Apple Is Ready for the Tech Backlash

The only real guarantee that companies won't go overboard in invading customers' privacy is that they have large revenue streams which make it an unnecessary risk.


March 31, 2018

4 Min Read
Tim Cook, looking very CEO-like
Getty Images

(Bloomberg View) --It's easy to understand Apple CEO Tim Cook's somewhat self-righteous comments on the Facebook-Cambridge Analytica scandal: His company has never emphasized customer data monetization, and privacy has been one of its persistent selling points. Apple still collects our data — and reserves the right to share it — but the company has a much better track record than newer tech titans.

"The truth is, we could make a ton of money if we monetized our customer — if our customer was our product," Cook said on Wednesday. "We've elected not to do that." Asked what he'd do if he were in Facebook CEO Mark Zuckerberg's shoes, he replied, "I wouldn't be in this situation."

In reality, Apple collects more information about its customers than Facebook because it offers more products and services. It knows everything from an iPhone's location to its owner's taste in movies and music. It's all in the company's privacy statement, including the frank admission that Apple will share the data with "strategic partners that work with Apple to provide products and services, or that help Apple market to customers" and with law enforcement. Apple also lets applications that run on its platform (including Facebook) hoover up data. And it does have a small ad platform that allows targeted advertising.

Apple's closest equivalent in terms of data collection, sharing and "pass-through" to app developers is Google, which offers roughly the same array of services (plus search) and also owns mobile and desktop operating systems. The difference is that Apple has imposed some voluntary restrictions on itself: For example, it anonymizes location data (unless you're using the "Find My iPhone" feature) and generally employs "differential privacy" — a cryptography-based practice of obtaining usage and preference data without linking it to specific users. Google and Microsoft also use that to some degree, and a co-inventor of differential privacy, Cynthia Dwork, has even worked for Microsoft Research, but Apple was the first to market the technique as an advantage for its customers. 

Cook clearly thinks of these self-restrictions as a good way of staving off external regulation. On Wednesday, he scolded Facebook for not being as far-sighted. "I think the best regulation is no regulation, is self-regulation," he said. "However, I think we're beyond that here."

As a user, however, I wouldn't put much trust in any company's ability to regulate itself. Cook has been wary of monetizing Apple's user base, but he won't be CEO forever. And people do change their mind, especially when it comes to picking up money that's there for the taking. Regulation — such as the EU's General Data Protection regulation, launching in May — is a more reliable way to ensure a level playing field. That's why Google, Apple and Microsoft all have good, convenient privacy controls which allow the user to turn off various kinds of data collection, erase data that companies already have and opt out of targeted advertising. Facebook, too, promises to put such controls in place soon.

But even external regulation isn't a reliable guarantee of privacy. Most people won't fiddle with the controls because they may not even realize what all the fuss is about. And by default, companies with advertising-based business models will want to collect as much information as they can and anonymize as little of it as they can. Neither Google nor Facebook, for example, will make the same commitment as Microsoft that no ads will be targeted based on your email and chat contents. Nor will they make it as easy as Apple and Microsoft make to shut off ad personalization.

No regulator will take care of that: It's not their goal to kill off the ad-based business model and with it Facebook and Google, and the model won't work without data collection and ad targeting.

The only real guarantee that companies won't go overboard in invading customers' privacy is that they have large revenue streams which make it an unnecessary risk. Apple is reliable in this regard: It's a hardware company that also sells content and software on commission and on a subscription basis. Microsoft, with its cloud, software licensing and subscription businesses, is even less likely to go rogue in data collection because it no longer has a mobile platform to speak of. 

That's why Microsoft and Apple aren't suffering much from the Cambridge Analytica-triggered tech sell-off. Microsoft shares are up 4.5 percent since the beginning of the year, Apple shares are down just 1.63 percent. That compares to Google's 4.6 percent drop and Facebook's 13.3 percent dive. I believe the gains made by Twitter and Snap, two companies fully dependent on ads and information-gathering, are a temporary fluke: They aren't as frequently mentioned in connection with data harvesting as Google and Facebook. As heavier regulation of the ad model becomes reality, they will inevitably suffer as much as their ad-based peers.

Monetization through ads was the only relatively easy choice for companies not offering any products or services that people wanted to buy. That revenue stream, however, is not as easy to hold on to as those coming directly from customers. Those of us who remember the fat days of ad-financed media know that better than anyone. The tech firms that fell back on ads will need to offer value to customers, not advertisers, as the best "legacy" media companies have learned to do.

This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like