Is it because Apple’s motivation is perceived to be selling protection to its hardware customers where as Google’s primary motivation is perceived to be to get a monopoly in the surveillance business?
From other comments it _sounds_ like Google's system is done as a single proxy, which is bizarre to me because it means google can see every site that is loaded which even for google seems on the nose.
Apple's service is explicitly designed to prevent this exact problem. There's a write up for it on apple's security site (possibly part of the system security doc?). There are intentionally two layers, the connection from the device -> apple's servers, and then the connection from apple's servers to Akamai or cloud flare (or some other CDN). The connection to apple's servers is encrypted to a key from the 2nd layer CDN so apple can't read it, that request is forwarded to the CDN which decrypts it makes the request, then encrypts the response to the client's key and sends that to apple, apple forwards that encrypted blob on to the originating device which can then decrypt it.
The end result is apple cannot ever see the destination or response, and the backend CDN can't see the device that made the request. That should be the design of _any_ privacy conscious proxy service (including all the questionable "privacy!" VPNs). That's kind of why I'm surprised that the claim is that Google's service is a single layer - it's so blatantly invasive.
As justinclift points out elsewhere in this discussion, the article may have misreported that:
> We are considering using 2 hops for improved privacy. A second proxy would be run by an external CDN, while Google runs the first hop. This ensures that neither proxy can see both the client IP address and the destination.
This is what I was unclear on - I couldn't tell if this was one-hop (and so tremendously invasive "privacy"), or two hops through an independent 3rd party (and so actually a privacy feature).
In that case the complaints other comments people are making are simply wrong. There isn't a privacy concern here, I think google has just burned so much trust that the _assumption_ is now that the goal is tracking.
It is not ok for Apple or Google to do this while at the same time operating an ad business.
If they feel this is in the best interest of the end user, then they should divest of either their ad business or control of the browser. Neither company is willing to do this. This IP move is anticompetitive as it consolidates even more control of the ad ecosystem in a handful of companies. Google’s response that they are placed at the same disadvantage as other third parties is not accurate. Google controls the browser and so has full control to communicate any data between the browser and their servers, bypassing the proxies.
There is only one thing that drives these companies and that is maximizing profits for the benefit of their investors. This objective is fine. However, it is disingenuous for either of these companies to hide behind the defense that they care about the privacy of end users.
If Apple cared about the privacy rights of all humans, why do they share all data belonging to their customers in China with the Chinese government. The only reason is profits. Google also shares all their customer’s data with any government that asks.
If there were a thousand companies that each had access to a tiny sliver of a consumers data, we would have a system that naturally protects end user privacy. However, with a few companies controlling the vast majority of the consumer tech landscape, we now have a system where a few for-profit companies are keepers of our data and already sell out when their profits are at stake.