iOS privacy concerns were raised last week when security researchers appeared to demonstrate that iPhones send the same analytics data to Apple whether you grant or decline permission.
The same researchers have now demonstrated that Apple can – despite assurances to the contrary – link this data back to individual users, as the same ID is used as that for iCloud accounts …
Background
When you first set up a new Apple device, you are asked whether or not you would like to share analytics data with Apple.
Help Apple improve its products and services by automatically sending daily diagnostic and usage data. Data may include location information.
You can agree to this or decline, but Tommy Mysk discovered that exactly the same analytics data appears to be sent to Apple whether or not you consent.
The App Store app was sending real-time data on your app searches, the ads you’d seen, how you found the apps you viewed, and even how long you spent looking at an app’s page. Gizmodo points out that even this data can be sensitive – for example, searching for apps related to LGBTQIA+ issues, or abortion.
The site suggested that Mysk check out other stock Apple apps, and this revealed that the same was true of Apple Music, Apple TV, Books, and Stocks. For example, the Stocks app shared with Apple your watched stocks, as well as the names of other stocks you searched for or viewed – together with the news articles you read in the app.
A class action lawsuit has now been filed over this.
Apple promises analytics data is anonymous
Even if you agree to Apple collecting analytics data from your devices, the company promises that all data is anonymous.
None of the collected information identifies you personally. Personal data is either not logged at all, is subject to privacy preserving techniques such as differential privacy, or is removed from any reports before they’re sent to Apple.
The company goes on to indicate that it may use your Apple ID to correlate analytics data from all of the devices on which you granted consent, but again says that you cannot be identified.
If you agree to send Analytics information to Apple from multiple devices that use the same iCloud account, we may correlate some usage data about Apple apps across those devices by syncing using end-to-end encryption. We do this in a manner that does not identify you to Apple.
You can see these assurances on your iPhone:
- Open the Settings app
- Select Privacy & Security
- Scroll all the way down to tap Analytics & Improvements
- Tap About Analytics & Privacy in the opening paragraph
iOS privacy concerns deepen
However, Mysk appears to demonstrate that this assurance of anonymity is false, by capturing the data sent to Apple, and comparing it to that used to identify an iCloud user by their Apple ID.
Apple’s analytics data include an ID called “dsId”. We were able to verify that “dsId” is the “Directory Services Identifier”, an ID that uniquely identifies an iCloud account. Meaning, Apple’s analytics can personally identify you […]
The analytics data that the App Store sends to Apple always contain an ID called “dsId”. We weren’t sure if this was the same as the DSID, the ID that uniquely identifies an iCloud account. We confirm that they’re the same ID.
You can see this in the video below.
We’ve reached out to Apple and will update with any response.
9to5Mac’s Take
Top comment by Blorft
Anyone remember when Apple was caught sharing Siri recordings with contractors? And then they released an iOS update that allowed users to opt-out of sharing those recordings...only to have to release another update because it was discovered that iOS was still sharing those recordings even if users had explicitly opted out?
And over the last two weeks we've learned that Apple is collecting analytics data across multiple first-party iOS apps, including violating their own rules on the use of session-recording for analytics purposes, even when users opt out of that kind of data collection and sharing.
Now it appears that Apple is including identifiers that can easily tie "anonymous" analytics data to a specific iCloud account?
I generally agree with Hanlon's Razor, but there is a point where we have to acknowledge that repeated, uncorrected "incompetence" occurring again and again and again with no apparent repercussions or solution is is form of malice. Making a mistake is ok...but allowing that "mistake" to be repeated again and again and not fixing it is malicious.
As the old saying has it, “Never ascribe to malice that which can be adequately explained by incompetence.” I’m pretty confident that Hanlon’s Razor applies here, and that the reason Apple’s assurances appear to be false is down to error rather than a deliberate intent to deceive. The company simply has too much to lose and too little to gain by any nefarious behavior of this kind.
However, as incompetence goes, this does seem pretty high up the scale. Privacy has become a huge part of Apple’s marketing message, so to fail to protect privacy in not one but two major ways is a very big deal.
Apple needs to fix this, and fix it fast.
Photo: Guillaume Bourdages/Unsplash
FTC: We use income earning auto affiliate links. More.
Comments