Inside iOS 10: Apple doubles down on security with cutting edge differential privacy

Posted:
in iPhone edited June 2016
After a bruising battle with the Federal Bureau of Investigation and a contentious debate over encryption in the wake of the San Bernadino terrorist shooting, Apple is doubling down on privacy protection by researching cutting-edge privacy techniques for iOS 10, allowing advanced new features while protecting user data.




"All of this great work in iOS 10 would be meaningless to us if it came at the expense of your privacy. And so in every feature that we do we carefully consider how to protect your privacy," said Craig Federighi, Apple's senior vice president of Software Engineering, at the WWDC16 event on June 13.

In pursuit of advanced protection, Apple is investing in "differential privacy," a means of maximizing the accuracy of queries from statistical databases while at the same time minimizing the chances of identifying specific individuals. Differential privacy uses a variety of techniques to do this, like hashing, subsampling and noise injection.
Apple's work in differential privacy has earned the praise of Aaron Roth, a world-class expert on the subject, who called the technology in iOS 10 "groundbreaking."
When Aaron Roth, a world-class privacy researcher from the University of Pennsylvania, saw the company's efforts, he called them "groundbreaking" and said that scaling it up and incorporating it broadly into the technology "is visionary and positions Apple as the clear privacy leader among technology companies today."

The technique is important since Apple, like many companies, attempts to analyze device use to spot mass trends so that software improvements can be made - for example, discovering new words to include in QuickType.

In addition, Apple is continuing its practice of providing end-to-end encryption by default in apps like Facetime, Messages and Homekit to protect communications. When it comes to advanced, deep learning, artificial intelligence analysis of user data, it is being done on the device itself, keeping personal data under user control.

Federighi also pledged that Apple builds no user profiles based on Internet searches.

"We believe you should have great features and great privacy," he said. "You demand it and we're dedicated to providing it."
nolamacguylolliver

Comments

  • Reply 1 of 14
    wdowellwdowell Posts: 234member
    I've heard enough concerns over this Diffential Privacy threory being all that it's cracked up to be, to want to hear what the security community say about this. Right now I'd love to know if, given that it's possible for Apple to 'de-noise' the mass data, if the NSA and others could do the same? I havent a clue but there seems no answer as yet.
  • Reply 2 of 14
    MacProMacPro Posts: 19,822member
    wdowell said:
    I've heard enough concerns over this Diffential Privacy threory being all that it's cracked up to be, to want to hear what the security community say about this. Right now I'd love to know if, given that it's possible for Apple to 'de-noise' the mass data, if the NSA and others could do the same? I havent a clue but there seems no answer as yet.
    Good take on this here: http://www.theverge.com/2016/6/15/11940010/walt-mossberg-apple-wwdc-2016-recap-themes
    jackansi
  • Reply 3 of 14
    boboliciousbobolicious Posts: 1,168member
    "Apple builds no user profiles based on Internet searches." ...what criteria might be used...? And presuming that is indeed true, others may. And so why does Safari so frequently seem to exit of 'Private Browsing' mode when launching a 'new window' off a link...? Can this be an oversight, if long trails are often in browsing history without obvious warning... Does every 'upgrade' of these OS & apps introduce privacy creep 'features' that could potentially harvest & collate data if hacked or sociopolitical conditions change? I think of many things beyond a users control such as others use of contact photos & faces (id), iCloud (so ON by default), maps, and closer to home finger print access, location manager, etc. Why one must choose between location tracking or losing IMEI location tracking to wipe a users' data if a phone is lost or stolen ? Has this all happened so incrementally it is easy to view as helpful, but is the potential downside devastating? For consideration: http://www.dezeen.com/2015/05/27/rem-koolhaas-interview-technology-smart-systems-peoples-eagerness-sacrifice-privacy-totally-astonishing/ To quote a CNBC commentator ‘it’s a problem with our society’... http://video.cnbc.com/gallery/?video=3000524738 https://www.eff.org/wp/dangerous-terms-users-guide-eulas http://jolt.richmond.edu/v1i1/liberman.html
  • Reply 4 of 14
    cpsrocpsro Posts: 3,226member
    Perhaps Congress would get off its collective @ss and mandate privacy protections like this.

    Haha, just kidding.
    cornchip
  • Reply 5 of 14
    revenantrevenant Posts: 621member
    I find it extremely interesting/worrisome that governments like the US have pushed hard to get into private mobile phones but have been hacked into and lost data to hackers. The US DNC and US/Korean joint forces being the most recently successfully hacked. 
    I notice governments want citizens to have weaker security/privacy while citizens are not fed up with governments loosing data for not being secure enough. 
    jbdragonlightknight
  • Reply 6 of 14
    coolfactorcoolfactor Posts: 2,327member
    wdowell said:
    I've heard enough concerns over this Diffential Privacy threory being all that it's cracked up to be, to want to hear what the security community say about this. Right now I'd love to know if, given that it's possible for Apple to 'de-noise' the mass data, if the NSA and others could do the same? I havent a clue but there seems no answer as yet.
    Good take on this here: http://www.theverge.com/2016/6/15/11940010/walt-mossberg-apple-wwdc-2016-recap-themes

    Even if the data was de-noised, it's still not personally identifying individuals. That's a big difference in how the data is collected. The noise just makes it even less useful to those trying to capitalize on "people as the product".
    lolliverjony0jbdragonsteveh
  • Reply 7 of 14
    aricbaricb Posts: 27member
    cpsro said:
    Perhaps Congress would get off its collective @ss and mandate privacy protections like this.

    Haha, just kidding.
    What is more likely to happen is privacy will be wiped out because those billionaires need to add 10 more feet to their yachts.
  • Reply 8 of 14
    lolliverlolliver Posts: 497member

    I wonder what impact this will have an Apple's rumoured issues with being able to recruit experts in the field of AI. If they were concerned about the potential of not having access to the same data as they would at companies like Facebook and Google that have no issue spying on their users will this be enough of a consolation to offset those concerns.   

    I like that Apple is working on ways to get the data required while also finding new ways to ensure user privacy is maintained. It's not the easy was but it's certainly the way that will keep me as a loyal customer.

  • Reply 9 of 14
    volcanvolcan Posts: 1,799member
    Millennials seem to be less concerned about privacy than other generations. They will freely share their personal information so long as they get something in return, like a coupon or a free something or other, but little by little their full profile is being developed by companies that are storing their personal preferences, locations, job, school, friends, pictures, etc. Millennials don't seem to care about their personal details being publicly available and willingly share it on social media. Even liking something on Facebook or tweeting can divulge certain details that can be compiled by data collectors. Perhaps their iMessages are secure but the rest of their life is an open book.
    mwhitegatorguybaconstang
  • Reply 10 of 14
    gatorguygatorguy Posts: 24,608member
    volcan said:
    Millennials seem to be less concerned about privacy than other generations. They will freely share their personal information so long as they get something in return, like a coupon or a free something or other, but little by little their full profile is being developed by companies that are storing their personal preferences, locations, job, school, friends, pictures, etc. Millennials don't seem to care about their personal details being publicly available and willingly share it on social media. Even liking something on Facebook or tweeting can divulge certain details that can be compiled by data collectors. Perhaps their iMessages are secure but the rest of their life is an open book.
    There you go. And it's not just on-line activities. True "privacy" is a mirage IMHO. You may think you're making it so but... 
  • Reply 11 of 14
    gatorguy said:
    volcan said:
    Millennials seem to be less concerned about privacy than other generations. They will freely share their personal information so long as they get something in return, like a coupon or a free something or other, but little by little their full profile is being developed by companies that are storing their personal preferences, locations, job, school, friends, pictures, etc. Millennials don't seem to care about their personal details being publicly available and willingly share it on social media. Even liking something on Facebook or tweeting can divulge certain details that can be compiled by data collectors. Perhaps their iMessages are secure but the rest of their life is an open book.
    There you go. And it's not just on-line activities. True "privacy" is a mirage IMHO. You may think you're making it so but... 
    True privacy is difficult but not impossible although Google is going out of their way to invade my privacy like no other company. 

    I am not a part of Facebook. I stopped using Google search over 2 years ago and all of my devices are Google free zones. 

    Google sends their $&#% spy cams on the road, takes photos of my house and posts them on the Internet. I have taken to planting trees all around my home to give their spy cams as little view of my home as possible.  

    I do make a substantial number of purchases on Amazon and I know they have a pretty good profile on me. However I trust Amazon far more than Google. 

    I have searched my name and profile using All of the search engines and Google
    along with the pay sites. Half of the information is wrong and much of it is old. However, pictures of my home and vehicle are on the Internet courtesy of Google. It is quite unsettling, and the company gets none of my business as a result. 

    If the millennials don't care, that's their problem. I do care and I refuse to give my business to any company that profiles me so that they can sell it to the highest bidder. No thanks. 

    I'll stay with Apple on iOS using Anonymizer when browsing the web. Google is more than welcome to profile those too lazy, too uncaring, too trusting to protect their profiles. 
  • Reply 12 of 14
    gatorguygatorguy Posts: 24,608member
    gatorguy said:
    volcan said:
    Millennials seem to be less concerned about privacy than other generations. They will freely share their personal information so long as they get something in return, like a coupon or a free something or other, but little by little their full profile is being developed by companies that are storing their personal preferences, locations, job, school, friends, pictures, etc. Millennials don't seem to care about their personal details being publicly available and willingly share it on social media. Even liking something on Facebook or tweeting can divulge certain details that can be compiled by data collectors. Perhaps their iMessages are secure but the rest of their life is an open book.
    There you go. And it's not just on-line activities. True "privacy" is a mirage IMHO. You may think you're making it so but... 
    True privacy is difficult but not impossible although Google is going out of their way to invade my privacy like no other company. 


    You really think so? Sure Google uses anonymized data (which they keep to themselves, not selling it) to determine who might be interested in seeing some company's ad.  Pay a visit to Acxiom and ask for a copy of your personal data file, at least the part they're willing to give you. It will be an eye-opener. And it's for sale, personally identifiable info and all. They're not the only ones who "know more than Google" either and willing to sell what they know to whoever is willing to pay. 

    Herbivore2 said:
    I am not a part of Facebook.
    Doesn't really matter since Facebook collects information on non-users too. Last year they said it was simply a "bug" that would get fixed, implying it was unintentional. 
    https://www.theguardian.com/technology/2015/apr/10/facebook-admits-it-tracks-non-users-but-denies-claims-it-breaches-eu-privacy-law

    ...but this year they fessed up and admitted they were doing so, but that it still wasn't breaking EU law.
    http://www.theverge.com/2016/5/27/11795248/facebook-ad-network-non-users-cookies-plug-ins

    You only THINK you're not part of Facebook. But both they and Acxiom, along with 1000's of other data brokers buying and selling your health, financial, and family information would thank you for keeping your focus on just Google.
    edited September 2016 singularity
  • Reply 13 of 14
    Meh. Anyway, the minute you install non-Apple apps (the very reason why you buy an iPhone in the first place anyway, for most people, is the size of the App Store...), you start being tracked.

    For most companies making apps, especially e-commerce apps:
    A/B testing, Analytics frameworks? Check.
    Logging all your requests? Check.
    Requiring an account, even though most of your data could use a temporary ID? Check.

    edited September 2016
  • Reply 14 of 14
    volcan said:
    Millennials seem to be less concerned about privacy than other generations. They will freely share their personal information so long as they get something in return, like a coupon or a free something or other, but little by little their full profile is being developed by companies that are storing their personal preferences, locations, job, school, friends, pictures, etc. Millennials don't seem to care about their personal details being publicly available and willingly share it on social media. Even liking something on Facebook or tweeting can divulge certain details that can be compiled by data collectors. Perhaps their iMessages are secure but the rest of their life is an open book.
    Or commenting on Ai.
Sign In or Register to comment.