Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Apple pollutes data about you to protect your privacy. But it might not be enough

People do care about privacy... don't they?

Comment At its WWDC developer event last week, Apple strongly emphasised the difference between data harvesters such as Google and Facebook, and its own privacy practices. It isn’t a new line, as Apple hasn’t been on reliant on digital advertising as these consumer data processing giants.

But with Microsoft joining Google and Facebook in maximising the personal data it extracts from you, Apple is now the only major platform left that makes privacy a USP.

Everyone else has leapt over the creepy line, to engage in what one critic calls “surveillance capitalism”.

Last year, researchers at MIT showed that only four receipts containing location information, each revealing a purchase, were required to re-identify an individual, with the researchers enjoying a rate of 90 per cent accuracy. The significance of this work was that both hitherto “anonymous” data, and supposedly anonymised metadata, were a means of “re-identifying” you.

The privacy assumptions of anonymity now had to be rethought, because if there’s enough “anonymous data”, anonymity ceases to exist. Modern data protection legislation which assumes that metadata is anonymous would need to be rewritten.

Why mention this now? Two reasons.

Last week, Facebook announced that store visits data would be added to the data trove that Facebook shares with advertisers. Your “anonymous” location information would be combined with your “anonymised” Facebook ID. But we now know anonymity doesn’t really exist. Google has been sharing this information with advertisers for some time: it’s one of the reasons Google invests so heavily in Android and wearables*: they’re voluntary electronic tags.

The second reason this is topical is buried in conclusions of the MIT study, and was little-noticed at the time. Because your identity can be inferred from “anonymous” data, the researchers recommended further work to explore “differential privacy”, which is cryptography’s umbrella term for trying to ensure anonymous data remains anonymous. There are several differential privacy approaches which involve injecting duff information into the dataset. Here’s a researcher’s overview (pdf)

Well, last week Apple announced that’s just what it would do. It would introduce differential privacy techniques. Apple would collect lots of data but not create IDs, said VP of software engineering Craig Federighi.

“Differential privacy is a research topic in the areas of statistics and data analytics that uses hashing, subsampling and noise injection to enable crowdsourced learning while keeping the data of individual users completely private. Apple has been doing some super-important work in this area to enable differential privacy to be deployed at scale,” he said.

Apple can afford not to engage in “surveillance capitalism” because it makes almost all of its money from high margin consumer electronics hardware. Android phones running Google’s data collection services are cheaper and better value, because people don’t care about privacy, or have made the calculated trade-off that their privacy is worth the difference between the Android phones’ margin, and Apple’s margin.

At least there’s now a choice. So if enough people care about their privacy, Apple could begin shift the market – or, at least, the part of the market Apple competes in. Apple doesn’t compete in the high volume budget market, or the burgeoning mid-market, where there’s really no viable alternative to Android.

I’m keen to hear whether you think it can.

*Bootnote

To privacy advocates who continue to use Google Services, or carry a generic uncloaked Android: should we do as you say, or do as you do?

 

Similar topics

TIP US OFF

Send us news


Other stories you might like