23 Jun '15 Apple and the battle for privacy

TL;DR: Apple is in no position for attacking other companies over how they deal with their users privacy and security. There is nothing in their policies that makes us think they care about us more than other companies do.

Only a few weeks ago, Apple’s CEO Tim Cook delivered a speech on privacy, security and how Apple is so much better at these things.

Now, someone would say I am an anti-Apple guy, although that’s demonstrably false, if for nothing else, because I have owned and worked with several Apple devices during the course of the past few years. I do not always enjoy how they market their products, the way they make you feel like you absolutely need something you actually don’t. Mac OS is probably my favourite OS, but it is extremely expensive to buy, and in my opinion, unless you are a professional, you really don’t need anything more than a nice laptop with Ubuntu on it. But that’s besides the point.

It made me feel quite uncomfortable to listen to Cook’s words on how we can all trust Apple with our data and our messages. Now, don’t get me wrong, it’s amazing that a CEO of a major tech company would stand up in defense of his customers’ data, stating how unacceptable it is for any other company not to act this way. But then it made me think that, great words aside, there was nothing there that would justify him attacking other companies (mostly, Google), and positioning himself as the new champion for the defense of people’s security and privacy.

There are actually a few reasons why Apple is not in the position of becoming the new advocate of privacy and security:

  1. Apple has been shown vulnerable to attacks a few times already. Just think of the not-too-long-ago leaked celebrity pictures from iCloud. Of course, these things happen, not only to Apple products, and most of the times it’s just people’s fault for not creating stronger passwords/enabling two-factor authentication. But still, we can’t recall anything like that happening with Gmail, or Google+ Photos in recent times. And even it had, it would only show they are all susceptible to such attacks.
  2. They are a very closed company From my point of view, this is a major one. If the CEO of Red Hat were to give a similar speech, I would have applauded him. Why? Because Red Hat (like some other companies out there) adheres to a strict policy of transparency, which is very clear first and foremost by the fact that they open source all of their products. This means that they could never put themselves in Cook’s position without having thousands of people going to actually check their code to verify the truth of their claims. But this is simply impossible with Apple. A more closed, walled-garden type of company I can’t think of. A while ago my wife and I had a really bad experience with trying to move all our iCloud photos somewhere else, so that we could access them from our non-Apple devices as well. We struggled and struggled, and took us hours to move everything. The reality is, there is no easy way to opt-out from Apple, whereas it’s really easy to move away from most of, say, Google’s products. If they really cared about my data, they should at least give me the ability to easily export it somewhere else anytime I want. It is my data, after all.
  3. It is not true that if something is for free, then you must be the real product. Derek Powazek wrote a great piece on this. Companies like Apple like to charge you for everything. And they want to make you believe that because you are paying a lot of money, you will have a better service and your data won’t be used for other purposes, like, showing you ads based on your searches. But this is demonstrably false. First of all, there is no direct connection between you paying for a service and how your data will be used. For all we know, Apple (and others) could be doing the same thing with your data even though you paid for their products. Besides, I can give you plenty of examples of products for which I have paid money, only to be treated rubbish by the companies who made them. On the other hand, some of the free services that I use, have made me incredibly happy. All this is saying, is that there is no correlation between how much you pay, and how much they care about you.

Like I said at the beginning, I am not an anti-Apple person, and I didn’t write this piece to attack Apple. Rather, I wanted to put things back into the right perspective. I do not believe companies like Google, Microsoft or Amazon do any better than Apple in terms of privacy and security. Which doesn’t mean what they do is bad. All of these companies adopt (or are in the process to adopt) first-class encryption techniques, and one would want to argue that if there is anyone with enough resources to actually keep your data safe, then it has to be these companies, including Apple. Besides, privacy is a highly regulated matter (especially here in Europe), and so there is no way they can use your data to do what they want, unless you explicitly authorise them.

But, it would be arrogant of one of them to stand up as the messiah of privacy and security, especially if that means attacking other companies. If they want us to keep trusting them with our data, they need to keep doing the right thing. They should ask us only for informations that are strictly necessary; they should use world class encryption and spare no resource in order to keep everything safe; they should use all their influence when governments try to change laws and make it acceptable for them to have a look at my holidays pictures.

Cover photo from Flickr.