Amidst all the public criticism of top Silicon Valley giants like Facebook and Google, there has been one tech giant that has been ramping up its rhetoric about the need for enhanced consumer privacy – Apple. In doing so, Apple has been promoting itself as a champion of consumer privacy, and a key player in helping to introduce beefed-up legislation at the national level, along the lines of the European Union’s General Data Protection Regulation (GDPR). But just how committed, really, is Apple to the concept of consumer privacy?
Apple’s public stance on consumer privacy
Apple CEO Tim Cook recently published a scathing op-ed piece in TIME magazine, calling for enhanced federal agency regulatory oversight and federal laws to protect tech consumers. As he explained, the time has come for a consumer privacy act that would protect personal data, prevent identity theft and make it less profitable to trade in Big Data.
Cook also called out the whole “shadow economy” of data brokers, which are eagerly selling consumers’ financial information, health information and other personal data to the highest bidder. In the TIME op-ed, Cook wrote, “Consumers shouldn’t have to tolerate another year of companies irresponsibly amassing huge user profiles, data breaches that seem out of control, and the vanishing ability to control our own digital lives.”
Apple, Google and the shadow economy for personal data
And, yet, despite these public swipes at tech competitors, Apple is also a player – albeit an indirect one – in the whole “shadow economy.” After all, Google pays billions of dollars directly to Apple in order to remain the default search engine in mobile Safari. Thus, every time an Apple user carries out a search on their iPhone, Apple is essentially sending that user straight into the waiting arms of Google. According to estimates by tech analysts, Google paid Apple $3 billion in 2017 for the right to be the default search engine, and another $9 billion in 2018. In 2019, that figure could rise to $12 billion.
In Apple’s financial filings, that income is booked discreetly under the broad, catchall category of “Services Revenue.” Of Apple’s $41 billion in “services revenue” in 2018, nearly 25 percent of that amount came from Google. Apple, of course, has stated that it really has no choice in the matter – What are we supposed to do, make it impossible for users to carry out searches on their iPhones? On a global basis, Google controls more than 80 percent of the market for search, so it’s only natural that Apple would partner with Google instead of going with a more consumer privacy-friendly search provider, such as DuckDuckGo (which controls a paltry 0.11 percent of the global search market).
Apple’s Russia links
Outside of the United States, Apple has been even more willing to backtrack on its support of consumer privacy. For example, in Russia, Apple is now going along with a Russian law that took effect in 2015, requiring all Internet service companies doing business in Russia to store their data locally. For now, Apple says this information is the minimum required by the law – just the user’s name and contact details (such as email address and phone number). And, to assuage the fears of consumer privacy advocates, Apple says it is only storing information for two basic purposes: for customer service purposes, and to send occasional updates about new products.
Sounds innocent enough, right? Well, consumer privacy advocates say that Russian authorities could very easily force Apple to turn over all personal information being stored in Russia. In the event of a counter-terrorism case, for example, the Russian regulator Roskomnadzor might be able to force Apple to hand over any encryption keys needed to read sensitive data. Of course, Apple could refuse as a way of protecting consumer privacy – but then it wouldn’t be able to do business in Russia any longer. The data center where Apple is storing its data in Russia is owned by a Russian company (IXcellerate) and not by Apple itself.
Apple’s China links
And don’t forget about China, either. It’s here that Apple has taken on the most criticism from consumer privacy advocates because Apple has willingly gone along with all data collection requests and concessions demanded by the Chinese government. As the result of a new 2017 Cybersecurity law, Apple is now forced to store not just personal information but also all iCloud data (such as photos and contacts) on servers based within Mainland China. In the event of a government crackdown, all Chinese users with iPhones would be at risk of having all their personal information handed over to the authorities. That’s obviously a huge consumer privacy risk, but one that Apple is willing to take, in order to maintain its access to the nearly 800 million Internet users in China.
And, when it comes to supporting Chinese Internet censorship, Apple has been complicit as well. More than 600 Virtual Private Network (VPN) apps that could be used to evade government censors are not available in the App Store for Chinese users – including all Top 100 VPN apps. Moreover, even the official New York Times app has been banned in China, as have any apps that provide news about human rights, freedom of religion, or the situation in Tibet. Notably, online services such as Google Search and Google Earth have also been made inaccessible to Chinese users.
Of course, Apple does not publicly disclose that it is “banning” certain apps. Often, app developers find out that their apps have been banned after seeing Internet traffic from China slow to a crawl. Moreover, Apple tends to frame any of its business moves as being better for the user. For example, when it moved all of its iCloud data to a data storage center in China, Apple said the move would actually improve the speed and reliability of its services. In other words, users should be happy that a government-owned data center now has access to their consumer data because their iPhones would run even faster.
Apple’s balancing act around consumer privacy
As can be seen, Apple has been very selective in how it plays up the consumer privacy theme. As a hardware company, and not a software company, it does not have the same concerns about handling sensitive personal information or customer data as a company like Facebook does. But by partnering with companies like Google, and by agreeing to the demands of regulators in Russia and China, Apple’s executives are telling us what they really think about consumer privacy. Actions, as they say, speak louder than words.