Former Facebook security chief questions Apple's privacy double standard in China

Posted:
in General Discussion edited October 2018
Following Apple CEO Tim Cook's impassioned speech on privacy delivered at a privacy conference in Brussels, former Facebook chief security officer Alex Stamos questioned the tech giant's motives and current policies in a hot take posted to Twitter.

China iCloud


Stamos said he agreed with "almost everything" Cook said during his keynote address at the 40th International Conference of Data Protection and Privacy Commissioners in Brussels on Wednesday, but noted the tech giant's aspirational view on privacy is not universal.

In China, Apple's most important growth market, the company at the behest of government regulations implements system-level iOS and Mac restrictions that disallow the installation of certain VPN and end-to-end encrypted messaging apps. These services, Stamos suggests, are important privacy tools that let users "avoid pervasive censorship and surveillance" in a regime known for implementing such policies.

Further, Stamos notes Apple recently migrated Chinese iCloud data to in-country servers run by partner Guizhou-Cloud Big Data Industry Co. Ltd., again to conform with government laws. The initial move stirred its fair share of controversy, but a so-called "infrastructure agreement" with state-owned Tianyi Cloud service seemingly flew in the face of Apple's assurances against government snooping.

"We don't want the media to create an incentive structure that ignores treating Chinese citizens as less-deserving of privacy protections because a CEO is willing to bad-mouth the business model of their primary competitor, who uses advertising to subsidize cheaper devices," Stamos said, referring to Cook's ICDPPC speech.

Cook earlier on Wednesday presented barbed commentary on the state of modern consumer data collection practices.

"Our own information is being weaponized against us with military efficiency," he said, adding, "We shouldn't sugar-coat the consequences. This is surveillance. And these stockpiles of personal data only serve to enrich the companies that collect them."

Cook did not name names, but Google and Facebook were clear targets of what amounted to a 15-minute rebuke of data monetization strategies. He went on to call for U.S. privacy regulations crafted in the same vein as Europe's GDPR, saying any proposed legislation should require companies to adhere to four main tenets to be effective: data minimization, transparency of data collection practices, easy access to stored data and security.

"Cook is right, the US needs a strong privacy law and privacy regulator, and advertising companies like Google, Facebook and Twitter need to collect less data and minimize more often," Stamos said.

Still, the ex-Facebook executive said Apple's push for data protections in its domestic market -- and an endorsement of the same worldwide -- are seemingly at odds with its Chinese operation.

"Apple needs to come clean on how iCloud works in China and stop setting damaging precedents for how willing American companies will be to service the internal security desires of the Chinese Communist Party," Stamos said.

For its part, Apple maintains the VPN app takedown and iCloud migration were both conducted in compliance with Chinese regulations. Privacy advocates, however, argue Apple willingly kowtows to China as it fights similar calls for conciliation in other markets, including the U.S.
«1

Comments

  • Reply 1 of 31
    wood1208wood1208 Posts: 1,696member
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.
    racerhomie3LordeHawkradarthekatd_2lollivermagman1979chasmnetroxrandominternetpersonwatto_cobra
  • Reply 2 of 31
    The Facebook guy can go and suck it.
    macseekerradarthekatlolliverlostkiwichasmanton zuykovolsSpamSandwichwatto_cobra
  • Reply 3 of 31
    It's important to remember that we don't get to impose our own standards and principles on others. If the Chinese People aren't happy with their government, history shows us that they can and will rise up en masse should things get out of hand there. Most don't really care about having unfettered access to the world. My Chinese friends could care less about "missing Facebook". They have their own equivalents anyway, and feel little restriction on their daily lives. We westerners would find it unbearable, but for them, it's a good kind of normal. Familiar, comfortable, and they enjoy a civil, predictable society... Apple wants to do business in the most populous country in the world. That country happens to be very different from us culturally. I don't think Apple would agree to "snoop ware" being installed from the factory, but they're not going to push back on blocking VPNs and so on. Those are simply not OK in China... What would YOU do? Walk away from a hundred billion in business, or just accept their national policies?
    edited October 2018 radarthekatlolliverolswatto_cobra
  • Reply 4 of 31
    FatmanFatman Posts: 201member
    Anyone that works/worked at Facebook shouldn’t open their mouth about privacy. This guy should be ashamed of himself. Facebook is the poster child for abusing people’s personal data for profit. Remember when Zuckerberg called his users ‘Dumb Fxcks’. I truly believe Apple does care (as long as it also coincides with revenue) but they can’t change the world’s largest communist country. The citizens have already surrendered their privacy behind the ‘great firewall’. My Chinese clients all use WeChat, knowingly all communications monitored by the government. 
    radarthekatd_2lollivermagman1979macseekerlostkiwichasmolsirelandboogerman2000
  • Reply 5 of 31
    wood1208 said:
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.

    So that’s why Apple accepts billions every year from Google to be the default search engine in iOS?
  • Reply 6 of 31
    wood1208 said:
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.
    What a pretty statement. Means absolutely nothing. Especially to those behind the bamboo curtain who desperately need and want to have unfettered access. The Chinese feel the same as you about not having random officials rummaging through their messages, email, and photos. Apple, while very successful in making money hasn't a shred of morality. Simply marketing to whatever group. In the West, they are all about human rights and privacy as defined by them. In the mid east, not so much. In China, they don't mention these things and fold as soon as they are asked. If it makes you feel better about yourself and your choice to give Apple large dollars, cool. But there is no way that "We follow the law" is an excuse for anything. Ask the accused at the Nuremberg trials.
  • Reply 7 of 31
    This guy is being disingenuous in his comparison. He knows well as Cook answered his question concerning iCloud in China  multiple times. The key is they still don’t break any encryption and provide the same information required by law to China as they do here with proper warrants. All encrypted data remains so and they don’t have access to that data. The difference is now if China needs requests iCloud data for their law Enforcement they no longer have to include the US in their matters by acquiring a US court order for something that has nothing to do with us. 

    radarthekatPickUrPoisonlolliverlostkiwiRayz2016anton zuykovwatto_cobra
  • Reply 8 of 31
    radarthekatradarthekat Posts: 2,896moderator
    “...service the internal security desires of the Chinese Communist Party,“

    Stamos stops short of using terms like ‘the Chinese government’ and ‘adheres to Chinese law’, I think intentionally using terms like ‘servicing the internal security desires’ and ‘the Chinese Communist party’ in an effort to suggest that Apple is willingly supporting the whims of those in China who would spy on the country’s citizens, as though Apple has a choice short of pulling completely out of that market.  Watch what people say to see how disingenuous they can sometimes be. 
    edited October 2018 lolliverlostkiwiwatto_cobra
  • Reply 9 of 31
    radarthekatradarthekat Posts: 2,896moderator
    GHammer said:
    wood1208 said:
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.
    What a pretty statement. Means absolutely nothing. Especially to those behind the bamboo curtain who desperately need and want to have unfettered access. The Chinese feel the same as you about not having random officials rummaging through their messages, email, and photos. Apple, while very successful in making money hasn't a shred of morality. Simply marketing to whatever group. In the West, they are all about human rights and privacy as defined by them. In the mid east, not so much. In China, they don't mention these things and fold as soon as they are asked. If it makes you feel better about yourself and your choice to give Apple large dollars, cool. But there is no way that "We follow the law" is an excuse for anything. Ask the accused at the Nuremberg trials.
    Nice false equivalency there in your last sentence.

    Here’s a better comparison for you.  Would you suggest a company making climbing rope pull out of the Chinese market because... the Chinese government, having unfairly convicted a dissident might use rope from that company to hang the dissident?  That would be suggesting the rope manufacturer is somehow complicit in the bad acts of the Chinese government.  Same thing here with Apple.  Each company is creating and selling a tool; how it might actually be used is separate from its intended use.  Apple is in no way aiding the Chinese government in spying on its citizens; those actions are the sole providence of the government.  Chinese citizens, unlike victims of the holocust, are free to not be subject to the method of spying you feel Apple is complicit in enabling; they can simply chose not to buy an iPhone.  
    edited October 2018 lolliverlostkiwiRayz2016randominternetpersonwatto_cobra
  • Reply 10 of 31
    Apparently if you can't do everything perfect from day 1. Then you should throw out the baby with the bathwater and just switch to an invasive privacy-evading monetisation business model.

    While the China situation sucks, it's better to have encrypted iMessage/Facetime rather than no secure services whatsoever. Advocacy in China can increase those protections - but also keep in mind that Apple alone can't do it, the population must have an appetite for it too.
    stompyradarthekatlollivermagman1979lostkiwiwatto_cobra
  • Reply 11 of 31
    davendaven Posts: 476member
    Facebook had a security chief?
    radarthekatd_2lolliverviclauyycmagman1979lostkiwiirelandtokyojimucornchipanantksundaram
  • Reply 12 of 31
    tzeshantzeshan Posts: 1,843member
    If iPhones calls can be eavesdropped, Does it have privacy? 
  • Reply 13 of 31
    These are somewhat valid points!

    Trump’s use of iPhones is another area where devices can be secured quite easily and “stingers” where listening in can be used can be defeated with several options in carrier/network profile management, but Intel community fails POTUS. Apple could further ensure corporate clients better security as well and NYT reporters are either stupid or revealing Apple’s leaving holes in US like they do in China for CCP!

    Apple needs to defend privacy on an even higher leve  than they have previously. We use strong encryption that works on the iPhone and secures our proprietary information. It detects stinger intercepts and we track everything.
    watto_cobra
  • Reply 14 of 31
    slurpyslurpy Posts: 5,074member
    GHammer said:
    wood1208 said:
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.
    What a pretty statement. Means absolutely nothing. Especially to those behind the bamboo curtain who desperately need and want to have unfettered access. The Chinese feel the same as you about not having random officials rummaging through their messages, email, and photos. Apple, while very successful in making money hasn't a shred of morality. Simply marketing to whatever group. In the West, they are all about human rights and privacy as defined by them. In the mid east, not so much. In China, they don't mention these things and fold as soon as they are asked. If it makes you feel better about yourself and your choice to give Apple large dollars, cool. But there is no way that "We follow the law" is an excuse for anything. Ask the accused at the Nuremberg trials.
    Nice false equivalency there in your last sentence.

    Here’s a better comparison for you.  Would you suggest a company making climbing rope pull out of the Chinese market because... the Chinese government, having unfairly convicted a dissident might use rope from that company to hang the dissident?  That would be suggesting the rope manufacturer is somehow complicit in the bad acts of the Chinese government.  Same thing here with Apple.  Each company is creating and selling a tool; how it might actually be used is separate from its intended use.  Apple is in no way aiding the Chinese government in spying on its citizens; those actions are the sole providence of the government.  Chinese citizens, unlike victims of the holocust, are free to not be subject to the method of spying you feel Apple is complicit in enabling; they can simply chose not to buy an iPhone.  

    Something tells me that your post is going to fly far, far above his head, considering the vapidness and idiocy of his post. 

    "Apple, while very successful in making money hasn't a shred of morality."

    So, is Apple as a corporate entity able to have "morality"? Or is he claiming that all of Apple's employees or executives are amoral? 
    edited October 2018 magman1979lostkiwiRayz2016watto_cobra
  • Reply 15 of 31
    chasmchasm Posts: 1,035member
    As stated above: nobody who works or has ever worked for Facebook has any right or business lecturing anyone else about privacy.
    apathy_foreverwatto_cobra
  • Reply 16 of 31
    wood1208 said:
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.

    So that’s why Apple accepts billions every year from Google to be the default search engine in iOS?

    Still trying to beat that dead horse? Google doesn’t get personal data from iOS devices. So Apple can allow someone to pick Google for search without giving up your privacy.

    Not sure why this is hard for you to understand, or why you need to keep repeating this.
    Rayz2016apathy_foreverwatto_cobra
  • Reply 17 of 31
    robbyxrobbyx Posts: 417member
    It's important to remember that we don't get to impose our own standards and principles on others. If the Chinese People aren't happy with their government, history shows us that they can and will rise up en masse should things get out of hand there. Most don't really care about having unfettered access to the world. My Chinese friends could care less about "missing Facebook". They have their own equivalents anyway, and feel little restriction on their daily lives. We westerners would find it unbearable, but for them, it's a good kind of normal. Familiar, comfortable, and they enjoy a civil, predictable society... Apple wants to do business in the most populous country in the world. That country happens to be very different from us culturally. I don't think Apple would agree to "snoop ware" being installed from the factory, but they're not going to push back on blocking VPNs and so on. Those are simply not OK in China... What would YOU do? Walk away from a hundred billion in business, or just accept their national policies?
    So what you’re really saying is, values are meaningless in the face of money. This is the same argument Trump makes about the Saudi journalist. We just can’t afford to lose the business.  So when other countries start killing opposition voices, we should just sit back, relax and not care as long as the dollars flow. Same goes for iCloud. Who cares if the Chinese government is completely at odds with Apple’s (supposed) values so long as Apple sells lots of iPhones. No wonder our country is falling apart. We have completely lost the very notion of morals and values. We don’t even pretend to fight for them anymore. On this issue, Cook is a total hypocrite. And when it comes to gay rights in Saudi Arabia (as well as China), he’s something even worse. 
    edited October 2018
  • Reply 18 of 31
    robbyxrobbyx Posts: 417member
    GHammer said:
    wood1208 said:
    Tim Cook deeply believes in customer privacy and Apple supports it everywhere possible, Everyone knows "when in Rome(China?), do as the Romans do". This does not deter Apple's belief in customer privacy which reflects in every products Apple make and sells.
    What a pretty statement. Means absolutely nothing. Especially to those behind the bamboo curtain who desperately need and want to have unfettered access. The Chinese feel the same as you about not having random officials rummaging through their messages, email, and photos. Apple, while very successful in making money hasn't a shred of morality. Simply marketing to whatever group. In the West, they are all about human rights and privacy as defined by them. In the mid east, not so much. In China, they don't mention these things and fold as soon as they are asked. If it makes you feel better about yourself and your choice to give Apple large dollars, cool. But there is no way that "We follow the law" is an excuse for anything. Ask the accused at the Nuremberg trials.
    Nice false equivalency there in your last sentence.

    Here’s a better comparison for you.  Would you suggest a company making climbing rope pull out of the Chinese market because... the Chinese government, having unfairly convicted a dissident might use rope from that company to hang the dissident?  That would be suggesting the rope manufacturer is somehow complicit in the bad acts of the Chinese government.  Same thing here with Apple.  Each company is creating and selling a tool; how it might actually be used is separate from its intended use.  Apple is in no way aiding the Chinese government in spying on its citizens; those actions are the sole providence of the government.  Chinese citizens, unlike victims of the holocust, are free to not be subject to the method of spying you feel Apple is complicit in enabling; they can simply chose not to buy an iPhone.  
    Apple is most definitely assisting the Chinese government. Try getting a straight answer from Apple legal (I’ve tried) on how iCloud encryption works in the US. They will not go on record that it is a zero knowledge system. Neither is Dropbox for that matter. At least Dropbox owns up to the fact that some of their employees can view your data. Apple will just send you a confusing non-answer when asked the question. So I don’t believe for a minute that Apple is protecting Chinese iCloud accounts from the Chinese government. 

    There is no false equivalency. Apple uses “we follow the law” as an excuse to ignore their own supposed values. When it comes to your rope manufacturer, if the CEO is out there lambasting the Chinese government for hanging dissidents yet makes deals with the government so that his/her rope can continue to be sold, then yes, that CEO is complicit, or a hypocrite at the very least. If he simply doesn’t care and doesn’t talk about it, there’s no issue. See how that works?
    edited October 2018 muthuk_vanalingam
  • Reply 19 of 31
    foljsfoljs Posts: 308member
    We westerners would find it unbearable, 
    I'd question that too. Given enough economic and infrastructure progress (the kind of which China has been seeing for the last decades), and with more stability and less crime, most westerners wouldn't care that much about such thingsrobbyx said:
    It's important to remember that we don't get to impose our own standards and principles on others. If the Chinese People aren't happy with their government, history shows us that they can and will rise up en masse should things get out of hand there. Most don't really care about having unfettered access to the world. My Chinese friends could care less about "missing Facebook". They have their own equivalents anyway, and feel little restriction on their daily lives. We westerners would find it unbearable, but for them, it's a good kind of normal. Familiar, comfortable, and they enjoy a civil, predictable society... Apple wants to do business in the most populous country in the world. That country happens to be very different from us culturally. I don't think Apple would agree to "snoop ware" being installed from the factory, but they're not going to push back on blocking VPNs and so on. Those are simply not OK in China... What would YOU do? Walk away from a hundred billion in business, or just accept their national policies?
    So what you’re really saying is, values are meaningless in the face of money. This is the same argument Trump makes about the Saudi journalist. We just can’t afford to lose the business.  So when other countries start killing opposition voices, we should just sit back, relax and not care as long as the dollars flow. Same goes for iCloud. Who cares if the Chinese government is completely at odds with Apple’s (supposed) values so long as Apple sells lots of iPhones. No wonder our country is falling apart. We have completely lost the very notion of morals and values. We don’t even pretend to fight for them anymore. On this issue, Cook is a total hypocrite. And when it comes to gay rights in Saudi Arabia (as well as China), he’s something even worse. 

    robbyx said:
    It's important to remember that we don't get to impose our own standards and principles on others. If the Chinese People aren't happy with their government, history shows us that they can and will rise up en masse should things get out of hand there. Most don't really care about having unfettered access to the world. My Chinese friends could care less about "missing Facebook". They have their own equivalents anyway, and feel little restriction on their daily lives. We westerners would find it unbearable, but for them, it's a good kind of normal. Familiar, comfortable, and they enjoy a civil, predictable society... Apple wants to do business in the most populous country in the world. That country happens to be very different from us culturally. I don't think Apple would agree to "snoop ware" being installed from the factory, but they're not going to push back on blocking VPNs and so on. Those are simply not OK in China... What would YOU do? Walk away from a hundred billion in business, or just accept their national policies?
    So what you’re really saying is, values are meaningless in the face of money.
    No, what he says is that YOUR values are not necessarily THEIR (the Chinese) values, and sovereignty is also a value.

    jmurgenradarthekatwatto_cobra
  • Reply 20 of 31
    ...so why does it always feel with every 'upgrade' that more Apple data defaults lead to iCloud...?

    Should we have the right to be forgotten ? Can that ever actually happen by choice ? Or harmfully if not by choice ie. lost or stolen identity ?  In my view Apple has been boiling the frog since the introduction of mac.com and the app store that maintains now not only which apps are downloaded yet even which iOS or mac are using such after iTunes 12.6...

    Why does Find My iPhone need to be on vs being turned on when needed, as well as the data wipe feature...?

    In an informal count roughly 75% of trade show sales leads surveyed used a 'free' email service - can we be surprised when AI allows any IP or advice provided via such to suddenly be competing with former content or service providers...?

    Is the best way to maintain privacy to simply cut the cord ?  https://www.bbc.com/news/world-europe-23282308
Sign In or Register to comment.