Is Apple lying about privacy?

There’s an article in Gizmodo, and further commentary about it on Slashdot and on MacRumors, about a class-action lawsuit against Apple, accusing them of violating their promises about not collecting and reusing or selling our personal data.

Specifically, the claim is that users who turn off iPhone Analytics in the device’s settings are promised that no usage data will be sent to Apple, but then it secretly is anyway – for a whole bunch of Apple apps and processes.

I’ve always had iPhone Analytics and iCloud Analytics disabled in my iPhone… and I actually read Apple’s linked promises as to what this means (they’re readable, not impenetrable legalese)… and I was shocked at this. If it’s true.

What do you think about this?

I didn’t read anything about the data being sold to marketers. In fact, the data isn’t being passed on at all. And the report states that data about apps that are in Apple’s App Store is all that is being analyzed. It has nothing to do with cookies and tracking within or across sites.

If they ask me if I consent to them collecting and I say no, I don’t care if they sell what they are collecting or not. They are in violation.

If they are not respecting people’s choice, then at the very least they should stop acting like they’re even asking for consent.

If this indeed turns out to be true, I sincerely hope it ends up costing them big time. The only way they learn is if they get hit where it really hurts. Let’s say a fine matching typical annual global revenue. That should result in some added clarity on Apple’s behalf.

No information identifies the user personally. What possible grounds are there for suing or for awarding damages for a non-existent hurt?

1 Like

Articles about this are showing up in more and more places online, beyond the few that I reported initially. They vary somewhat in what they say or imply that Apple may have done.

I don’t have an opinion about the specific facts here, not having looked into it myself. But my typical impression, when I quickly skim through data opt-outs like the one on my iPhone or various other places, is to assume they mean “no data will be sent”. I don’t assume they mean “the data will only be used in the following ways…”. And if they do start down that “data used for this, but not for that” road, I mostly tune out, because I have other things I’d rather think about, and then you’re into the weeds of lawyer-talk that I find boring. I suspect most people, if they were honest, react to this kind of stuff with only cursory attention, the way I do. But it does affect their overall impression of companies.

The fact that this (whatever it is) is now being reported in the mainstream press, not just the techie press, means that even the perception of it could seriously hurt Apple’s credibility among the public, including potential buyers. There are many people who love to hate Apple, and all its products and services; they will seize on this and publicize it more… whatever it is.

Apple needs to make a clear statement about what is actually going on, and what (if anything) they plan to do about it. And soon.


Obviously Apple’s selectivity concerning privacy is self-serving, but it’s difficult to see this as anything other than analytics collection for app improvement, as might be seen with most other apps and their toolkits for analytics collection. I think the incentives for doing the right thing have always been questionable and the red flag for me was when Apple started foisting analytics on the Podcasts app for listenership measurement with no means of opting out, only clearing the identifier used, manually, to reset the collection for a given account. It’s deeply unseemly, but I don’t think it’s more than that. But I do hope there are consequences for this sort of double standard.

And would Stocks, Health, and other Apple and most other non Apple apps be able to function at all without analytics?

Remember the big Fortnight stink?

No, I don’t remember it. What was it?

It’s a very intricate and lengthy lawsuit and appeal that continues to this day. Apple won the first round:

I’m wondering that this “Epic” battle might make it to the US Supreme Court.

In my (old) iPhone’s Settings, under Privacy > Analytics, I have both “Share iPhone Analytics” and “Share iCloud Analytics” turned off. What does that sound like?

Then, going deeper into “Analytics Data”, it shows a long, long… did I mention it’s long? … list of somethings incomprehensible to me, presumably data headers? And each of those leads to a very, very long page of data, written in Geekish, that nobody but a database nerd would bother trying to decipher. Certainly I wouldn’t. (And I can code a few computer languages, BTW.)

So from this I assume that my iPhone is storing a lot of data about my usage, but that the main/parent settings in that area mean they shouldn’t be sent to Apple. So why are they storing them? In case I change my mind? Or maybe…

But it’s all guesswork on my part, and I’m what most people would call a geek… you can imagine how this would seem to the typical person (which means most of Apple’s customers, potential customers, journalists, etc.)

1 Like

You may be right… but in that case, couldn’t they just let you set different privacy settings just for those apps? Or at least alert you to the connectivity/data-transfer needs if you run those apps…

1 Like

Can you post any links to “mainstream press” references?

I ask this because when I checked the links in your original posting, including the Slashdot threads, they all traced back to this “software company” Mysk, which has no web presence that I can find, and appears to be staffed entirely by the two individuals named in the article.

What I’m driving at is who or what is Mysk, how exactly did they obtain their data, and has anybody else independently corroborated this story? Sure looks like Gizmodo single-sourced their story, which may or may not be a valid approach.


Speaking irrationally, no doubt) as a “privacy fundamentalist”: yes, of course; app developers can always solicit feedback by other means, and any and all requests should in any case require consent beforehand.

Naturally people will have different levels of tolerance. Some of this is required only in the sense that a request has to be made in order to fulfil a legitimate function, and the question of what counts as data misuse and what to do about it, or how much users can reasonably be expected to control or understand, are essentially philosophical and/or political in nature. But best practice is probably at least to reduce the use of “identifiers”, and to try and time transmissions to obfuscate intent of the user. All this is explained well enough in Apple’s own developer documentation and videos about privacy.

A reasonable request… unfortunately I was rapidly scrolling through hundreds of headlines in my long RSS feed, which I do every day; that’s where I saw what looked like mainstream references, but I can’t exactly duplicate that now… I can see right now references on many websites… far more than earlier today, so the story is spreading… but most of them are techie sites, or relatively small venues like Mashable. I do see one article at MSN News, which looks on their home page like a general news site, but since it’s owned by Microsoft you might not consider that “mainstream”, and they seem to be basing it on the Gizmodo story… and I see headlines from two different newspapers in India (I guess) covering it.

More interesting, perhaps: I found the actual legal filing at Bloomberg Law by a California law firm, if anyone cares to read it. That might be the real origin of the story? And strangely it emphasizes “Jury Trial Demanded”, which (for a civil lawsuit; aren’t they usually settled out of court?) makes me wonder if publicity isn’t a key part of the motivation.

I guess I’ll have to mostly retract my statement about “mainstream” press, since I can’t back it up now. Sorry.

1 Like

In addition to podcasts, the vast majority of broadcast, print and digital media, as well as gaming, restaurants, cinemas, theaters, radio, television, books and magazines, games, etc., etc., just about every flavor and size of content creators use analytics to determine what audiences like and respond to. And if applicable, who will pay for what.

The best I could come up with is a Mysk Twitter account:

And this:

It sounds to me like two coding dudes flailing around to get some attention and maybe get their names in the press enough to polish their resumes and get better jobs, or maybe raise some dough to start a company. And they do talk a lot of garbage about Apple in general. It’s not like Steve Jobs and Steve Wozniak building Apple computers in Steve’s parents’ garage, starting a company, and bringing superior and unique products to market. In any event, it doesn’t look like there is a corporation, or even a private company, named Mysk, in addition to not revealing their methodology of collecting and analyzing data.

Thanks for posting this link. I went a step further, and found a site (Scribd) which provides free downloading of the filing:

This document makes for some interesting reading, primarily for some of its claims; for example, the document states “Much of Apple’s enormous financial success results from its tracking and collection of consumer personal information.” In fact, apart from lengthy citations on privacy, associated laws, etc. the lawsuit consists entirely of completely unsupported allegations–which may be perfectly normal for these types of documents; I’m no lawyer!

Maintenance of user privacy is certainly a selling point for Apple, and they do take it seriously–witness how they pulled their planned CSAM “back door” from a future iOS well over a year ago, with no announcements of a replacement since. This was following loud and sustained howling by many members of their user base (and I was one of them, on this board). I find it difficult to believe Apple would come anywhere near the transgressions alleged in the lawsuit. I therefore am relegating my concern over this to the back of the file cabinet. Need to see more than an excessively quoted “study” by two guys with a computer in a garage to believe there’s substance to this.


Keeping your data on your iPhone is an example of Apple not wanting to collect and sell your data. And I’m guessing it’s also having your information ready for you to access immediately.

“…having your information ready for you to access immediately…”

If you have an iPhone, you should look on yours at the data of the type I was referring to, apparently scooped up & time-stamped from multiple apps on the phone.

From what I can see, it’s not in a form that most people, even technical people like us, would even try to read or understand. It looks like lengthy database code that’s almost certainly designed to be parsed through some other program, probably a database. I was able to “access” it but not in a way that would make any sense. (And BTW, by comparison, I can more-or-less make some sense out of computer code even in languages I haven’t learned, like Python or Lisp, because they share enough in common with languages that I have learned; but this data wasn’t like that, more like an endless raw data dump.) tl;dr: it wasn’t human-readable.

So I can logically see only two possibilities: the raw data is there to be sent to (or might be sent to) another place… like Apple, for example… or else there’s a way for me to view that data intelligibly (digested, so to speak) elsewhere on my iPhone… but if so, where?

1 Like