Comment by bambax

1 month ago

Apple TOS:

> To uphold our commitment to privacy while delivering these experiences, we have implemented a combination of technologies to help ensure these server lookups are private, efficient, and scalable.

Efficiency and scalability have nothing to do with "upholding one's commitment to privacy". This shows they're insincere.

But, is privacy achievable today? I doubt it. People desperately want (or think they want) features that are opposite to privacy, and if you don't give it to them, they're unhappy. I think Apple's fault is in promising something they can't deliver. (That also goes for Brave, Kagi, Duck Duck Go, etc.)

Scott McNealy famously said "You have zero privacy. Get over it." This was in January 1999. 25 years ago!

5 comments

bambax

Reply
supermatt  1 month ago

> Efficiency and scalability have nothing to do with "upholding one's commitment to privacy". This shows they're insincere.

"private, efficient, and scalable" means "private AND efficient AND scalable". What makes you think they are being insincere about the privacy aspect?

  • bambax  1 month ago

    If they said To uphold our commitment to privacy while delivering these experiences, we have implemented a combination of technologies to help ensure these server lookups are private then it would be fine. It would also be a tautology.

    When they add that server lookups are also "efficient and scalable", it means that they have had to ponder the privacy aspects with technical concerns regarding efficiency and scalability, and that therefore, privacy is mitigated.

    I think a fair reading of this sentence would be: "we provide a version of 'privacy' that we feel is acceptable, within reasonable efficiency and scalability constraints".

    They're not going to dedicate a server per customer for example. Would it make sense to do it? No. But it would be honest to say "because of efficiency and scalability limits, the 'privacy' we provide is relative and subject to breaches". (I actually think that's exactly what their wording is trying to say.)

    • supermatt  1 month ago

      > I actually think that's exactly what their wording is trying to say.

      And herein lies the problem, because they are literally saying what they say - private AND efficient AND scalable. You are the one adding hypothetical caveats.

      They are talking about offloading functionality that cannot occur on device. The scalability and efficiency is not being used as a reason to take privacy away, it is simply an additional requirement of how they must meet their pledge.

      The quote you are referencing is literally about how these features are implemented using homomorphic encryption to perform lookups on anonymously accessed black boxes: https://machinelearning.apple.com/research/homomorphic-encry... . Which part of that is them sacrificing privacy to make it scalable and efficient, and how would using a dedicated server per user increase privacy? Is there some specific privacy issue you can see with their implementation?

      2 replies →