Slashdot Mirror
German Court Rejects Apple's Privacy Policy
redletterdave writes "A German court rejected eight out of 15 provisions in Apple's general privacy policy and terms of data use on Tuesday, claiming that the practices of the Cupertino, Calif. company deviate too much from German laws (Google translation of German original). According to German law, recognized consumer groups can sue companies over illegal terms and conditions. Apple asks for 'global consent' to use customer data on its website, but German law insists that clients know specific details about what their data will be used for and why."
It must be hard to ensure that every jurisdiction on earth will be happy with everything that you do
This sig is intentionally blank
With organisations like the StaSi and GeStaPo in more recent German history, the protection of the individual's privacy is a serious issue in Germany.
Now and then politicians try to create another surveillance state for example to fight "child pornography", but fortunately they haven't succeeded to enact their crazy laws so far.
Why should it be on the people? If the company doesn't want to follow their laws, they shouldn't sell their stuff in that country. By choosing to operate in Germany, they have to follow German laws for products sold in that country. Don't like it, decide not to sell there.
I still have more fans than freaks. WTF is wrong with you people?
The injustice here isn't to Apple, it's to other potential customers. One group of people is needlessly imposing their views of privacy on another group; instead of saying "I don't like Apple's privacy terms, so I don't use them", they say "I don't like Apple's privacy terms, so I am going to prevent you from using them as well".
Wrong. German law says that what Apple is doing is illegal, so they have to stop or they are going to be fined. And please read again what this issue is about. Apple can very well collect personal data and provide services that use them, they just have to inform customers what they are collecting and for what purpose, so the customers can make an informed decision. Their current privacy policy basically says: "We collect whatever data we want, we do whatever we want with it and reserve the right to share it with anybody". That is simply not allowed and has to change, so please enlighten us where you see any injustice.
It should be "on the people" because some people may not have a problem with policies and may want to do business with Apple anyway.
Absolutely. Everyone should be free to decide which bit of the law of the land they want to follow.
I, for example, can't see why we are not allowed to burn glibertarians in the public parks.
Watch this Heartland Institute video
I'm experiencing cognitive dissonance; can anyone help me out? This seems to be cheered by posters who say that national laws are a good thing and foreigners should be forced to bend their knees whenever there is a conflict. However, in previous stories I have heard precisely the opposite: local standards are for ignorant redneck bullies who are too stupid to realize that their hillbilly local ordnances should be harmonized with international standards. Please reconcile.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
And then governments get the notion to sue, which of course raises messy issues of jurisdiction, discovery, &c.
1. So Apple pays a fine to Germany.
2. Germany bails out Greece.
3. Euro crisis solved. Profit!!!
Screw you, Underpants Gnomes!
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
It should be "on the people" because some people may not have a problem with policies and may want to do business with Apple anyway.
What's your point?
The basis of the complaint was, that Apple is not transparent about what it does with the data collected.
If they are transparent about it and tell the users what exactly thy are going to do with the data BEFORE any data is collected, they're basically fine.
And then the users who are fine with can use those services.
But Apple, like many other companies, wants to have the right to do anything without telling what they do.
The European data protection laws lay the groundwork for users to be able to decide freely what services to use and what not.
The basis for a free decision is INFORMATION.
You need to forgive him. He is American, and over there laws only apply to regular people. Not to companies, and especially not to the rich (and Apple is both of those).
Companies can ignore the law all they want, and if someone disagrees, he can stop buying their product.
The whole concept of the law applying equally to everybody is foreign to them. Not that it always work that way in Europe, but it works often enough that we are used to the concept, and don't start arguing against it when it does work.
But Apple, like many other companies, wants to have the right to do anything without telling what they do.
Hate to be a defender of Apple, but you just took shit out of your butt and added it to the argument.
The issue is that they arent telling what they do, not that they "want to have the right to do anything." These things are not mutual, so you don't get to argue as if they were.
Is it really so hard to stick to the substance here? Seriously.. it isn't... you could bash apple for a week without having to pull shit out of your ass, so why are you pulling shit out of your ass? Every time you reach for your ass, you look like you've got nothing.
"His name was James Damore."
However, you fuckers need to get bent if you think it's actually possible to comply with those laws at a technical level.
I am sure Apple devices sold in Germany are very identifiable as devices sold in Germany by Apple. I am sure each device has a unique id. It is not a technical problem to filter wich devices can collect which information but more of a problem of the will to comply with local laws.
All companies will try the shortcuts first before they are told to go the long way around.
It is about business efficiency. (saving a buck if you can)
However, you fuckers need to get bent if you think it's actually possible to comply with those laws at a technical level.
The iTunes store is very good at identifying and limiting access to country specific content, IMHO it is not a technical problem to comply to country specific terms and conditions.
It would be interesting to know whether there is anyone who holds both of the following positions.
1. The German finding is unfair to Apple because Apple, quite reasonably, shouldn't be required to follow the law of every land in which it does business..
2. Criticising Apple for caving in to the censorship requirements of the Chinese government is unfair to Apple because Apple, quite reasonably, should be required to follow the law of every land in which it does business.
Best wishes,
Bob
The rules in question don't apply specifically to the internet. If you give an organisation your information, and they store it (relaying the information doesn't count), they have to properly represent what that information will be used for. This is to allow the individual to make an informed decision as to whether or not to perform that exchange of information.
Encrypting the information on the way to the organisation doesn't make a blind bit of difference to that, so I'm not sure why you brought that up.
No kidding!!! What do you say at this point?
Funnily enough if I want to do business in a public space I have to properly represent what I am doing there, or I can get done for misrepresentation.
No kidding!!! What do you say at this point?
Laws do not have to be possible to comply with or even logical, you still have to obey them the same. If complying with privacy laws concerning handling and collecting of sensitive data is impossible or prohibitively expensive the answer is easy, don't collect or handle the data at all, problem solved.
You can't just keep going in the same old track and claim that complying with the law is impossible or prohibitively expensive so you won't bother complying.
Only when the government requires you to do things you normally wouldn't do can you complain that it's impossible or prohibitively expensive.
If the government demands that you climb a 50 foot vertical flat glass surface you can complain that it's impossible but if the government merely says u can't use equipment X to climb up a 50 foot vertical glass wall your option is to either stop climbing 50 foot glass walls or find other permissible equipment that will let you do the task.
It's more likely that Apple probably has very specific uses in mind for the data, but the US is an anomalously permissive environment with regards to how people's data can be handled and therefore it never occurred to them to enumerate their intended uses.
No kidding!!! What do you say at this point?
Apple is just covering their ass
Uh no. Apple did nothing to cover their ass here, and that's why it's about to get bitten. They did not even attempt to cover their ass. They have to tell you what they (not unauthorized intermediate parties, you bullshit prevaricator) are doing with the data, and they aren't doing that. If anyone they're contracting can't tell them what they are doing with the data, then it's gross incompetence and possibly malfeasance as well to share data with them.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
This is a strawman argument.
The ruling is not about connection data like IP addresses needed to establish connections.
This is about the data that Apple collects outside of that: email addresses, contacts, geolocation.
If I use, say, iCalendar, obviously I allow Apple to collect and save the data of my appointments. But before Apple can share this data with third parties, they have to tell me which third parties and what data. This isn't 'the privacy policy of the internet at large'. This is Apples (and Googles, and Facebooks, ...) policy of threating users data as their own just because it is saved on their servers.
There is no real need for these companies to share the data with third parties. They do this for their own benefit (usually ad revenue). And
But Apple, like many other companies, wants to have the right to do anything without telling what they do.
Hate to be a defender of Apple, but you just took shit out of your butt and added it to the argument.
The issue is that they arent telling what they do, not that they "want to have the right to do anything." These things are not mutual, so you don't get to argue as if they were.
You quoted the relevant sentence of me. Can you read the last five words of it? They are 'without telling what they do'
So yeah, I did stick to the substance: They want to have the right to do anything WITHOUT TELLING WHAT THEY DO.
Stop reading sentences halfway through, please.
Wait. Enlighten me. You mean I can't write the next: I'll store all personal information you send me. I may sell it, analyze it, share it, simply store it, change it, format-shift it, clean my *** with it, laugh at it, preserve it as my most dear possession, etc? You mean I can't do that?
Because it seems to me that is quite clear on the intent of the company: I may use it for anything. Or you mean companies would have to add to their TOS that they may use it for: [insert long list of things], and update it every single time they come up with a new idea? And IIRC if costumers don't like the new TOS then the company would be forced to delete anything they have on the costumer?
If I'm right... I think that's very bad for the companies. And not a real win for costumers, since most don't bother to read TOS unless there is a headline...
I don't care if I'm wrong. I only care about everyone obtaining something from the discussion.
So in theory they could write: We're going to sell it/share it with [company], and be on the clear? Or am I thinking too little and the other company would also have to state what they do with such personal information?
I don't care if I'm wrong. I only care about everyone obtaining something from the discussion.
USA fined British pharma company GSK 3 Billion Dollars
1. GSK pays a fine to USA
2. Everybody in the USA gets a free Obama Phone, with money left for future Obama Cars, Obama TVs etc
3. US Deficit not solved. No Profit!!!
A quick google search turned up that yes, indeed you do have to follow some laws of the US when travelling abroad. I believe the underage sex one is one of the biggies (I've heard rumors that drug use is another, but I can't find anything to confirm it).
I got nuthin
That's exactly what was wrong here. Apple didn't put enough information in the privacy policy to allow the customers to make an informed guess if they like it or not.
Actually yes. The other company has to expressively state what they will use the information for. And they are not allowed to use if for anything the customer has not agreed on. And that's Apple's problem here. They actually can't tell what their contract partners will use the information for, so they can't tell their customers, as they are required by law to do. So either they don't collect the data, or they make a better job at explaining to the customer what the data is used for before collecting it.
Apples Global Service Exchange is quite accurate with regards to country of origin for their products with serial numbers.
-- Linux user #369862
Such respect is very good if not essential for all involved.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
Actually, IIUC, even documenting what they do wouldn't help Apple much, as then they would be admitting to breaking the law. (That's not in the court decision, that's in Apple's mode of business.)
In particular, it is my understanding that it is illegal for Apple to collect information in Germany and transmit it to a location where the laws don't "adequately" protect the information. Like the US. And that that's one of the things they do.
So, IIUC, this court decision is a requriement that they document that their current business practices are in violation of the law. Perhaps I'm wrong about their current business practices, but I doubt it.
OTOH, I'm certainly not an expert on EU law, or even US law. So I could easily be wrong about that part of the argument.
I think we've pushed this "anyone can grow up to be president" thing too far.
You are assuming that their current business practices are otherwise in accordance with German law. I have a very strong doubt that this is the case. So to me this sounds like a requirement that they admit that they are breaking the law. But not documenting what they are doing is also breaking the law.
(In particular, I believe that it is illegal under German law for non-anonymized data to be sent from Germany to the US, due to the US lacking acequate safegards against abuse of personal information. I could be wrong about this. Or possibly Apple isn't doing this. But I believe that they are, and that it is.)
I think we've pushed this "anyone can grow up to be president" thing too far.
There's a similar law in the UK, and companies generally comply with the letter. (Although I've seen some interesting ways of working around the spirit; one form I saw asked for permission to use the information in a variety of ways, which were opt-ins and opt-outs more or less at random, so you had to read it carefully to determine which boxes to tick.)
(1)DOCOMEFROM!2~.2'~#1WHILE:1<-"'?.1$.2'~'"':1/.1$.2'~#0"$#65535'"$"'"'&.1$.2'~'#0$#65535'"$#0'~#32767$#1"
They want to have the right to do anything WITHOUT TELLING WHAT THEY DO.
OK I'll take what you said in its entirety at face value, without any use of rationalization to extract truth from your statement. Now there is no truth at all, because the claim you are making is false.
Anything' includes the entire set of things within imagination.
Either you want me to treat you as a sloppy statement maker that needs to be parsed with the obvious deficiencies of your vocabulary selection segregated from the rest of the stuff that you say, or you want me to presume that you arent such a sloppy statement maker and really meant so say that you think that Apple wants the right to do anything within the imagination with the data.
I guess you win, and are wrong. Apple does not want the right to kill jews with your personal data without telling you about it.
"His name was James Damore."