Over the past year, the spotlight has been on big tech as privacy laws were discussed and consumer demand for transparency regarding privacy practices rose. Facebook has failed at privacy protection in countless ways, with the most recent behavior involving tracking location data. Google has paid millions in fines for violations against GDPR.
While some tech companies have given lip service to wanting to be leaders in privacy, others have taken action and tightened privacy practices. Many have called for federal privacy laws, including Apple. Tim Cook has been outspoken in his support for better data privacy efforts at every level.
Privacy and Protection Leader
Cook’s efforts to set Apple apart from other tech companies as a leader in data privacy and protection probably got off the ground in 2016, when it refused to help the FBI access data from the iPhone belonging to the San Bernardino shooter. This, however, was before data privacy concerns grabbed the public interest; instead, that case prompted discussions on what rights government had to personal information and if Apple backed down on this issue, where would such intrusion end.
Fast-forward to 2018, when data privacy, thanks to GDPR and the Facebook/Cambridge Analytica data share, became a front-page story. Cook again defied his colleagues in the tech industry by demanding Congress step up and enact a U.S. data privacy law. According to CNET, Cook’s ideal privacy law would include the following:
- Minimizing and anonymizing all data collected.
- Full transparency that gives users a clear picture about what data is being collected.
- Giving users the right to access, edit and delete that data.
- Giving users the right to have data stored securely.
This differs from other tech companies. Although many told Congress they want to see federal legislation, it is also as an effort to block the California Consumer Privacy Act, which many in that industry believe is too strict, and as an effort to craft legislation favorable to their interests rather than the interests of their customers. For instance, Facebook CEO Mark Zuckerberg told Congress he’d be happy with a federal privacy law, if it was “the right regulation,” while communications giant AT&T said they want a single federal law and not a patchwork of state regulations.
On the other hand, Cook believes that the FTC should take a stronger stand on data privacy protections, writing in a Time essay, “Meaningful, comprehensive federal privacy legislation should not only aim to put consumers in control of their data, it should also shine a light on actors trafficking in your data behind the scenes. . . . That’s why we believe the Federal Trade Commission should establish a data-broker clearinghouse, requiring all data brokers to register, enabling consumers to track the transactions that have bundled and sold their data from place to place, and giving users the power to delete their data on demand, freely, easily and online, once and for all.”
Products Promoting Privacy
While Cook is speaking out in public forums for the need for greater privacy legislation and oversight from government, Apple is also taking steps to develop products designed to offer improved data security. In the fall, the company introduced a privacy portal. Apple customers can search the portal to learn what personal information is being stored, including calendar notations, documents, photos, web browsing history, and even service on the device.
Apple also introduced Intelligent Tracking Prevention for its web browser Safari. “The new version of Intelligent Tracking Protection kills the old 24-hour window that Safari used to keep tracking cookies from sites you visit. Instead, a website can request tracking privileges, but the user has to specifically opt in,” an Apple Insider explained. “The new Safari also isn't fooled by a ‘first party bounce tracker’ across multiple browser redirects. The quick redirects won't be allowed to deposit cookies at all, and Safari won't log them as having user interaction, nor will it reset any day counter.”
It hasn’t been a perfect transition. Apple still has data privacy flaws, as the Facetime vulnerability showed, although it has been patched quickly – another improvement in Apple’s data privacy and protection approach. And iCloud is as susceptible to a data breach as any other cloud format, so we’ll have to watch to see if Cook addresses this threat before impending disaster.
Leading with Privacy in Big Tech
In an especially bold move, Apple may have taken its most definitive stand yet as a privacy leader by banning the Facebook Research App. This app acted as a VPN on phones, and in turn, it sent all kinds of personal information about the phone’s use – including information typically encrypted -- back to Facebook. It’s important to point out that the app was installed willingly by the users, who received a token “gift” from Facebook. However, Facebook also sidestepped Apple’s App Store process. And Apple shut it down. (Apple also shut down a similar app from Google.)
Now there are questions if Apple will target other Facebook and social media technologies for violations of privacy, such as facial recognition. “What if Apple enacted a policy that banned the use of imagery generated by its phones from being used for facial recognition tasks other than application authentication?” questioned Kalav Leetaru in Forbes. “While it would be difficult for Apple to identify every misuse entirely on its own, it would grant it the leverage to take immediate action against bad actors when it discovered them.”
When compared to its peers in the tech industry, Apple has proven itself a leader in both the steps it has taken to improve data privacy by offering greater protection and control to its consumer and with Cook’s call for privacy legislation and protections. Although Apple stands out as a leader, many companies are taking steps towards meeting consumer demand for privacy by complying with upcoming regulation and raising their standards for privacy practices and transparency.
Legislation on data is coming. Consumers are more aware of data privacy risks than ever before and are demanding companies take action. If those companies sit on the sideline, will consumers stick with them?
“Consumers shouldn’t have to tolerate another year of companies irresponsibly amassing huge user profiles, data breaches that seem out of control and the vanishing ability to control our own digital lives,” Cook wrote. “This problem is solvable — it isn’t too big, too challenging or too late.”
About the Author: Sue is a freelance writer based in Central PA. She's been writing about cybersecurity and technology trends since 2008 and was named a Top 25 Women in Cybersecurity Influencer by Onalytica. A graduate of Penn State University, Sue loves watching sports and closely follows all Nittany Lion and Philadelphia teams; she even wrote a book, The Phillies Fan's Little Book of Wisdom.