Apple's 'differential privacy' still collects too much specific data, study says

Posted:
in iPhone
Apple's use of "differential privacy" -- a method that inserts random noise into data as it's collected en masse -- doesn't go far enough to protect personal information, a study suggested this week.




Apple's "privacy loss parameters" still allow too much specific data to slip through, according to the study (PDF link), highlighted by Wired and published by five researchers from the University of Southern California, Indiana University, and Tsinghua University. While both macOS and iOS 10 are said to have issues, the latter platform is believed to be the more problematic one.

Another concern is that Apple keeps its loss parameter -- also known as its epsilon -- secret, which means that the company could be changing it on the fly without any outside scrutiny.

"Apple's privacy loss parameters exceed the levels typically considered acceptable by the differential privacy research community," said USC professor Aleksandra Korolova.

macOS is said to have an epsilon of 6, while iOS 10 sits at 14. By comparison, Google claims the differential privacy system in Chrome has an epsilon of 2 in most cases, and a lifetime ceiling of 8 to 9. Google also open-sources related code, making it possible to doublecheck.

In response to the study, Apple said it disagrees with many points, such as to what degree it can correlate data with a particular person. The company insisted that it varies noise based on the type of data, and that the researchers simply combined epsilons for all types on the assumption it could be pieced together.

It also pointed to policies like time limits on data storage, the rejection of IP addresses, and the decision to make collection opt-in -- referring to installation and setup screens where people can choose whether or not to share usage and diagnostics information.

The study found that the iOS 11 beta had an epsilon of 43, but that's likely because of normal testing designed to weed out bugs before the software's Sept. 19 launch.
«1

Comments

  • Reply 1 of 31
    Apple has been criticized for not collecting enough personal data, and for collecting too much. About the only way to escape all the criticism is call themselves Facebook.
    StrangeDayslongpathescancornchipSolimagman1979SpamSandwichmacxpressAnilu_777lolliver
  • Reply 2 of 31
    lkrupplkrupp Posts: 10,557member
    Meanwhile they give Google a gold star? WTF?
    anantksundaramStrangeDayscornchipescancgWerksmagman1979starwarsrob53lolliverfreediverx
  • Reply 3 of 31
    Apple's "privacy loss parameters" still allow too much specific data to slip through, according to the study.

    Another concern is that Apple keeps its loss parameter secret.

    I’m curious how the study was able to reach its conclusion if the parameters are secret.

    netroxescanmagman1979Anilu_777lolliver[Deleted User]
  • Reply 4 of 31
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?

    They don't give that to the entirety of Google - only to RAPPOR, a tiny subset of their data gathering.

    Though many people like to throw around Google and differential privacy together to infer Google uses it in all their products/services.
    StrangeDayslongpathcornchipmonstrosityjony0racerhomie
  • Reply 5 of 31
    It's obvious. Apple has secret parameters to ID you positively!!!
    it needs multiple parameters about you to "fuse"' your data... to be definitive about what you are up to.
    will it use for its services business offerings!
     Of course, it will and still claim privacy!!
    it will push services based on you and your hbbots and friends circle..
    Apple software will never know how to protect from cyber security hacks..

    watch out!!!

    Apple will know all about its users ...all my contacts, my calendar, Face ID, Fingerprint ID and all credit cards details
  • Reply 6 of 31
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?
    Both Google and Amazon are praised to high heaven for constantly collecting data from consumers but Apple is being cursed for it. Go figure. It's those glaring double standards that Apple always seems to lose at.
    longpathescancornchipericthehalfbeeAnilu_777lolliver
  • Reply 7 of 31
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?
    A bunch of idiots, surely.

    How can anyone take them seriously?!
    longpathericthehalfbeestarwarsSpamSandwichlolliverracerhomie
  • Reply 8 of 31
    gatorguygatorguy Posts: 24,176member
    creek0512 said:
    Apple's "privacy loss parameters" still allow too much specific data to slip through, according to the study.

    Another concern is that Apple keeps its loss parameter secret.

    I’m curious how the study was able to reach its conclusion if the parameters are secret.

    The link to the report is in the AI article. It's very detailed.  
  • Reply 9 of 31
    gatorguygatorguy Posts: 24,176member
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?

    They don't give that to the entirety of Google - only to RAPPOR, a tiny subset of their data gathering.

    Though many people like to throw around Google and differential privacy together to infer Google uses it in all their products/services.
    Evidently, considering your tone, you are not aware Apple's use of differential privacy is also fairly limited at the moment: Only new words, emojis, deeplinks, and lookup hints in Notes up until earlier this year. Very recently some iCloud data testing was added.

    You are making the same mistake of throwing differential privacy and Apple together as tho they are using it in all their products and services. They are not. DF is still an immature project at both companies, and both will eventually make more extensive use of it. Learning to walk before they run. 
    edited September 2017 jony0
  • Reply 10 of 31
    gatorguy said:
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?

    They don't give that to the entirety of Google - only to RAPPOR, a tiny subset of their data gathering.

    Though many people like to throw around Google and differential privacy together to infer Google uses it in all their products/services.
    Evidently, considering your tone, you are not aware Apple's use of differential privacy is also fairly limited at the moment: Only new words, emojis, deeplinks, and lookup hints in Notes up until earlier this year. Very recently some iCloud data testing was added.

    You are making the same mistake of throwing differential privacy and Apple together as tho they are using it in all their products and services. They are not. DF is still an immature project at both companies, and both will eventually make more extensive use of it. Learning to walk before they run. 

    It's irrelevant where they are today, but where they are going.

    Google makes its revenue off data collection which it then uses for its advertising business. It's not in their best interests to incorporate technology that would otherwise interfere with or limit their ability to target ads.

    In the other thread there was a discussion about Google writing code to exploit a flaw in Safari to circumvent do not track. Is this the kind of company that has the privacy and interests of its users as its primary concern? Hardly. What it shows me is a company that's not to be trusted as they will always make decisions that benefit their primary revenue source (advertising).

    Differential privacy and targeted advertising do not mix well.
    magman1979SpamSandwichAnilu_777lollivermonstrosityjony0racerhomie
  • Reply 11 of 31
    gatorguygatorguy Posts: 24,176member
    gatorguy said:
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?

    They don't give that to the entirety of Google - only to RAPPOR, a tiny subset of their data gathering.

    Though many people like to throw around Google and differential privacy together to infer Google uses it in all their products/services.
    Evidently, considering your tone, you are not aware Apple's use of differential privacy is also fairly limited at the moment: Only new words, emojis, deeplinks, and lookup hints in Notes up until earlier this year. Very recently some iCloud data testing was added.

    You are making the same mistake of throwing differential privacy and Apple together as tho they are using it in all their products and services. They are not. DF is still an immature project at both companies, and both will eventually make more extensive use of it. Learning to walk before they run. 

    It's irrelevant where they are today, but where they are going.

    Google makes its revenue off data collection which it then uses for its advertising business. It's not in their best interests to incorporate technology that would otherwise interfere with or limit their ability to target ads.

    In the other thread there was a discussion about Google writing code to exploit a flaw in Safari to circumvent do not track. Is this the kind of company that has the privacy and interests of its users as its primary concern? Hardly. What it shows me is a company that's not to be trusted as they will always make decisions that benefit their primary revenue source (advertising).

    Differential privacy and targeted advertising do not mix well.
    None of that has anything to do with limited DF at both companies and this specific report, counter to what you were inferring.

    At the moment the reports authors indicate Apple's version has some issues with it's effectiveness. I know you don't like it but Google does appear to be handling differential privacy better at least for now, and unlike Apple it's methods and results are independently verifiable.  In the the bigger scheme of things neither company is making widespread use of it (yet) so these are simply the initial baby steps. Neither of us know where it will go. 

    By the way here's a paper on differential privacy and advertising if you have any interest in it. They don't necessarily have to be oil and water. 
    edited September 2017
  • Reply 12 of 31
    cgWerkscgWerks Posts: 2,952member
    gatorguy said:
    ... I know you don't like it but Google does appear to be handling differential privacy better at least for now, and unlike Apple it's methods and results are independently verifiable.  In the the bigger scheme of things neither company is making widespread use of it (yet) so these are simply the initial baby steps. Neither of us know where it will go.
    I think the problem is that Google (aside from the efforts you speak of) likely has the most comprehensive profile of user-data in existence (outside the government... which can aggregate from multiple sources Google may not be able to). I doubt that no matter the trajectory in this regard, they aren't going to ever give that up.
    Anilu_777lolliver
  • Reply 13 of 31
    Rayz2016Rayz2016 Posts: 6,957member
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?
    Whoa! Hold on there. 

    The article says Google claims that Chrome has an epsilon of 2 in most cases. 

    It seems to me that the researchers didn't actually look at Google, but the article dropped Google in at random to get a bit of chilli heat going on in the comments. 

    The other point is that the comparison is invalid. The article compares Apple's operating systems (iOS and MacOS) with Google's browser (Chrome).  What are the figures like for Android? To be honest, I would expect an operating system to store A LOT of personal information and transmit it to iCloud. That's kinda the point. I know that MacOS has my personal information;I typed it in myself! The privacy issue is transmitting this personal information to third parties in a way that is fairly opaque to users. 

    You may not like what the researchers are saying, but I am pleased to see Apple engaging with them and arguing their points. Two years ago, Apple would have simply ignored them. This is what research and development is all about. It's all good. 


    edited September 2017 cgWerkslolliver
  • Reply 14 of 31
    gatorguygatorguy Posts: 24,176member
    Rayz2016 said:
    lkrupp said:
    Meanwhile they give Google a gold star? WTF?
    Whoa! Hold on there. 

    The article says Google claims that Chrome has an epsilon of 2 in most cases. 

    If you reference the report itself you would read that Google's RAPPOR is open-sourced and results are easily verifiable making it all but impossible for Google to lie about it. And that's whatt you would want from any implementation of it: Trust but verify.  

    The AI article is a soft-shoe version of the report, but if you read the Wired article it references it might be clearer why it would be to Apple's benefit to be more open about how they've designed and implemented DP and perhaps make some changes to their coding based on it's examination. 
    https://www.wired.com/story/apple-differential-privacy-shortcomings

    But no one involved is saying Apple is doing anything underhanded nor devious. They're simply using differential privacy in a flawed manner and the end results aren't as effective as they should be. It can be fixed. Apple needs to be more open about it and TBH there's zero reason for "secrecy" around it as far as I read it so there's no reason not to.  At least Apple and Google have tried to put it to use so kudos to them. Their big tech brethren, Facebook, Amazon, even Microsoft who came up with it originally, haven't made the effort. 
    edited September 2017 SpamSandwich
  • Reply 15 of 31
    gatorguygatorguy Posts: 24,176member
    cgWerks said:
    gatorguy said:
    ... I know you don't like it but Google does appear to be handling differential privacy better at least for now, and unlike Apple it's methods and results are independently verifiable.  In the the bigger scheme of things neither company is making widespread use of it (yet) so these are simply the initial baby steps. Neither of us know where it will go.
    I think the problem is that Google (aside from the efforts you speak of) likely has the most comprehensive profile of user-data in existence .
    Experion...

  • Reply 16 of 31
    slurpyslurpy Posts: 5,382member
    MaxxHoo said:
    It's obvious. Apple has secret parameters to ID you positively!!!
    it needs multiple parameters about you to "fuse"' your data... to be definitive about what you are up to.
    will it use for its services business offerings!
     Of course, it will and still claim privacy!!
    it will push services based on you and your hbbots and friends circle..
    Apple software will never know how to protect from cyber security hacks..

    watch out!!!

    Apple will know all about its users ...all my contacts, my calendar, Face ID, Fingerprint ID and all credit cards details
    What the fuck is this post?
    magman1979lolliver
  • Reply 17 of 31
    gatorguygatorguy Posts: 24,176member
    slurpy said:
    MaxxHoo said:
    It's obvious. Apple has secret parameters to ID you positively!!!
    it needs multiple parameters about you to "fuse"' your data... to be definitive about what you are up to.
    will it use for its services business offerings!
     Of course, it will and still claim privacy!!
    it will push services based on you and your hbbots and friends circle..
    Apple software will never know how to protect from cyber security hacks..

    watch out!!!

    Apple will know all about its users ...all my contacts, my calendar, Face ID, Fingerprint ID and all credit cards details
    What the fuck is this post?
    I would imagine it may might disappear once one of the mods runs across it. That one is truly a troll-post, I wouldn't quote it so that it lives on after the OP is dismissed.  
  • Reply 18 of 31
    ksecksec Posts: 1,569member
    It isn't about collecting the data that i am worried about. I mean FFS the recent Credit Union in US ( Cant remember its name ) has all those information that many in the Finiance industry uses, where it was required by law, and they were leaked!

    There are 16 trillions ways to collect data. And I dont think i cant say no and stop everyone of it. But it is how it is used, and stored that is the most important.

    And on a scale of 10, I put Apple at 10, Google and Facebook somewhere in 3 - 4. Because Apple dont need my Data to make money, i paid a very decent money for iPhone,( not so decent value of money on Mac ).

  • Reply 19 of 31
    cgWerkscgWerks Posts: 2,952member
    Rayz2016 said:
    I would expect an operating system to store A LOT of personal information and transmit it to iCloud.
    Bingo! Comparing an operating system to a browser is a problem. My gosh, the instant your device connects to WiFi (even before you could enable a VPN), it has connected to dozens of services to check this and that and update whatever... sharing all kinds of info and at minimum your IP. And, that's before you even launch your browser or use any of your apps. Anyone would could put this data together can identify you if they want (like 3-letter organizations who shall remain unnamed, Google, etc.).

    gatorguy said:
    Experion...
    Wow, yea, that's a whole other thing. I wonder, though, if Google would now have more info.
  • Reply 20 of 31
    gatorguygatorguy Posts: 24,176member
    cgWerks said:
    Rayz2016 said:
    I would expect an operating system to store A LOT of personal information

    gatorguy said:
    Experion...
    Wow, yea, that's a whole other thing. I wonder, though, if Google would now have more info.
    There would be no way or reason for Google to have the type of information that Experian does. They won't know all your credit cards they won't know your banking information they won't have all your medical data they won't know who your insurers are they won't know what claims you filed.  

    For what it's worth Apple would be more likely to know your financial history than Google would. Doesn't Apple require a credit card on file for Apple services and pull credit reports for certain purchases? Maybe not. 
Sign In or Register to comment.