https://arstechnica.com/gadgets/2021/12/apple-reaches-quiet-truce-over-iphone-privacy-changes/
<start>
Apple has allowed app developers to collect data from its 1 billion iPhone
users for targeted advertising, in an unacknowledged shift that lets companies
follow a much looser interpretation of its controversial privacy policy.
In May Apple communicated its privacy changes to the wider public, launching an
advert that featured a harassed man whose daily activities were closely
monitored by an ever-growing group of strangers. When his iPhone prompted him
to “Ask App Not to Track,” he clicked it and they vanished. Apple’s message to
potential customers was clear—if you choose an iPhone, you are choosing privacy.
But seven months later, companies including Snap and Facebook have been allowed
to keep sharing user-level signals from iPhones, as long as that data is
anonymised and aggregated rather than tied to specific user profiles.
For instance Snap has told investors that it plans to share data from its 306
million users—including those who ask Snap “not to track”—so advertisers can
gain “a more complete, real-time view” on how ad campaigns are working. Any
personally identifiable data will first be obfuscated and aggregated.
Similarly, Facebook operations chief Sheryl Sandberg said the social media
group was engaged in a “multiyear effort” to rebuild ad infrastructure “using
more aggregate or anonymized data”.
These companies point out that Apple has told developers they “may not derive
data from a device for the purpose of uniquely identifying it.” This means they
can observe “signals” from an iPhone at a group level, enabling ads that can
still be tailored to “cohorts” aligning with certain behavior but not
associated with unique IDs.
This type of tracking is becoming the norm. Oren Kaniel, the chief executive of
AppsFlyer, a mobile attribution platform that works with app developers, said
that when his company introduced such a “privacy-centric” tool based on
aggregated measurement in July 2020, “the level of pushback that we received
from the entire ecosystem was huge.”
But now such aggregated solutions are the default for 95 percent of his
clients. “The market changed their minds in a radical way,” he said.
It is not clear whether Apple has actually blessed these solutions. Apple
declined to answer specific questions for this article but described privacy as
its North Star, implying it was setting a general destination rather than
defining a narrow pathway for developers.
Cory Munchbach, chief operating officer at customer data platform BlueConic,
said Apple had to stand back from a strict reading of its rules because the
disruption to the mobile ads ecosystem would be too great.
“Apple can’t put themselves in a situation where they are basically gutting
their top-performing apps from a user-consumption perspective,” she said. “That
would ultimately hurt iOS.”
For anyone interpreting Apple’s rules strictly, these solutions break the
privacy rules set out to iOS users.
Lockdown Privacy, an app that blocks ad trackers, has called Apple’s policy
“functionally useless in stopping third-party tracking.” It performed a variety
of tests on top apps and observed that personal data and device information is
still “being sent to trackers in almost all cases.”
But the companies aggregating user-level data said the reason apps continue to
“leak” information such as a user’s IP address and location was simply because
some require such information to function. Advertisers must know certain things
such as the user’s language or the device screen size, otherwise the app
experience would be awful.
The risk is that by allowing user-level data to be used by opaque third parties
so long as they promise not to abuse it, Apple is in effect trusting the very
same groups that chief executive Tim Cook has lambasted as “hucksters just
looking to make a quick buck.”
Companies will pledge that they only look at user-level data once it has been
anonymized, but without access to the data or algorithms working behind the
scenes, users won’t really know if their data privacy has been preserved, said
Munchbach.
“If historical precedent in adtech holds, those black boxes hide a lot of
sins,” she said. “It’s not unreasonable to assume it leaves a lot to be
desired.”
<end>
_______________________________________________
nexa mailing list
[email protected]
https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa
