[klabb3]

Finally, someone puts words on the irks I felt the last times this came up. Thank you.

Apple is basically loopholing all the shitty ad-tech engagement surveillance bs that plagues the rest of the industry through the app store, pretending like it's any other app. Of course they can, but a lot of the hard-line privacy stuff goes down the drain with the hypocrisy.

What bothers me is that Apple really doesn't have to move in this direction, at all. They've been uniquely positioned to basically do things that nobody else can, because they sell so much expensive hardware. Instead, all mega corps seem to blend together and follow the same playbook. It's sad.

[dessant]

The public dismissal of the evidence these researchers presented in the last few weeks was surprising. It isn't truly important whether the App Store is an integral component of iOS, which it practically is until Apple becomes compliant with the provisions of the Digital Markets Act, it merely compounds their legal issues due to ignoring user intent when iOS analytics are disabled.

The main issue here is that Apple has been collecting personal data for years through its own apps without informed consent, which is in breach of GDPR. You need to ask for express consent to collect personal data in the form of non-essential user analytics, having a privacy policy and a toggle in settings to opt out of data collection is not enough, and it does not matter if the data collection is done by a website, app or an operating system.

It was particularly frustrating to see people argue that it's just an older version of iOS, when the reality is that one needs to hack an iPhone to see how this data is being syphoned off, and that jailbreaks for new iOS versions can be prohibitively expensive to achieve. Despite that, researchers pointed out that they see similar encrypted packets being sent with a recent iOS version.

I think it's worrying that consumers can't inspect the traffic of a device they own, and this is also an area that should be regulated so that our rights are respected.

[amelius]

The biggest issue imho is that the device is tethered by the vendor. You can't use it (practically) without being connected to Apple. This should change. I should be able to buy a product and use it with anyone's services. Otherwise, I bought a service and not a product.

[dessant]

You're right, and this is what the Digital Markets Act will help achieve. Though considering how tech companies behave in the face of new consumer rights (see how it took Google half a decade and multiple fines to show a GDPR compliant consent popup with a REJECT ALL button), it will be a couple more years before you can install a third-party app store on iOS or sideload an app.

[scarface74]

> when the reality is that one needs to hack an iPhone to see how this data is being syphoned off

The author of the article wrote that all he had to do was request his data from Apple.

[dessant]

> The author of the article wrote that all he had to do was request his data from Apple

You observation has nothing to do with what is being discussed, we have a right to inspect the network activity of our devices.

I remember you posting in threads criticizing Apple, almost always coming to their defense. You've been doing this for years.

[scarface74]

> one needs to hack the device to see what data has.

This is a provably false claim based on the authors own experience.

Guess what? You also have no idea what your phone is sending the carrier or any other service provider.

But as far as you knowing who I am because of my posting history, “but for me it was Tuesday”

[smoldesu]

> You also have no idea what your phone is sending the carrier or any other service provider.

Ah, so now you play the fatalist backdoor card. Well, the good news is that we do know some of what your iPhone sends back home. We know that every time you launch an app, both Apple and Akamai receive data about what app you opened and when. We know that Apple has private API entitlements for circumventing your VPN rules. We know that Apple actively and directly works with the NSA and CCP to enable domestic surveillance capabilities.

So, you're right! Hacking your device only gives you a small window into the horrors of your software vendor. If we could totally decrypt all of Apple's traffic alongside the SIM's baseband transmissions, nobody would every say 'privacy' and 'iPhone' in the same sentence again.

[BlueTemplar]

In the longer term Apple has a bigger issue here (though related to GDPR) : being a US company it's effectively illegal in the UE.

And after several attempts to pretend that US laws like the Patriot Act that remove non-US citizen rights were compatible with the EU Charter of Fundamental Rights have been struck down by the Court of Justice of the EU (after the US has been caught violating these rights) it's starting to be hard to imagine what kind of agreement can possibly happen between the USA and the EU that would make US companies legal again...

[bsenftner]

> Instead, all mega corps seem to blend together and follow the same playbook. It's sad.

Yet another glaring indicator identifying our species as not mature enough to manage our own society. If this occurs everywhere, no matter what, then it is us, our constitution, our chemistry, our maturity as a species that is at fault.

[Shoue]

Not really, systems affect our behaviour. We created the system that is our current market economy, and we have the ability to construct new systems that encourage better behaviour. For example, studies show that cooperatively ran businesses are more ethical and more stable:

> [...] Additionally, "cooperative banks build up counter-cyclical buffers that function well in case of a crisis," and are less likely to lead members and clients towards a debt trap (p. 216). This is explained by their more democratic governance that reduces perverse incentives and subsequent contributions to economic bubbles.

> The cooperative banking sector had 20% market share of the European banking sector, but accounted for only 7 per cent of all the write-downs and losses between the third quarter of 2007 and first quarter of 2011. Cooperative banks were also over-represented in lending to small and medium-sized businesses in all of the 10 countries included in the report.

> [...] in France and Spain, worker cooperatives and social cooperatives "have been more resilient than conventional enterprises during the economic crisis".

> Public trust in credit unions stands at 60%, compared to 30% for big banks and small businesses are five times less likely to be dissatisfied with a credit union than with a big bank.

In other words, this behaviour doesn't happen everywhere. It's specific to certain types of businesses.

Paragraphs from here: https://en.wikipedia.org/wiki/Cooperative#Economic_stability

[scarface74]

> Public trust in credit unions stands at 60%, compared to 30% for big banks and small businesses are five times less likely to be dissatisfied with a credit union than with a big bank

All organizations seek to accrue power and revenue - even “non profits”.

I saw it from one of the local credit unions I worked at in college…

1. First it was a credit union for a few large companies

2. Then it redid its charter to become a “regional credit union”

3. Then it said “fuck it we are bank”

Meet the old boss..

[mcculley]

Indeed. This is why some (relatively few) organizations are designed to limit growth. Not all credit unions have the problem of growing to serve other customers.

[dismalpedigree]

This mental leap is a bridge to far for me to understand. Can you fill in the steps in your logic?

[bsenftner]

A hallmark of maturity is delayed gratification: one may want, but their maturity tells them they ought to prepare, or otherwise delay and suppress their gratification for a later period when that gratification is a) possible, b) achieved without subterfuge or deception, c) an appropriately and fairly earned reward or payment for effort expended towards this goal.

It is common and entirely ordinary to observe everyday people unable to delay their immediate need for gratification. It is also entirely ordinary and normal to observe friends, family and coworkers who routinely cut corners (take process shortcuts) and engage in process deceptions because they simply do not care about the consequences. Likewise it is entirely ordinary for one's employer to other their own employees to the degree they treat them with equal severity as one might find in the times of legal slavery (not exaggerating at all.) It is common and ordinary for spouses to other their own spouse, causing a legacy of failed marriages.

What is not ordinary is to meet persons that do not take short cuts, do not cheat on their employees, their spouses, or in reality: themselves. The majority that do not cheat are those not trusted and not provided the opportunities. The majority, if given too much trust, will rape their environment blind given time and the lack of repercussion: and that is immaturity at scale in our society, and it is the natural state of society. Trust is for fools.

[aerique]

Probably not now that he's come down from whatever he was smoking.

[interpol_p]

> Apple is basically loopholing all the shitty ad-tech engagement surveillance bs that plagues the rest of the industry

That's a pretty extreme description of what's happening here. I agree that they should not be doing this, and that App Store analytics should be opt-in like the rest of the device analytics, however, they are not correlating your unique identifier with other web properties — i.e. when you visit through Safari. I also doubt they are selling that data to third parties, allowing ads to target you on the basis of it, or using it to build a profile against other application analytics.

In fact, it seems like the article says: they do no clever stuff with it whatsoever. They should remove it in a future update