[hardnose]

Apple seems to prioritize privacy more than the competition, while for Google collecting, and combing through to monetize, your personal data is a big part of their business model.

Much of this criticism seems misplaced or invalid. Apple tracks your IMEI? Well, sure, unless you choose otherwise, and they've given you a convenient place to turn off. Apple chipsets track your location down to the meter? Well, yes, that's a feature most people enjoy - and they've given you a convenient place to turn off, if you don't. Apple is using third party app Siri interactions to train Siri? How is this even a privacy issue... has any real world privacy problem ever occurred because of this? If you don't want Apple to hear your voice or process your Siri requests... don't use Siri? They've given you a convenient place to turn it off.

The only one I agree on is the image scanning for CSAM. The idea of a device I own acting as a state informer using AI to detect what it thinks is a crime is not my idea of a step forward.

[judge2020]

> The only one I agree on is the image scanning for CSAM. The idea of a device I own acting as a state informer using AI to detect what it thinks is a crime is not my idea of a step forward.

The likely reasoning behind this, although unspoken, was to (at some point in the future) enable E2EE for iCloud Photos. Currently, Apple doesn't do nearly any CSAM scanning on iCloud Photos[0], so the FBI et al. are pushing for them to change that - instead of licensing PhotoDNA, they tried to create something that would keep image data out of their hands while not further enabling CSAM distributors.

0: "According to NMEC, Apple submitted 205 reports in 2019 (a third my my reporting volume). Apple increased a little, to 265 in 2020, but then dropped in 2021 to only 160 reports. That's nearly a 22% decrease over two years!" https://www.hackerfactor.com/blog/index.php?/archives/955-NC...

[nathancahill]

Yeah, I'm a huge privacy advocate but the part people are missing with this fiasco is that client-side scanning before _anything_ is uploaded is objectively less invasive than every single photo being scanned on iCloud (the direction legislation is heading). Again, this is an _opt-in_ behavior when you enable iCloud Photos, for photos that you're trying to upload (currently not E2EE) anyway. The feature comes with the potential upside of allowing Apple to enable E2EE for all photos, while credibly proving to the government there's no CSAM.

[hardnose]

>client-side scanning before _anything_ is uploaded is objectively less invasive than every single photo being scanned on iCloud

That's like saying cyanide tastes better than strychnine. It might be true, but I'd rather just not have either one.

[nathancahill]

I mean, iOS uses the same client-side machine learning to "scan" your photo library for tons of things. You can search "Dog" and get results, with nothing ever touching Apple's servers. We're happy with this but not happy with the other?

[hardnose]

>We're happy with this but not happy with the other?

Yes?! What's hard to understand about the difference between:

1) An application using AI to scan photographs to provide categorization benefits to the owner/operator/user

2) An application using AI to scan photographs to provide accusation and punishment to the owner/operator/user

...especially when feature #1 can be turned off, but feature #2 cannot be turned off?

iCloud mischaracterizing a baby picture as a "dog" might cause some dinner table chuckles, but it's never going to cause meaningful harm. iCloud mischaracterizing a baby picture as a child abuse image can VERY plausibly cause extremely severe harm.

As a matter of principle, my devices shouldn't be designed to act against my will as an active informant for the authorities against me. The point that they do is the point that I join the flannel and wooly beard set out in the mountains eschewing technology and living "off the grid".

[judge2020]

> but feature #2 cannot be turned off?

The CSAM scan would not be enabled if you had iCloud Photos turned off. All it did was move the scan on-device, it still only ran if those photos were destined for the cloud.

[dns_snek]

> We're happy with this but not happy with the other?

One carries the risk of not finding a photo you're looking for.

The other carries the risk of a possibly life-ruining criminal investigations being opened against you.

This is a new surveillance vector that explicitly gives your phone the required functionality to report any flagged content on your device directly to the authorities, something that is clearly a slippery slope with questionable effectiveness at best. I'm not sure how you can compare it to strictly local face recognition AI.

[falcolas]

> has any real world privacy problem ever occurred because of this

Yes. People who don't quite understand how Siri works will divulge a lot of personal information. There's many stories from workers at these third parties about how much intimate detail they've heard when listening to these clips.

Now, that said, Google and Amazon do this too. It's truly a strike against all providers.

[spideymans]

When you setup a new Apple device, Apple asks users whether they want to share Siri recordings with Apple.

[hardnose]

>There's many stories from workers at these third parties about how much intimate detail they've heard when listening to these clips.

Assuming those internet stories are even true - can anyone show me actual harm occurring to anyone based on Apple's use of Siri training? I've heard some Alexa stories, but frankly, Apple seems to do a really good job of protecting that information, at least so far, at least as far as the public knows.

[falcolas]

A lack of reported harm does not imply a lack of the ability to harm.

"Siri, order medicine X and deliver to address Y" is a simple example of how a simple command - whether valid or not - can expose someone's medical history, and while an ethical reviewer (probably 99%+ of reviewers) would do nothing with it, an unethical reviewer could.

[CharlesW]

> "Siri, order medicine X and deliver to address Y" is a simple example of how a simple command…

FWIW, Siri isn't capable of anything resembling this. For fun, ask "Siri, how many days are left in this year?"

[Ancapistani]

IME, using "virtual assistants" is as much about training you as it is about training them.

If you as the question as "Hey Siri: how many days until the end of the year?", you get a valid response. I intuitively guessed that the word "until" was a trigger that would make Siri understand what I meant.

In other words - it's not that Siri isn't _capable_ of doing things like ordering medication, but that the syntax for doing so is still obscure and specific enough that most people aren't using it for purposes like that.

I've set up a number of shortcuts that I regularly use. For instance: "Tell my wife I made it" will send her a text message letting her know that I've arrived wherever I was going. "Tell _them_ I made it" will send the same message to my wife, daughter, and mom.

Until the NLP algorithms get better at inferring intent, a combination of user training and custom shortcuts will be needed to do things like this.

[danaris]

No, Siri isn't capable of doing things like ordering medication, because that requires more than just improving NLP capabilities.

It requires there being some specific facility for Siri to place orders. It requires some mechanism for conveying payment. It requires being able to determine where to order from in any given case (because Apple, unlike Amazon, does not attempt to be the one-stop-shop for everything under the sun).

This really seems to be just perpetuating the popular, but dangerous, fallacy that "AI" is all basically the same thing, and if you keep feeding enough data to your NLP algorithms, at some point they'll become able to do things that affect the real world purely by some kind of handwaved "ability to connect to the network".

[falcolas]

Which I acknowledged in the following four words.

Not all commands are valid, but the invalid commands are reviewed as much (perhaps even more) than the valid ones. "Was it incorrectly invalid" is a question I, as a developer, would want to know.

[hardnose]

>A lack of reported harm does not imply a lack of the ability to harm.

The assertion wasn't that there is a possibility that Siri could cause privacy harm. The claim was that it DOES cause privacy harm. So yes, a lack of reported harm is actually evidence here.

[kornhole]

Because the code of IOS is closed source, we have to trust these settings actually stop transmitting data back to Apple. Given how valuable such data is to central collectors, this trust is a big leap for some of us. Comparing Apple to Google is a false dichotomy since many alternatives now exist.

[oreilles]

> The only one I agree on is the image scanning for CSAM. The idea of a device I own acting as a state informer using AI to detect what it thinks is a crime is not my idea of a step forward.

There's also a convenient place to turn it off: CSAM scanning doesn't happen if you don't use iCloud photos/files syncing.

[philjohn]

Yet.

[philjohn]

Seems to - because it's a great marketing.

[shadowgovt]

This is all reasoning we heard in the past to defend Google.

With Google, it was all true and still is...

[amelius]

> Apple seems to prioritize privacy more than the competition, while for Google collecting, and combing through to monetize, your personal data is a big part of their business model.

My TV also doesn't have data as its main business model, however ... it still collects data on me.

[olivierestsage]

The cost of TVs is now heavily subsidized by the data-mining, though, whereas I don't see much evidence that's the case for Apple products, whatever their other problems (if such evidence does exist, I'd be interested to see it).

[fsflover]

> whereas I don't see much evidence that's the case for Apple products

https://www.barrons.com/articles/apples-advertising-business...

[spideymans]

I don’t see what the issue is, unless Apple is violating my privacy to serve their ads.

(I’m not a fan of ads, but don’t see how this is necessarily a privacy issue)

[philjohn]

Well there's the disingenuous way in which they present the choice, defaulted to opt in with flowery language, versus the popup third party developers have presented to their users.

There's also the "app store health card" which the cynic in me would say is designed to scare people away from "competing" apps, because none of the Apple equivalents have a health card. Additionally there's no nuance - both iMessage and Twitter ask for location data - but only if you want to share your location. End result? People looking at Twitter in the App Store surmise "well, they must be tracking my location at all times!".

[danaris]

> none of the Apple equivalents have a health card.

Apple's apps on the App Store most certainly do have health cards. Not sure what you've been looking at...?

[amelius]

> I don’t see what the issue is, unless Apple is violating my privacy to serve their ads.

Google also claims they don't violate our privacy by hiding our data from third party advertisers. They still collect massive amounts of data ...

[fsflover]

Ads that rely on tracking is a problem for privacy, not all ads.

[restore_creole_]

> Apple ad exec wants to more than double ad revenue with new ads across iOS

https://arstechnica.com/gadgets/2022/08/report-apple-is-expl...

[rickdeckard]

> Apple seems to prioritize privacy more than the competition, while for Google collecting, and combing through to monetize, your personal data is a big part of their business model.

It's puzzling to me how this keeps getting repeated without any strong foundation. This story that others sell your data while Apple holds it secure is a narrative established by Apple that keeps coming up like a mantra.

The implication is that Google is gathering personal data to then then sell it to third parties.

But this is not their business model. They profile their customers via their behaviors and personal data, match them to a persona and then sell services to third parties to advertise to users fitting that persona.

I don't see how Apple is doing any less of customer profiling and persona generating than Google. They are both in the business of profiling their users and then monetizing them by offering services to internal/external customers who look for a certain audience.

The core of this is exactly the same between Apple and Google. Neither of them is selling the user-data directly, they both process it in order to package their users into a service they can sell to others.

The main thing that Apple does differently is, that they took stronger measures to ensure that the data THEY collect from their users can only be collected by THEM.

So Apple took action to protect their unique market position of selling ANY kind of goods to users of Apple products, and they claim that they are more honorable to hold and process all your data for financial gain just because (so far) they failed to compete in the advertising industry.

[hardnose]

>The implication is that Google is gathering personal data to then then sell it to third parties.

No, the implication is that Google collects as much of your personal data as possible, stores it forever, and monetizes it. You can tell because that's what I actually said. What you're responding to is a red herring - you brought up third parties, not me.

If I use the Apple Mail app with default settings from my iCloud account to e-mail ten lawn care services, I won't start seeing web ads for lawn care. If I use Gmail with default settings, I will.

> The main thing that Apple does differently is, that they took stronger measures to ensure that the data THEY collect from their users can only be collected by THEM.

No, the main thing that Apple does differently is make their money by selling hardware, software, and services directly to end users. This is in stark contrast to Google, whose typical business model offers free services that make the end users into the saleable product.

[rickdeckard]

> If I use the Apple Mail app with default settings from my iCloud account to e-mail ten lawn care services, I won't start seeing web ads for lawn care. If I use Gmail with default settings, I will.

That's because Apple doesn't operate ad-services on scale at this point, particularly not on the web. The fact that they are scanning each and every email was made clear when they announced their CSAM scanner you also mentioned. I strongly doubt that Apple operates a crime-fighting division and that is the only purpose of scanning content. It's much more likely that they already analyze messages and content with other ML-models to refine the persona they created of a user.

So yes,they don't show you personalized ads on webpages, but without them operating in ads that's not an indicator of privacy. After failing to compete on Ads since 2010, their effort just started to ramp up in the last year.

> No, the main thing that Apple does differently is make their money by selling hardware, software, and services directly to end users.

Agreed, but Hardware is a segment that is close to saturation, and the majority of SW R&D resources are spent on the OS which is provided free of charge when purchasing the Hardware. Their growth-strategy is quite obviously based on services, with the strongest-growing of them being platforms of consumption (Appstore, Music, TV,...) and platforms of data-aggregation (Cloud, Pay, Card, CarPlay, Homekit,...).

Those consumption platforms serve content of third parties competing with each other for the user, and as the platform provider Apple offers those sellers paid services to reach the user.

I am fine to disagree, but in the growing world of services which are about to reach 25% of Apple's revenue soon, the Apple user who created the hardware revenue is the product being sold by Apple. To App-Developers, Music publishers, Movie Studios, Mobile carriers,...