Apple CEO: We Don't Covet Your Data

Apple CEO Tim Cook highlights the company's commitment to privacy in an open letter.

Thomas Claburn, Editor at Large, Enterprise Mobility

September 18, 2014

4 Min Read

 Apple's Next Chapter: 10 Key Issues

Apple's Next Chapter: 10 Key Issues

Apple's Next Chapter: 10 Key Issues (Click image for larger view and slideshow.)

Apple CEO Tim Cook declared Wednesday that the company is committed to customer privacy, doesn't read customers' email messages, and doesn't create backdoors in its services for authorities.

In a new privacy section on the company website, Apple draws a contrast between the company's commitment to its customers and the privacy-compromising practices of ad-based businesses.

"We don't build a profile based on your email content or Web browsing habits to sell to advertisers," Cook said in an open letter on the site. "We don't 'monetize' the information you store on your iPhone or in iCloud. And we don't read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple."

Would that it were so simple. Cook acknowledges that Apple, too, is an advertising company, through iAds, but he stresses that iAds is a small part of Apple's business, and that the ad service doesn't rely on data from other Apple services or customers.

Cook never mentions Google by name, but it's clear that Google -- the company he recently cited as Apple's primary competitor -- is one of the "other companies" referred to in the paragraph about FaceTime security.

Regarding FaceTime, Apple's website says, "So unlike other companies' messaging services, Apple doesn't scan your communications, and we wouldn't be able to comply with a wiretap order even if we wanted to."

[Privacy is one thing. But how are sales doing? Read Have Apple's iPads Peaked?]

That's Gmail Apple is talking about. Google scans consumers' Gmail messages to generate targeted ads. Despite the fact that the practice is not meaningfully different from Amazon's recommendation of products based on customers' past purchases -- in each case, automated systems are scanning potentially sensitive data in an effort to provide information the customer hopefully may want -- automated content scanning remains an albatross around Google's neck. Microsoft has also taken aim at Gmail in its Scroogled ad campaign.

But Apple isn't simply repackaging Microsoft's disparagement. The company long ago recognized that it can afford more privacy than ad-dependent Google. That's why it has implemented privacy features like third-party cookie blocking in Safari, the Limit Ad Tracking setting in iOS, and MAC address randomization during passive WiFi network scans in iOS 8. Cook's declaration of commitment to privacy represents a continuation of this strategy.

Perhaps the most intriguing aspect of Apple's evolving view on privacy is its shift toward a zero-knowledge posture, a position until now favored only by the most the most forward-thinking security companies. "On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode," Apple says on its website. "Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."

As the security researcher Jonathan Zdziarski points out in a response to Cook's letter, Apple is taking a brave and welcome stance in defense of privacy, but that doesn't mean government authorities can't access an Apple customer's data anyway. Despite improvements in iOS 8 that close some holes that Zdziarski previously identified, Apple's decision to allow users to access files and apps while a mobile device is locked means that videos, images, media files, and third-party application data can still be accessed using forensic tools if a trusted paired device (a Mac running iTunes for synchronization and backup) is available.

It's also worth noting that, though Apple claims iOS 8 device data is beyond its reach, the company makes no such claim about iOS 8 device data copied to Apple's iCloud service.

Nonetheless, Apple has raised the bar for privacy and security on mobile devices.

Do you need a deeper leadership bench? Send your most promising leaders to our InformationWeek Leadership Summit, Sept. 30 in New York City, for a day of peer learning and strategic speakers.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights