[KaiserPro]

TL;DR: facebook stores exif data. however it strips it out for display to the public. This includes geodata. Its unclear what they do with it after, and how you have control over it.

Interesting nugget: the author repeats the lies that apple doesn't collect/store/index your data.

I think the scepticism of facebook is a good thing, however I really wish it would be applied equally to every big company. Especially when they so clearly abuse privacy like Apple and Google.

[helsinkiandrew]

> Its unclear what they do with it after

The article states that FB all but confirmed that it is used for advertising purposes.

> the author repeats the lies that apple doesn't collect/store/index your data.

Where's the proof/evidence of this? Apps/OS have been found to leak/send some 'personal' data to Apple servers, but they say they don't track outside of apps (so app store ads use data from your app store usage etc), for them to do so without admitting it would be a huge commercial risk for very little gain (advertising revenue is still a small % of their total revenue).

[KaiserPro]

> Apps/OS have been found to leak/send some 'personal' data to Apple servers,

This isn't about leaks, its about actual design. The itracker system scans your local area for tags, and reports back their IDs and your location. This was rolled out without consent.

By default apple collects "significant locations", which is then accessible to the itracker system ostensibly to warn you about tracking devices.

We accept this because apple are "trusted".

What if Apple are only trusted because they understand how to PR their way out of a bad narrative?

By default all your photos are sent to icloud. They are indexed and processed to give you faces, locations and other (useful) metadata tools.

In one of the OS upgrades, OSX uploaded all my passwords saved in my laptop keychain to icloud, without consent or warning. Not only that it shared them with my phone. My phone didn't at the time have a strong password set.

Just imagine the sheer breathless indignity if facebook, tiktok, or similar tried just one of these actions. However apple(and google) has impunity to do all.

That's my point, if we do care about privacy, then we need to apply the same level of criticism to _all_ companies.

[helsinkiandrew]

> By default all your photos are sent to icloud

Go into settings and turn off iCloud for photos, keychain and any other app you don't want it to work with.

The difference of all of these things is that Apple is doing it to improve its apps for YOU, uploading photos from your phone to iCloud so you can see on other devices, or face recognition to group your photos, keychain copying is used across devices that you've enabled it for. FB is using the data to create targeted ads, Apple isn't. If you don't like Apples cloud processing of your photos or passwords turn it off.

The data may be in Apples iCloud but is 'private' - it's probably as secure as your home or the phone in your pocket and at least as private as the information the phone companies have about your phone location.

[KaiserPro]

> Go into settings and turn off iCloud for photos

if facebook did that, we'd all be up in arms, and if that was their answer to one's privacy concerns we wouldn't buy it (see tracking opt in).

I get what your saying, but the difference is trust. We trust apple to be private. We don't trust facebook. People are ambivalent to google.

> Apple is doing it to improve its apps for YOU

I mean yeah, you could argue that Facebook are doing the same thing. After all, if engagement decreases, so does advertising revenue. Much as my opinion is unpopular, I doubt facial recognition of photos has much advertising benefit, especially when the social graph is already mapped out for you.

All I'm asking is that we apply the _same_ level of scrutiny of features from apple as we do to facebook. Don't buy the narrative about Apple being friendly, they are a corporation that will deploy the lawyers at any opportunity.

[thih9]

> Apple is doing it to improve its apps for YOU

This seems subjective; other companies could claim the same. E.g.: FB says they're trying to show YOU more relevant ads.

> The data may be in Apples iCloud but is 'private'

This seems more objective to me and a better indicator of actual privacy. Still, we should keep in mind that Apple's goals may change in future and that they might change their approach.

[KaiserPro]

> The data may be in Apples iCloud but is 'private'

But how do we measure that?

Apple went into differential privacy a while ago, which really isn't about privacy, its about anonymisation. Which is not the same thing. Private means that no one else but you[1] can see your stuff

Anonymous means that people can see your stuff, but they don't know who you are. This is different.

[1] well mostly only you

[ricardo81]

I think one of his main points is that he explicitly indicated not to collect that data, and the FB app itself indicates that the functionality is 'switched off'.

Also: "I suggested to them that this data is used for advertising purposes, and that this is “regardless of the privacy settings selected by the user within the Facebook/Instagram app on their phones.” Facebook told me it was fine to proceed with those assumptions."

FB stance seems to be that the user has the option to strip EXIF data before uploading to FB. On the same token, can't strip your IP, guess that means a proxy.

[KaiserPro]

> FB stance seems to be that the user has the option to strip EXIF data before uploading to FB.

Which is pretty poor. I'd be interesting to see what twitter, tiktok and snap do with similar data.

Although people seem pretty chilled with other companies doing it. We already know google indexes by location. That's how they do the real time busyness graphs.

[cookiengineer]

> Interesting nugget: the author repeats the lies that apple doesn't collect/store/index your data.

I always wonder why the bias is always against facebook and apple. As if people don't realize that all the privacy smoke and mirrors was just about being able to compete with the Ad Industry. Apple Ads now does the same, in a non-blockable manner. I mean, it clearly was about business tactics all along.

[LucidLynx]

> Interesting nugget: the author repeats the lies that apple doesn't collect/store/index your data.

I did not saw this in the article... Can you elaborate on this like copy/pasting the line(s) from the article please?

[chrisandchris]

> iOS 14.5 is also fairly new—the impact is still being assessed. And so we’ll need to wait and see what workarounds the data giants find to keep tracking our web and app activity.

6th paragraph. However, I‘m not sure whether Apple or Facebook is „the data giants“.

[mrunseen]

Apple is a data giant, that’s for sure but article talks mostly about location data which Apple has raw access to.

[KaiserPro]

the image labelled "Privacy Labels - Facebook Vs Rivals @UKZak / Apple"

[KaiserPro]

The reason why I say that image is a brazen lie is this:

It says that there are only four things linked to you when you use imessage.

one of those is "device id". It doesn't say thatit ties you to your icloud account. From that your location, passwords, icloud tabs, photos, purchases, etc, etc, etc are all indexable.

[tjpnz]

>I think the scepticism of facebook is a good thing, however I really wish it would be applied equally to every big company. Especially when they so clearly abuse privacy like Apple and Google.

The difference between Apple and Facebook is that Facebook's entire business model is built on abusing the privacy of it's users.

[KaiserPro]

So is google's, and all the ad tech companies, a bunch of medical tech companies, most of TV. But we don't give them as much introspection.

but, apart from cambridge analytica, where actual data was leaked, what privacy abuses are unique to facebook?

Its not like they drove around harvesting your wifi to geolocate you, or deliberately hid breaches to protect it's "good name", or sells your location data to any and everyone who asks is it?

All big companies have done shitty things, but why do we let them off? shouldn't we hold them to account as well?