Over the last few days, Apple has seemingly started cracking down on applications that share location data with third-parties. In such cases, Apple has been removing the application in question and informing developers that their app violates two parts of the App Store Review Guidelines.
Good.
Android fans will label this “anti-consumer” but the exact opposite is true. Privacy and identity theft and protecting these things is not anti-consumer, it is actually about as pro-consumer as you can get. And with the news today of another Android malware threat, this step by Apple makes even more sense. I will gladly accept slightly less functionality in exchange for letting Apple do what it can to protect my identity and privacy.
I don’t think you could ever spin this around. There shouldn’t be any room for this problem to exist.
The problem will always be that you still need to jailbreak or root your device to be able have control of your device. Any lock that prevents users from entering, is anti consumer. Even if it’s for their own good
Edited 2018-05-10 12:57 UTC
The majority of consumers are idiots, and don’t need a system that’s as open and free as Android is. As
Windows on the PC has proved, an open system just invites malware, and the average user won’t know what malware is, if it’s a bad thing, or how to remove it. Sure, it’s nice to have an open system, but that openness should be something the power user has to unlock, rather than be default. Remember, there’s more idiots than Einsteins.
While I agree, even this wouldn’t be enough. I’ve seen people who do use Android follow instructions on web pages on enabling side loading apps because they really thought they were going to get the newest game for free, or thought they needed that update to Adobe Flash to view that Facebook page. Even if you buried it down deep, they will find it if they think they’ll get something for free.
Sure, you can’t save everyone from themselves, but an unlock switch that’s hard to find unless you’re looking for it will keep 95% of Joe Dumbasses out there out of trouble, vs having everything wide open out of the box.
The problem I was getting at is that it’s no longer hard to find, if they’re being told how to do it. I don’t know how you combat this issue. My first thought was an unlock code unique to each device, but then you raise a whole set of problems about who will maintain those codes and what happens if that entity goes belly up.
Personally, I wish we could solve it by being able to teach these people not to do stupid stuff. It’s really amazing how they’ll follow detailed instructions to the letter to get something they think they want installed, but won’t follow a simple “don’t click on that!”. It boggles the mind.
Simple answer is… you don’t. People are going to do what they’re going to do.
WorknMan,
Exactly. You can put warnings up, but if an owner insists, then they should have the prerogative to do what they want with their own devices.
wocowboy,
This last paragraph creates quite a large loophole since developers could deliberately pin some app functionality into 3rd party services (we see a lot of that happening with javascript websites such that data gets sent to 3rd parties).
Edited 2018-05-10 13:45 UTC
Hi,
How about; the app asks the OS for the current location and the OS checks if the user explicitly allowed the app to have the information (and maybe does a “This app wants your location [allow][deny]” dialog box, similar to how firewalls are being done in a lot of cases), and if the app isn’t permitted to have location data the OS generates a random location and tells the app that instead (deliberately filling the databases of malicious pricks with misinformation).
– Brendan
Brendan,
You are focusing on a different aspect, recording user permissions, but what I meant was how do you prevent app developers from sharing/selling location data (which they themselves are allowed to have) with 3rd parties?
Consumers reasonably expect privacy, but most corporations feel the data they collect from us is theirs to do with as they please. As long as they hide it in the terms and conditions, they laws may actually be on their side.
The problem is more pervasive than just mobile apps as mentioned in the article. People don’t realize just how badly they are being betrayed by big name companies buying & selling our private data. Consider that google is said to be purchasing 70% of US consumer credit/debit card transactions.
https://www.thepennyhoarder.com/smart-money/google-data-mining-compl…
To truly stop this across the board, better privacy laws are needed (at least in the US). Corporations have to stop getting away with implied consent via terms and conditions, if they’re going to sell our data, then they must obtain a user’s explicit agreement. Anything else is ethically wrong and should be illegal.
Edited 2018-05-10 18:09 UTC
Hi,
If the user gives explicit consent for the app to use their location data (e.g. by the user clicking on “allow” in an “This app wants your location [allow][deny]” dialog box); then that data is now owned by whoever it was given to, and whoever it was given to may do anything they like with their data. Ideally there would be laws forcing app developers to say exactly what they are going to do with the data (and this would be built into the dialog box so that user’s can make an informed decision), but Apple can’t make laws and Apple can’t enforce laws that don’t exist.
– Brendan
Brendan,
Except that when it comes to apple’s store, it doesn’t need laws to enforce it’s own restrictions. Apple (and google for that matter) ARE allowed to enforce their own rules.
My concern earlier wasn’t about them being allowed to enforce rules, but rather the practical difficulties in enforcing them.
Edited 2018-05-11 02:27 UTC
Apple enforces their guidelines by monitoring the code in apps. I don’t pretend to know how they do this, but I read today that after banning some apps from the App Store because they were doing things that are not allowed, those apps have been found to be back in the store after only a name change, obviously to get around the rules. Apple found out about this by looking at the code and those apps are banned again. It is difficult, and some things do slip through, but at least they are trying. I give them props for doing that.
wocowboy,
If this is all apple does (and I make no assertions that it is), then it would be 100% ineffective against apps that sell user data from their own servers. If this is really the case, then it’s a huge loophole to get around apple’s guidelines, which is why I brought it up in the first place; it’s good that apple took a stand on private location data, but IMHO it’ll be very hard to actually enforce.
If an app collects personal information you have the right (GDPR) to have it handed over and get it deleted. So if you collect it and then sell it (or collect it via a 3rd party service) you have to make that 3rd party delete it when your customer asks you to. Yes, even if they paid you for it or *you* will be fined.
TheForumTroll,
That may well be true in europe. Those of us in the US have been loosing legal protections due to how extremely corrupt our politicians are.
You’re sure the politicians are not just reflections of the population? (how many people would, given the chance to partake, say “no” to their slice of ~political pie?)
PS. BTW, offtopic: was it you fairly recently writing that you don’t like the price of GPUs? …I had a thought in half-sleep that the prices are like that perhaps because they are of a now relatively niche product.
Edited 2018-05-13 20:29 UTC
zima,
Well, maybe; new computers and new GPUs may becoming more niche in general. Normal people are keeping their computers for significantly longer without replacing them.
However the evidence indicates that high GPU prices today are caused by excessive demand over a prolonged period of time which has allowed both manufacturers and retailers to push the prices higher over time.
https://www.digitaltrends.com/computing/graphics-card-pricing-availa…
In other words, they are unable to manufacturer enough cards to meet the demand. What I find totally ironic is that FPGA and ASIC processors leave GPUs in the dust for mining, yet GPUs continue to be snagged from the shelves for that purpose.
The other, perhaps larger demand for GPUs is for data centers. Apparently this is infuriating GPU maker NVIDIA because their “low end” consumer grade GPUs are displacing sales of their high end server grade GPUs (which can cost $10k-20k). So much so that they decided to alter their licensing terms to ban data center applications.
https://www.digitaltrends.com/computing/nvidia-bans-consumer-gpus-in…
Realistically, that’s not going to help since consumers and companies will use the hardware for whatever purposes they see fit regardless of what Nvidia wants. High GPU prices are probably going to be a sustained normal, which makes them less accessible to their originally intended demographic.
I shouldn’t complain though, I’m guilty of wanting them for AI & data center applications rather than gaming, haha.
Ehh, this practise was quite alien to my place, but currently ruling PL “Law and Justice” (yeah, right…) party is also trying a form of it (they control the national parliament so they can change rules / how areas are counted in local (majors and so on) elections) to even more consolidate their grip. And polls show that all the while they’re gaining support… :/
And I take it it was you after all about price of GPUs / I haven’t imagined things …now I’m only left to wonder why my half-waking mind wandered like that.
Slightly off topic, but does anybody know how much of a deadline these app developers were given before their apps were taken down? Was it like “due to GDPR you have 6 months to update” or did they simply wake up one morning with the news?
GDPR has been EU law for nearly a year now, with the caveat that it was not to be enforced until the 25th this year. There is no excuse. Chances are their actions were already illegal under existing privacy law as well, so again no excuses for the developers. There is no reason they should have been provided with any warning.
I’m sure those ~1000 pages of legislation are very black&white to you (that just wasn’t my question).
They mostly are. Most of it is what was already best practice information governance / management, or already covered in existing legislation.
I agree there’s more of me, but there is no actual solution for this. So the community has a way of coming up with solutions.
It sounds like the idiots have more brain cells than Einstein.
When ios and Android were lacking a major part of what is now standard, the community was able to find a solution that was eventually incorporated upstream.
Since there are more idiots (me) than you, let’s put those idiots to do the heavy work.