I think the problem lies in the underestimation of the potential for that level of personal data. The privacy counter-argument is usually “nothing to hide.” Psychographic profiling is the incredibly accurate practice of predicting an individual’s engagement based on previous choices, and is far more invasive than “telling secrets.”
You claimed that Apple intentionally places vulnerabilities in updates to allow governmental access, right?
They’ve repeatedly claimed in court that they do not have access to on-device data or transmissions, as stated in their legal privacy policy. If they created a vulnerability, then they could exploit it, making the above claims both perjury and breach of contract.
Please clarify if I misunderstood your comment.
I’m not for trusting corporations either, but you don’t have a source, only theories.
Snowden is pretty much the authority on NSA vulnerabilities, and he hasn’t released any proof that Apple has a backdoor on their devices. The only thing he’s demonstrated is how the NSA has used MITM on third-party push notifications, which Apple has since encrypted and relayed to obfuscate.
If you have a source, I’m down to read it. Otherwise, you’re just speculating.
They do not have access to data on customer devices. Therefore, they cannot be compelled to provide it. Apple repeatedly challenges and wins cases against the government’s request for a backdoor to their devices.
They can and will provide iCloud data in response to a warrant.
Apple’s legal policy is very clear. They do not have access to data on customer devices, and therefore cannot provide said data to law enforcement or government officials.
They’ve fought the backdoor request in court 11 times and won. They are not mandated to comply by law if they themselves do not have access.
They can and will provide iCloud data in response to a warrant.
https://www.apple.com/legal/privacy/law-enforcement-guidelines-us.pdf
I see your point. The attacker would need to be far more savvy than police.
They’d need to keep it charged to prevent powering off and activating the connection access denial of the Secure Enclave, while keeping the iPhone in a Mylar bag to prevent any nearby iOS devices from relaying the Find My remote erase request.
With enough time, a vulnerability may be found for that version of iOS.
That’s simply not true. The chart clearly states that Cellebrite cannot break encryption on any iPhone that can run the current version of iOS. That includes any iPhone made in the last six years.
What this illustrates is the importance keeping your phone’s software updated for maximum security. New hardware is not necessary.
They also share personal, location, and motion data with third-party advertisers as well as driving analytics services.
We may disclose your personal information to our vendors and consultants who help us provide our Services or who perform services on our behalf, such as accounting, managerial, technical, email or chat services, marketing or analytic services, fraud prevention, bot detection, web hosting, and to other third-party partners or Service Providers to provide services or features to our members on our behalf or on behalf of our permitted business partners.
We may disclose personal information, including contact information and location and movement data, mobile device information (such as information generated by the gyroscope and accelerometer in your device), application analytics (including IP address and device identifiers), technical and analytical data, and driving event data with third-party partners that provide certain features and services you elect to use through or in connection with our Products or Service, to the extent that they are available in your country or region of residence. Some examples are as follows:
Crash Detection and Emergency Dispatch Services; Roadside assistance; Identity theft protection; and Driving analytics services.
https://life360-legal.zendesk.com/hc/en-us/articles/16038777217175-Life360-Privacy-Policy
Yes. Their privacy policy is very clear. They’ve put so much effort into providing privacy features, well before every other developer in the industry, that they’ve built their customer base on it. The class action suit that they would face for compromising that policy would be massive, and they would hemorrhage customers. They have strong financial reason to maintain their word. If you ask for your GDPR compliant abstract from Apple, it’ll only include your name, phone number, and billing address.
From a security standpoint, the privacy features are top notch. They use 256-bit AES encryption for iCloud, iMessage, FaceTime, Apple Wallet, Find My iPhone, HomeKit, FileVault, Secure Enclave, and now Apple Intelligence. Apple operating systems use a UNIX kernel design, keeping the application layer independent of the operating system layer, allowing full sandbox control and requiring user authorization for any API access.
Plus, nerds love to try and find chinks in the armor. In the event of the inevitable vulnerability, Apple is always quick to release a patch.
Edit: You asked a question about Apple products outside of an Apple instance. Look for the ones with all the downvotes to get a real answer from Apple customers. PC/Android users love to condescendingly reply to and downvote Apple supporting comments. I think it makes them feel superior. Lol
There’s a great website that converts the legalese of TOS into english, made by lawyers working pro-bono. I highly recommend it.
That’s not entirely true. HIPAA prevents providers from sharing your personal data, but it doesn’t prevent you from sharing it. If the office uses a portal site with an EULA that discloses third-party data sharing, and you accept, it’s disgustingly legal.
As for personal data, we absolutely need the GDPR or equivalent in the US. Unfortunately, the personal data trade is a $300B/yr industry in the US, so they have plenty of cash for lobbying.
Exactly. I’m in the same boat as you. The bulk of my exposure was in bands on MySpace. I was practically anonymous by the time Facebook became popular.
I’m still certain I’m in hundreds of other people’s pictures.