Sunday, 22 February 2015

Tightened iOS App Tracking

When one spends double or more the amount of money in order to put one's hands on one of Apple's gadgets, one's sanity has to be examined. Apple smartphones cost about double that of Androids of similar technical prowess, so the rational person needs to justify the waste. With me, one of the main justifications is privacy: iOS is almost always better at looking after the privacy of its users than Google's Android.
However, as I have already discussed here, the differences tend to be in the flavour rather than essence.
App tracking offers a case in point.

I am not a fan of Apple's sealed garden approach, as implemented through its AppStore: any app developer that wishes to have their code to be considered for sale in the AppStore needs to comply with rather draconian terms & conditions. On the positive side, those terms & conditions include clauses intended to protect users.
One such protection measure is an obligation to avoid tracking app users via unique identifiers. Want to identify and track your app users? Get them to create an account or login through Facebook; however, you - as a developer - are not allowed to track an iPhone/iPad user just because they bothered to install and run your app.
This measure does not only sound like a great privacy protection measure; it is a great privacy protection measure. It allows users to enjoy the best of what the AppStore has to offer, such as the tons of quality games kids can play with, without fear of them being the victims of corporate marketing schemes.
Hooray to iOS!

Wait a minute.
As Apple security expert Jonathan Zdziarski has been pointing out lately, Apple hasn't been particularly good at enforcing its own policies. All the while, developers have been quick to cease on the commercial opportunity offered by Apple's recent relaxed attitude in order to make a buck out of the millions of unsuspecting iOS users out there.
I noticed the trend myself with games that seemed to know who I was despite me never logging in to anything and despite me uninstalling their games and reinstalling them back on. Never saving the game or backing them up anywhere did not prevent them from knowing exactly where I got to in the game last time around.
Then there the examples Zdziarski comes up with. Unlike your truly, Zdziarski comes up with proper evidence to support his claims with. He clearly demonstrates how Google abuses the privacy of the Waze navigation app users and how Apple turns a blind eye to these abuses, probably because Google is not a monster worth getting into a tassle with. Zdziarski's is a must read analysis of a privacy policy that should be labeled "no privacy policy" instead, especially given Waze's popularity; I am very well aware of just how popular this app is with Israeli users, for a start.
Zdziarski does not stop with Waze. He looks at Whisper and he points out at how this blog's favourite con, SuperFish, was also able to get away with abusing Apple users.

All of which brings me to say:
Dear Apple, if you want me to continue wasting my money with you, you need to make sure I get my money's worth. Lately you've been quite effective at demonstrating the exact opposite.
Sure, Google is much worse than you. But the thousand dollar question is, is Google a thousand dollars worse than you?


Image by EFF, Creative Commons (CC BY 3.0 US) licence

No comments: