Apple should enforce the App Store privacy promise

A Financial Times report seems to argue that Apple has allowed app developers to collect customer data from iPhone users without their permission. This isn’t a new story, but shows that those of us who have denied App Tracking permission may still be tracked, thanks to a loophole.

When privacy…isn’t

Apple’s decision to introduce App Tracking Privacy controls generated lots of controversy and considerable pushback from Facebook. The latter even complained it would make life hard for small businesses. Apple took a little time, but introduced it all the same.

How the feature is meant to work is that when an app requests permission to track your activity across other companies’ apps and websites, you get to give permission. Most people say no, which means those entities that want to track you and what you do should find it much harder to do so.

The theory is that this denies companies that make their money collecting, curating,  and selling your information the right to track what you do online. But it seems some developers have found what might be a loophole in the system – one that the Financial Times report suggests Apple is permitting developers to exploit.

What’s the loophole being used?

The report claims Facebook and Snapchat are exploiting a loophole in Apple’s guidelines in a way I feel undermines the spirit, if not the rules, around tracking.

The Apple Developer guidelines specific to fingerprinting and other technologies designed to identify a device or user say:

“Per the Apple Developer Program License Agreement, you may not derive data from a device for the purpose of uniquely identifying it. Examples of user or device data include, but are not limited to: properties of a user’s web browser and its configuration, the user’s device and its configuration, the user’s location, or the user’s network connection. Apps that are found to be engaging in this practice, or that reference SDKs (including but not limited to Ad Networks, Attribution services and Analytics) that are, may be rejected from the App Store.”

The loophole is that services such as Snap and Facebook have changed the way they gather data to create anonymized groups of users, rather than to identify individuals.

How this works, apparently, is that they still collect your information, but do not share “unique and identifiable” data. Instead, they gather what they call “signals” from an iPhone at a group level, which enables them to target cohorts of users. Personal data is anonymized and unique identitifiers are not collected, apparently.

Facebook’s Sheryl Sandberg says the company is also working to rebuild its ad infrastructure “using more aggregate or anonymized data.”

What this means in practice is that someone who regularly shops at Target online may be included (albeit anonymously) as part of a cohort of those who do so, but you shouldn’t have “Target shopper” beside your name on file.

One rule to ring them all

Though it doesn’t work like that.

This MIT Technology Review report gives you a fairly terrifying insight into how even anonymized data can be exploited to build substantial quantities of information about you.

We know through bitter experience that surveillance capitalists will attempt to turn any amount of information into actionable data they can then sell to others. Those who purchase that data often then use AI and their existing data stacks to develop stacks of information about you. Which means that Target shopper will then receive ads personalized to them, even thought they’ve asked not to be tracked.

Though no one — technically — broke the rules.

I think this is a lull in an ongoing war. Apple always says it believes the best way to protect people’s data is not to gather it in the first place. It has made privacy a pillar to its product offering. We know the battle for privacy — like security — is an eternal one. Each time Apple improves it, others will seek to undermine it, as seems to be happening here.

What’s missing is regulation.

Smash their system

I think the loophole used here contravenes the spirit and expectation of Apple’s rule, that this data “may not be combined with other data to track a user across apps and websites owned by other companies unless you have been granted permission to track by the user.”

While Apple’s App Tracking controls do represent some privacy improvement for users, I do not believe an ordinary person in the street would understand the differences in nuance — they wouldn’t easily be able to figure out why this loophole seems to be permitted.

With this in mind, Apple should intensify its privacy protections. I think it likely we will see it move to warn developers of future enforcement against such bending of its rules, probably at WWDC.

Apple’s prohibition cites its Developer Program License Agreement.

This strongly suggests it reserves the right to punish developers who go against the spirit of that deal. There should be consequences for companies that choose to undermine end user protection.

Should Apple unfriend … Facebook?

It wouldn’t be the first time Apple threatened to kick Facebook out. It last did so after it was found that domestic slaves were being sold on Facebook’s Instagram service.

So, will Apple boot Facebook from its servers for seemingly undermining the spirit of its developer agreement?

Not if the Financial Times is to be believed — the report suggests Apple is turning a blind eye to this practice. It does also say that while Apple hasn’t responded to questions, it has said privacy “remains its North Star.”

My feeling? It may be time for Apple to make a symbolic example to illustrate just how serious it is about privacy. That means punishing those who transgress the spirit of its developer agreement. It’s time to police the privacy promise of apps distributed via the App Store.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.