Comment by zombot
4 days ago
Exactly, I don't want my shit sent all across the internet without my explicit prior consent, period. No amount of explanation can erase Apple's fuck-up.
4 days ago
Exactly, I don't want my shit sent all across the internet without my explicit prior consent, period. No amount of explanation can erase Apple's fuck-up.
Apple does photo recognition on your device.
Google, on the other hand, uploads photos to their server and does the analysis there.
There is the infamous case of the parents who Google tried to have arrested after they used their Android device to seek medical assistance for their child during lockdown. Their doctor asked them to send images of the problem, and Google called the police and reported the parents for kiddie porn.
> “I knew that these companies were watching and that privacy is not what we would hope it to be,” Mark said. “But I haven’t done anything wrong.”
The police agreed. Google did not.
https://www.nytimes.com/2022/08/21/technology/google-surveil...
Google refused to return access to his account even after the police cleared him of wrongdoing.
Google's reputation with privacy advocates is absolutely horrible, but that shouldn't have anything to do with Apple's practices. Comparing Apple and Google will indeed tell you a lot of interesting things, but that's not what this is about.
Kind of feels like it should be a crime for a private party to attempt to write terms into a contract that introduce punishments justified in terms of law, where that justification is based on an interpretation of law that's already been legally proven to the author of the contract to be a misinterpretation of said law.
It's sort of the crime of "contempt of court", but after the fact: receiving a judge's prescription about how you must interpret a law during a case, but then going right back to using a different interpretation when you leave court.
> Google refused to return access to his account even after the police cleared him of wrongdoing.
This is why I constantly work to help people reduce their dependence on Google. Screw that. If anyone ever tells you that they rely on Google for anything, show them this article.
I don't want to set up my own email server.
But I definitely live in fear of Google fucking up and disabling my account.
> Apple does photo recognition on your device.
> Google, on the other hand, uploads photos to their server and does the analysis there.
The comment you're replying to (and the whole sub-thread in fact) isn't about if how Apple is doing it is the best/worst way, but rather before they do it, they don't ask for permission. Regardless of how they technically do it, the fact that they don't ask beforehand is what is being argued about here.
It seems strange to demand they ask “permission” in this instance but not e.g. to let you sort you photos by date, or album, or location.
(I agree this is the point in contention, I just don’t understand it).
Google doesn't send your pictures to their servers without your explicit consent. This is exactly what users expect. On Android, you can use your own self-hosted photos server and have it work exactly the same way Google Photos does. Google Photos does not have access to private Google-only APIs like Apple Photos has on iOS.
> Google doesn't send your pictures to their servers without your explicit consent.
The parents Google tried to get arrested in the story above do not agree.
> When Mark’s and Cassio’s photos were automatically uploaded from their phones to Google’s servers, this technology flagged them. Jon Callas of the E.F.F. called the scanning intrusive, saying a family photo album on someone’s personal device should be a “private sphere.” (A Google spokeswoman said the company scans only when an “affirmative action” is taken by a user; that includes when the user’s phone backs up photos to the company’s cloud.)
Google not only automatically uploaded their images to their server, it analyzed those images and reported the users to the police for kiddie porn based on a single false positive.
8 replies →
Google Photos "consent" is one of the worst dark patterns I regularly encounter.
About weekly it prompts me with a huge popup whether I want to continue without backup, with "enable backup" selected by default. If I deselect this I'm prompted with another popup asking me to back up specific selected photos. If I misclick either of these (which is easy, since they pop up after briefly showing my photos which I'm actively trying to tap on), then Google will start hoovering up all my photos without confirmation.
Their "consent" form is user-hostile and it's disingenuous to hold it as an example of Google protecting privacy.
Pro tip: install Google Gallery which (ironically) is effectively a de-Googled Photos. Unfortunately it's also stripped down in other ways but it suffices for simply viewing photos on your own device.
They are not sending your actual photo, as has been covered at length on numerous threads on this very site.
That's irrelevant if the information they do send is sufficient to deduce "Eiffel tower" or "dog" out of it: that's too much information to send.
They don't have to send anything since they do all the image recognition on the user's own device.
Sending everything to a server is, however, how Google's service works.
4 replies →
Not wrong, but it’s interesting that Apple gets so much flak for this when Google and Microsoft don’t even try. If anything they try to invade privacy as much as possible.
Of course maybe that question has its own answer. Apple markets itself as the last personal computing company where you are the customer not the product so they are held to a higher standard.
What they should do Is do the processing locally while the phone is plugged in, and just tell people they need a better phone for that feature if it’s too slow. Or do it on their Mac if they own one while that is plugged in.
FWIW, I work on homomorphic encryption at Google, and Google has all kinds of other (non-FHE) privacy enhancing tech, such as differential privacy, federated learning, and https://github.com/google/private-join-and-compute which are deployed at scale.
Perhaps it's not as visible because Google hasn't defaulted to opt-in for most of these? Or because a lot of it is B2B and Google-internal (e.g., a differential-privacy layer on top of SQL for internal metrics)
[edit]: this link was a very vague press release that doesn't say exactly how Google uses it: https://security.googleblog.com/2019/06/helping-organization...
uhhh yeah it's not visible because it's not used for anything. because it runs contrary to Google's entire raison d'être. if it's not turned on by default, what is even the point of doing it at all other than to pacify engineers who are perfectly happy to miss the forest for the trees? it's kind of like saying that you have the power of invisibility, but it only works if no one is looking at you.
Well when you are building a feature that can only be appreciated by a subculture of people (privacy advocates), and they complain about the most basic faux pas that you could do in their culture (not asking them before you phone home with data derived from their data)... you have invited these people to criticise you.
Most people I know of wouldn't care about such a feature other than a breathless sort of "Wow, Apple tech!" So they are building something which is intended to win over privacy conscious people, kudos to them, everyone stands to benefit. But the most basic custom in that subculture is consent. So they built something really great and then clumsily failed on the easiest detail because it is so meaningless to everyone except that target audience. To that audience, they don't bother criticising google or microsoft (again) because it goes without saying that those companies are terrible, it doesn't need to be said again.
> a feature that can only be appreciated by a subculture of people (privacy advocates)
Just because it can’t be “appreciated” by all users doesn’t mean it’s only “for” a small sub-group.
It seems to me they’re just trying to minimise the data they have access to — similar to private cloud compute — while keeping up with the features competitors provide in a less privacy-respecting way. Them not asking for permission makes it even more obvious to me that it’s not built for any small super privacy-conscious group of people but the vast majority of their customers instead.
[dead]
"not asking them before you phone home with data" is a basic faux pas for privacy advocates? LOL; that's a fundamental breach of trust of the highest degree, not basic by any means.
1 reply →
> just tell people they need a better phone for that feature if it’s too slow. Or do it on their Mac if they own one while that is plugged in.
The issue isn't slowness. Uploading photo library data/metadata is likely always slower than on-device processing. Apparently the issue in this case is that the world locations database is too large to be stored locally.
>> Apparently the issue in this case is that the world locations database is too large to be stored locally.
What kind of capacity can ROM chips have these days? And at what cost?
In other words: don't hate the player hate game, but the point still stands.
The game, unlike Apple's policy, is opt-in. Hate the player and the game.
Whataboutisms aren't all the great you know. Google and MS also get flak, and they also deserve it.
But now that we're talking about these differences, I'd say that Apple users are notoriously complacent and defend Apple and their practices. So, perhaps in some part it is in an attempt to compensate for that? I'm still surprised how we've now accepted that Apple receives information pretty much every time we run a process (or rather, if it ran more than 12 hours ago, or has been changed).
You can always find someone worse. Does not mean we should not critise people/organizations.
You think Trump is bad? Well, Putin is worse. You think Putin is bad? Kim Jong Un is worse.
And who's worse than kim?
1 reply →
Doesn't Photos.app on iOS sync with iCloud OOTB?
Optionally, yes
And it nags the hell outta you if you opt out.