Apple Walking a Dangerous Line With Hidden Tracking Feature in iOS 12
The iOS 12 update available now from Apple has a hidden feature. Buried within the coding, the engineers at Apple have quietly slipped in yet another feature which allows them to spy on their customers. This roll-out was issued from Apple on September 17th, 2018. It’s currently being under-reported by the media and most users are probably unaware of its existence.
Now, according to Apple, each user’s phone calls, text messages, and e-mails will be tracked so that Apple can develop a “trust score” for the device. Yes, you read that correctly, Apple wants to put a trust score on your personal device; the device you paid for and own. The details sound foreboding, plus they reek of more control by Big Tech. If you’ve already upgraded to iOS 12, Apple is adding up the number of calls and texts you make each day, plus the number of e-mails you receive and send on your personal device. They claim to have developed a method to compute a device trust score by adding up those communication occurrences. This “trust score” will somehow be utilized when you make future on-line purchases with said device. The company claims that no one at Apple will be able to access these scores, including the owner of the device. Apple has also stated that the scores will be stored on Apple servers for a non-disclosed length of time.
Trust Us...Not!
Apple was quick to state that they won’t be reading any of the messages or listening-in on any of the calls, only extracting summary data. As expected, they are also claiming that the information will never be shared with anyone else. Furthermore, this information will never be used for marketing or advertising purposes. With so many questionable practices being observed throughout social media and big technology, many people are already skeptical of the claims, after the first few days. Also, the fact that this was forced on all users, meaning that there is no opt-out clause,brings up the question of privacy rights of the individual. The new provisions can be found in the iTunes Store and Privacy Window of iOS and tvOS devices. The following quote is pulled from that provision.
“To help identify and prevent fraud, information about how you use your device, including the approximate number of phone calls or email’s you send and receive, will be used to compute a device trust score when you attempt a purchase. The submissions are designed so Apple cannot learn the real values on your device. The scores are stored for a fixed time on our servers.”
The addition to the latest iOS update is part of a program Apple claims to be based in a larger fraud prevention program. But what it appears like to the users is a variation of what is happening on other platforms. It seems that Apple is trying to follow Facebook and rate their customer’s trustworthiness for reasons which seem unnecessary and subjective to an unseen rating system. They are doing this without any real justification or proof that their efforts will do anything to prevent fraud. Additionally, Apple claims that the score will help to stop Spam to the App Store, curb the propagation of false reviews and false purchases. One on-line user has already pointed out an obvious flaw to the Apple statement; Apple TV’s don’t make phone calls or send texts, yet they are lumped in the data-collection scheme.
Summary
This is the same company which refused to cooperate with the FBI in unlocking the phones of the San Bernardino couple that murdered 14 and injured 22 in a terrorist attack. The management at Apple has been unwilling to share anything but now they suddenly want to start data-basing a metric which seems to have no bearing on trustworthiness. A spokesperson from Apple claimed it would help them determine if content is being purchased by the actual named purchaser. Some believe this is directly related to the Singapore incident earlier this year in which customers were charged thousands of dollars from iTunes when scammers accessed their information. To date, there are still questions on how this happened and who should bear the financial responsibility.
For now, it seems that once-again, Big Tech has struck another damaging blow to privacy rights. There is no way to find out what your score is and how the trust system they’ve built even works. In this writer’s opinion, unless Apple does something soon to show good faith and transparency, it’s likely that Congress will take the matter to public hearings and demand answers. For now, I’m holding off on my updates; are you?
© 2018 Ralph Schwartz
Comments
“no one at Apple will be able to access these scores, including the owner of the device. Apple has also stated that the scores will be stored on Apple servers for a non-disclosed length of time.”
So no human being will be able to access the scores that are stored on an Apple server for who knows how long? Who is running Apple, the computers? Have their computers taken over the company and the humans don’t have access to servers anymore or know what the servers are doing?
- AUTHOR
Thanks for sharing your opinion on the topic.
I didn’t install iOS 12 yet, but I see it’s available on both my iPad and iPhone. Every time they update iOS they break something else. It takes several updates before broken features are fixed again. So I go slow with updates.
Nevertheless, Ralph, if all they’re doing is keeping a counter of usage for emails, calls, and texts, then I guess this is not too invasive on privacy.
I think your interpretation is a little misleading. For one thing, this is not under reported. New York Post, Venture Beat, BGR, The Motley Fool, The Telegraph, The Independent, Business Insider and many more all have reported on this. A quick Google search will show this.
For another, I can't see how this is a "damaging blow to privacy rights" when the quote you pulled from the TOC says Apple cannot learn the real values of the data and that it is only stored temporarily. Perhaps a better explanation comes from the quote Venture Beat got from an Apple spokesperson.
"Apple says that the only data it receives is the numeric score, which is computed on-device using the company’s standard privacy abstracting techniques, and retained only for a limited period, without any way to work backward from the score to user behavior. No calls, emails, or other abstractions of that data are shared with Apple." https://venturebeat.com/2018/09/18/apple-creates-a...
The system was not designed to spy on users, but rather to detect fraud in iTunes purchases, and that's a good thing. I have no problem with that. Especially when no calls, emails, or other abstractions of that data are shared with Apple
Now I know that Apple are no saints, their off shore tax agreements with other countries are testament to that, but if you look at the work they are doing with differential privacy, and compare that to what Google, Facebook and Amazon are doing, then they are nowhere near as bad as you might think.
4