Apple, You Broke Your Privacy Promises and Our Hearts

Apples with a broken heart

Apple, you broke my heart. The company that understood that standing up for privacy is a huge selling point has betrayed that message and its many loyal loving fans. Apple betrayed its core. And make no mistake, many loyal Apple fans will leave it for this betrayal.

The road to hell is paved with good intentions

Apple’s CSAM technology is laudable in its goal, stopping child pornography, but many other causes are also laudable. Is not stopping terrorism and countless murders laudable? Is not helping authorities solve crime laudable? Is not giving the private data of those that passed away (those that didn’t leave permission or password) to surviving loved ones laudable? These are all laudable.

After all, we can end nearly all crime if we lock everyone inside a cell denying them all freedoms. But you do not sacrifice liberty at the alter of evil. It’s the other way around. Apple in the past understood this. And its users loved it for knowing that all the evils of earth are not reason enough to destroy the freedoms, liberties and rights of even one person. Because in sacrificing the one, it destroys rights and liberty for us all.

That is no more. Apple has gone back on that axiom, and more importantly has broken the Steve Jobs privacy promise, roughly paraphrased: inform the user what you’re doing, and ask permission, repeatedly. But Apple isn’t asking for your permission. It won’t even inform you its scanning your files, much less repeatedly. You had to find out about it tech’splained and spun to you by some lackey tech blog as if you don’t understand.

People do understand. The bottom line is the Apple’s CSAM technology has opened a backdoor. It invades your privacy. All of Apple‘s wild technical handwaving are just that, to distract you from the fact that Apple’s CSAM has to read your private files on your device to match them to something, in this case a bad thing, by search criteria established by someone else. And that someone and something are inherently mutable.

It’s just code

Apple’s latest Bagdad Bob politburo techsplanations saying that the code they wrote has many protections and Apple will prevent anyone from looking for anything other than these bad things glosses over its ‘scanning’ invasion of your private property. Apple’s CSAM scans your data, without informing you of it, and all without your permission. Further, Apple’s explanations ignore that code is infinitely mutable and temporary, just as are the people overseeing it. Even if you trust people at Apple to do the right thing today, the people there tomorrow may not have the same power, inclinations, or agenda. A simple change of management and a software patch update, and now the criteria and those pulling the strings are different.

This is the same kind of handwaving that brought us the Patriot Act, with so many assurances that it would never be abused. But of course, just like every thing else its type, it was abused. It’s never a question of if. It’s always a question of how long, and how badly it will be abused. But it’s worse. Because it’s just code. And that code is oh-so-easy to change for its own reasons (e.g., fixing inevitable data leak bugs, features or worse). And at the behest of others (e.g., powerful foreign governments and agencies will be eager to force their way through this door). 

Arrogant Apple again

Apple seemingly understood all of that when it stood up against the FBI. But they lost their way. And worse they are arrogant about it.

In the past when Apple and Steve Jobs made a mistake, he was humble enough to admit it (see Macworld San Francisco Keynote 2001 at ~ 33:45 where Steve admits they almost missed the importance of CD burners to the digital music revolution). After that, Steve course corrected quickly, and Apple went on to have amazing success with the Rip, Mix, Burn campaign.

Tim Cook seems unable to do anything other than have plastic responses read off of prompters. Instead, he sends in as fodder Craig Federighi to deliver the Chewbacca Defense; in what may be the single worst PR presentation in the history of tech, Apple issued a technical PR song-and-dance “clarification“ that basically translates to: ‘we’re so sorry that you’re so stupid that you don’t understand how right we are.’

Enabled by weak uncritical tech press, it’s probably too late

Apple could still fix this. They can do what Steve did. Say you made a mistake. Change direction. Say you learned from the mistake, and promise not to make it again. If they do that, they can come back from this. But I see nothing in Apple’s leadership make-up capable of such humility.

What’s worse is most of the tech press for Apple are nothing more than goosestep Apple-flavored PEZ-head apologists regurgitating the party line. At worst they can’t wait to lick the boots of Apple (for future favored access and more clicks no doubt) and explain to everyone how stupid people are misunderstanding Apple, and at best they shy away from the topic completely. It’s a very consistent record of cowardice and stupidity by the tech press, and no longer unexpected.

Sadly, in the end, Apple promised us privacy, and all we got was a lousy backdoor.

19 thoughts on “Apple, You Broke Your Privacy Promises and Our Hearts

  • https://9to5mac.com/2022/12/07/apple-confirms-that-it-has-stopped-plans-to-roll-out-csam-detection-system/

    I was right.

    All the Mac press will now pretend that they were always against this. That it was a bad idea. But when it counted to speak up they pretended to be ‘neutral’ at best, or outright cowered supporting this atrocity. Back then it took guts to stand against it, and like always, you could count on the coward tech/Mac press to lackey along and not speak up for the right thing.

  • Wow! What claptrap! The essay sounds like right-wing fear-mongering based on the headlines that were published to gain clicks. I don’t have the time or patience to write an equally long response to the over-the-top (e.g., “Bagdad Bob politburo techsplanations?”) essay that is NOT marked as opinion. That part is the fault of MacObserver who should identify opinion versus factual reporting, but there appears to be a gut reaction without looking deeper into facts.

    There are some problematic issues with this situation. I do not believe it is the knee-JERK, over-the-top twaddle written above.

    1. The clap trap is in your head. The name of the column is devils advocate. If you need a further roadmap to opinion that’s further evidence that the problem is with the reader.

      1. Where in the above does it say the name of the column is “devils advocate?” [sic] Oh wait… I see… it’s in a smaller (about 10 point) font in a lighter color so that it could be misrepresented. The problem is not the reader because I took the time to read the drivel. It is the misrepresentation by not adding it prominently to be seen in 10pt font (verified) in #ccc color (e.g., NOT black).

        Where the problem is that you did not read the technical explanation behind what Apple is doing. I am not saying what they did is right, but it doesn’t rise to the level of the name-calling you started with. Apple is not the problem. The problem is the FUD pretend experts spew with venom looking worse than the ragtag lout on the corner screaming at traffic.

        FACTS: Apple is not actively scanning your device with this service but they are “‘scanning’ invasion of your private property.” If you read Apple’s Terms of service, the software is NOT your property. Apple owns the software. What they do with the software is up to them, not you. To think otherwise you are just spitting in the wind. Don’t touch the mask on the ol’ Lone Ranger and don’t mess with Tim!

        FACTS: You are actively sending them your location information, which they claim they warn you but there have been cases where you never receive those warnings. In all that information, you are also pouring metadata on the internet with everything you do. And if you don’t think that can’t “invade your privacy,” I have some conspiracies I can tell you about that are not theories. Been there and done that.

        FACTS: Scott McNeely, former president of Sun Microsystems, has said that you have no privacy. If you think that anything that Apple has done in the past “protects” your privacy, please let me sell you a bridge in Brooklyn. As a former security expert for the federal government (yes, I’ve been in the muck with this stuff), we knew where to find you if we wanted to. You have no privacy. Get over yourself.

        FACTS: If you don’t like it, don’t use the iPhone. Nobody is forcing you to use an iPhone. Go buy a Samsung or Pixel. Then you’ll have to deal with the no-so-open secret that Google tracks what you do on and off line. Don’t like any of it? You can still buy a flip phone. You can run but you cannot hide!

        To those of us who know better, you sound no different than the guy wearing the same trench coat for 20 years sitting in the corner in his own urine complaining the aliens once took you away and probed you. The EFF had a cogent response to Apple that doesn’t sound like their parents took away their juice bottle. Please leave it up to the professionals. Twaddle like this gets you nowhere.

      2. Apple is scanning the files to create the hash. In addition to your many problems, you can add reading comprehension.

        From page 4 of apples technical summary “instead of scanning images in the cloud, the system performs on-device matching”.

        Youre good at losing, seems that occupation suits you.

  • You are absolutely right on this. This is a terrible, stupid, move. Worst of all it won’t do what it’s supposed to. The bad guys will simply work around the scans and go undetected. This is a black landmark in the history of privacy and freedom..

    1. I agree with you and don’t believe Apple is going to care about the “advanced users” who are even paying attention to this. I just went and bought a Synology and am moving everything off iCloud.
      While I’m at it I’m just going to “Nuke and Pave” the walled garden and hop to a different music service.
      Move to Firefox browsers on my iOS devices and vacate any and all apps I can just use the web for and create shortcuts on the Home Screen.
      It’s sad but for me the break-up is quite serious. I’m also running older equipment so instead of buying anything new I’m just going to start investigating Linux.

      1. The new Synology Photos engine in DSM7 does a really good job of merging all (or many/some?) of the “useful” features of the prior PhotoStation and Moments implementations. And it seems really solid from my testing since the DSM7 release.

        What I haven’t tested is the direct-from-phone upload of those pictures. I copy mine in my from Mac with Carbon Copy Cloner (at the moment, anyway), and only look at them on my phone, not upload from there.

      2. While you are at it, you can sell off your iPhone because everything is tracked from your location to everything that produces metadata. In fact, don’t make any calls because the metadata can be pulled right out of the air. Just remember, LTE has been hacked!

        How are you going to run Linux. Are you going to download it from the Internet. Thank you for the metadata. I don’t need to know what you are downloading. Patterns can be deduced from the metadata. Encrypted? No problem. Have you ever heard about advanced pattern matching and machine learning? VPN? Only slows down the progress of tracking but you will be found. Been there… done that.

        You want privacy? Disconnect from the Internet. Don’t use credit cards or loyalty cards. Use cash from someone who will pay in cash otherwise the IRS has your information. So does the Census. And just because you have not heard about data leaks from these agencie doesn’t mean it hasn’t happened–which is what I once said in court during the trial of someone caught with leaked data.

        BTW: Be careful of the older equipment you buy. Lenovo is not the only company whose BIOS “phones home” and doesn’t tell you about it!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.