For years, Apple has done a lot of talking about privacy. It’s also tweaked its major products in ways that helped users protect their personal data from prying eyes. But the privacy announcements the company made on Monday at its WWDC keynote felt different. Increasingly, Apple is turning its privacy stance into highly visible parts of its products.
One major WWDC debutant, an iOS 13 and MacOS Catalina feature called “Sign in with Apple,” might be the company’s most tangible act of privacy protection yet. It’s not a productivity, communications, or entertainment app with data privacy as an added-on guarantee. Its whole purpose is to help users preserve their own privacy as they move around the web. In that sense, Sign in with Apple may be the very first privacy product from Apple.
This evolution helps the company further stand apart from other big tech companies. Apple has been openly critical of Facebook’s and Google’s core advertising businesses, both of which rely on the harvesting of user’s personal data to target ads. “The truth is we could make a ton of money if we monetized our customer, if our customer was our product,” Cook said last year. “We’ve elected not to do that.” (Together, Google and Facebook control about 60% of the U.S. interactive advertising business.)
Last month, Google CEO Sundar Pichai fired back in an op-ed in the New York Times. He suggested that Apple’s take on privacy is great, if you can afford Apple products. “For us, that means privacy cannot be a luxury good offered only to people who can afford to buy premium products and services. Privacy must be equally available to everyone in the world.”
Louder than words
Apple CEO Tim Cook often kicks off the WWDC keynote address with a few comments about large issues affecting the industry or the world. Some wondered if he might rebut Pichai’s privacy-for-the-rich statement. He didn’t.
Instead, Apple seemed to answer with a range of new privacy features. In particular, Sign in with Apple seemed like a direct shot at Google and Facebook.
The feature is Apple’s answer to the venerable “social sign-in” buttons from Facebook, Google, Twitter, and Yahoo. These buttons offer a way to sign into apps or websites without having to enter an email address, password, and other information. But they offer the same devil’s bargain social networks like Facebook do: “We will provide you with a convenient free service, and by the way, you will pay for it with some of your personal data.”
These buttons commonly transmit user data like verified email, age, gender, relationship status, and interests to the app or website.
The new Sign in with Apple button provides a secure log in to participating apps and sites, verified by Face ID or Touch ID. It’s available for both iOS and MacOS apps as well as websites. But it doesn’t transmit the user’s personal information. Instead of providing an email address to the app, Apple’s button generates a randomized email that’s linked to user’s real email. And Apple creates a unique random address for each app so the user can shut down communication from a particular app at any time.
Sign in with Apple is an impressive, privacy-friendly alternative to one of the main data-harvesting techniques used by its rivals. And Apple isn’t just offering it up as a new option for developers. It will require apps that include sign-in buttons powered by other companies to add its new button as well.
Rolling out Sign in with Apple is different than Tim Cook saying “we believe privacy is a human right” in a speech or a TV interview. This is Apple weaponizing its privacy stance, creating a product that directly addresses a well-known tactic used in the surveillance economy. If users embrace it, they’ll benefit—and if they use it instead of some other company’s more intrusive sign-in service, other tech giants will lose out.
At WWDC, Apple also announced new cross-platform tools that prevent apps from tracking the user’s location. It added the ability to give an app permission to use a location just once, requiring to get permission on each subsequent use.
Tools that stifle tracking and data collection aren’t totally new for Apple. For example, at last year’s WWDC it announced new protections in the Safari browser against a form of web tracking called browser fingerprinting. But the Sign in with Apple button is a fully formed service, not just an add-on to an existing app or bit of operating-system functionality.
Social buttons are just one of many ways consumers can lose control of their personal data. Now that Apple has built Sign in with Apple, let’s hope the company releases more tools to help disrupt the devil’s bargain presented to us by companies like Facebook and Google.