image of macbook pro, ipad, iphone with lock

Is Apple Your Privacy Protector?

All the tech giants say they are protecting your privacy but Apple has made it part of their corporate values. Apple’s CEO, Tim Cook has said that privacy is a “fundamental human right”. For those that are worried about the security of their data in the cloud and on their devices, this is music to their ears.

The two main places for the average user to store their documents in the cloud are Google Photos and Apple Photos. In this Photo Sharing Overview, I broke down a comparison of cloud software out there for people to consider. For ease of use, functionality and affordability, Google and Apple were at the top. I spoke about using Google Photos and their approach to privacy in this post. Now we need to look at Apple.

The essential difference between the two cloud services providers, besides Apple’s CEO’s passion for privacy, is how they make their money. Google makes money off of your data by selling target audience compilations to advertisers. Apple’s primary income comes from hardware.

The company’s main argument for why it’s a better steward of customers’ privacy is that it has no interest in collecting personal data across its browser or developer network. It simply doesn’t need to, because it doesn’t make its money off advertising.(1)

So Apple has the benefit of not needing your data to exist or move forward. Like Google they have created an easy to read Privacy Policy and Transparency Report. But unlike their competition, Apple has gone further by developing new technologies for security on their devices such as Touch ID and Face ID as well as designing data protection embeded in their ios operating software and Safari.(3) Apple goes out of its way to make sure your devices can’t be hacked and that your information is secure. Apple has been keen on protecting your data since the days of Steve Jobs.

In their Privacy Policy they break down how the data they do collect regarding your home, health, icloud keychain (passwords), online payments, siri info, and wifi must use end to end encryption. This means that no third party can read the information in transit. Only the user can view the information when they are signed into their account. Two factor authentication is also encouraged for their devices.

The data they do collect to improve your “experience” is not connected to your personal ID and is generalized. The data that is collected via Apple Pay, imessage or Facetime is encrypted and protected by “Secure Enclave” on the device. It is not saved to Apple servers or backed up to icloud. In their Transparency report that describes the requests for information they receive from government bodies they speak of how they don’t allow for any direct or back door access and that all requests must meet applicable laws and that apple only provides the narrowest possibly set of data.

You can control your privacy settings through your apple account and it is very much worth your time to read through their Privacy Policy as it does make clear those moments when they do use your information.

As is true of most internet services, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.

We use this information to understand and analyze trends, to administer the site, to learn about user behavior on the site, to improve our product and services, and to gather demographic information about our user base as a whole. Apple may use this information in our marketing and advertising services.

Of course, no company is perfect and though, in light of the Facebook / Cambridge Analytics crisis this year, many companies, including Apple, are buckling down on how their privacy settings work, Apple still has its weaknesses.

The problem is with the apps that are developed for the apple devices. These may have access to your contact info and any sensitive information you have stored there. Apple says it forbids these companies from collecting, using or selling this information but it has no way of controlling it. Once it has approved an app there is little oversight. This is the same scenario that got Facebook in trouble. (4) Apple has said,

The relationship between the app developer and the user is direct, and it is the developer’s obligation to collect and use data responsibly.

So user beware. As with all things online, don’t assume anything. Make sure you understand what you are buying into. Check the settings of the apps you use to make sure you are not sharing your contacts with third parties. Unfortunately, any change to your settings now will not delete any information you may have already shared.

As a side note, it is a good idea not to use your social media passwords as sign in for other apps and websites. If you are concerned about information that is shared with third party apps, there are ways of shutting them down by going into your account information and clicking on Settings and then Apps. This works for Facebook and other social media sites.

Full disclosure, if you hadn’t guessed, I am a Mac user. I used PC devices most of my career and only moved to Mac reluctantly. However, I have become a convert to their ease of use if not their cost. As for Privacy, I like what Apple is saying. I like it way better than Google. Maybe that’s my age speaking but I see no reason to share my personal information with the world. I don’t need product suggestions or auto fill for my forms and searching. I don’t need to give up information for convenience. I want to think for myself. It takes more work but in the end I get to have more control over my environment. As Tim Cook says, the question comes down to what kind of world do we want to live in.

Technology is capable of doing great things. But it doesn’t want to do great things. It doesn’t want anything. That part takes all of us.(5)

Other Reading:

Facebook’s app cleanup maybe be harder than Mark Zuckerberg thinks

Why Europe not Congress will rein in big tech

Transcript of Tim Cooks’ EU privacy speec

Private sign above a mailbox

Are Your Images Safe With Google?

In this post I talked about the importance of saving your images to the cloud as at least one form of backing up and preserving. The recent wildfire tragedy in California really hammers home the importance of keeping your vital documents and memories off site. Sometimes you just won’t have the time. It’s a horrible way to think. No one wants to plan for the worst case. But it can happen. Some people, myself included on occasion, can be very suspicious of these big companies holding on to their private photos and documents. So I thought I would review their Privacy Policies, starting with Google. First the bad news. Google saves, analyzes and uses all of your data for their purposes of making money. But they don’t hide this fact from you. They have written out their Privacy Policy in simple terms so you can read all about it. If you are interested in going deeper, it’s totally worth the time. They tell you straight out what they are doing. They compile and sort your data and activity, from your Gmail account, your photos, where you travel with your phone, what apps you use, how your smartphone is performing and what you search for on the internet. They say they do this to enhance your internet experience with pushed information that suits your interests and patterns. You see this with faster map searches, consistent language choices, autocomplete forms, YouTube video suggestions based on past searches, ads for the last store you visited online etc. etc. And if you have other devices connected to their services, like home control, or smartwatches, they will collect that as well. What that really means is that they can build comprehensive data packages of targeted and specific audiences that they can sell to their advertisers. But before you go all Mr. Robot on me let’s look at the fine print. It may seem a bit overwhelming at first but they do allow you to control, to a certain extent, how much information they can collect from you and if that information is directly connected to your name and contact info. In my How To document Google Privacy Settings, I break down the relevant sections for both your Google Account and your Google Photos so that you can go through and review your activity and privacy settings. It is very easy to do and Google provides many areas where you can read more about a particular setting and how it effects your activity. If you dig deeper into their information, you will also find that they,
…don’t show you personalized ads based on sensitive categories, such as race, religion, sexual orientation, or health.

…don’t share information that personally identifies you with advertisers, such as your name or email, unless you ask us to. For example, if you see an ad for a nearby flower shop and select the “tap to call” button, we’ll connect your call and may share your phone number with the flower shop.(1)

In addition, you can read their Public Transparency Report where they talk about how they ensure high levels of encryption for data as it travels from your devices to the cloud as well as how they manage government and third party requests for information. In many places they reiterate that they never sell the information they collect. Why would they? Information is their most valuable asset. It’s what sets them apart from other online services. Selling effective, directed advertising is also what pays for your free Gmail account and your free Google Photos and Google Drive storage. One might argue, as Bob Anderson at Quora does, that they are still making money from your data and therefore it is “selling” but ultimately, that is for you to decide. As with file storage security so goes information privacy. You have to understand what you are using and how it best applies to your lifestyle. All of this incredible convenience, using Google Maps to determine local traffic or find a good coffee shop, being able to control your thermostat with your phone, share your photos with friends, auto fill out forms, save passwords, all of these things and more comes with a price: information for convenience. But let’s think about what is private anymore. Everything is tracked. Almost everywhere you go, if you look up, you will see a camera following your movements. Meaning, without our consent, we give up privacy for implied safety. If you use any points card, be it Air Miles or Aeroplan, your purchases are being tracked. You travel anywhere with your passport it’s tracked. Any transit card, credit card or coffee card is tracked. But there are also laws around how that information can be used. Laws not only for mass surveilance but also data collection. In May, 2018 the EU passed the General Data Protection Regulation (GDPR) which highly regulates how businesses can collect, keep and use customer information. Google has been on the front lines making sure they comply with the new rules. Nothing is perfect of course. The internet and many companies these days are global in their reach. GDPR can come into conflict with some country’s laws. Time will tell how this will all pan out. Rather than be annoyed at being asked to accept cookies or receive emails, know that they are the result of organizations trying to protect your information. I’m a great fan of the Terminator movie series. With the advances in AI and Machine Learning, I don’t doubt for a second that Skynet is a possibility. The more information we hand over, the more the systems we automate, the more power we give to objects and devices, the higher the possibility of loss of control. Truly, it is up to us to decide how we want to live. I don’t think the internet is going away but it has become a beast worth reckoning with. You need to determine what you are comfortable with. Be informed and decide accordingly.