When it comes to privacy, Apple has always profiled itself as Big Tech’s golden boy.
Now some of that shine is coming off.
An internal document from the French data regulator, seen by POLITICO, revealed on Tuesday that the iPhone maker’s targeted advertising practices could violate European Union privacy laws.
The French watchdog’s analysis – which finds no more wrongs – came as part of an investigation by the country’s competition authority into Apple’s new anti-tracking tool. Those changes, which will be released soon, will give people more control over how their data is collected and used by third-party apps, causing hackles among Facebook and smaller app developers that the company is not playing fair.
But while both French regulators gave a thumbs up to that feature, dubbed Apple’s App Tracking Transparency, the privacy watchdog gave the iPhone maker’s own ad business a more scathing assessment.
“The processing of advertisements by Apple requires consent when it comes to reading or writing data on the user’s device,” the Commission nationale de l’informatique et des libertés, or CNIL, wrote in its internal document. “Apple’s practices suggest a lack of consent gathering.”
It’s non-binding The review – which is cautiously worded because it is intended to inform another case, rather than provide grounds for an isolated investigation – casts doubt on Apple’s privacy credentials.
Apple CEO Tim Cook has denounced the ‘data industrial complex’ time and again with thinly disguised swipes at the data-hungry advertising models of Google and Facebook – while setting his own company as a paragon of privacy virtue by comparison. .
Cook’s needling underscores how hostile relationships have become between some of Silicon Valley’s largest corporations as they attempt to publicly position themselves on hot-button issues like privacy, sustainability and human rights.
“At a time of rampant disinformation and conspiracy theories fueled by algorithms, we can no longer turn a blind eye to a technology theory that says that all engagement is good engagement – the longer the better – all with the goal of collecting as much data as possible. Cook told an online audience in January while championing the company’s own data protection standards.
The introduction of the anti-tracking feature, which will roll out in Apple’s iOS 14 later this year, was just the latest salvo in the company’s attempt to reclaim its moral foundation on privacy. Now it can backfire.
While the CNIL was only asked to inform a case regarding the position rather than investigate the company’s own practices, the regulator’s assessment could have consequences later on. It could further contribute to a privacy complaint filed in March by startup lobby France Digitale.
In that complaint, Apple is accused of violating privacy rules by “systematically collecting users’ consent by default on iOS 14 to target its own apps.”
It is not the only one that focuses on the advertising practices of the American company.
A nonprofit led by Austrian privacy activist Max Schrems has also filed claims in Germany and Spain, accusing the company’s tracking code of violating privacy. The company denies any wrongdoing.
The Cupertino-based tech giant has more privacy investigations by the Irish Data Protection Commission than Google, including one related to its behavioral advertising. Dublin is the main EU regulator for both companies as they are legally based in the Irish capital.
For some onlookers, Apple’s broad embrace of privacy hides an inner ecosystem that thrives on the exploitation of personal information in much the same way as the other Silicon Valley forces. While it doesn’t offer people’s data to outsiders like Facebook and Google, the iPhone maker has an ever-expanding digital services and advertising business that still relies on harvesting people’s digital information.
“Even though Apple is now taking these steps to tighten privacy, they still benefit enormously from creating an ecosystem that is generally truly privacy-invasive,” said Joris van Hoboken of the Vrije Universiteit Brussel, who is studying Big . Tech.
He pointed to Apple’s software development kits that allow game developers to do in-depth user profiling – efforts that benefit the company itself. “They have this incentive to create the conditions for super data-intensive and privacy-intrusive business models through apps, and they are benefiting directly from that,” said van Hoboken.
When asked to comment on the French regulator’s findings, an Apple spokesperson recalled an earlier statement that said, “Privacy is built into the ads we sell on our platform. We hold ourselves to a higher standard by allowing users to opt out of Apple’s limited use of data for personalized advertising, a feature that makes us unique. “
Not everyone is so sure.
Johnny Ryan, a privacy activist who has often gotten involved with Google for his data practices, said Apple’s privacy protections were better than most of his colleagues. But any company, including the iPhone maker, shouldn’t use people’s data within its own digital empire in ways that others in the rest of the world shouldn’t.
“What we’re seeing is internal data that is free for everyone,” said Ryan, a senior fellow at the Irish Council for Civil Liberties. “Data practices within these companies are very much alive.”
Laura Kayali contributed to the reporting.