Overall, I was pretty pleased to see Apple's official response today. It took a little longer than I think many people would have liked, but it's generally plausible, and I still feel that Apple is generally one of the "good guys" in the realm of privacy. Minor issues pointed out here:
When they say that "Apple is not tracking the location of your phone", it may be true from a pedantic nature, but general location information about your phone was (and will continue to be if you opt to allow it) being passed along to Apple. It may not be highly accurate data, and it may have been purged or otherwise aggregated on their end to the point of not identifiable, but location data was passed on.
When they say "This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.", I don't quite buy that. If they choose to take note of where the data came from, it could be identified, even if the identifying info is not explicitly in the data itself. Yes, this is a minor point, just throwing it out for sake of completeness.
Lastly, on this PR statement, I don't believe the two issues were really "bugs", but I could be convinced that they were simple oversights. Yes, there is a difference, although it's not really that important in the scope of explanation to the public.
But overall, these are small nits, and I applaud Apple for coming out and not only explaining what's going on, but taking steps to rectify the problems. To be honest though, they had little choice. The media and public at large were not going to let go of this easily.
Originally Posted by melgross
They make it clear that it is anonymous. As we can see from Apple's statement today, this isn't what you insist it is.
As I alluded to above, any sizable amount of location-based data, even with no user-identifying bits, should not be assumed to be anonymous. It's possible that this particular data was not accurate enough to be identifiable, but I haven't seen anything (yet) that leads me to believe that's the case. Here is a great article, worth reading in its entirety:http://33bits.org/2009/05/13/your-mo...ocation-pairs/
The PARC article referenced within is also good, but more technical than most people will want to read.
Originally Posted by melgross
Because of that, using this to track people is useless, and hasn't been allowed in court so far.
Key words: so far
Originally Posted by Dickprinter
I, for one, always read the fine print so I can make educated choices.
Having said that, am I being naive?
PS: Thanks for not picking on me.
As for reading fine print, you and I are in a very small minority!
As for being naive, that's a pretty harsh statement. But I do think everyone should consider that whenever vast amounts of personal information is in the hands of any
3rd party, it's dangerous. Apple does seem like one of the "good guys", but:
1) management changes, the data they own never goes away.
2) security breaches occur all the time, and the more data in any one place, the bigger a target it is.
3) companies are indeed gathering more and more profiling information all the time (not just location-based)
4) when the feds do step in and make use of that data, the public absolutely does not get to know about it (this is a fact).
Now, this brings up the real
elephant trying to sneak around in the back of the room: Google!
Apple is in business to sell computers, iPhones, etc. Gathering personal information is helpful to them, but ancillary. It's easy to see why they'll want to enable various features that rely on personal information, but making the vast majority of that data opt-in does not run completely contrary to their business model.
Google, on the other hand, needs
to know as much personal profile information about their users as possible because it's the crux of their business. I am dying to see how Google responds to this inquiry!