> And because it has positioned itself as the single most prominent privacy-conscious champion in big tech through repeated actions over the course of many years.
I just want to highlight this because Hacker News can be incredibly dismissive about this.
Apple’s focus on privacy is a competitive advantage. Consumers value it, and Apple’s competitors have business models that undermine it.
Even if you think Tim Cook is the literal devil and Apple will do absolutely anything for a buck, Apple’s focus on privacy is still relevant.
Privacy is valuable to Apple. It’s a wedge they can use against their competitors. Google doesn’t make their fortune selling hardware, they make it selling ads. Privacy is something that gets in the way of Google’s profits.
Because Apple are in this position, it’s profitable to them to champion privacy. It’s something they can do that’s valuable to customers that their competitors are at a disadvantage with.
You don’t have to be a fan of Apple, and you don’t have to trust Apple. All you have to do is believe they want to make money. Being pro-privacy is profitable to Apple, and so they act accordingly.
I disagree with you. I think the majority of Apple's promises are purely marketing. And this is a moment where the mask has slipped. Your account does not allow for the case where Apple can successfully convince their users that they are privacy-oriented while simultaneously not being privacy oriented.
A great example of this is that they say that iMessage is end-to-end encrypted, and then the second you have an iCloud backup that's completely broken. An actual privacy-centric product, this would be a major problem. Consider Signal.
Apple is also the company that tried to introduce client-side content scanning of user photos.
There is no giant moat between Apple and privacy violation. They'll do it whenever they feel like it, and Apple customers are very forgiving.
> they say that iMessage is end-to-end encrypted, and then the second you have an iCloud backup that's completely broken.
It’s not completely broken. For average users, erring on the side of being able to restore from backup is the best choice. For people who need more security, that’s what Advanced Data Protection is for. You have the choice of which option suits you best; I think the default is appropriate for typical users.
> Apple is also the company that tried to introduce client-side content scanning of user photos.
What happened was they put a huge amount of effort into building a system that goes as far as it possibly can to implement CSAM detection that could work on E2E encrypted photo libraries while maintaining as much privacy as possible.
The design of the feature demonstrates they put a lot of effort into privacy – competitors just scan everything that’s uploaded to them, while Apple went above and beyond to do something a lot more difficult. The entire point of it was to detect without Apple having to have access to your photo library. There’s no point to design a system like that if they weren’t prioritising privacy – they could just scan on the server like everybody else if privacy isn’t a priority.
And what happened – everybody freaked out anyway, so they cancelled the feature. It’s an example that supports my point. Apple respond to incentives.
Personally, I wish they hadn’t cancelled the feature. Virtually everybody complaining about it didn’t understand how it worked and thought it worked in a completely different way.
I sense that you're arguing in good faith, but your first argument is very strange.
The purpose of end-to-end encryption is that the messages cannot be read even by Apple. This is a feature that they advertise in their webpage about iMessage security.
All I'm saying is that a bunch of people believe that iMessage supports end-to-end encryption and at the same time know that their messages are encrypted by a key that Apple holds and can decrypt them with via iCloud backup.
That's quite literally marketing a privacy-centric product and having the reality (for the vast majority of users using the defaults) be substantially different than what was promised.
To put it even more starkly, Apple advertises that they can't read your messages, and yet they can.
- iMessage supporting E2E encryption is a good thing.
- The right choice for the average user is to prefer recoverable backups.
- Recoverable backups undermine E2E encryption.
- Apple provides Advanced Data Protection which disables a bunch of things like recoverable iCloud backups in favour of more secure measures.
Apple deciding that ADP is not appropriate for the average user does not mean that “their promises are purely marketing”. They implemented it. It’s real. You can switch ADP on at any time. It’s just not the default, for good reason.
The incident we are discussing absolutely disproves this! Apple is happy to jeopardize privacy and the very idea of it, for a quick buck blasting an ad to all its users. They don't care one way or the other.
But the truth is, nobody really cares about privacy, least of all, users. Nobody ever bought an iPhone because of "privacy"; people buy iPhones because they work, and because they seem cool. Everyone's happy to hand over data to any service.
The reason why even the most die-hard Apple fans are up in arms about this is because it’s such a break from Apple’s normal standards. It’s the exception that proves the rule. This harms Apple more than it benefits them.
I agree with this point as well. I had the privilege of talking to a telemetry ingestion engineer at Apple, and I learned quite a bit about the amount of data they collect on their users. It's absolutely staggering.
This is a complete misunderstanding of what I was saying. I wasn’t arguing that Apple “really cares” about privacy; quite the opposite – I was arguing that it doesn’t matter if Apple “really cares”, what matters is that they are financially and strategically incentivised to be pro-privacy.
Linux is not Apple’s competitor. Apple only have to be better at privacy than their competitors.
Obviously that incentive difference doesn't work. Otherwise Apple would be happy with being paid, while not making users the product. Cable TV is another example of this non-working incentive difference. It just takes longer, because the paying users need to be slowly dragged along into advertisement hell.
I just want to highlight this because Hacker News can be incredibly dismissive about this.
Apple’s focus on privacy is a competitive advantage. Consumers value it, and Apple’s competitors have business models that undermine it.
Even if you think Tim Cook is the literal devil and Apple will do absolutely anything for a buck, Apple’s focus on privacy is still relevant.
Privacy is valuable to Apple. It’s a wedge they can use against their competitors. Google doesn’t make their fortune selling hardware, they make it selling ads. Privacy is something that gets in the way of Google’s profits.
Because Apple are in this position, it’s profitable to them to champion privacy. It’s something they can do that’s valuable to customers that their competitors are at a disadvantage with.
You don’t have to be a fan of Apple, and you don’t have to trust Apple. All you have to do is believe they want to make money. Being pro-privacy is profitable to Apple, and so they act accordingly.