Mozilla Calls on Apple to Make a Privacy Improvement

Posted on April 15, 2019 by Paul Thurrott in iOS with 29 Comments

While it appreciates Apple’s stance on privacy, Mozilla is calling on the firm to make a change that would improve customer privacy even further.

“Each iPhone that Apple sells comes with a unique ID (called an “identifier for advertisers” or IDFA), which lets advertisers track the actions users take when they use apps,” Mozilla’s Ashley Boyd explains. “It’s like a salesperson following you from store to store while you shop and recording each thing you look at. Not very private at all.”

The good news? You can turn this feature off, and if you’re using an iPhone—and are concerned about privacy—you may want to do just that. (Here’s how.)

The bad news, of course, is that most people are simply unaware of this option and that Apple leaves it enabled by default.

“We’re asking Apple to change the unique IDs for each iPhone every month,” Boyd continues. “You would still get relevant ads — but it would be harder for companies to build a profile about you over time.”

And if you agree with this need, Mozilla has set up an online petition so you can register your vote and hopefully inspire Apple to make the iPhone even more privacy-friendly.

Tagged with , ,

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register
Comments (29)

29 responses to “Mozilla Calls on Apple to Make a Privacy Improvement”

  1. dontbe evil

    curios to see apple response, if will be any

  2. randallcorn

    Relevant ads are a hit and miss. Most of the time I get an add for something I just purchased. I JUST PURCHASED IT! Show me accessories or something.


    Saying nothing new. Just wanted to say it.

  3. Lordbaal

    So what are they asking Apple to exactly do?

    Apple already gives the option to turn it off.

  4. JerryH

    you'd still get relevant ads? Since when have I ever gotten relevant ads? Do they mean "relevant" in that I get ads for Nest cameras for two years after I bought a bunch? Or maybe the ads I get for all of the other things that I already bought? That's the "relevant" ads I get now. I'd prefer these jokers who know only that I once visited a web page and don't seem to know that they closed the sale wouldn't be able to track at all and just gave me random ads. After all it is no worse getting ads for something I would never buy than it is getting ads for stuff I have already purchased. Arghh!

    • wright_is

      In reply to JerryH:

      Yep, I bought a new dishwasher from Amazon last week, got a list of 5 dishwashers through this morning and "this might be of interest" section also showing nothing but dishwashers! How many kitchens do they think I have?!?!

  5. truerock2

    Google and Facebook seem to get most of the bad press about privacy - but, I've always had my biggest problems with LinkedIn (owned by Microsoft).


    Today - once again - somehow LinkedIn snagged my gmail address book (I think). I don't think it was my Outlook address book. A friend told me she was getting weird emails from me about LinkedIn from my LinkedIn account.


    So - it's been several years - maybe a decade or so - I was once again deleting my contacts out of LinkedIn.


    It really bothers me because I know I did not give my contacts to LinkedIn. How did LinkedIn get my contacts?


    Apple... Apple really doen't bother me in regard to privacy issues.


    • minke

      In reply to truerock2:

      I deleted my LinkedIn account. Absolutely the worst for spamming. Some think you must have a profile there for job hunting, but in my experience it is mostly head hunters that roam there. Create your own web page you can manage yourself without dealing with all the LinkedIn garbage.

    • wright_is

      In reply to Brett_B:

      It isn't as bad as Google/Android, but I will add, whilst changing the ID every month will bring a little anonymity, I'd rather that they pressured Apple to turn it off by default... Which is the legal requirement for the devices on sale in Europe.

    • waethorn

      In reply to Brett_B:


      "Apple itself is strident about how your data remains your data."


      Facebook said the same thing too, and look how that turned out. Remember, this is the defence of a pro-Apple site.


      Aside from that, anybody that gets fooled by yet another "Sign this petition. Give us your email address." should be ridiculed right off the Internet.

      • Jason Peter

        In reply to Waethorn: Facebook said the same thing too, and look how that turned out.


        Apples and oranges (Pun intended)


        Apple doesn’t make money off of your information simply because Apple DOESN’T NEED TO!. They have more to lose than to gain by monetizing our information in a way that invades our privacy. In fact, it is more advantageous for them to incorporate such pro-privacy measures into their products, if at the least to be able to use it as a sales/branding bullet-point.


        Facebook doesn’t possess such scruples. Like Google, their primary source of revenue is by convincing you to give up as much personally identifiable information as possible in which to monetize through improve advertising and sales of such information to 3rd parties.


        Facebook and Google do what they do because their revenue stream depends on it. As such, it is not surprising. It's in their nature. But for Apple, such measures would gain them little at best, and at worst cost them much more in lost sales.


        Simply put, your statement has no merit where Apple is concerned. Charging premium prices? No argument there. Premium price increases during rare sales decreases? Ditto. Those are valid arguments. But Apple would be slitting their own throats if there were even a whiff of controversy concerning mishandling of user data and privacy. Theres simply no motive for them - in fact, it is obvious that there is motive for them to go out of their way to protect user data and privacy.


        Are their measures perfect? Hell, no. Their is much they could do to improve their privacy measures (such as strengthen security). But regardless of what weaknesses they perhaps need to overcome, their protection of customer privacy and handling of information is far and above that of their competitors.



  6. StevenLayton

    Hey, Apple makes so little profit on their phones, I'm disappointed that some people hrre want them to remove this small extra revinue stream. They have families to feed....

  7. waethorn

    Let me correct this:


    "Each cellphone (smart or not) that any cellphone carrier/maker sells comes with a unique ID (called an “IMEI”), which lets carriers (and all software developers that support that phone) track or collect the user's location when their phone is on or in standby, regardless of WiFi or cellular data enable status, either in real-time or when a network connection is established later"


    As far as this goes:


    "It’s like a salesperson following you from store to store while you shop and recording each thing you look at"


    The microphones on smartphones are always on, recording everything you say, as well as audible and inaudible sound signals in the area, thanks to a patent by Google, used by Apple, that can detect hyper-sonic sound signals from broadcast sources like TV's and other electronic devices.


    "Not very private at all.”


    By design.

    • wright_is

      In reply to Waethorn:

      Developers usually don't get access to the IMEI, that is a system parameter that only very few applications can get access to, on most phones.


    • bellbm

      In reply to Waethorn:


      "Recording everything you say" is taking it a bit too far. The microphones are listening for the key words to activate their voice assistants. Once the assistant is activated the processing kicks in, and each company has its own methods of recording and retention of that information. The listening feature can also be disabled on the iPhone during initial setup and at any time through the Settings app. I'm assuming it can be disabled on Android as well.

      • Greg Green

        In reply to bellbm:

        In order to hear the key word the phone has to listen to everything all the time.

      • waethorn

        In reply to bellbm:

        That's a naive belief that is proven to be completely false, and a lie of marketing. You can't process audio for only "keywords" without processing the rest. And ALL of that processing is done in the cloud. And no, it can't be disabled.

        • YouWereWarned

          In reply to Waethorn:

          Well, the local client device COULD recognize a single trained activation word--shouldn't need the cloud. But whether my still-in-use Invoke is sending "other sounds" could be detected by putting a packet sniffer into your home network. The fact that I've never heard of anyone detecting curious transmissions (I've NOT searched seriously on this) from an Invoke suggests it isn't happening.

          If it is, "eff Satya".

        • Winner

          In reply to Waethorn:

          On my Google Pixel, I can even be offline and it can still do full voice recognition/transcription. All in-device. So you are incorrect.

        • Jason Peter

          In reply to Waethorn: The microphones on smartphones are always on, recording everything you say, as well as audible and inaudible sound signals in the area, thanks to a patent by Google, used by Apple, that can detect hyper-sonic sound signals from broadcast sources like TV's and other electronic devices.

          That's a naive belief that is proven to be completely false, and a lie of marketing. You can't process audio for only "keywords" without processing the rest. And ALL of that processing is done in the cloud. And no, it can't be disabled.


          I’m calling BS on this. Any evidence to back up these assertions?


          Detecting “Hey Siri” is performed on the device, not in the cloud. Nothing is recorded until Siri is activated by the “Hey Siri” command. At that point, the query is recorded and sent to Apples servers (which Apples been fully upfront about from the start).

          iPhones and iPads are more than capable of detecting “Hey Siri” onboard the device without sending this data to Apples servers.


          https://machinelearning.apple.com/2017/10/01/hey-siri.html


          Plenty of testing has been done by security professionals and journalists over the years to prove this. Constant data being sent back and forth by 24/7 recordings alone would cause a massive surge in data being sent to Apple, which would be easily detected. Im sure someone would have picked up on this since 2013 were it true. And yet, we’ve heard nothing in the last six years.



          • Greg Green

            In reply to Jason_P:

            It’s not necessarily Apple, though they do have to listen to everything to get key words, it’s Snapchat and other apps that listen with Siri and do their own thing with the info.


            See Vice, Your Phone Is Listening and it's Not Paranoia

            Here's how I got to bottom of the ads-coinciding-with-conversations mystery.


            A similar thing happened to my wife. One day she’s talking to the kids about lockpicks with the iPhone in the other side of the room and the next day her iPhone shows her an ad for lockpicks.

  8. waethorn

    Mozilla is far from the ones that should be trumpeting privacy.


    Let see: there's the Mr. Robot crap, they're recommending random low-quality extensions based on your browser history, they're still taking money from Google, they have telemetry turned on by default, not notifying users of what permissions Pocket has to your bookmarks, recommend security extensions that send user info to a server in Germany, exposing passwords of over 4000 users in the Mozilla Developer Network, and so on.

  9. dcdevito

    I’m all for it. But how does Firefox feel about Android??

  10. BeckoningEagle

    They should make it opt-in and that way they would not look like hypocrites.

  11. provision l-3

    Apple has a pretty lengthy explanation of how ad tracking is done and it isn't what Mozilla is describing. I'm guessing they are either misinformed or they some sort of proof that Apple isn't being straight forward. If it is the latter they should just come out with it.

Leave a Reply