With every iteration of OS X, iOS, and iCloud, we see Apple add increasing the privacy protections it provides its users. It has consistently enabled customers to protect their personal information from advertisers, governments, third-party developers, and even Apple itself.
This is a company that destroys the keys to its encryption hardware after setting them up in the data center, just in case an employee decides to sneak in a back door or hand the keys off to a government agency. It designed systems like iMessages that a government could technically force them to sniff, but only with a fundamental change to the system architecture.
The question becomes, why? These changes, in some cases, affect usability — popping up reminders and approvals for every application that wants access to location data or our photo libraries, say, or implementing sandboxes that constrain developers (causing some to leave the Mac App Store completely).
I believe the answer is profit, with a smidgen of righteous anger.
Corporations generally limit their altruism to charity, not to core product and business decisions. Apple likely sees a competitive advantage in privacy, especially when its biggest direct competition comes from advertising giant Google and the enterprise-friendly Microsoft. Apple believes consumers not only desire privacy, but will increasingly value privacy as a factor in their buying decisions.
Plus, even CEOs and product managers get creeped out when the government reads their email.
Look hard across Apple's security and privacy technologies and practices, and a set of principles emerges:
Customers own their data. Vendors (including Apple itself) must ask for permission before collecting that data, or letting anyone else collect it. Both iOS and OS X ask before sending data to Apple, and now include granular controls on what applications can see what data, all at the user's control.
Collect the smallest amount of data needed for usability, anonymize it when possible, and delete it when you no longer need it. For example, Siri data is associated with a random number, not your Apple ID, and voice data is deleted after 6 months.
Encrypt as much as possible, while maintaining usability. iCloud Mail and iWork in the Cloud encrypt data, but need to see it for the cloud services to work. But Apple doesn't need to read iMessages, so those are encrypted end to end.
No back doors. All application data on iOS is encrypted with your passcode and a secret hardware key unique to your device, embedded in the hardware, that Apple doesn't track and can't recover.
Protect customers from privacy abuse by developers, employers, and governments. Apps can't access personal or location data stored on iOS or OS X without permission, and you can remove permission whenever you want. (This is inherent to app sandboxes.) If you own your iOS device, even with Mobile Device Management your employer can't access your private data. Across the board, Apple continues to add technology, such as iOS Extensions, to enhance the platform without reducing privacy. Apple even locked developers out of access to device IDs when they were being abused for tracking and advertising.
Sign up for Computerworld eNewsletters.