Apple Shares New ‘Inside Joke’ Privacy-Focused Video Highlighting iMessage Encryption

Apple today shared a humorous new privacy-focused video on its YouTube channel, which is designed to highlight the end-to-end encryption feature in the Messages app.

In the minute-long video, a woman is at a nail salon getting a pedicure, and she's receiving iMessages and cracking up at them over and over again. The viewer is never given a look at what she's seeing that's so funny, which emphasizes the fact that messages are private.


The end of the video features the tagline "iMessage encrypts your conversations because not everyone needs to be in on the joke."

Apple has shared several other privacy-focused videos in recent months, including a "Privacy Matters" spot and a video that highlights limited ad tracking in Safari.


This article, "Apple Shares New 'Inside Joke' Privacy-Focused Video Highlighting iMessage Encryption" first appeared on MacRumors.com

Discuss this article in our forums

Facebook Harvested Email Contacts of 1.5 Million Users Without Their Consent

Facebook harvested the email contacts of 1.5 million users without their knowledge or consent and used the data to build a web of their social connections, it emerged today. Business Insider reports that Facebook began collecting the contact lists in May 2016 when new users opened a new account on the social network.

Image via Business Insider

The harvesting occurred when users were offered email password verification as an option to verify their identity when signing up to Facebook, a method widely condemned by security experts. In some cases if users did enter their password, a pop-up message would appear informing them that it was "importing" their contacts, without even asking their permission to do so.

These contacts were then fed into Facebook's database systems and used to build a map of users' social links and inform recommended friends on the social network. It's not clear if the data was also used for ad-targeting purposes.

In a statement given to Business Insider, the company said that these email contacts had been "unintentionally uploaded" to Facebook when users created their account.

It also said that prior to May 2016, it offered an option to verify a user's account and voluntarily upload their contacts at the same time. However, the feature was changed and the text informing users that their contacts would be uploaded was deleted, but the underlying functionality was not. Facebook says at no point did it access the content of users' emails.
We estimate that up to 1.5 million people's email contacts may have been uploaded. These contacts were not shared with anyone and we're deleting them. We've fixed the underlying issue and are notifying people whose contacts were imported. People can also review and manage the contacts they share with Facebook in their settings.
The news is just the latest addition to a long list of privacy blunders and violations by Facebook. In March, for example, it emerged that between 200 and 600 million Facebook users may have had their account passwords stored in plain text in a database accessible to 20,000 Facebook employees. Some Instagram passwords were also included.

That was followed earlier this month by news that cybersecurity researchers had discovered millions of Facebook records publicly accessible on Amazon's cloud servers, after the data was uploaded by third-party companies that work with Facebook.

In yet another development just this week, over 4,000 pages of documents from 2011 to 2015 were leaked which provide insight into how Facebook took advantage of user data while publicly promising to protect user privacy before and after its 2015 move to end broad access to user data.


This article, "Facebook Harvested Email Contacts of 1.5 Million Users Without Their Consent" first appeared on MacRumors.com

Discuss this article in our forums

Mozilla Launches Petition Urging Apple to Reset Interest-Based Ad Identifiers on Monthly Basis

Mozilla, the company behind Firefox, today launched a petition urging Apple to reset the unique IDs used to serve interest-based ads in the App Store and Apple News apps on the iPhone, iPad, iPod touch, and Apple TV on a monthly basis.


Mozilla takes aim at Apple's recent iPhone privacy ad in a blog post:
Apple's latest marketing campaign — "Privacy. That's iPhone" — made us raise our eyebrows.

It's true that Apple has an impressive track record of protecting users' privacy, from end-to-end encryption on iMessage to anti-tracking in Safari.

But a key feature in iPhones has us worried, and makes their latest slogan ring a bit hollow.

Each iPhone that Apple sells comes with a unique ID (called an "identifier for advertisers" or IDFA), which lets advertisers track the actions users take when they use apps. It's like a salesperson following you from store to store while you shop and recording each thing you look at. Not very private at all.
These identifiers can already be manually reset under Settings > Privacy > Advertising on iOS devices and under Settings > General > Privacy on Apple TV, but Mozilla is asking for "a real cap" with an automatic monthly reset to make it "harder for companies to build a profile about you over time."


"If Apple makes this change, it won't just improve the privacy of iPhones — it will send Silicon Valley the message that users want companies to safeguard their privacy by default," wrote Ashley Boyd, Mozilla's VP of Advocacy.

Interest-based ads in the App Store and Apple News app are based on information such as your App Store search history and Apple News reading history. Apple makes it easy to opt out, but Mozilla argues that "most people don't know that feature even exists, let alone that they should turn it off."

We'll provide an update if Apple responds.


This article, "Mozilla Launches Petition Urging Apple to Reset Interest-Based Ad Identifiers on Monthly Basis" first appeared on MacRumors.com

Discuss this article in our forums

Apple Says ‘Privacy Matters’ in Humorous New iPhone Ad

Apple today shared a new privacy-focused iPhone ad on its YouTube channel. The ad will premiere tonight and air through March Madness in the United States before expanding to select other markets globally.


The 45-second video starts with the tagline "privacy matters" and then shows a variety of humorous if not slightly awkward situations where people would want their privacy protected in everyday life. In one scene, for example, two men briefly pause their conversation while a waitress is at their table.

"If privacy matters in your life, it should matter to the phone your life is on," the ad concludes. "Privacy. That's iPhone."

The ad arrives around six weeks after a major FaceTime bug was uncovered that allowed one person to call another person over FaceTime and listen to that other person's audio without the call being answered. Apple fixed the bug in iOS 12.1.4 and apologized, but it certainly wasn't good for its reputation.

Apple similarly promoted its privacy stance with a billboard near CES 2019 in Las Vegas that read "what happens on your iPhone, stays on your iPhone."


Bugs aside, Apple really does place an emphasis on privacy, especially compared to some other tech giants like Facebook. Apple has long said it believes privacy is a "fundamental human right," and as part of that, it aims to minimize its collection of customer data and disassociate it from an individual user when it does.


This article, "Apple Says 'Privacy Matters' in Humorous New iPhone Ad" first appeared on MacRumors.com

Discuss this article in our forums

Apple Registers PrivacyIsImportant.com Domain Name

Apple has registered the domain name PrivacyIsImportant.com, according to WHOIS records discovered by MacRumors. The records indicate that Apple took possession of the domain name on Monday.

The record's contact information now lists Apple Inc. as the organization, complete with its address, phone number, and domain-related email.


The domain name does not yet point to an active website, so it's unclear if or how Apple will use it, but it is certainly possible the company is planning a privacy-focused marketing campaign along the lines of its "what happens on your iPhone, stays on your iPhone" billboard at CES 2019 in Las Vegas.




This article, "Apple Registers PrivacyIsImportant.com Domain Name" first appeared on MacRumors.com

Discuss this article in our forums

Austrian Privacy Watchdog NOYB Accuses Apple and Others of Failing to Comply With GDPR in Europe

Austrian non-profit organization NOYB, the "European Center for Digital Rights," has reportedly filed a complaint against Apple and seven other tech companies for allegedly failing to comply with GDPR in the European Union.


NOYB said it tested each company's compliance with GDPR by requesting private data held about 10 users and found that "no service fully complied."

"Many services set up automated systems to respond to access requests, but they often don't even remotely provide the data that every user has a right to," said NOYB founder Max Schrems. "This leads to structural violations of users' rights, as these systems are built to withhold the relevant information."

Other companies named in the complaint include Amazon, Netflix, Spotify, YouTube, and three more, according to Reuters.

GDPR was implemented in May 2018 and gives European Union residents the right to access any personal data a company has stored on them. The regulation led Apple to launch a Data and Privacy portal that allows its customers to download a copy of any data associated with their Apple ID account that Apple maintains.


This article, "Austrian Privacy Watchdog NOYB Accuses Apple and Others of Failing to Comply With GDPR in Europe" first appeared on MacRumors.com

Discuss this article in our forums

Data Broker Acxiom Comes Out in Support of Apple CEO Tim Cook’s Call for US Data Privacy Regulation

One of the biggest ad data brokers has come out in support of Apple CEO Tim Cook’s call for federal privacy legislation to regulate the collection and use of personal data in the United States.



In a statement Thursday evening provided to Business Insider, data broker Acxiom confirmed its support for federal privacy legislation. “Acxiom, like Mr. Cook, also supports a national privacy law for the US, such as GDPR provides for the European Union,” it read.

A data broker acts as a middleman, transferring user data between different companies and parties. In his TIME op-ed yesterday, Cook called such an entity “a company that exists purely to collect your information, package it and sell it to yet another buyer.”

In a message consistent with Apple’s policy that privacy is a “fundamental human right,” Cook railed against this market for user information, which he said operates in a “shadow economy” that’s largely unchecked, “out of sight of consumers, regulators and lawmakers.”

Responding to Cook’s clarion call, Acxiom said that it had been “actively participating in discussions with US lawmakers” for years but denied that it partook in a “shadow economy” that operates unchecked.

We agree that we must root out the nefarious players in the ecosystem, and Acxiom’s data privacy impact assessment (DPIA) process ensures we don’t do business with questionable companies. We look forward to working with people across the industry, including Apple, to ensure transparency, access and control is available to all people.

In his TIME op-ed, Cook argued for the creation of a “data-broker clearinghouse” that all brokers would be required to register, which would enable consumers users to track transactions that include their data and delete it forever if desired.

“As this debate kicks off, there will be plenty of proposals and competing interests for policymakers to consider,” said Cook. “We cannot lose sight of the most important constituency: individuals trying to win back their right to privacy.”

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

This article, "Data Broker Acxiom Comes Out in Support of Apple CEO Tim Cook's Call for US Data Privacy Regulation" first appeared on MacRumors.com

Discuss this article in our forums

Tim Cook Urges U.S. Congress to Pass Comprehensive Federal Privacy Legislation in Op-Ed

U.S. Senator Marco Rubio (R-FL) on Wednesday introduced the American Data Dissemination Act, legislation that would require the U.S. Federal Trade Commission to submit detailed recommendations for privacy requirements that Congress can impose on tech companies like Apple, Facebook, Google, and Twitter.


The bill is intended to address the lack of a single, comprehensive federal law regulating the collection and use of personal data in the United States with clear protections that consumers can understand and the FTC can enforce.

Well timed with the news, Apple CEO Tim Cook has penned an op-ed for Time Magazine calling on Congress to pass comprehensive federal privacy legislation in the United States. He also challenges companies to strip identifying information from customer data or avoid collecting it in the first place.

In the op-ed, Cook said he believes "data broker" companies that collect, package, and sell personal information should be required to register with the FTC and provide critical transparency information to the agency, and that consumers should have the power to easily access and delete that data if desired.

"Right now, all of these secondary markets for your information exist in a shadow economy that's largely ­unchecked," wrote Cook.

In 2014, the FTC published a report stating that "data brokers collect and store a vast amount of data on almost every U.S. household." Of the nine data brokers it examined, the FTC said one had a database with "information on 1.4 billion consumer transactions and over 700 billion aggregated data elements."

Cook's full op-ed was provided to MacRumors in advance:
In 2019, it's time to stand up for the right to privacy—yours, mine, all of ours. Consumers shouldn't have to tolerate another year of companies irresponsibly amassing huge user profiles, data breaches that seem out of control and the vanishing ability to control our own digital lives.

This problem is solvable—it isn't too big, too challenging or too late. Innovation, breakthrough ideas and great features can go hand in hand with user privacy—and they must. Realizing technology's potential ­depends on it.

That's why I and others are calling on the U.S. Congress to pass comprehensive federal privacy ­legislation—a landmark package of reforms that protect and empower the consumer. Last year, before a global body of privacy regulators, I laid out four principles that I believe should guide legislation:

First, the right to have personal data minimized. Companies should challenge themselves to strip identifying information from customer data or avoid collecting it in the first place. Second, the right to ­knowledge—to know what data is being collected and why. Third, the right to access. Companies should make it easy for you to access, correct and delete your personal data. And fourth, the right to data security, without which trust is impossible.

But laws alone aren't enough to ensure that individuals can make use of their privacy rights. We also need to give people tools that they can use to take action. To that end, here's an idea that could make a real difference.

One of the biggest challenges in protecting privacy is that many of the violations are invisible. For example, you might have bought a product from an online ­retailer—­something most of us have done. But what the retailer doesn't tell you is that it then turned around and sold or transferred information about your purchase to a "data broker"—a company that exists purely to collect your information, package it, and sell it to yet another buyer.

The trail disappears before you even know there is a trail. Right now, all of these secondary markets for your information exist in a shadow economy that's largely ­unchecked—out of sight of consumers, regulators, and lawmakers.

Let's be clear: you never signed up for that. We think every user should have the chance to say, "Wait a minute. That's my information that you're selling, and I didn't consent."

Meaningful, comprehensive federal privacy legislation should not only aim to put consumers in control of their data, it should also shine a light on actors trafficking in your data behind the scenes. Some state laws are looking to accomplish just that, but right now there is no federal standard protecting Americans from these practices. That's why we believe the Federal Trade Commission should establish a data-­broker clearinghouse, requiring all data brokers to register, enabling consumers to track the transactions that have bundled and sold their data from place to place, and giving users the power to delete their data on demand, freely, easily and online, once and for all.

As this debate kicks off, there will be plenty of proposals and competing interests for policymakers to consider. We cannot lose sight of the most important constituency: individuals trying to win back their right to privacy. Technology has the potential to keep changing the world for the better, but it will never achieve that potential without the full faith and confidence of the people who use it.
Cook's op-ed is consistent with Apple's belief that privacy is a "fundamental human right." Apple aims to "minimize its collection of personal data," according to its privacy website, and stresses that the "the customer is not our product."

Apple emphasized its commitment to privacy with a billboard near CES 2019 that read "what happens on your iPhone, stays on your iPhone."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "Tim Cook Urges U.S. Congress to Pass Comprehensive Federal Privacy Legislation in Op-Ed" first appeared on MacRumors.com

Discuss this article in our forums

Apple Hires Prominent Facebook Critic for Internal-Facing Product Privacy Role

Apple has recruited a former Facebook employee who went on to become one of the social network's most ardent critics, reports The Financial Times (paywall). Sandy Parakilas monitored the privacy and policy compliance of Facebook developers for 18 months before leaving the social network in 2012.

Sandy Parakilas talking to Bloomberg

During his time at the company, Parakilas felt his concerns about its data-sharing policies were downplayed, according to FT.

Last year, following the Cambridge Analytica scandal, Parakilas also gave evidence to the British parliament's digital, culture, media, and sport committee, and told MPs that Facebook's data protection practices were "far outside the bounds of what should have been allowed" between 2010 and 2014.
Mr Parakilas has urged the tech industry to improve its data protection practices, increase the use of encrypted messaging and "verify the truth of statements that can be viewed by millions of people".

"We now live in a world where racist demagogues and their dictator buddies can cynically exploit our tools to seize power," he wrote in a blog post in late 2016. "There is no such thing as a 'neutral platform'. Facebook, Twitter and Google all profited from this perversion of democracy."
According to FT's sources, Parakilas will work in Apple's privacy team as a product manager, an internal-facing role designed to ensure that new products in development protect users' privacy and minimize data collection.

Apple has made much of its privacy focus in recent years. In 2018, CEO Tim Cook singled out user privacy a "core value" of Apple's that reaches way back to before smartphones had become a feature of people's daily lives.

Recently, in the heart of Las Vegas where the Consumer Electronics Show is currently underway, Apple put up a giant sign touting the security of its devices to remind the tech industry of its heavy emphasis on privacy.

Apple does not have a presence at the show, but CES attendees will be seeing products from companies with less of a privacy focus like Google and Amazon.


This article, "Apple Hires Prominent Facebook Critic for Internal-Facing Product Privacy Role" first appeared on MacRumors.com

Discuss this article in our forums

Ahead of CES, Apple Puts Up Billboard Touting Privacy in Las Vegas

In the heart of Las Vegas, where the Consumer Electronics Show is set to kick off next week, Apple has put up a giant sign touting the security of its devices.

The billboard, which was noticed by Engadget‘s Chris Velazco, plays on an iconic Las Vegas tourism slogan: “What happens in Vegas, stays in Vegas.” “What happens on your iPhone, stays on your iPhone,” reads the sign, which is located near the Las Vegas Convention Center and many prominent Las Vegas hotels.



CES will see thousands of tech industry attendees, members of the media, and tech exhibitors, and Apple’s decision to put up a billboard here is interesting as the company does not have a presence at the show.

Apple competitors like Amazon, Samsung, and Google will be present at CES showing off smart home devices, smartphones, and other products, and while Apple employees are likely to be in attendance, Apple will not be highlighting any of its devices at the event.

It’s not entirely clear when the billboard was put in place, but it seems clear that it’s aimed at CES attendees who will be seeing products from companies with less of a privacy focus like Google and Amazon. Apple is not-so-subtly reminding the tech industry of its heavy emphasis on privacy, with the billboard offering up a link to Apple’s dedicated privacy website.

The Consumer Electronics Show starts on Tuesday, January 8 and lasts through the end of the week.

Tag: privacy

This article, "Ahead of CES, Apple Puts Up Billboard Touting Privacy in Las Vegas" first appeared on MacRumors.com

Discuss this article in our forums