I like the fact that Apple has taken a pro-privacy stance in recent years. Considering how the rest of the big tech giants treat users and their data, it is a positive to have some type of check against that power. However, I don’t have any illusions about what Apple is doing. It is very simple. They don’t need to monetize our data, while their primary competitors do, so their stance on privacy has nothing to do with any altruism on their part. It is a position of convenience. A bat they can swing at the high, hanging privacy fastball that companies like Facebook and Google hang right over the plate for them.
While I let my cynical side show there for a second, I do think that Apple has held to its pro-privacy stance, so far. It may be a position of convenience, but I do believe they stick to it internally. They even go to the lengths of making AI work a little harder for themselves using by things like differential privacy and on-device processing to keep all user info at a distance. However, there has still been a big chink in Apple’s privacy armor and that is how they treat other companies that use their platform.
Tim Cook has been increasingly critical of how other companies treat user data and privacy, and recently went as far as calling out Facebook specifically. It is interesting that he can take a fairly hard line publicly while companies like Facebook and Google have many apps available in Apple’s App Store. While those free apps may not be revenue generators, they do enhance Apple’s ecosystem. It would certainly hurt Apple if either pulled their apps from the App Store.
This is a difficult line for Apple to walk without hearing terms like hypocrisy get thrown around by the tech media. The water is made even more muddy when you consider Apple caving to storing iCloud data for Chinese users in China, and making that data available to the government on-demand. It’s a complicated situation, to say the list.
This is the stage that was set last week when Apple suddenly brought the hammer down on Facebook and Google. This has been reported far and wide, so I will briefly summarize what happened. It had become public knowledge that both Facebook and Google were conducting research projects that centered around mining the user data of paid volunteers. The kicker was how they did it.
Both companies used the enterprise certificates they were given by Apple to create apps that could be “side-loaded,” bypassing the App Store and its restrictions. Companies are allowed to use these certificates to build apps for their internal use, and both Facebook and Google have also done that, as well. However, giving users access to these outside apps is definitely well beyond of Apple’s Terms of Service, so they revoked both Facebook’s and Google’s certificates.
This took out the offending apps, but also threw a gigantic wrench in operations at both Facebook and Google. Internal iOS apps stopped working and they could no longer work on updates or bug fixes for their existing App Store apps. According to several reports, this was particularly hard on Facebook.
So this was a big deal, as it definitely cost Facebook and Google both time and money over the last week. Even though Apple has set up new certificates for both companies, some damage was certainly done to these corporate relationships.
Making up the rules
Both Facebook and Google were breaking the rules, so I can’t blame Apple for taking some kind of action. That said, their history of policing the App Store is filled with instances of reactionary decisions, sudden changes in the interpretation of rules, and sometimes just making rules up on the fly.
Things have settled down a bit since the early days of the App Store, so these kinds of mass bannings and sudden rules changes are more rare today. However, these new actions feel a little similar, I can’t help but feel like Apple went a little too far, too fast with their moves against Facebook and Google.
If I put my cynic hat back on, I might say this looks like a coordinated publicity stunt that allowed Apple to look tough. They knew this would become a big story in the tech community and that it would give them more credibility when it comes to protection of privacy and user data. Was this the reason for them kneecapping Facebook and Google out of nowhere?
Breaking the law
While Apple’s reaction may have been either needlessly harsh or an intentional PR stunt, Facebook and Google knew exactly what they were doing. They knew the rules. They knew they were breaking them by distributing enterprise apps to people who weren’t employees. They likely figured they could get away with it for a while and then just talk their way out of it once Apple contacted them about it. Obviously it didn’t work out that way.
Let me make one thing clear, because some who covered this story didn’t. The people who signed up to be a part of these Facebook and Google research projects were completely aware of what they were doing and they were paid for their time and trouble. I don’t have any problem with this part of the story. Again, the issue is that both companies broke Apple’s TOS.
Excuses and reasons why
While Apple’s reaction to Facebook and Google could be seen as an over-reach, there are issues here besides just violations of Terms of Service. We all know how restrictive Apple can be when it comes to how apps in the App Store behave, what they can access and how they can harvest data. Enterprise apps can bypass many of these restrictions. These apps can also gain access to system-level information that normal apps can’t and share it.
This capability allowed their research projects apps to gather the data that Facebook and Google were looking for. Unfortunately for them, Apple blocks such capabilities for a reason. I cannot blame them one bit for trying to keep apps with restricted capabilities and potential security vulnerabilities out of the hands of the general public. Having a phone with one of these apps installed would be a perfect way to find exploits and weaknesses that could be dangerous.
On one hand, I am glad that Apple took action to take these research apps from Facebook and Google out of general circulation. They have absolutely no place in the hands of everyday iOS users, especially teenagers. All Apple users will be better off if they insist that developers play by the App Store’s rules, rather than creatively bypassing them.
On the other hand, Apple could still stand to take some lessons on how to better administer the App Store. A scalpel approach probably would have been just as effective as the hatchet they took to Facebook and Google. As such, I still can’t help but think that Apple was capitalizing on the situation to further its messaging on privacy and protection of user data. I actually think the situation played out in their favor, but that doesn’t make what they did the right move.
At the end of the day, I think it is important that Apple got these unregulated apps out of circulation. That takes precedence over how they handled getting it done, as ham-fisted as that was. It will also be interesting to see if this situation has any ripple effects in the future.