Microsoft ID guru slams 'duplicitous' Apple
Jobs' non-personal data claim 'hogwash'
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Microsoft chief architect of identity Kim Cameron has insisted that the "non-personal information" collected by Apple can be used to personally identify you – despite angry counterarguments from at least one Jobsian fanboi.
At a privacy conference in Seattle, Washington, Cameron last week gave a talk that touched on Apple's recent changes to its iPhone privacy policy, which he first flagged up in late June. Apple now says it will collect "non-personal information - data in a form that does not permit direct association with any specific individual," and it reserves the right to disclose this information "for any purpose."
This, according to Apple, includes data such as "occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising."
Cameron has long said that Apple's characterization of this data as non-personal is "unbelievably specious." And at the end of his talk, one audience member took issue with this stance. "My questioner was clearly a bit irritated with me," Cameron says in a blog post. "Didn’t I realize that the 'unique device identifier' was just a GUID - a purely random number? It wasn’t a MAC address. It was not personally identifying."
But Cameron had already made his case quite clearly. "The question really perplexed me, since I had just shown a slide demonstrating how if you go to this well-known website [Whitepages.com] and enter a location you find out who lives there," Cameron says.
"I pointed out the obvious: if Apple releases your location and a GUID to a third party on multiple occasions, one location will soon stand out as being your residence...Then presto, if the third party looks up the address in a 'Reverse Address' search engine, the 'random' GUID identifies you personally forever more. The notion that location information tied to random identifiers is not personally identifiable information is total hogwash."
But the fanboi was unbowed. "Is your problem that Apple’s privacy policy is so clear?" Cameron's questioner asked. "Do you prefer companies who don’t publish a privacy policy at all, but rather just take your information without telling you?"
According to Cameron, the question was shot down by a collective groan from his audience. But it stuck with him. "I personally found the question thought provoking," Cameron says. "I assume corporations publish privacy policies - even those as duplicitous as Apple’s - because they have to. I need to learn more about why."
Cameron did not immediately respond to our request for comment. But when he learns more about Apple's "duplicitous" policy writing, we'll let you know. ®
COMMENTS
In iPhan's eyes Apple can do no wrong.
iPhans are brainwashed, they believe anything and everything that comes out of Job's or Apples publicity machine.
The proof is in the fact that Lemon 4 had demonstrated defects yet iPhans kept on buying these things, complete with rubber bands to permit them to work.
The biggest risk with almost any smart-phone is data leakage.
Privacy policy != privacy
I guess having a privacy policy of "You ain't got any, we know who you are, we know where you live and we know where your children are" is OK, you've clearly express what your policy is.
Reminds me of the most realistic ISO9000 DR plan I ever saw which basically said that in the event of a total disaster the directors would bugger and live on a beach in the Bahamas on the insurance proceeds. I do like a bit on honesty.
Mr. Cameron just happens to be right ...
Of course he's right to note that, notwithstanding anything Apple may or may not say, the data they collect serve to uniquely define individuals. And of course that's precisely what makes such data valuable, and hence interesting to collect.
The question of who Mr. Cameron is working for is of course totally beside the point. The only thing that counts is what he says, and what he says is accurate.
The data collected by Apple go a lot further than the data collected by Microsoft, simply because Apple collects its data from a phone, not a computer. That matters because a phone contains a lot more data about you than your computer.
Things like: occupation, language, zip code, area code, location, and time zone aren't collected by Microsoft. At most they get an IP address, which is typically a dynamic address provided by an ISP, and a MAC address. They don't get a physical location, and certainly not in real-time. And they can't reconstruct your travel pattern either. Phone operators can. And now Apple has reserved the right tho shop that sort of information about people to whoever they like.
Spot the difference?
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
