be better? Of course, and I'm fine with trying to pressure them to do more for protecting our privacy, but between the 2, it's not even close, Apple is WAY more private with your data than Google will ever be.


> Meanwhile, the only competitor(Google's Android) tracks everything you do everywhere.

The difference is you can avoid the tracking easily. This is a direct result of prioritizing user control. You can install apps without telling anybody, you can get your GPS location without telling anybody, and so on. Apple, by denying user control, makes privacy worse for users who care, and it will only get worse as Apple ramps up its services business.


That's funny! You can not opt-out of Google tracking, they just make it look like you can. There is a reason Google runs the Google Play Store, fonts.google.com, maps.google.com and gmail.com for instance. It's not because they are nice, it's because they make oodles more money hosting that stuff free and yanking data from you for their actual money making business.


Except for the Play Store, all of those apply equally to iOS devices. You do not even need to log into a Google account to use an Android device, even one purchased from Google. iOS is strictly worse in the amount of privacy allowed to its users.


They are called “display ads”. Apple did not invent them. If your site produces above average content, then display ads are likely more profitable then keyword ads, since they target high quality ad real estate instead of high value eyeballs.


The IDFA on iOS is a random device identifier and not tied to your identity. It would allow an advertiser to correlate that it’s the same device that has installed several apps, nothing more. It also resets in certain situations.

Facebook on the other hand, creates a grand central repository of everything there is to know about you and sells it to whoever wants to pay. Just like Google.


Neither Google or Facebook sell your data. If you get technical, be thorough.


The IDFA is also unique per developer, if not per app.


They are already tracking all users across the highest grossing App Store and all text entered into the search bar of the 2nd most used browser flows through their servers.

So tracking might not be their business but they can very easily start a big business.


I'm not an Apple device user so I could be mistaken, but Apple devices must be collecting all of this information about their users if Facebook is able to access it.


They are collecting lots more. I think the argument is that selling said data is not their business model. At least for now.


Apple does not need a tracking pixel as it has better information on 50+% of Americans then facebook. Where they live where they eat who they hang out what they spend on all the info is with apple.


This is an AOL-level understanding of how digital ads work.


I don't understand why people are so against Advertisers targetting people based on their data? what are people so afraid of?

the way i see it, the worst case scenario is you get an Ad for something you might actually like...


If that’s the worst you think it can happen, you lack imagination.

I Myanmar fingerprinting helped the military find dissidents, the the US Cambridge Analytica managed to get enough data to influence an election, and there’s many more examples.

Besides, if a private company can sell access to you through ads, less benevolent actors can use that access for other more nefarious practices.


If that’s the worst you think it can happen, you lack imagination.

It is 2023 and you don't need ads to influence people. E.g, TikTok not acting on dangerous trends.

https://www.vox.com/technology/2023/6/1/23742757/kia-hyundai...


1) The data are the privacy equivalent of nuclear waste. A company having it is also barely different from the government having it, directly. The data ought not be collected, period. It’s astonishingly dangerous.

2) Someone following you around writing notes about everything you do doesn’t stop being creepy-as-fuck harassment just because it’s online and “at scale”. And actually a lot of this transcends the Internet and gets connected with real world activities, blurring the difference even more. It’s wrong when someone does it to a single person for some personal reason, and it’s even more wrong when a megacorp does it to everyone to make a buck.

3) It harms the function of markets. Massive nearly-impossible-for-a-small-business-to-attain data-moats protect monopolies and discourage competition. It adds to the already-harmful-to-market-function information imbalance between individuals and companies.


For one reason, because the data lives on forever, and these companies merge or go out of business eventually, at which point the data ends up in the hands of someone else.

Data is also shared with data brokers (Acxiom and the like) which collect unknown quantities of data about you, linked to your actual identity. That data can then affect whether you get a loan or a job.

Most importantly, we don't know what's done with the data and have no control should we want it to be forgotten.


It’s not the targeting, it’s the largely surreptitious compilation of the dossier about people that is so vile.

If someone showed up at your house with a folder about a loved one, turns out they had been following them around town, tracking their movements, taking pictures, reading their emails, etc. I don’t think you’d be two thrilled, but hey they’re only going to use that info to target ads…pinky swear…


I mean, come on. WW2 and all that.

What's the worst that could happen... sheesh why don't we not find out for a change.

Watch the 10hr long interview documentary called Shoah and listen to how trains, buildings and institutions were used to do 'the deed'.

It was impossible to tell what was going to happen ahead of time for the victims, they assumed they were heading to a labour camp and being assigned a block of soap and sent to the showers was a good thing...

Why does this even need to be said! Do we not know our dark european history?

Conserving the known good we have, is not an 'immediate fail', as many futurists would indulge in saying...

At least you know now where you can discover one reason (of many) as to why some people are wary of collective control.


> the way i see it, the worst case scenario is you get an Ad for something you might actually like...

That's hardly the worst case scenario when there are countless stories like "Facebook Allowed Advertisers to Target Users Interested in “White Genocide” — Even in Wake of Pittsburgh Massacre"[1].

There's also the time Facebook's targeted ads were used to facilitate genocide in Myanmar[2][3].

[1] https://theintercept.com/2018/11/02/facebook-ads-white-supre...

[2] https://www.globalwitness.org/en/campaigns/digital-threats/r...

[3] https://www.amnesty.org/en/latest/news/2022/09/myanmar-faceb...


>when there are countless stories like "Facebook Allowed Advertisers to Target Users Interested in “White Genocide”

What's wrong with that? The more interests available the better ads can be targetted.

>There's also the time Facebook's targeted ads were used to facilitate genocide in Myanmar

The article doesn't mention ads were used. It just sounds like Facebook was connecting people based off a common interested people shared.


Generally speaking it's never a good idea to stoke the fire of unfounded fears in people. Doing so directly leads to stochastic terrorism and other horrible things.

There are more important things in this world than money. Surely we can all agree that "better ad targeting" isn't worth human lives?


Because it's none of their damn business! If you are cautious in public around strangers, and you better be, why would any sane person trust a company with their personal data?!?

Your question is either super naive or you have a stake in facebook or apple.


I could care less if someone or the whole world knows that I like elvis presely, fence repair or cucumbers and gardening and a whole host of other random facts. i mean so what? that data can go out of date very easily. any second now I could decide I don't like elvis presely, etc. the vast majority of "data" collected is all nonsense anyways.

the things I don't want getting into anyone's hands are things like: financial info, address, phone number, social security, my middle name, birthday, etc. none of those things are stuff I share with a social network.


Advertisers can sell you things at higher prices if they know you have more money. The first rule of negotiation in business is that information is power.


Looking at Apple's latest reports, their services and App Store revenue has become the main vector of growth. Considering this includes App Store ads, gambling apps and the bulk of it is in-app purchases, I don't see Apple having a moral high ground.


Incorrect. Apple actively screws us. Just a couple of years ago, launching apps became incredibly slow for some time. Diagnosis: Apple's telemetry web service was having hiccups: https://forums.macrumors.com/threads/mac-apps-not-opening-or...


I would be hard pressed to call a transient operational issue of their service "actively screwing" you.


You missed the point. Apple tracks every app launch. And reports it to an external server. Not localized. Not anonymized.


You didn't make a point. App telemetry is absolutely benign compared to the kind of invasive ad tracking that Facebook participates in. There's no shortage of horror stories of poorly implemented Facebook Pixel integrations passing sensitive user data that marketers then use to create custom ad campaigns.

Most recent examples that come to mind:

https://www.extremetech.com/internet/341111-tax-filing-websi...

https://gizmodo.com/sat-college-board-tells-facebook-tiktok-...

https://www.theguardian.com/society/2023/may/27/nhs-data-bre...

https://themarkup.org/pixel-hunt/2022/12/13/out-of-control-d...


It might be less awful, but in no way, shape or form it is benign.


Apple is using the data first-party only and isn't reselling or otherwise making it available for third parties to use. Explain how it's not benign, other than "tracking bad". How does it harm consumers, or put customers at risk?


Because it will. It's simply inevitable because of the system we live in. At some point or another, they will need to grow revenue and suddenly that trove of data they have collected beforehand, regardless of its initial purpose, will be used to screw customers.

The only way to protect against this is to not let them have that in the first place. Once they have it, it's impossible to guarantee it won't be misused sooner or later.


Apple has a pretty good revenue stream already without using telemetry for advertising, which is why they've been able to position themselves as so privacy focused. Maybe that might change in the future, but like it or not, the Apple ecosystem is lucrative enough already that it seems pretty unlikely they would be nefarious about it anytime soon.


I agree with you. But my point is that how it looks now is irrelevant. The world changes. CEOs change. Incentives change.

What won't change is the ultimate goal of any company: profit above all else.


How it looks now is not irrelevant. It is how I decide what to use. If things change in the future I will react to it then.


By then, they have all your data and can do whatever they want with it. That's my whole point.

This is not something you can retroactively deal with. Once that data is collected its completely outside of your control.

You can choose to ignore it and believe they will act on good faith for long enough, but it's still a bet.

Maybe for you it's a conscious bet. But in my view, most people don't realize this at all.


I don't think you're going to convince anyone by pulling some fiction out of thin air and trying to pass it off as inevitable truth. With regards to Apple, there's more evidence refuting you than supporting you.


This inevitability is inherent to our system. It's not specific to Apple.

I don't need to convince anyone of this. History will repeat itself as it always does.


What an absolutely absurd generalization wrapped in aphorism. There is nothing in history that is absolutely repeated in all instances, nor is "history repeats itself" a valid argument that proves anything other than lazy thinking.


Come on man. This is not an abstract thought. You don't need to go far to see examples of this exact scenario.

You can choose to ignore it. That's your prerogative. But what I'm saying is not a lazy generalization. It's backed by what happened and continues to happen in our current day and age.

Almost no company starts as an evil entity. But they definitely end up there once they grow large enough.


> This is not an abstract thought

That's exactly what it is. You're pretending you can predict the future with confidence about specific business decisions a company will make regarding its data and assets. You must be a billionaire with your ability to play the stock market by predicting the future.


I literally laughed out loud. I give up, this will be my last reply.

No, I can't predict the future. I can, however, look at our world and its incentives. Look at similar companies and how consistently they change.

Right now Apple is using privacy as a marketing strategy. One day that can change - in reality it will inevitably change, it's just a matter of time. Profits will forever be the one and only motive for a company to exist. Once privacy costs more than it brings in, it will be compromised.

It's not rocket science. It's basic logic.

Now let's assume your argument is true: we can't predict they will change. Why is that a reasonable thought? Have they never changed before? Is there anything that prevents them from changing?

Your argument falls flat: change is constant. Everything changes. Your argument is that "no, for this company, it won't happen". It makes no sense. Whether you believe in this company or not is irrelevant.

If instead of doing ad hominem attacks, you'd really consider how certain we can be of change, you might even change your mind.


What is this false dichotomy? Both can be bad, even if one is less bad than the other. It doesn't make either "benign."


> It doesn't make either "benign."

It's literally benign by definition.

    benign
    adjective

    a: of a mild type or character that does not threaten health or life 
    b: having no significant effect : harmless
Provide evidence or argument that it's not benign.


All tracking is bad, therefore it's not benign. Benign tracking is no tracking.


> All tracking is bad

All absolutes are wrong. I can play that game, too.


It can't be done locally since Apple needs the ability to revoke certificates at will.


That wasn't a telemetry service.

It was the service that validates the application certificates which is fundamental to the security of the platform.


>Not a huge fan of Apple, but they aren't Facebook.

Not a Fan of Facebook, but Facebook never claimed to be the defender of Fundamental Human Right or the Guardian of Privacy.

Some people like to label them as evil or the less of evil. I like to label them as evil and hypocrite.


> Facebook never claimed to be the defender of Fundamental Human Right

“Our Commitment to Human Rights” https://about.fb.com/news/2021/03/our-commitment-to-human-ri...

> or the Guardian of Privacy.

“Upholding Our Commitment to Protecting Your Privacy” https://about.fb.com/news/2023/05/upholding-our-commitment-t...


If anything the article gives Apple unjustifiable benefit of doubt. Apple exempts itself fron the IDFA transparency requirements it imposes on third-party app developers, and has drawn legal scrutiny in France and the EU, among others:

https://gizmodo.com/apple-iphone-analytics-tracking-even-whe...

Then there is their scanning of iCloud backups for CSAM without being forced to do so by law, something Meta hasn't done with WhatsApp, and obviously not Signal either. CSAM today, messages critical of the powers that be tomorrow, they breached a fundamental ethical line in end-to-end encryption and they are thus now completely untrustworthy on encryption.

Apple's marketing is very effective, but the idea that they are any better than the other Big Tech firms on privacy is just that, marketing fluff without substance if you dig but a little. None of them can be trusted. At this point the only way to really protect your privacy is to connect to the Internet using a MiFI or similar router running open-source software and implementing an outbound firewall blocklist like Jordan Geoghegan's unbound-adblock:

https://geoghegan.ca//unbound-adblock.html


Can you show a source for your iCloud backup CSAM scanning claim? These days iCloud supports E2EE so they have no ability to scan once you enable it.

Signal does not support any cloud backups and WhatsApp uses iCloud so this seems like a flawed comparison.


Straight from the horse's mouth:

https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...

"Before an image is stored in iCloud Photos, an on-device matching process is performed for that image against the database of known CSAM hashes".

Thus the scanning is done by your device against the unencrypted image before uploading it to iCloud. The fact they abandoned the plan is irrelevant, by considering it in the first place (and to a very high level of engineering R&D as evidenced by the document), they set a precedent and forefeited any trust. It's CSAM today, it will be mentions Winnie the Pooh mocking Xi Jinping tomorrow, and of abortion in Texas the day after.

Now, the only way I'd trust an Apple-mediated encrypted messaging service is if the clientapp is third-party and thus can't be backdoored retroactively if Apple feels it expedient to do so.


Even with e2ee enabled for iCloud, Apple has access to hashes of the plaintext files.


I was going to say, nobody believes in any privacy Meta alleges. Even when they do E2EE they still collect anything else about you that they can.


Nobody believes anything Meta or Google have to say about privacy.

Google is currently trying to sell additional ways to spy on users built into the newest version of Chrome as a "privacy sandbox".

> all of Google's documentation about this feature feels like it was written on opposite day, with Google calling the browser-based advertising platform "a significant step on the path towards a fundamentally more private web."

https://arstechnica.com/gadgets/2023/09/googles-widely-oppos...


Correction: "Nobody who regularly reads Hacker News believes anything Meta or Google have to say about privacy."


Who brought google up? They aren’t relevant to the discussion.


How are they not relevant. They suck data from you for money.

Exactly what Twitter, Microsoft and Amazon do too.


When Google started bragging to it's advertising customers that it now buys a copy of everyone's credit/debit card transaction data, that was my personal bridge too far.

> as Google said in a blog post on its new service for marketers, it has partnered with “third parties” that give them access to 70 percent of all credit and debit card purchases.

https://www.technologyreview.com/2017/05/25/242717/google-no...


And Apple now with their ad business. How are they fundamentally different?


Advertising doesn't require that you relentlessly spy on users, it's just more profitable if you do so.


Then you know what will happen. They will relentlessly spy on their users.

This is a for-profit company. It will always do what is more profitable, even if they don't do it right away.


> Then you know what will happen.

There is an interesting lesson you can learn from history: Google Maps vs Apple Maps.

Google set up their system to track each individual's location history forever, even if the user turned off the setting that Google said would stop this behavior. This data can be handy when you're trying to keep map data updated.

However, you don't have to track each user's location constantly to get the benefit.

> “We specifically don’t collect data, even from point A to point B,” notes Cue. “We collect data — when we do it — in an anonymous fashion, in subsections of the whole, so we couldn’t even say that there is a person that went from point A to point B.

The segments that he is referring to are sliced out of any given person’s navigation session. Neither the beginning or the end of any trip is ever transmitted to Apple. Rotating identifiers, not personal information, are assigned to any data or requests sent to Apple and it augments the “ground truth” data provided by its own mapping vehicles with this “probe data” sent back from iPhones.

Because only random segments of any person’s drive is ever sent and that data is completely anonymized, there is never a way to tell if any trip was ever a single individual.

https://techcrunch.com/2018/06/29/apple-is-rebuilding-maps-f...


That's an awesome story and I'd love to believe that's how it will always be. But I can't.

I'm sure we could find great examples of other companies that made similar privacy aware decisions, only to then turn around and throw all that out of the window for increased profits.

Call me skeptical, but these entities have one purpose: profits. Why would I trust they won't ever misuse my data?


> these entities have one purpose: profits

A bit more history.

A shareholder once berated Tim Cook for doimg things for reasons other than profit.

Tim Cook's response:

> When we work on making our devices accessible by the blind, I don’t consider the bloody ROI [return on investment]. When I think about doing the right thing, I don’t think about an ROI.”

If you want me to do things only for ROI reasons, you should get out of this stock.


That was the point of their post. Apple isn’t collecting that data. They collect very little data for the little advertising they do. Once they start collecting more invasive things like Meta and Google do then sure, avoid them.


I agree. Apple has always had an advertising business, remember apps with ad banners in the early IOS store?

However the fundamental difference is that their model is being an hardware company.


> Apple has always had an advertising business, remember apps with ad banners in the early IOS store?

Remember what their advertising clients disliked about Apple's ad platform compared to the likes of Facebook and Google?

> A new report on Advertising Age has revealed what advertisers think of Apple's arrogance when it comes to its mobile advertising platform and its tight grip on user data.

"One person familiar with the situation exec said Apple's refusal to share data makes it the best-looking girl at the party, forced to wear a bag over her head," the AdAge report read.

https://www.techtimes.com/articles/3568/20140222/apple-cares...


This is a decade-old story, and neither Google nor Facebook sell or share data, they sell access to their ad networks. Apple sells access to their ad network, too.


Their "ecosystem" model is why we need crowbar legislation like Europe's DMA to force interoperability. Make no mistake, Apple is playing for keeps just as hard as Google is: https://httptoolkit.com/blog/apple-private-access-tokens-att...

All of these companies deserve their due scrutiny. Specifically around the illusion of privacy though, nobody has further to fall than Apple.


Right, Apple has the most to lose if they resort to the business model of Facebook so they have an incentive to stick to what they are doing.


Their userbase is more-or-less captive either way. All of FAANG is boiling the frog, just at different speeds.


That is because of business models - Apple sells you stuff, Meta collects all the info about you and sells that to other people... It's very hard to have privacy when your paycheck depends on selling data.


Increasingly Apple sells you services and has tried ads, likely will again


Apple sells services? That you elect to use and pay for? The nerve of them!


Sorry if the implication wasn't obvious. Once they sell B2C services it's just a matter of time before that too becomes ad supported, then your data (or at least eye balls) are for sale.


Why are dollar-for-service inevitably going to switch to ad supported? I can't imagine the necessity of that, you already have a paying customer.


Because you always have to be squeezing more money from somewhere to keep your stock going up and ads are an easy place to get it


Ad serving is a (very) low-margin business, and only profitable with huge impression counts. Apple services (think iCloud storage plans) are high margin, with comparatively few opportunities to serve ads. There would be zero point to injecting ads into service contexts (as opposed to something like App Store views).


Do you have some examples of services going from fee-for-service to fee-and-ads-for-service? I am coming up blank. The closest that I can think of are areas that had been as based but then added fees as well, such as TV.


Cable TV, Netflix, Kindle, Windows


See Smart TVs.


Good point! And I guess that also brings in all the gunk that I hear gets installed on Windows from a lot of systems integrators. Which, funnily enough, has been one of the clear market differentiators for Apple.


That just doesn't follow. You're making multiple leaps. First that Apple is going to add or switch to ad support for their services. The second is those ads will be as invasive as Facebook ads.


Fair point, yet you pay a premium for Apple hardware and get ads for Apple services constantly. ICloud red dot until you sign up/in, media play/pause always defaults to opening Apple Music, nags to use Safari, etc


This is wrong. They do not sell user data.


I also don’t believe any privacy that Apple alleges, given their actions in China, attempts at iCloud scanning, etc. Post-Snowden, it would seem naive to believe in any such assertions, beyond the level of “this might protect me okay against average criminals, assuming I install all the latest updates and use features like lockdown mode.”


I don’t see China’s relevance here: they have two choices: play by their rules or leave on the table shitloads of money. Maybe not morally the best decision, but it is not black-and-white evil I would say. For a Chinese person that also has to play by the same rules it is an added choice, and since all are similarly hijacked by the government this aspect doesn’t make it any worse.

Also, CP scanning was deliberately proposed as a way to actually enable e2e icloud - but they just didn’t want to be liable, as storing CP encrypted on their servers may also be problematic. So, I don’t see them malicious against privacy at all, in fact that is a core selling point of theirs, it would hurt them greatly to cheapen it out.


It boggles my mind that some people don't see the relevance.

Apple provides a backdoor into Chinese citizens' iCloud to the Chinese government, while praising itself as the bastion of privacy.

Doing so because of money is all the more hypocritical.


So what, there is ios and ios China. You are using the former. Would a separate Signal China invalidate the whole protocol?

Sure, on a local moral compass it is no good look, but if Chinese people are forced by their governments into that -- is really a private company from another country supposed to fight with them over it? In any other case I think you would agree that private companies should STFU about local laws, right? That fight is on the Chinese people.


> I don’t see China’s relevance here: they have two choices: play by their rules or leave on the table shitloads of money.

This is also exactly how the US operates WRT state surveillance, so it confuses me that you don’t see the relevance.


Technically they backed down from CSAM scanning after public pressure. Can we say the same thing about Google and/or Meta?


> I think it's unfair to compare Facebook actively screwing us to Apple not adopting your proposed metric

I don't think they were comparing. They were basically saying that Apple is complicit to what Facebook (and others) are doing with regard to data collection.


To be fair they aren't. They are demonstrating how Apple is a willing participant obfuscating the actual privacy monstrosities happening by Meta.


Agree. But the point of the post appears to be to push Apple toward disclosing these bad actors and dark patterns.

Shaming Apple might work. (I think we already know that shaming Meta will have no effect.)



I've read this a few times and I unfortunately can't understand how you meant this since it can be read a few different ways. Those links are for government data requests, but what's being requested in a privacy report for apps on the platform. Assuming you're asking if Apple should make a site like that but for non-government bad actors, I think the answer is "yes". That's the sort of transparency report being asked for, but broken down by the app or organization asking for that data. Ideally that would lead to the market pressuring such apps or organizations to only request the data they actually need.


Yeah, that's all I'm asking, and maybe its linked to on their pages with info for each app.


OP is not saying that Apple and Meta are comparable, but rather that Apple should actively protect us to live up to their pro-privacy stance.


> I think it's unfair to compare Facebook ... to Apple

They aren't?

They're saying Meta is screwing us and that Apple could do more to protect us. That they spend a lot of time and money talking the talk but they don't so much walk the walk. They sure do a bit, but they could do a lot more. Article definitely isn't saying Apple is as bad as Meta and Meta is 100% the "bad guy" in the story. It's just that our castle walls (Apple) are shiny but not strong. The Great Wall isn't so great if it isn't keeping the Mongolians out and you definitely shouldn't be advertising it as such when it doesn't.


And yet apple make so much noise about privacy, but don't activly block access to personal information.

Like why do they allow access to the health data stored in the phone?

It's almost like they need facebook to be the devil so they can say how good they are.


You have to opt in to that tho? Some apps do need your health info because they're a health/activity app.


> You have to opt in to that tho

Exactly! and yet the threads app doesn't actually request that access. Hence my scepticism


Agreed, it’s an apples to oranges comparison.


Apple is allowing nefarious actors into their "walled garden". See the "security theater guy" referenced in the article. If you want the benefit of having a "walled garden" to extort developers (30%) and control customers (offloading not allowed), you need to take responsibility when someone you admit into your walled garden harms users.


I wonder what it will take for people to finally get fed up with creepy advertising companies.

I received a letter from Target that by default they’ll sell my information to unaffiliated third parties and I have to call or write a letter to opt-out. I’m sure I agreed to that at some point (and anyone signing up for a loyalty program that doesn’t cost anything should realize that’s what they are agreeing to, even if they are not explicitly told that), but perhaps they should be required to explicitly list the actual costs to the customer along side the benefits.

Last week I was picking up a prescription at CVS. In between confirming name and address and signing for payment or receipt of Rx they slipped a marketing agreement that I stupidly agreed to before realizing that it wasn’t an agreement related to the prescription purchase. So in someone’s compromised medical state (assuming), when you just want to get medicine to get back to normal they hide an agreement to sell information.

None of this improves my life. I just want to transact money for items and end the relationship until it happens again. I don’t need every advertiser knowing every one of or even habitual purchase I make.

If you work in ad-tech or are responsible for these front-end schemes to collect more information:

1: screw you

2: it’s super creepy and even if you’re not creepy, the stuff you’re working on and the people you are working for are

3: seriously, it’s really disgusting, immoral, and deceptive to find all manor of ways to trick people into agreeing to sell personal information that they assume (rightly) is private (even when done in public)

4: start leaking information on schemes, tricks, & loopholes so something can be done to destroy invasive ad tech


> None of this improves my life.

Now you'll get some ads that recommender systems think they should show you, based on your shopping experience at CVS, that could be potentially embarrassing if you have anyone over, or have someone else using your devices.

I was able to guess a family member's previously private medical condition based on the ads they got while I was at their place.


You know, I hate privacy-intrusive ads...but if a business would present me with an honest option to click on - "Show me your best guess what you think I want to buy!" - I would enjoy clicking on it. When I want. Because I do want to shop, and I do want to buy. I just hate being monitored in secret and nudged in secret to influence my behaviour against my own will. Let me shop - be transparent about your AI recommendations, and I might even buy the suggestion. Just stay away from the shady stuff.


And you validated this with them? Deity help whoever tries to diagnose me based on my ads.


Yes, we're on good terms, know each others' medical history and it was recognized that there was no malice in asking "is there a reason I keep seeing ads for X?" where X is a medication for some condition that's more innocuous than asthma.


> I wonder what it will take for people to finally get fed up with creepy advertising companies.

As long as people get "free stuff" people won't get fed up.


What "free stuff" is OP getting from Target and CVS in exchange for the data they are collecting and sharing? Nothing. We're already not getting free stuff and people still aren't fed up.


Admittedly, Target gives 5% off to RedCard members. So I should know going in that they’re going to want more than my “loyalty”.

I suppose that’s the loyalty pact customers are agreeing to. They agree to continue patronizing a business after that business flies behind their back to tell everyone what, when, and where they’re doing in their store.

However, if they’re not tracking you with a loyalty card, they’re still tracking you with your normal CC (Walmart has some messed up integrations with third parties around media purchases). Cash, privacy masks, sporadic gate changes, faraday bags, and gloves may be the only way to get around tracking at the moment ;-)


The free stuff is the website that shows the ad, at least that's what they want you to believe.

But ... it's not really free since the ad will just make products more expensive, since now you also pay for the adtech that's involved (besides paying with your personal data).


If what you describe were economic reality, ads wouldn’t be a thing. The reality is that ads allow a vendor to reach significantly more customers, paying for the ads.

You can see this with the rise of ultra specialty online stores we’ve seen in the last decade thank to targeted advertising.


I don't see the logical connection between my comment and yours.

Yes, ads make people buy more stuff.

Is that a good thing? My comment doesn't say anything about that.

But anyway, my guess is no, because it leads to overconsumption, and exhaustion of natural resources.

Also:

> 96% of US users opted out of IDFA sharing

Meaning that users really do not want to be tracked.


I was replying to this.

> will just make products more expensive, since now you also pay for the adtech that's involved

That’s not generally how the economics of advertising works. If it were, advertising wouldn’t be very successful/important.

People don’t like the idea of being tracked, but my experience is that they like the results.. Especially all the extreme specialty niche products that simply wouldn’t exist without targeted ads.


That's a huge assumption on your end, that people like the results of ads more than they do not want to be tracked.


Target and CVS are not "advertising companies". And if you'd like you can pay cash, no? The indirection (ad company to retailer) is intentional.


Given companies are doing subject tracking with in-store cameras and can use facial recognition to tell who you are, cash isn't going to be sufficient. They'll be able to build a pretty compelling shopping profile and can tie associate your cash purchases to your profile. Sure, it's not 100% fool-proof, but it doesn't need to be to be a massive privacy invasion. I suppose you could wear a mask, but that's generally frowned upon in stores.


The industry is still struggling to track who's clicking on ads properly in all cases...we're very far from this idea of tracking cash purchases & building a profile with facial recognition. This sounds like science fiction. Are there any companies actually doing anything like this?

Closest thing I know is companies who sell "foot traffic" data, of who walks in front of your store. But that's done with phones pinging wifi networks passively as you walk, not anything as fancy as facial recognition.

Example: https://grapeseedmedia.com/blog/foot-traffic-data/


I think the problems with click fraud are orthogonal. They're a different domain with different characteristics and different solutions.

Facial recognition has been deployed to combat shoplifting [1][2]. Amazon Go is a store built around not needing to check out at a register at all. Microsoft offers Azure Kinect [3] as a way for retailers to track people moving through a store. There's no shortage of companies purporting to use AI to analyze in-store video in real-time to analyze customer behavior [4][5]. There was a video shared on this site a few weeks back showing a coffee shop tracking both customers and baristas [6] (more discussion there, including some skepticism).

I'm speculating that if they can track you in the store and build a profile on you that they'll be able to track your cash purchases. I don't think it's a terribly large leap to tie into their point of sale terminals but I don't know if any retailer is currently doing that or even planning to do that.

[1] -- https://youtu.be/g5Xf9Y6-RS4?si=De7EZTyVD66BQPeG

[2] -- https://www.nytimes.com/2023/06/28/technology/facial- recognition-shoplifters-britain.html

[3] -- https://azure.microsoft.com/en-us/products/kinect-dk/

[4] -- https://viso.ai/features/

[5] -- https://twitter.com/jowyang/status/1214657642313871360

[6] -- https://news.ycombinator.com/item?id=37186806


K-Mart apparently tracks with facial recognition.

https://www.abc.net.au/news/2022-07-13/bunnings-kmart-invest...


It doesn't matter whether it's free or you're paying either — your consumer data from the grocery store and other retail purchasers is already tied to the ad grid too. If you buy a can of cat food you'll get cat toy ads on Instagram.

The harsh reality, despite what privacy pundits might say, is that people... just don't really care. And that's fine? It's great Apple lets me tell an app not to track me. But if they didn't? It doesn't make material difference to me. Okay I bought cat food and now I see cat toys Instagram ads that I may or may not buy... okay?

It's not like insurance companies are able to use the data to deny you health coverage or something (yet, anyway). It's just used to support more consumerism atm. When that bridge is crossed then people might care, until then ¯\_(ツ)_/¯


Do you not see a problem with ads in Instagram in general? Ads follow us everywhere and there's no escape.

I'm personally against ads in my mail, billboards, and pretty much everywhere else where my default context is not to buy something. If I go to a pet store and get cat ads--even based on my preferences shopping there--then I think that would be fair. But ads are currently way too aggressive and essentially stalk us everywhere.

Another aspect is how misleading and/or manipulative they are. Why aren't ads more reasonable with a tl;dr about the product and then some pros/cons of it over alternative options?


I went to a routine check-up at the ophthalmologist. Later I got an email with the PDF bill. Except the PDF wasn't in the email.

I had to visit the site of whatever service provider they use. I had to login with 2FA and accept their terms. The terms allow third parties to send me targeted advertisement based on my medical history. (They are very explicit about that. I guess that's progress... This is in Europe.)

So the stuff I get "for free" when I sell my medical history is the right to view my own medical bills. If I don't agree, I just get charged some random amount via my health insurance. I could bother them to share their copy, but by default they don't.


>I wonder what it will take for people to finally get fed up with creepy advertising companies.

As long as they continue to make shiny new i devices - nothing.


> wonder what it will take for people to finally get fed up with creepy advertising companies.

I wonder this every day. I got fed up years ago. Now, I'm simply enraged by it all. And, worse, it's an impotent rage since there's nothing I can do about it.

I already block as much tracking as possible, avoid giving money to companies that engage in these practices (or that make use of the services of companies that engage in these practices), pay in cash in physical stores, avoid online shopping as much as possible, etc.

And none of it is enough. Ad companies are at war with people, and are winning.


FYI, most loyalty programs you can sign up for without giving any information if you're willing to use a card. If you aren't, usually they accept invalid or random phone numbers.

Of course this isn't a solution and we should resolve the issue, but it is at least a partial stop gap.


Yes, ad-supported social apps collect a ton of data. But the Apple privacy widget list is just a catch-all since people can post anything and Meta uses post content for ad targeting.

Have you gone through Apple's onboarding flow recently? The process of creating an Apple ID and setting up an iPhone is pretty similar, and has similar click-wrap terms to allow endless data use, including [1], [2], [3], [4], and [5].

Apple has done a very good job of marketing privacy. But they engage in pretty much all of the same practices they call others out for.

Also, Threads didn't launch in Europe because of DMA data separation requirements between products. It has nothing to do with the invasiveness of the data collected per se as is implied here [6].

[1] https://www.apple.com/legal/privacy/pdfs/apple-privacy-polic... [2] https://www.apple.com/legal/privacy/data/en/apple-id/ [3] https://www.apple.com/legal/sla/docs/iOS16_iPadOS16.pdf [4] https://www.apple.com/legal/internet-services/itunes/ [5] https://www.apple.com/legal/internet-services/icloud/

[6] https://www.theverge.com/23789754/threads-meta-twitter-eu-dm...


Privacy blog post. vercel-insights.com, www.google.com, 'Sign up with Google', Join 132,793 people from companies like: Microsoft, Amazon, facebook, Google, Disney

"There it is again. That funny feeling."



>"the XYZ corp is bad!"

>please stop supporting them

>"https://i.kym-cdn.com/photos/images/original/001/259/257/342..."


Ironic, isn't it. And the author apparently has nothing at all to say about Android and Google.


The article is about Apple because Apple is the one billing itself as the vanguard of privacy and as the privacy-preserving opponent of Android. It's also quite possible the author doesn't have or use an Android device. If you've invested in a platform for reasons related to privacy, I think it's quite okay to be concerned when that platform falls short on some pretty big privacy invasions.


They bill themselves as the privacy-protecting opponent of Android because iOS/iPadOS doesn't commit to breaches of privacy the way Google does in, well, pretty much all of their products. So how does Apple fall short, and how are they the ones committing privacy invasions? By allowing third-party applications on the App Store? By not rejecting every app they don't like? They're doing users the favor of letting them know what information apps can collect so that users can make informed choices.


Maybe I misread your intent, but it sounded like a "gotcha!" on the original post because the author didn't dive into something with even worse privacy protections. Google and Android don't need to be brought up every time Apple privacy is being discussed. For a huge swathe of people it's an irrelevant point. And, yes, I believe Apple could do better. Being better at privacy than Google isn't a monumental hurdle to clear. We can and should push all parties to do better.

> They're doing users the favor of letting them know what information apps can collect so that users can make informed choices.

The whole point of the article is that this information is hard to find and hard to understand. The author is suggesting Apple find a better way to present that data. That would help consumers make a more informed decision. Many people don't realize just how pervasive that tracking is. Perhaps surfacing that data would help consumers pressure bad actors into being better citizens.

Moreover, I'd argue they should also use their platform to rein things in. It'd be nice if they used their position to improve the privacy of their users. It's their walled garden. It's their platform. It's their APIs being used. The App Store already has a bunch of rules, most of which benefit Apple, so I don't think it's a huge leap to add one that protects consumers. And a lot of the current privacy issues are a result of Apple and Google building a new platform that gives apps unprecedented access to personal data. I think they have a responsibility to clean up that mess.

If that means apps like Threads aren't viable, so be it. But, I suspect Meta would be able to find a way to make a social media app that doesn't need to track so much.


I count 3 articles about or comparing Google products on their site: https://growth.design/case-studies


Why should they? They compare Meta and Apple, aren’t they?


The article tries to make it out as if it's about privacy and integrity in general. Google is all the way up at the top of the list of crooks together with arseholes like Meta.


That's whataboutism at its finest!

A: "I will write an article about Apple's and Meta's privacy practices." B: "But what about Google???"


It's not whataboutery. I'm not the one being accused of anything here. Meta and Apple are, and there are no good reasons to bring up two of the world's top three giants in a privacy abuse discussion while conveniently leaving the third one, the biggest one, out of it. There are only bad reasons for it.


Well..., he says in the comic:

"...there's nothing wrong with a bit of data collection."


This article seems to conflate Apple for Meta's privacy violations. Yes, the OS can always make it more difficult to do fingerprinting and the app store could add even more "privacy warnings", but in the end if you use a privacy violating third party app they will always find ways to slurp up all your data. Using this as some kind of argument that Apple doesn't care about privacy is dishonest.


And uh. Let be honest with ourselves here.

Our alternative is currently android.

So instead of meta slurping up all your shit, google vacuums it all up and then some, and lets even more of it trickle in to meta.


Unless you go the custom ROM + microG option that 98% of folks would never do… or you embrace the Linux phone OS which has no ‘apps’ (like that banking app that banned you for rooting your other Linux (Android) phone) & the telephony barely works if it even does.

This duopoly sucks.


It’s telling that you think 98% of users wouldn’t do that. It’s 99.9999% of android users my friend.


Good to know that extra 1.9999% was worth a comment. It’s pretty similar to the number of desktop Linux users even (edit: which seem to be over 3% now actually, great).


1.9999% of android users would form the 19th largest country in the world by population. It’s absolutely worth clarifying a difference of that scale when you’re talking about something niche.


And I want to be a citizen of that country. The Indian custom ROM hackers can be the ruling class with the amount of CPU it takes to build Android & their good will to release it for us.


I just use my banking website from my phone. Why install apps?


My bank is detecting Netscape Navigator 4 & you better bet it’s a horrible experience for small viewports, & generally a buggy experience altogether (scoping other sites in my country, they are all just as bad).

This is also presupposing the Google doesn’t get its Web Environment Integrity (WEI) initiative foisted upon us allowing the banks to do the same sketchy attestation that they can do with apps from the browser--meaning they could deny you from running an alternative OS, disabling TPM/Pluton/Secure Boot, to having admin/root access like they block it on phones for dubious reasons.


My bank and credit union allow me to deposit checks from my phone via the apps; their websites don't offer that option.


In my country, bank transfers with vendor is usually done via QR code scanning which isn’t supported on the site. The flow for the site would required adding the vendor (even for a one-time transaction) to your bank contact list, manually inputting all of the account numbers/phone/email, then going back & selecting it—something no vendor wants to wait on. If you haven’t done it in 20 minutes, you will be logged out with no cancel logout pop-up & paste has been disabled for … ‘security’?


Honestly can't recall the last time I've had to deposit a cheque.


I've seen authentication flows that require you to login, or confirm logins, via the bank's app if you're trying to use the account outside of the app itself.


I'm not even willing to do that. I physically go to a bank branch to interact with my bank.


Largely this isn’t possible for e-commerce. Some might say it’s just convenience, bun there are a lot of goods only reasonably available online.


98%? 100% effectively.


Don't you need to use Google on Android for them to even have your data? I've seen this propagated, but I havent experienced it.

Anyway, in the decade of using android, I am not sure what privacy has compromised. I havent received any custom ads from just using my phone.

If I search stuff on the official google search, yes I do, but if I use incognito, I do not. (For instance, I like seeing sports scores occasionally, but if I search it with google, I'm bombarded about sports).

Google search isnt Android though.


Google isn’t collecting your ethnic status to retarget ads. I mean, maybe it changes results a bit.

They’re collecting ethnic status to sell to Cambridge analytica to steal elections.


You can also just not use any Meta apps. It won't completely prevent Meta from building a shadow profile on you, but it'll help.


The OS is the layer below applications. They obviously can control what data is being sent.

Now perhaps that our software model doesn't make it very convenient, but blaming Apple is completely honest and understandable.

We should stop seeing our computers as uncontrollable machines that must leak data, they are human made


Could you propose a way to do this? Looking for anything that resembles PII on-screen and cutting off network access, perhaps?


How exactly does that work, similarly to this self-driving algorithm?

  if (gonna_hit_another_car()) {
    dont()
  }


That was a fun little presentation, nothing super-new there but it did have a good idea about showing the trust level of the application with a badge.

All credibility was then swept away by "Sign up with Google" to the mailing list on the last page. Hilarious.


If you want privacy guarantees do not install or use anything connected to the internet. Even HN - with stylometry and a motivated actor it's easy to correlate your username here with any other publicly written text. An even more motivated actor could do this with privately written text (you know, all of those data breaches).

Stay offline for your safety.

This is obviously unrealistic for many in the modern era. So now the question is - regardless of how much or what is collected, which companies are least likely to sell you out, by any means? By pretty much any criteria Apple is near the top of that list. Though, they're not the very, very top. Companies like Mullvad offer services in a way such that nothing is collected at all, and since you can pay cash in theory no way to come back to you.

Personally, for me - it's more important to think about whether or not you trust the organization you're dealing with, than whether or not they're collecting stuff or not. Of the big tech companies I'd say I trust Apple the most from their track record, but I am not under any illusion that I have absolute privacy while using Apple products, and neither should you.


Unless you’re a public figure with troves of available text to your name, I don’t really buy the idea that stylometry could be used to identify normal folks or even link accounts between platforms. I would need to see some reality compelling evidence. Especially because character limits and different use patterns for different platforms could throw a wrench in things.


There are probably plenty of people on here with easily identifiable writing styles, either due to neurodivergence (like me) or whatever else. Though, it wouldn't be necessary for me because my username is just my real name and I already use it everywhere anyway.


The HN stylometry site (now dead) was actually pretty effective.


Apple collects your data for the same reason Google & Meta do: to sell ads. The only thing Apple is better at is PR.



you can easily solve stylometry by just passing all your comments through an LLM that rewrites them in a different style or by creating throwaway accounts for each thread (not hard to automate either)


Personally, I literally cannot think of a tech company that I trust even a little bit.


Fuck me that’s the worst UX I’ve seen in ages


"Use your KEYBOARD ARROWS to view the story" reminds me of the way Minecraft Legends pops up a hint saying "Press [left mouse button graphic] to start" when you click or press space or escape or literally any other commonly used "ok that's nice, please proceed" key.

If you understand my intent well enough to post a passive-aggressive note telling me how I should ask to move to the next part, you understand me well enough to just skip to the next fkn part.

Edit: Just launched Minecraft Legends to confirm details and that it still does this. Apparently it's changed a bit but still pops up "Press [left mouse button] to start" on the splash screen and, if you hit space, changes to "Press [picture of enter key] to start" so I feel my point stands.

Edit2: Oh and when a cinematic starts... if you hit Esc it pops up a similar tip saying "Press ␣ to continue." WHAT DID YOU THINK I WANT- ugh I'm over it.


I had the opposite reaction, but I'm on my laptop. It looks like they are using RevealJS (https://revealjs.com/). I mention that because I originally went in thinking of this as an "article" with an alternative UX, but in reality it's just a slide show.

I did just try it on my mobile (Firefox, Android) and this format definitely doesn't translate well. I put it in landscape and it just shrink down the desktop site to fit. I feel like they should either encourage people to read on desktop or have an alternative mobile version.


On desktop it was very good. On mobile... well I had to switch to desktop.


It's super simple, left/right keys for 95% of it, why is that a bad UX?


I could barely read or navigate on mobile despite being prompted to ‘flip to landscape’. I gave up on the page.


Threads or the site?


Both.


First it told me ‘pro-tip’ that I was holding my phone wrong and when I did rotate to landscape mode, it ignored the rotation. I applied some ‘critical ignoring’ at that point, as per a peer article


It is crazy how disingenuous this comic is. I get that it was fun to make, but damn I wish that it informed rather than propagandized.


Simple fix.

Ballot measure to replace the “right to be forgotten” with the “permission to be remembered”, that need to be renewed every, 1-3 years. If companies fails to obtain permission in 3 years, then it must remove your data. Such permission is non transferable, meaning that if you started an account with Good Company, Inc. and it was acquired by Evil Corp, Inc. The latter need to get a new permission under the new name. Oh, and data brokers can’t have your info, unless they ask you for permission.

Right to “opt-out of sale” needs to be replaced with “option to opt-in”. Basically meaning you opt out by default and companies need your explicit permission to sell you data.


I like it, but what if we train a neural network that remembers all the data in its weights? My sense is that these companies are using large (deep neural network) models to make their recommendation systems work. We can't ask the neural network to selectively forget a person, at least to my ability.


Please don't force Twitter to delete more of my favorite inactive accounts.


Content != pii.


A lot of content contains PII, and I'm pretty sure the 'right to be forgotten' GDPR laws don't distinguish; it's just "your data" in general that's deleted.


I don't know why everyone points to taking pictures and audio as scary on social media apps.

The ability to record and post a video is effectively baseline functionality and requires those permissions.

Certainly Meta is doing shady things here but not all of the permissions are necessarily sketchy. (I would agree that much like position data more specificity would be good for permissions)


Not for us passive social media users. I just flip through friends stuff or news /blogs that I follow, no need for pictures/audio from me. Definitely something to be opted into manually.


Both Android and iOS opt in manually to those things.

They also list them on the app store to avoid being surprised that the flashlight app records audio.


You do, in fact, opt into this manually on an iPhone.


I don't understand why the author insists on throwing cheap jabs at Apple by mixing them up with Meta's privacy violations. I think Apple's new privacy/integrity lists for apps is a commendable favor. The Google "sponsorship" at the end doesn't aid the credibility either.


It's funny they ask me to subscribe to their newsletter using my email in the end without any explanation on how they're going to use it :)


Or you could just log in with the embedded „Log in with Google“ Button. Which ironically probably tracks you too without even clicking it.


It probably notes the timing, position of click, acceleration of mouse.


Most people here are criticizing this presentation (in true HN fashion), but I appreciated it. I think we need to try new approaches like this to get the message to non tech, especially younger crowd who tend to be less interested in reading long articles.


One big misconception here is the suggestion to clearly mark apps with "good" or "bad" privacy signs on App Store. In reality Apple does not consider apps like Threads "bad" in any sense, as long as those apps don't collect data without explicit user consent.

Also, "they just use fingerprinting" is a myth. Fingerprinting is never ending cat and mouse game between Apple and data collecting companies. In short, fingerprinting is not working reliably if you not actively improving it non-stop while risking App Store ban.


I can't wait for a complete privacy where no business can target relevant offers. I remember the good old days of early 2000, every ad was either real estate, viagra, real estate, viagra or porn. The amount of money going to advertising will be just as ridiculous, but I just want to see the one with the most money to saturate the market and bombard us with shitty ads, like the good old days.


That's a pretty neat way of making a "blog post". Reveal.js I guess?


Oh the irony:

Sign up to get this free Ethical design cheat sheet: [ Google Sign in] [Email Sign in]


But it's ethical, it says so in the name!


Threads isn't banned in the EU.

The rumour is that Threads couldn't launch in the EU due to upcoming Digital Markets App. Which is also a good thing: https://ia.net/topics/unraveling-the-digital-markets-act


sorry, bud. your site has 'design' as tld but it seems you don't put any mind into content readability on mobile.


> There's nothing wrong with a bit of data collection

I would argue that there is something wrong with a bit of data collection. Just take credit score for example, there's never an ethical reason for a social network to ever ask for or know my credit score.

edit: the author implies that collecting this kind of stuff is OK as long as companies are transparent about what they're doing and why. I don't think there's any level of transparency that makes collecting this user data OK.


Apple's crime is not doing enough even though it's one of the biggest tech giants and not collecting data is against their interests. Cataloging and informing users of all the possible info going into the apps is a really good tool against data harvesting. In an "Apple vs Meta", apple is defo the winner.

Still apple is not your friend and is actively working against your interests in all kinds of ways.


preface: i don't have any receipts to physically prove this.

i worked at a large health co. that had a partnership with apple to publish an app (which apple wrote the code for, designed, etc.) under health co.'s name. the purpose of the partnership was to promote use of HealthKit on apple devices and increase sales/adoption.

much later, i took over technical ownership of the partnership and while i was getting up to speed, the value of the partnership didn't make much sense to me from apple's perspective -- it seemed to be incredibly beneficial to health co. and ostensibly not very much so for apple, health co. got a free, polished health app for its customers and apple got… not much of anything? a small boost in sales at most. yet, it was clear it was a priority for apple based on how they managed the partnership (very responsive, helpful, etc.).

suddenly, a few months after i got up to speed, apple informed health co. that they were terminating the relationship on a near future date (a couple months at most). this was surprising given the seeming importance of the partnership to apple in the past, and we weren't able to get convincing reasons as to why apple's attitude had changed.

but then, once it came time for apple to transfer ownership of the app to use, things got a bit odd.

* at first, they told us they'd be fine with handing over non-sensitive code and assets (e.g. removing apple internal libraries, etc.).

* then, they said instead of handing over code they'd do a technical overview of the architecture and the code but couldn't give us the physical code.

* then finally, they reversed course entirely and informed us it was impossible to de-instrument their sensitive "telemetry" from the code and couldn't share any information about the code with us at all (mind you, this was an app that was published by US that we were legally responsible for).

this led me to suppose that their code was doing something they didn't want us to see. given the purpose of the app, the most valuable, nefarious thing you could do was vacuum up massive amounts of user health data about all of health co.'s users -- not only that, but being able to do it at one step removed, not legally AS apple (not their app, after all).

this speculation was reinforced when i realized the date of termination of our partnership was one day prior to the change to the App Store's privacy disclosure guidelines -- they made one final update to the App Store (probably removing the telemetry, etc.) and didn't have to make a disclosure about data usage. any subsequent updates would have had to have made this disclosure.


I love the irony of the “sign up with google” button at the end of the slideshow.


Advertising (verb): Military Propaganda targeting a Civilian Population in order to get that population to spend money on products they would not otherwise purchase.


Really well done, this same narrative would also make a good Youtube video.


You don't expect your health data, financial data and purchase history (does that include anything paid for by Apple pay?) to be shared with Meta just because you are trying out Threads.


This kind of blew my mind.

People get soo invested in Apple's Walled Ecosystem. Imagine in 10 years, they flip on a dime and start selling your info.

1 company has health, finance, search/URL history, emails, all pictures ever, etc...

Yikes times 100.


Agreed on "yikes" for sure...

What I'd be interested in is, if [Evil Company] (not necessarily Apple or Google or whomever) got a hold of all the data that was vacuumed up in the process... how is that going to translate into them being able to do disturbing things?

I'm not saying they can't or won't... they record and store this firehose of arbitrary data in arbitrary formats... how they make sense of it. It's not like when you open Threads, it goes "ooh there's pictures of his dog... INSERT INTO Dog SELECT 12345, 'great-dane', {base64}"... They collect all this data... But it's not well formatted or understood.

Don't get me wrong, there's an ocean of money for whomever figures out the most evil stuff to do. I'm simply curious how.

I guess the HN crowd could... disrupt privacy /s


How is that untrue for nearly any computing platform?


I don't do any finance with Google or Microsoft, I def don't give any health info to Microsoft, I use degoogled browsers, so I don't think they are able to grab any URLs/searches(or if they do, its clear they arent current matching anything to my main account).

Every company gets a little bit of information, where as, I'm suggesting that in this particular case, 1 company gets everything.


But in terms of using those platforms - you likely log into your bank via a chrome-based browser or Edge.

Even if not, you are still running a browser on their platform. Why not scrape financial information from another source such as disk storage or by monitoring network/crypto API?

If the platform vendor turns malicious, why presuppose they will only alter the behavior with respect to their own apps?


Indeed, and you aren't consenting to Apple sharing such data by installing/using Threads.

The privacy label he showed is something Apple requires apps to do to indicate what data they may collect and what they share. Meta has basically decided that people can type in anything in a text box, the servers save the posts, other people view the posts, so every checkbox has to be checked.


It is weird that the Apple angle in the article is basically "Apple isn't changing store rules immediately and retroactively to block a company who we don't like"


Does that mean that Threads has access to my geolocation even if I did not grand such permission to the app in ios settings? Same question for browsing history and other items.


Apple does enough for privacy, but Meta is the real a*hole here


Was the Kool-Aid tasty? But seriously, all of these megacorps are bad for our privacy on absolute terms & doesn’t matter if one is relatively a little better or keeping your data from another corporation since they’re hoarding it for their own advertising.


Enough for some, clearly not all, hence this ... visual tour


What's an "a*hole"? Some kind of graph traversal algorithm?


Awesome slides, but then I tried to subscribe to growth.design newsletter using a Firefox Relay email, but mozmail email masks are rejected. So much for privacy.


The author’s point about Threads’ privacy/data usage seems moot. Presumably they already use Instagram, and that app’s “Data Linked to You” section in the iOS App Store is comparable to Threads.

I thought that they made a good point about how the Threads screen that links to the privacy policies doesn’t highlight the links very well. But it seems to me that the average social media user probably doesn’t care and would gloss over it anyway.

I liked their suggestion that the App Store use a “privacy rating” feature.


The person who downvoted my comment should reply.


This is a hard problem to fix with UX, as evidenced by Apple's over-simplistic warnings.

e.g. Threads may collect your financial data! But only if you give it to them, usually to purchase ads or verifications, etc.. This scary warning is over-scary.

e.g. Mastodon collects less data about you, but there's no warning for "The backend is unencrypted and likely run by a handful of humans (who are probably nice but answer to nobody)."


Wish this could have a normal article format instead of the cheap meme-worthy avatar generator.


I knew it was going to be bad when it asked me to turn my phone. The whole thing gave me mandated HR training course vibes.


I don't think this was meant for the HN crowd, to be honest. We'll just have to deal with the cutesy controls. I thought it was fun, I don't think everything has to be straight text and static images.


Ironic that the last slide asks me to subscribe to a newsletter with my Google account.


This is absolutely amazing! I wish more related content were made in this format.


The "Sign-up with Google" button at the end is the punch line.


Signing in with Google is your choice, the author is not putting the article behind a login wall. I see nothing wrong with it.


I find it ironic that at the end he asks for my email address.


Wow, just shows how powerful a brilliant UX design + passionate intelligent activism can be. I love where it lands, with concrete proposals to visualize privacy scores. +1


Wait, this whole confusing click-through mess of a rant about privacy and protecting our data ended with a Google sign-up form and a post on LinkedIn? Seriously?


Delete the app; use the web interface?


At this point, I don't really care who is to blame between Apple allowing Meta's intrusivity, and Meta or any others just being intrusive.

There is no solution other than "regulate the personal data market out of existence" - meaning going one step further than GDPR and just forbid any use of my personal data except in the context of fulfilling an actual purchase or specific request by me and for communicating with me to the extent I allow it. All other uses are banned.


sponsored by Google


> Pro tip: Use landscape mode!

No.


Apple's core incentives are misaligned with stealing your data. And that's why they are more trustworthy than facebook. It's that simple.

Apple is first and foremost a lifestyle company, then a b2b platform company, then a hardware company.

The lifestyle company ensures customer acquisition and the 'unreasonable' pricing . The platform company is the revenue, the moat and the golden handcuffs for every 3rd party company who works with Apple. The Hardware company ensures that Apple stays ahead, so no one can be the next Apple.

Apple could be an ads company too.

But ads companies bleed trust. That weakens the value of both Apple the lifestyle company and Apple the hardware company. Apple already skims 30% of your app revenue. They don't need to make money from ads, when they can make money from those who make money from ads. Apple being an ads company would spook the partners of Apple the platform company.

I trust Apple not because they're good. But because selling your data hurts their bottomline. Trust capitalistic incentives and teack records, everything else is virtue signalling.


No corporation has strong incentives not to “steal” your data. It’s just not something 99% of consumers care about so if they can make more money doing it they will.


> It’s just not something 99% of consumers care about

Consumers definitely care about this. That's why there are so many dark patterns to tric consumers into providing their data. Also: https://www.macrumors.com/2021/05/07/most-iphone-users-app-t...


> I trust Apple not because they're good. But because selling your data hurts their bottomline. Trust capitalistic incentives and teack records, everything else is virtue signalling.

Nailed it. I trust Apple (as much as I’d trust any giant corp, and there are none more giant) because they have a profit motive to sell me privacy-respecting products. They have a few trillion dollars to lose by burning their customers.

If Apple were good about privacy because Tim Cook is a nice guy who believed in it even if it were a financial loss, that would be one CEO change away from disappearing. That’s not the case. Their stockholders are raking in cash from it. And if there’s one thing I trust in capitalism, it’s that a smart company will do things that make it more money.


>I trust Apple not because they're good. But because selling your data hurts their bottomline. Trust capitalistic incentives and teack records, everything else is virtue signalling.

For this same reason I don't trust Apple.

They cut corners on quality and people literally died because of it(Pegasus).

I'd have a hard time trusting Apple since they have literally a black box only they have the key to. At least with a FOSS OS, you can look at the code.

But really, I can't buy iPhones because I hold a secret on my phone that is too valuable.


Another year passes by, their revenue sources dry up (or dont meet expectations) and everybody is scrambling for a new stream. They look at their massive data trove, they double check with the lawyers and your nice little trust framework is up in flames. Thats how capitalism works.

This is all wrong. Conditioning on goldilocks and accepting least bad solutions is not how the digital society should be built. And make no mistake this is no "lifestyle" issue. Its pretty clear that 99% of life will be controlled by some digital artifact or another and there is no opt out.

Tech should be developed and provided on a data sovereign basis by law. People should be prohibited from collecting personal data and applying algorithms that affect people except under strict regulation.

Relying on "markets" and "capitalism" to shape such vital aspects of society is political malfunction for the history books.


> They look at their massive data trove

I can tell you from first hand experience their data trove isn't the most valuable for farming out for AdTech. They take in a lot of opt-in telemetry and bend over backwards to anonymize it. There's also very clear demarcation of PII and if you even work around something considered PII you as an engineer need to sign all sorts of extra paperwork.

Even if any individual manager or director decided they wanted to leverage PII they'd quickly run afoul of Apple's extremely legally conservative legal department. Because of this data is sanitized and anonymized before it's collected and then further after it's collected.


I have been in a big company where a single incident of possible PII leakage happened. (turned out it was a non-issue but) It was the biggest fire I have ever seen, with everyone bringing out every apology, every on call engineer, every lawyer, every HR person and every training there was to make sure it never happened again.

Dunno about all of them, but I can confirm that at least some of the big-tech companies treat PII as nuclear fuel that is never to be touched and placed behind the strongest locks the company has available.


Ironic that the last screen wants you to 'drop a comment' on LinkedIn... or even signup for the mailing list 'with Google'.

I guess this guy thought knocking Apple for Meta's unscrupulous methods would just guarantee some nerd-kudos, but didn't feel any need to follow his own advice in practice.


There's no "ransom" being held for deleting your data from Threads. The point is that Threads is built on top of Instagram, which means that if you want to delete your data, Threads doesn't have it. Instagram does.


That's just tech-speak. To the end user these are two separate apps. And Meta definitely has a way of telling which bits of data came from Threads and which from Instragram. They just chose not to make it easy for the user to delete only Threads data.


The point is that your Threads account is your Instagram account. They're not separate.


Okay, but there is some flag that means that going to https://www.threads.net/@instagram works but https://www.threads.net/@nasa doesn’t (even though https://instagram.com/nasa/ is a perfectly valid public Instagram account). This flag is toggled when the Instagram user first signs into Threads. Why can’t Meta just set this flag to false and delete all Threads posts while leaving the Instagram account intact?


That Meta is investigating how to make deletion of your threads history possible without deleting your instagram account is actually in the linked slideshow.

So it may very well wind up being 'just' setting a flag to false, starting a selective deletion and informing the user that the deletion may take several <units of time>.


That's just bs engineering and even shittier way of communicating this technical incompetency to the user. Facebook is like the Russia of tech. Casual, convenient incompetency. Which is not incompetency at all, just evil.


And yet it isn’t. One is a totally new platform and one already exists. You might use your login from one to enter the other, but they could totally delete just your threads account if they wanted.


There isn't a Threads account. You upgrade your Instagram account to work with Threads.

It isn't a different platform, specifically because they didn't want to build up yet another social graph from scratch. Your graph in the Instagram app is your graph in the Threads app. This is somewhat akin to how Messenger isn't a different platform from the rest of Facebook.

There may be a future 'downgrade' function, but removing those orphaned threads posts amounts to a partial deletion of your Instagram account. The text that Meta is investigating this is actually in the slide show, but I don't know if they have said anything about what level of commitment they have given, or timeframe they are shooting for.


UPDATE users SET threads = FALSE WHERE username = ‘foo’

There’s no intrinsic reason it has to be this way other than they built it to be as easy to join as possible.


> There’s no intrinsic reason it has to be this way other than they built it to be as easy to join as possible.

You are hypothecating a LAMP-style stack where they just need to add a flag to their database table and update all their SQL to ignore data from flagged accounts.

I'm hypothecating architectures where it is substantially more difficult than that, such as heavily cached, event-driven microservices with geographic distribution, data locality, and which attempt to comply with various data retention and privacy regulations.


I’m not literally suggesting that as the solution, I’m being illustrative. It doesn’t have to be an impossible to solve problem as they’ve presented it to be.


They haven't presented it as an impossible-to-solve problem, though. They have presented it as something they are evaluating doing.


Does it matter? The "threads bit" isn't set until you click go. They could totally support zeroing that bit back out. Obviously you and I can imagine how that might be super difficult, but it needn't be. More to the point, not everyone would think that way. They just want an "undo".


So technically too hard to "downgrade" your Threads account back to an Instagram account? Odd.


> To the end user these are two separate apps

You literally use your Instagram login to create a Threads account.


So, you "create a Threads account", but somehow you can't delete it?

There are thousands of services where you use the account of one service to create the account of another, and you can still delete those accounts.


How convenient.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: