Apple's 'Do Not Track' Button Is Privacy Theater:
Earlier this year Apple received ample coverage about how the company was making privacy easier for its customers by introducing a new, simple, tracking opt-out button for users as part of an iOS 14.5 update. Early press reports heavily hyped the concept, which purportedly gave consumers control of which apps were able to collect and monetize user data or track user behavior across the internet. Advertisers (most notably Facebook) cried like a disappointed toddler at Christmas, given the obvious fact that giving users more control over data collection and monetization, means less money for them.
By September researchers had begun to notice that Apple's opt-out system was somewhat performative anyway. The underlying system only really blocked app makers from accessing one bit of data: your phone's ID for Advertisers, or IDFA. There were numerous ways for app makers to track users anyway, so they quickly got to work doing exactly that, collecting information on everything from your IP address and battery charge and volume levels, to remaining device storage, metrics that can be helpful in building personalized profiles of each and every Apple user.
[...] Here's the thing. There's been just an absolute torrent of studies showing how "anonymizing" data is a gibberish term. It only takes a few additional snippets of data to identify "anonymized" users, yet the term is still thrown around by companies as a sort of "get out of jail free" card when it comes to not respecting user privacy. There's an absolute ocean of data floating around the data broker space that comes from apps, OS makers, hardware vendors, and telecoms, and "anonymizing" data doesn't really stop any of them from building detailed profiles on you.
Apple's opt-out button is largely decorative, helping the company brand itself as hyper privacy conscious without actually doing the heavy lifting required of such a shift [...]
In other words, it's B.A.D. (Broken As Designed).
Related Stories
Leaders today must be ready to take a stand on thorny social and political issues. A case study by Nien-hê Hsieh and Henry McGee examines how Apple CEO Tim Cook turned calls for data access into a rallying cry for privacy, and the complexities that followed:
Apple CEO Tim Cook didn't come to his post with an activist agenda, yet when law enforcement officials began pressuring the company to hand over iPhone users' data without their permission, Cook took what he believed was a moral stance to protect consumers' privacy.
[...] "We believe that a company that has values and acts on them can really change the world," Cook said in 2015, a year after Apple debuted new privacy measures that blocked law enforcement from accessing its customers' data. "There is an opportunity to do work that is infused with moral purpose." He said shareholders who were only looking for a return on investment "should get out of the stock."
A Harvard Business School case study and its revision, Apple: Privacy vs. Safety (A) and (B), illustrates the complex ramifications that companies should consider when putting their stake in the ground on challenging societal issues like privacy. The authors of the case offer a suggestion for CEOs: Few corporations can expect to steer clear of the lightning-rod issues of the day, so perhaps it's best to meet them head on as part of the job.
(Score: 2, Informative) by Anonymous Coward on Monday December 13 2021, @05:47AM (3 children)
/drops microphone
(Score: 0) by Anonymous Coward on Monday December 13 2021, @12:04PM
the article seems a bit news at 11. for sure call out apple for its fakery, but just about all websites beg for information and all hardware and many software [at least onlineapps like browsers] is lined with identifying marks. yes even non propriatory shit.
is nature of the beast, either work at the fulltime hobby of anonimity, else accept privacy is growing weaker.
(Score: 1, Touché) by Anonymous Coward on Monday December 13 2021, @03:36PM
(Score: 2) by Thexalon on Monday December 13 2021, @07:24PM
There's more to say, though: Proprietary software is also there to trick you into buying more.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 0, Funny) by Anonymous Coward on Monday December 13 2021, @06:02AM
On Mac, and iPhone, and Apple+, I am known as janrinok+. Just letting you all know, incase anyone steels my identory.
(Score: 3, Insightful) by Anonymous Coward on Monday December 13 2021, @06:21AM (3 children)
you shouldn't just ask to not be tracked, you should actively prevent trackers from doing it.
it's like the idiotic "unsubscribe" link sent in spam. why the hell would I ever click that link, if the e-mail is coming from an unknown source?
just get a browser extension that generates random personal information to feed to these websites.
good luck getting it on an apple machine...
(Score: 5, Insightful) by PiMuNu on Monday December 13 2021, @09:33AM (1 child)
Gmail must have a tonne of users borne on 1st January 2000. Certainly that's my dob on most of these websites.
(Score: 1, Touché) by Anonymous Coward on Monday December 13 2021, @05:56PM
Heh.
Just like online cannabis stores in Canada that require you to enter your DOB before even viewing the site. That data shows 40% of current cannabis users were born in the years 1901 & 1911, and either on January 01 or November 11.
:)
(Score: 2) by helel on Monday December 13 2021, @02:47PM
My understanding is that browser extensions work regardless of what the underlying OS is, so you can run your Chrome or Firefox extensions under macOS just as easily as you do on Windows or Linux.
This would in turn suggest that you're running a browser not available to Mac users. Edge perhaps?
(Score: 0) by Anonymous Coward on Monday December 13 2021, @08:53PM
with the "Pretty Please Do Not Track" button.
(Score: 5, Insightful) by bussdriver on Monday December 13 2021, @09:03PM (1 child)
Do Not Track needs to be a widespread feature with some specific meaning hammered out 1st. THEN you can begin to make it actually WORK once you make it have some teeth... like legislation. The EU privacy law has people going nuts with cookie notifications for permissions-- that can be adapted into this so a DO NOT TRACK setting could automatically indicate declining of tracking.
You've got to start somewhere and then tie together multiple efforts. It's not a design flaw! It's impossible for 1 party to implement privacy; the weakest point leads to failure... and multiple parties are involved. It will take serious government REGULATION. The EU began on this, the USA is dysfunctional and dying.
1st step is legally document the user's intention. Such as a PASSWORD on the device. THEN you pass anti-cracking/hacking law that makes it a CRIME to break into the device (even if the password is 1234) because the user intention and expectation has been clearly indicated (even if it's incompetently practiced.)
(Score: 0) by Anonymous Coward on Tuesday December 14 2021, @09:43PM
1st party can do it though security permissions. An app nor website shouldn't be able to get battery levels unless the user allowed it to. Nor should an app fail to function without that data. And the user should be able to pipe in different battery level stats from a different source.
Remember Zone Alarm? That hugely annoying yet awesome Windows firewall? Absolutely every network connection attempt from anything was flagged by Zone Alarm and you could control what happened. That type of quality software and granularity needs to come back.
Sadly you can't trust any of the main providers. They all abuse their positions to push their own products and views. An Apple example is how they handle Bluetooth. The off button is only a short-term, limited to your current location off button. The real off switch is buried in their badly categorized settings. Plus every software update turns Bluetooth back on so they can scan your surrounding area and update their wireless maps. I've noticed Siri being harder to keep off as well.
Keep in mind most of those cookie notifications are still illegal anyway. The governments don't really care or are too busy or too underfunded to care. Something about how they default to all on, it takes far more clicks to turn things off then to accept everything, and they interfere with how you use the site. There was a Slashdot article about it. It's similar to how Obama Care would have maintained people's current plan prices but insurers decided to drop the plans and make new ones so they could charge more without raising existing prices. Technically rights protectors try but in practice they always fail.