Apple sued for promising privacy, failing at it

Apple has again been sued for promising privacy and allegedly failing to provide it.

The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.

"Apple records consumers’ personal information and activity on its consumer mobile devices and applications ('apps'), even after consumers explicitly indicate through Apple’s mobile device settings that they do not want their data and information shared," the complaint, filed this week, says. "This activity amounts to an enormous wealth of data that Apple collects and uses for its financial gain."

The legal filing cites research published last November by a two-person firm developer team called Mysk that claimed Apple collects analytics data even when iPhone users have set a preference disallowing data collection. Those claims led to a similar sueball shortly after they appeared, and to another such case filed earlier this month.

• Wiretap lawsuit accuses Apple of tracking iPhone users who opted out
• Apple emits emergency patch for older iPhones after snoops pounce on WebKit hole
• Apple preps for 'third-party iOS app stores' in Europe
• Apple should pay €6m to French data watchdog for tracking users without consent, says official

Prior research by boffins from Oxford University, published in April 2022, presents similar allegations. The researchers claim Apple engages in invasive data practices similar to those it forbids among third-parties, in violation of consumer expectation and marketing slogans.

As with the previous privacy lawsuits, Cima's lawsuit argues that Apple makes misleading promises in its marketing and published policies.

The perceived mismatch between marketing and reality is a common theme in litigation against Apple. Those raising legal challenges in the past, for example, have railed about the discrepancy between advertised screen size and actual screen size. They've also taken issue with Apple's assertions about the extent to which its products can resist water damage.

This latest bit of lawyering goes after the alleged hypocrisy in Apple's privacy policy commitment, "At Apple, we respect your ability to know, access, correct, transfer, restrict the processing of, and delete your personal data," and in the company's promise to "disable [the sharing of] Device Analytics altogether" at the touch of an off button.

The complaint cites Apple billboard campaign slogans like "Privacy. That’s iPhone," and "What happens on your iPhone, stays on your iPhone," and "Your iPhone knows a lot about you. But we don't."

The lawsuit then goes on to insist that "Apple does not honor users' requests to restrict data sharing," claiming that the company tracks consumer actions including: how users find apps; the amount of time spent looking at apps in its App Store; App Store searches; and App Store ads displayed and clicked on.

Setting aside the possibility of legal deficiencies that can get such claims tossed, the iPhone maker may choose to defend itself by arguing that ingesting data through its first-party relationship with its customers is not sharing information with a third party.

Apple has not yet responded to the privacy claims made in the similar cases filed in November 11, 2022 (Libman v. Apple) [PDF], and January, 2023 (Serrano v. Apple). In the former case, the company has agreed to file its response by February 17, 2023.

Apple did not immediately respond to a request for comment. ®