Apple responds to privacy questions from Congress

Heather Parry

By Heather Parry

08 August 2018

As you might have read on our blog last month, members of the US Congress recently sent pointed letters to the CEOs of Alphabet (Google) and Apple demanding answers with regards to their privacy practices and use of user data.

The letter from the Energy and Commerce Committee to Apple CEO Tim Cook included this portion:

In the wake of the privacy scandals that surfaced earlier this year, you made several comments to the press around Apple’s beliefs about privacy, including ‘[w]e’ve never believed that these detailed profiles of people that have incredibly deep personal information that is patched together from several sources should exist.’ However, users have consistently had access to apps through the App Store that you have highlighted as contradictory to Apple’s values, including Google and Facebook apps. Only a few weeks ago Apple announced changes to its App Store rules that were characterized as attempting to limit how much data third-party app developers can collect from Apple device users. These statements and actions raise questions about how Apple device users’ data is protected and when it is shared and compiled.

Now, Apple has responded to these questions and in doing so has distanced itself from other companies like Alphabet and Facebook; companies that have faced their own recent data privacy scandals.

The letter from Timothy Powderly, Apple’s director of federal government affairs, sought to clarify that Apple’s business model, unlike that of other companies, does not rely on farming data from its customers:

The customer is not our product, and our business model does not depend on collecting vast amounts of personally identifiable information to enrich targeted profiles marketed to advertisers.

However, it did admit that Apple had no control over data collected (presumably with user consent) by third-party apps:

Apple does not and cannot monitor what developers do with the customer data they have collected, or prevent the onward transfer of that data, nor do we have the ability to ensure a developer’s compliance with their own privacy policies or local law.

And yet the letter did seek to double down on Apple’s messaging; that they are concerned with user privacy and are changing their practices to reflect this. To this end, the letter said:

We believe privacy is a fundamental human right and purposely design our products and services to minimize our collection of customer data… When we do collect data, we’re transparent about it and work to disassociate it from the user. We utilize on-device processing to minimize data collection by Apple.

The extensive letter also covered a range of topics, from audio collection to WiFi connectivity. You can read the letter in its entirety here.

About Us

SurfEasy is a VPN tool that protects your online privacy and unblocks the internet. Use it on your Mac, PC, iPhone, iPad or Android.

Learn More