Apple nets perfect score in privacy group's consumer data protection assessment

Posted:
in General Discussion edited June 2015
Digital rights advocacy group the Electronic Frontier Foundation on Wednesday gave Apple a perfect rating in its annual "Who has your back?" report, which rates tech companies on their efforts to secure consumer data against government snooping.




Apple was one of nine technology and Internet services firms to rate five out of five stars under the EFF's criteria for assessment regarding government data requests.

The group evaluated a number of big industry names to determine whether they: follow industry-accepted best practices, tell users about government data demands, disclose policies on data retention, disclose government content removal requests, oppose backdoors. Along with Apple, Adobe, Credo Mobile, Dropbox, Sonic, Wikimedia, WordPress, Wickr and Yahoo received all available stars.

The results are a repeat performance for Apple, which achieved a perfect score in 2014. Prior to last year, however, the company only managed one star in three consecutive assessments.

Apple fields a number of encryption tools that prevent prying eyes -- government or otherwise -- from accessing personal customer data. The lockout mechanism in iOS 8, for example, is so secure that Apple itself is technically incapable of decrypting it.

Apple is also part of an ongoing public campaign against over-surveillance and in May signed a letter urging President Barack Obama reject incoming proposals that seek to require software backdoors be installed for use by law enforcement agencies.

At least some of Apple's recent success in consumer privacy can be contributed to CEO Tim Cook, who has been an outspoken proponent of keeping personal data in the hands of customers, not the government. Apple's does not make personal data available to without proper warrantopen letter to customers.

Cook delivered one his most impassioned speeches on the matter this month in a teleconferenced call to an event hosted by the Electronic Privacy Information Center's Champions of Freedom, at which he was honored for works as a corporate leader. Aside from touting Apple's own data security policies, the Apple chief called out companies that offer free services with the proviso that personal information can be commoditized, most often for targeted Web advertising.

Earlier on Wednesday, former NSA contractor Edward Snowden went on record as saying he believes Apple will keep its promises to consumers, if for nothing else than a holding a commercial edge over rivals that monetize customer data.

Comments

  • Reply 1 of 16
    roakeroake Posts: 762member

    Edward Snowden gives two thumbs up!

     

    So does his sugar-daddy (Vladmir "the Impaler" Putin).

     

    I just hope Cook never folds on his security.  He's pretty confused sometimes, doesn't really know what he wants.  Keep your eye on the ball, Cook.  Eye on the balls!

  • Reply 2 of 16
    ecatsecats Posts: 272member
    Meanwhile this doesn't take into account Adobe's massive 2013 hack. I'm still getting spam to that email address.
  • Reply 3 of 16
    clemynxclemynx Posts: 1,510member
    Of course few media are going to talk about this. Or maybe they will and turn it into something negative following the rule : what is good for Apple is bad for Apple.
  • Reply 4 of 16
    normmnormm Posts: 637member
    For effective artificial intelligence done on its servers (which is how Siri works, for example), Apple will need to keep more and more personal info available on those servers. That doesn't mean, though, that they need to give access to third parties (other than court orders).
  • Reply 5 of 16

    That's only because the EFF doesn't know about the backdoor that Echelon has had since the first iPhone. /s

  • Reply 6 of 16
    MacProMacPro Posts: 19,379member
    Were the graph's column headers left off by accident in this article? The link does take you to the full graph but it seems a bit strange to chop them off.
  • Reply 7 of 16
    lkrupplkrupp Posts: 9,454member
    Quote:

    Originally Posted by BeowulfSchmidt View Post

     

    That's only because the EFF doesn't know about the backdoor that Echelon has had since the first iPhone. /s




    I was told by nefarious sources that it is actually the Trilateral Commission, head by Henry Kissinger and the New World Order.

  • Reply 8 of 16
    genovellegenovelle Posts: 1,265member
    Quote:

    Originally Posted by NormM View Post



    For effective artificial intelligence done on its servers (which is how Siri works, for example), Apple will need to keep more and more personal info available on those servers. That doesn't mean, though, that they need to give access to third parties (other than court orders).



    That's the beauty of how Apple works.  They clearly have been thinking about this.  If you watched the keynote they explained how they managed to increase Siri's awareness while protecting your privacy. Most processing will now be done on device.  When web data is required, it is sent encrypted and anonymously.  This way Siri can know what it needs to know, but Apple does not need access to it. The beauty of not keeping a key for themselves or storing the data in the first place is they can't disclose what they don't have access to. Google and other companies that maintain mounds of data on everything you do and processes it can't say that when they come asking. 

  • Reply 9 of 16
    gatorguygatorguy Posts: 23,165member
    ecats wrote: »
    Meanwhile this doesn't take into account Adobe's massive 2013 hack. I'm still getting spam to that email address.
    It's not that type of privacy report. It has to do with how the companies state they handle the five different standards the EFF is using with regard to government requests.

    "The Electronic Frontier Foundation’s Fifth Annual Report
    on Online Service Providers’
    Privacy and Transparency Practices Regarding
    Government Access to User Data"
  • Reply 10 of 16
    peteopeteo Posts: 395member
    Quote:
    Originally Posted by genovelle View Post


    That's the beauty of how Apple works.  They clearly have been thinking about this.  If you watched the keynote they explained how they managed to increase Siri's awareness while protecting your privacy. Most processing will now be done on device.  When web data is required, it is sent encrypted and anonymously.  This way Siri can know what it needs to know, but Apple does not need access to it. The beauty of not keeping a key for themselves or storing the data in the first place is they can't disclose what they don't have access to. Google and other companies that maintain mounds of data on everything you do and processes it can't say that when they come asking. 

     

    "Most processing will now be done on device"

    I don't know why you think this, everything you say to siri goes to up to an apple server to get translated. Sure the new iSO 9 Siri search results (which used to be called spotlight) when not using Siri to translate your voice are done on your device. But the instant you use your voice to do any searching, it needs to go to an apple server to translate.
    Who knows if the government has requested that data. I don't think apple has any info on how long they save those translations.
  • Reply 11 of 16
    f1turbof1turbo Posts: 256member

    How did Yahoo get on the perfect list when they scan your email for marketing purposes?

  • Reply 12 of 16
    zoetmbzoetmb Posts: 2,584member
    Quote:

    Originally Posted by peteo View Post

     
    Quote:

    Originally Posted by genovelle View Post

     



    That's the beauty of how Apple works.  They clearly have been thinking about this.  If you watched the keynote they explained how they managed to increase Siri's awareness while protecting your privacy. Most processing will now be done on device.  When web data is required, it is sent encrypted and anonymously.  This way Siri can know what it needs to know, but Apple does not need access to it. The beauty of not keeping a key for themselves or storing the data in the first place is they can't disclose what they don't have access to. Google and other companies that maintain mounds of data on everything you do and processes it can't say that when they come asking. 


     




    "Most processing will now be done on device"



    I don't know why you think this, everything you say to siri goes to up to an apple server to get translated. Sure the new iSO 9 Siri search results (which used to be called spotlight) when not using Siri to translate your voice are done on your device. But the instant you use your voice to do any searching, it needs to go to an apple server to translate.

    Who knows if the government has requested that data. I don't think apple has any info on how long they save those translations.



    The question isn't whether Siri data goes to the Apple server and is stored, it's whether that data can be personally tied back to any particular person and whether the government has access to such data.     It doesn't matter one iota if Apple stores that someone asked where the closest hardware store is and it doesn't matter if they also store the response of "121 Main Street".   What matters is if the Government can know that one personally asked where the closest hardware store was and who that person is.   Or if one asks for driving instructions and the Government knows one's location when the request was made and the target destination.  

     

    But having said that, no matter how much processing power the NSA has, I think it's an incredible waste of time and resources looking for criminals or terrorists using Siri data, even if they could.   There's probably a billion inquiries a day and probably 99.99% of it is trivial and Siri misinterprets a great deal of it anyway.   The data is meaningless and would probably never hold up in a court of law.

  • Reply 13 of 16
    zoetmbzoetmb Posts: 2,584member
    Quote:

    Originally Posted by F1Turbo View Post

     

    How did Yahoo get on the perfect list when they scan your email for marketing purposes?




    Because the list is only about protecting your data from Government eyes, not from a company's own use of your data.    

  • Reply 14 of 16
    peteopeteo Posts: 395member
    "The question isn't whether Siri data goes to the Apple server and is stored, it's whether that data can be personally tied back to any particular person and whether the government has access to such data"

    True but there's usually a way to link data to other data even if the company does not identify the person the data if from.

    I.E. Government to at&t, give me all the people that contacted these siri servers during these dates around this location.. (Basicly metadata not that actual search)

    Government to apple give me all the "Non identifiable" siri searches on these servers between these dates and locations.

    Government runs a program to match time and location and server. Bingo now we know the person and what they searched for
  • Reply 15 of 16
    gatorguygatorguy Posts: 23,165member
    f1turbo wrote: »
    How did Yahoo get on the perfect list when they scan your email for marketing purposes?
    Again, because that's not what the report was looking at. It was more or less a transparency report, not a privacy report.
  • Reply 16 of 16
    inklinginkling Posts: 731member
    I'll begin to take all these companies seriously when they give us a public key encryption that's built-in and virtually automatic. Exchange a single set of emails with someone on whatever platform and, unless we choose otherwise, we've got encryption set up between us.

    In short, deeds matter more than words and promises. Give us the deeds not just speeches.
Sign In or Register to comment.