People are expected to draw a line between public and private life — it’s why you (probably) don’t go to the office in your slippers and underwear. There’s a fundamental expectation that the companies we interact with every day can manage that divide as well.
Some tech companies understand this dichotomy better than others. Facebook hasn’t traditionally cared much for it, for example, while Apple has bent over backwards to market privacy features. But the tide may be shifting, depending on how you interpret some recent product announcements. Facebook CEO Mark Zuckerberg recently committed himself to “building a privacy-focused” platform, while Apple announced a slate of new services that a different, less scrupulous company might use to harvest user data.
At this pivotal moment, it’s worth examining how the two approaches differ and what users might realistically expect as we enter a new era for these technology giants.
For starters, take Apple’s new services. In all these products—from original TV shows to magazines, games, and banking—understanding performance, user metrics, and activities is crucial to success. Magazines in News+ will rely on ad sales to make money. Advertisers may demand detailed metrics not just on overall impressions but also on which magazines and ads users looked at next. And then there’s Apple Card, the company’s waltz into the world of banking, backed by Goldman Sachs and Mastercard — you can imagine the potential issues there.
Apple has done its best to make its position on your data across all these services abundantly clear: It has no interest, and your privacy still comes first.
None of these services rely on advertising to drive revenue for Apple.
It may be easy for Apple to maintain that commitment since none of these services rely on advertising to drive revenue for Apple. Though much was said about Apple’s revenue split with publishers on its News+ subscription service, it reportedly allows those publishers to keep 100% of the ad revenue they generate. For the most part, Apple will collect monthly fees for its services, except for its banking program. The financial instrument Apple plans to launch later this year will put the company to its greatest test, as partners Goldman Sachs and Mastercard will be involved with those Apple Card transactions.
Apple has said Goldman Sachs “will never sell your data to third parties for marketing and advertising,” but it hasn’t addressed the obvious fact that Goldman Sachs can see your transaction data.
The reality is that data privacy is a daily test for companies like Apple, Facebook, Google, and many others. Needless to say, they fail that test from time to time. Earlier this month, Bloomberg reported on millions of Facebook user records sitting unprotected on a publicly accessible server.
As it prepares for its next act, the social network needs to reverse years of insisting that privacy is no longer the social norm. Zuckerberg now says he expects communication between Facebook friends to shift to the more private Facebook Messenger platform, a chat system he plans to rebuild so that it adheres to the end-to-end encryption architecture popularized on WhatsApp.
Facebook’s radical shift comes after years of rapid expansion that involves swallowing as much data about us as possible, while selling much of it — anonymized, of course — to advertisers. That business strategy is essentially the foundation of Facebook’s financial success. Advertising drives around 90% of the company’s revenue. It was hard to imagine Facebook ever doing anything to threaten that revenue stream.
“For a really long time, privacy was positioned as a barrier to innovation,” says Michelle De Mooy, former director of the Privacy and Data Project at the Center for Democracy and Technology. She adds that even after the Cambridge Analytica scandal, Facebook’s privacy efforts were more focused on marketing than actual product updates.
It’s no wonder why: The product is based on ads. On the other hand, Apple has traditionally sold us hardware — phones, tablets, laptops, etc. — and subscription software services that support them. It has a very direct revenue pipeline and hasn’t sold advertising for most of its history. Apple builds privacy into its hardware and software because it has virtually no need for consumer data.
Still, Apple does have a relationship with many of the companies accused of the greatest privacy abuses. Facebook’s products live in the App Store and run on the iPhone, iPad, and MacBooks. The same goes for Google’s apps and, yes, Safari’s default search engine: Google.
On the other hand, Apple’s disinterest in your data has led to it developing its growing list of services and apps differently. While Google sends every query to its cloud, Apple manages its intelligence locally. While Google may be the default search engine in Safari, the web browser still has some protections that Google Chrome, for example, doesn’t.
Safari blocks third-party cookies and cross-site tracking by default. Since tracking codes and behaviors change regularly, Safari uses local machine learning to identify and cordon off trackers, renaming them so other sites can’t identify the trackers, essentially neutering their cross-site tracking capabilities. (Deleting all cookies on a single-site experience could result in a vastly diminished experience. For example, a banking site might lose your identity from page to page without a cookie.)
“If you’re a company that really believes privacy is a fundamental human right, then you’d be locking down or kicking out apps that are leaking data.”
Even in cases where information does leave your iPhone, Apple transforms it so that it knows as little about your activities as possible. In the case of Maps, Apple snips off the origin and destination of turn-by-turn queries sent to Maps.
Of course, all of this is rendered moot by certain third-party apps. I consider Apple’s app review system one of the best, if not the best, in the business, but there have been bad privacy actors on the platform.
“The fact that they have an app review is really good,” De Mooy says, “but if you’re a company that really believes privacy is a fundamental human right, then you’d be locking down or kicking out apps that are leaking data or not following values that Apple is stating.”
Apple does act when alerted to companies running afoul of its data collection guidelines, as Facebook did in February when Apple kicked a handful of Facebook’s corporate apps off the App Store. But acting after the fact is not the same as catching these data-sucking apps before adding them to the store.
The inescapable fact of data privacy in the tech industry is that if your business is advertising, you cannot survive without consumer data. It’s the oxygen you breathe. When you sell hardware directly to consumers, as Apple has for most of its existence, it’s less of an obvious concern. The company’s services pivot, however, means that the work to maintain control of user data may no longer be as effortless.
Which brings me back to the sea change Zuckerberg is proposing for Facebook. Even if Facebook becomes a million tiny private hubs where only small groups or individuals share their secrets, there will always be a public side to Facebook.
As Andrew Burt notes in the Harvard Business Review, Zuckerberg’s proposals suffer from a number of fundamental flaws, not the least of which is that the needs of Facebook do not align with those of its users.
Facebook’s need for time, attention, and data, Burt says, means it has to keep users engaged with the platform. In addition, there’s not much Facebook can do about its scale. The service is so big, with so many users, that “massive failures — related to cybersecurity, privacy, propaganda, and more — are simply inevitable.”
Even if Facebook somehow solves these issues, it can’t afford to change user interaction without completely remaking itself.
“Facebook was built to be a surveillance platform with invisible tentacles all over the internet gathering information about aspects of people’s lives,” De Mooy says. “Changing that model will mean a complete upheaval, from the company’s culture to the training the engineers receive to the coding and software to the UX/UI design and monetization strategies.”
Perhaps the solution lies in Facebook leaning even further into the old Apple way, selling more hardware to consumers to decouple a bit from user data and make up the data-selling ad revenue shortfall. The company is already selling Oculus VR headsets and the new Portal. (Portal comes with its own privacy concerns, of course.) The model could work, but only if Facebook can figure out how to disentangle its hardware from its ad business. That’s already a struggle. No matter how Facebook does it, the privacy changes Zuckerberg and company seek to create could take years.
In the realm of privacy, Apple will continue to have the upper hand simply by being vigilant and maintaining a focus on hardware. It’s a path that Facebook cannot easily follow.