If You're Connected, Apple Collects Your Data

fyngyrz (762201) writes It would seem that no matter how you configure Yosemite, Apple is listening. Keeping in mind that this is only what's been discovered so far, and given what's known to be going on, it's not unthinkable that more is as well. Should users just sit back and accept this as the new normal? It will be interesting to see if these discoveries result in an outcry, or not. Is it worse than the data collection recently reported in a test version of Windows?

Yay :D

[jimmetry]

2015 will the the year of Desktop Linux!

Re:Yay :D

[anagama]

Yeah, it should be opt-in. At the very least, opt-out.

Re:Yay :D

[davydagger]

at least in debian you can dpkg-reconfigure popularity-contest, and it asks you if you want to participate and is fairly transparent about the proccess.

Re:Yay :D

[anagama]

In TFA, the author claims he did turn stuff off. Have you run a network sniffer to watch your computer's behavior, or are you trusting that "off" means off.

Re:Yay :D

[anagama]

There is a distinction in how you interact with a browser, and the actual content of your searches. Blurring this line is pretty ugly. Apple needs to know stuff like: The user clicked in the search field, typed stuff, and then because of a 60s delay in executing the search, probably couldn't see or understand the search icon, and clearly didn't know to press return (or the phone rang). To get this, Apple doesn't need to know what the person typed. But if that is the claim -- the need to know what is typed -- why not just enable the video camera and microphone too -- that would make it easier to figure out if the person is having problems with the Safari interface, or just answering a text on his phone. I'm guessing people would be sort of grossed out by that, but it fits right in with what you say they need, so why not go total surveillance?

Re: Yay :D

[fuzzyfuzzyfungus]

If you don't trust an OS vendor, isn't using a network monitoring tool on a different host entirely, with physical access to the wire, pretty much the only way to go? If they were so motivated, the OS would basically be a rootkit with device drivers and a userspace API...

Re:Yay :D

[Sarten-X]

Enabling the video camera or microphone won't actually help. You'd need both to determine if the user was actually using their phone, and the processing cost needed to perform that kind of recognition on a large scale would be so ridiculously expensive that it would undermine any additional benefit from the research.

Statistically, a user waiting 60 seconds before searching is uninteresting. It's an outlier, so the developers really don't care what happened. Far more useful would be an observation that 75% of users use the center enter key to submit queries, 20% use the mouse, and 5% use the enter key on the numeric keypad, combined with an observation that 80% of mouse users move the cursor around after a period of inactivity before clicking. To a design team, that means that the users' attention has shifted to typing, and they've forgotten where the mouse is. Perhaps the mouse should highlight in some way when it first moves...

Similarly, the actual content of searches doesn't matter from a UI perspective. If you're having trouble searching for something, it doesn't matter if you're looking for instructions to knit a sweater for a kitten, or the mixture used in the Oklahoma City bombing. On the other hand, the exact search text is useful to the folks developing the search engine, so they can put the most relevant results at the top of the list. Of course, the search engine team doesn't care about how long it takes the user to find their mouse cursor.

This leads to one of the most entertaining aspects of the whole privacy debate. Gathering data is easy, but proper anonymizing is hard. Practically speaking, the analysis of the gathered data is often easier than ensuring that data is anonymous. For example, there are certain combinations of ZIP code and state that identify as few as 30 people within the continental United States, so any data set that includes both ZIP code and state is probably not sufficiently anonymous. It's far easier to simply collect only what's needed for a particular team, and make sure nothing else can be connected to that record. One database records that somebody searched for "geriatric german grandmas spanking spanish men", and another knows that user submitted a search with a mouse, and perhaps another knows that the user is located in western Iowa. With no way to connect the records, the business need is fulfilled and the user's privacy is effectively safe... but the legal disclosure will still simply say that the company collects all those things, stirring up a nice panic.

Re:Yay :D

[Rosyna]

TFA specifically notes that the behavior described was observed with all visible 'privacy' settings adjusted. Presumably the story is even cheerier if those aren't switched off.

He only disabled Spotlight Suggestions in the Spotlight preferences, he did not disable it for Safari, which is in the Safari preferences, right next to the search engine preference.

  (Because you may not want Spotlight sending strings to Apple when searching for files on the computer, but you may not care if you are only searching the internets via safari).

Yes, worse

[Zaelath]

Of course it's much worse than the data collection from a "technical preview". It's whole purpose is to discover how people use the damn thing and you sign up to be a guinea-pig in exchange for getting the advanced access.

However, it's "to be expected" from Apple. You don't own their phones or laptops, they own you.

Re:Yes, worse

[bloodhawk]

The Windows one is not even a privacy wrong, it is more an example of the right way to do it. You are signing up to provide them feedback, they state it when you download it to install, it is part of the conditions.

Of course it's worse

[msobkow]

Microsoft is testing a release candidate and is informing users of what they're monitoring.

So far no one has complained about onerous licensing agreements with Yosemite, which seems to imply that Apple is not informing users about it.

Until Microsoft has a production release, it's not even fair to compare the two.

Re:no, its not good thou

[Rosyna]

Even if you change search engines in safari, it doesn't disable Spotlight suggestions in Safari. That's a separate checkbox in the Search tab in the Safari preferences. (There are a bunch of options in the Search preferences in Safari)

Re:If you want results from the web

[blackest_k]

um no.
you didn't read the link the string was sent to duck duck go and also sent to apple there is no need for the search string to go to both.

if the user was using apple to search then of course the search string should go to apple but if its sent to google then it shouldn't go to apple as well.

Re:If you want results from the web

[Rosyna]

Oh, I read it. But you didn't read my response to your other comment, which was,

Even if you change search engines in safari, it doesn't disable Spotlight suggestions in Safari. That's a separate checkbox in the Search tab in the Safari preferences. (There are a bunch of options in the Search preferences in Safari)

Searching maps is part of Spotlight suggestions

System Preferences - Security & Privacy

So just out of ideal thought.... This wouldn't have anything to do with the settings clearly available for adjustment within the System Preferences -> Security & Privacy pane and then select the "Privacy" tab. Inside there you see a lot of clearly defined options for opting in or out of various settings:
Location Services: Enable/Disable as a whole; Disable by specific user allowed apps
Contacts: Allow/Disallow apps chosen by user to use your contacts
Calendars: Allow/Disallow apps chosen by user to use your calendars
Reminders: Allow/Disallow apps chosen by user
Accessibility: Allow/Disallow apps chosen by user to control the computer
Diagnostics & Usage: Allow/Disallow "Send diagnostic & usage data to Apple" as well as Allow/Disallow "Share crash data with app developers"

Seems pretty obvious to me and very easy to find and adjust settings as desired by each user. Apple even goes a step further and within the "Diagnostics & Usage" option they have a button titled "About Diagnostics & Privacy" that provides the following information:

About Diagnostics & Privacy

Apple would like your help improving the quality and performance of its products and services. OS X can automatically collect diagnostic and usage information from your Mac and send it to Apple for analysis. The information is sent only with your consent and is submitted anonymously to Apple.

If you opt-in to sharing diagnostic data with app developers, Apple may share your crash data with app developers so they can improve their products.

If you opt-into sending diagnostic andusageinformation to Apple, it may include the following information:
Details about app or system crashes, freezes, or kernel panics
Information about events on your Mac (for example, whether a certain function, such as waking your Mac, was successful or not)
Usage information (for example, data about how you use Apple and third-party software, hardware, and services)

Diagnostic and usage data contains your computer’s hardware and software specifications, including information about devices connected to your Mac and the versions of the operating system and apps you’re using on your Mac. If you want to add a description of your actions when the problem occurred, click the disclosure triangle and enter your comments. Please do not provide personal information.

Data can be sent automatically or manually if one of these events occurs:
An app quits unexpectedly
You choose to force an app to quit
A system error occurs that causes your Mac to restart, or requires you to restart your Mac

Report anonymously

All diagnostic and usage information is collected and sent to Apple anonymously. None of the information submitted identifies you personally.

Set reporting options

If automatic reporting is off and a diagnostic event occurs, you’re offered the opportunity to collect information about the problem and send it to Apple.

You can specify one of these options for information collection:

Automatic reporting: When prompted, make sure “Don’t ask me again” is selected, then click OK. After you click OK, automatic reporting of diagnostic and usage information begins, and information is periodically sent to Apple anonymously. You are not prompted again unless you deselect “Send diagnostic & usage data to Apple” in the Privacy pane of Security & Privacy preferences.

No reporting: When prompted, make sure “Don’t ask me again”

Re:Doesn't look like much

[anagama]

I think I understand -- you are saying the software operates as designed, so no problems here.

I think what you aren't getting is that the way the software is designed is what ticks off people who care about their privacy.

Seriously, why should mail.app inform apple that I set up an account randomMailHost.com? That the software does leads you to write [closed: behaves correctly]. This is not at all "correct" from many users' points of view -- you should use a phrase that is more factual and uses words with less judgment involved, for example: [closed: behaves as _designed_ (and if you don't like the design, suck it)].

That's absurd, aim your hate cannon elsewhere.

[Brannon]

Apple has an excellent track record on privacy issues. Not because they are super nice people, but because that's not their business model.

They don't make money by selling user information to third parties or by selling ads, they make money by selling actual physical objects to end-consumers. I'm not sure what you mean by "it's to be expected from Apple", but I'm pretty sure you just made that up because you don't like Apple's customers (probably because you met somebody who likes Apple products who has a more expensive haircut than you).

Re:That's absurd, aim your hate cannon elsewhere.

[LynnwoodRooster]

They don't make money by selling user information to third parties or by selling ads,

Funny, Apple has this thing called iAd where you pay Apple to place targeted ads, and it's currently being sued for selling user info to 3rd parties. Are these activities Apple's primary revenue model? No, but they are part of the revenue stream nevertheless.

Re:That's absurd, aim your hate cannon elsewhere.

[beakerMeep]

Agreed, they have a very good track record but...

They don't make money by selling user information to third parties or by selling ads

Huh? http://advertising.apple.com/

Sure, it's not their main cash cow, but they do sell ads, with targeting and analytics.

Re:That's absurd, aim your hate cannon elsewhere.

[Rosyna]

They don't make money by selling user information to third parties or by selling ads,

Funny, Apple has this thing called iAd where you pay Apple to place targeted ads, and it's currently being sued for selling user info to 3rd parties. Are these activities Apple's primary revenue model? No, but they are part of the revenue stream nevertheless.

iAd is only for iOS Devices (not Yosemite) and your second link is extremely misleading. They're being sued for asking customers that purchase high priced items for their zip code as an additional form of data to verify with the credit card processor to prevent fraudulent transactions. Maybe merchants that have a high amount of fraud do this type of verification.

Re:That's absurd, aim your hate cannon elsewhere.

[LynnwoodRooster]

The GP didn't specify "Yosemite only" - but Apple as a whole. And asking for ZIP code is apparently illegal in MA - which is where they are being sued.

Re:If you want results from the web

[anagama]

Are you joking? Why not have the local program test the server itself with the usual prefixes for mail servers? Then the local app can try the usual ports for SSL. Then it can tell the user the results. After a failure, it could even say, "hey, that server isn't responding to the usual requests, would you like me to check with Apple to see if there is something special about it and Apple knows that secret sauce?"

Do you want to tell me with a straight face that this interaction could not be programmed into a local application that sends nothing to Apple (except by express request on the user's part)? That this interaction is so amazingly hard, it has to be done remotely on a bank Apple's servers?

Re:It is opt-out in OSX.

[chihowa]

From the article:

The following occur with all privacy options enabled -- including disabling analytics (i.e., Diagnostics and Usage Data).

So even though it is presented as opt-out, it apparently isn't actually opt out.

I've noticed the same thing. With all of the "privacy" related options enabled, there is still a great deal of chatting with Apple servers. I'm seeing this with Little Snitch.

Re:If you want results from the web

[Rosyna]

They specifically said they turned off Spotlight suggestions.

No, he said he turned off Spotlight suggestions in Spotlight. Not Spotlight suggestions in Safari. (Because you may not want Spotlight sending strings to Apple when searching for files on the computer, but you may not care if you are only searching the internets via safari).

Even if that were not so, changing search engine should never mean you have to find another configuration option to turn off the old search engine. That's just wrong.

It's in the same window!

Re: IP addresses

[anthony_greer]

MS only phones home if there is no driver (or a generic universal driver with only the most basic functionality) locally. It does that to get the driver that will allow best performance. You can turn it off it it makes a difference to you...

Re:It is opt-out in OSX.

[DocHoncho]

Considering that the Feds probably get a copy of everything they gather in the first place, I can hardly see them fining Apple for doing their work for them! The very idea of Apple turning all this data over to the Feds for "disposal" is utterly ludicrous. There may still yet be some areas of the US government that work for the people, but the DOJ and Intelligence agencies are clearly serving one interest: their own.

Apple just made a big legal mistake.

[Animats]

Sending the content of every search request to Apple? Notifying Apple if the user sets up a non-Apple email account? That's a blatant violation of the Computer Fraud and Abuse Act unless Apple properly discloses that up front and gets the user's consent.

Apple didn't do that.

The EULA for MacOS isn't on line on Apple's own site. This matters. It violates the FTC's "clear and conspicuous" rule on disclosures. It's just like bundling spyware, which the FTC and state attorneys general have routinely hammered vendors for trying.

This puts Apple in the uncomfortable position Sony was in when they put a root kit on an audio CD.