Included in Apple's update to comply with the EU's GDPR, customers will be able to download all the information Apple keeps about them.
Apple is updating its products and services to bring the company in line with the EU’s forthcoming privacy protection rules, General Data Protection Regulations (GDPR). Among other improvements, customers will be able to download all the information Apple keeps about them.
What is GDPR?
The GDPR rules are designed to bring existing data protection laws into the 21st century. They give individuals the right to see what information companies hold about them, oblige business to handle data more responsibly, and put a new set of fines and regulations in place. Almost any entity that handles personal data will be impacted by the GDPR rules.
These changes may be taking place in Europe, but there is expectation most big tech firms will apply similar protections outside Europe, which will give more effective protection to most people.
Why it matters
Europe’s tough stance on personal privacy had already prompted many in the tech industry to get their act together. The Facebook/Cambridge Analytica scandal means many more of us now understand why such protection matters, particularly at a point in human history at which so much of what happens next will be defined by artificial intelligence (AI) and data analytics. This information is powerful.
“We’ve never believed that these detailed profiles of people, that have incredibly deep personal information that is patched together from several sources, should exist,” Apple CEO TimCook recently said. They can be “abused against our democracy,” he observed.
What Apple has done so far
Apple recently introduced updated privacy protections across all its products, which now offer a new Data & Privacy screen during setup. This explains how Apple and apps use your data and promises that the company’s solutions are designed to minimize the collection and use of your data. It also describes how on-device processing is used whenever possible.
“When we use data to create better experiences for you, we work hard to do it in a way that doesn’t compromise your privacy. One example is our pioneering use of Differential Privacy, where we scramble your data and combine it with the data of millions of others. So we see general patterns, rather than specifics that could be traced back to you. These patterns help us identify things like the most popular emoji, the best QuickType suggestions, and energy consumption rates in Safari.”
Effectively this means Apple’s products are private by design, which should open up interesting opportunities for the company in future.
GDPR means Apple will tell you what it knows
These aren’t the only privacy enhancements we can look forward from Apple as it prepares for GDPR rules to become mandatory in May.
The company has said it plans to update its Apple ID management page with a way to let users download a copy of all the data they have stored with the company.
The company will allow users to download data across individual apps, which means data concerning your music playback choices or which news stories you’ve been reading will be as easy to download as information about the contents of your Contacts or Calendar apps.
That’s the equivalent of the data Facebook allows its users to download about themselves, though Apple’s pre-existing commitment to privacy means we don’t expect too many unpleasant surprises — however, I will be paying particular attention to Location data logs when I check my records.
GDPR also means Apple will give you more control
Apple also intends to make it much easier for its customers to control their data. That means we’ll be able to:
- Get a copy of our data
- Correct our data
- Temporarily deactivate our accounts
- Delete our entire Apple ID
That’s a significant improvement. You have been able to do some of these things by contacting the company, but this takes time. These new tools will empower customers to vet and manage their own information.
Apple provides new GDPR developer tools
Apple closed out March by providing developers with an extensive set of tools to help them handle data requests made by EU users under new GDPR rules. These will enable developers to let users “manage data that's associated with your app and stored in iCloud by using native APIs and Web APIs,” the company said. These will also include tools to enable a developer’s own users to delete their data from a developer’s app. More here.
What are the rollout plans?
Apple has already begun introducing these improvements. The most recent software updates introduced new Privacy rules and systems and a new Privacy icon that appears when an app requests your personal data. The company says the additional enhancements discussed here are scheduled for introduction in Europe when GDPR rules come into effect on May 25. The iPhone maker says it will make these features available to customers outside Europe at a later point.
Privacy is a human right
Cook has gone on record to call privacy a “human right.” He’s highly critical of companies whose business plan is to monetize customers, saying:
“The truth is, we could make a ton of money if we monetized our customer. ... We’ve elected not to do that. We’re not going to traffic in your personal life. Privacy to us is a human right, a civil liberty.”
Apple as a company has an extensive privacy governance structure, which is described here.
Its employees are required to take privacy training, and the company has a Privacy Board made up of a cross-functional group of senior representatives from across the company that handles privacy-related issues.