Apple, privacy investigation continues: analytics data is not anonymous

There are developments in security researcher Tomi Misk’s investigations into Apple and its privacy practices: it is clear that among the data collected (even if the user has declined to consent), there is A code that uniquely identifies the userContrary to what Apple itself promises.

Mysk last posted a video to YouTube; This time he was limited to a series of six messages on Twitter. Before telling you the news, a very brief summary of what came out earlier: Mysk actually accused the App Store (and several other pre-installed apps, such as stocks, maps, books, music, and TV) Collect lots of data, possibly for analytical purposes, even if the user explicitly chooses not to share it during the initial setup of the device. This seems to clearly contradict what has been said not only on an advertising level over and over again (and more generally, with the image of the privacy champion the company has been pushing so hard for for several years now), but also as formal disclaimers and legal notices.

The new information that has emerged seems to worsen Apple’s situation, because Mysk discovered that among the information that the App Store sent to Apple, there is also Code called DSID. According to Mysk, this DSID (“Directory Services ID) is uniquely associated with an iCloud account, so it’s technically possible that Apple could identify the individual from this data.

Here too, it’s noted that the official privacy policies (see screenshot above, for example) seem to say anything but. The configuration screenshots below show how the DSID is effectively displayed in a record with clear personal information such as your Apple ID’s full name and email address. Musk says so All analytical reports Sent from devices to Apple (also repeat, when user chooses not to activate sharing) It always contains a DSID.

As we know, a class action lawsuit has already been filed in the United States, however it is a fact that has no value in itself – a class action lawsuit is a practice Widespread There, so to speak. The fact is that At the moment, it is too early to draw definitive conclusions; Having said that, Mysk also notes that Apple’s actions not only appear to violate promises made to its users, but also European privacy law (or GDPR) under which users should always have the possibility to no Share no data, not even analytics.

It will be very interesting Understanding whether Apple will respond publicly and what it will sayand, if other parties intending to see clearer are mustered; We know, for example, that the European Union’s competition commissioner, Margrethe Vestager, is certainly not afraid to take on the big tech giants – including Apple itself. For now, another big question remains: We don’t know what happens to the data once it reaches Apple.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *