It implies that Apple can and will use this data to inform its own products, which does seem anticompetitive. Whether that's true or not, I don't know.
Not exactly the same, but it wouldn’t be the first time Apple did something like this. For example, Apple shows a scary “Do you consent to TRACKING” dialog for third party apps, but for their own tracking, presents a “is it okay if we use just a bit of your data to personalize your experience”?
But Apple, as the device owner/operator, can do all sorts of tracking that cannot be accomplished by anyone else. They know when your phone is on or off. They know how often your battery runs flat. They know how bright your screen is. Apple surely uses this basic data in creating products. Telemetry isn't content tracking, but it is still tracking.
Some people here need to read Apple's privacy policy. They go to extreme lengths to make sure no identifiable information leaves the device. Often times where Google sends information to the cloud to be processed (e.g. Photos data), Apple does the computation on-device. This is true for many things: analysis of photos, voice recognition, ML tasks, etc.
When I set up macOS recently, telemetry was off by default; it was opt-in. Not sure about iOS, but I presume it is the same. So you are correct that device makers collecting telemetry have a certain advantage, but most app/content tracking systems I have interacted with are opt-out and therefor, in my view, are more invasive.
The app tracking dialog on iOS is technically opt-in, but the way it is written reflects that the system and the user have limited control, the "Ask App Not to Track" button implies that Apple acknowledges that their attempts to block tracking are best effort and are not guaranteed to work, because new and clever ways to implement tracking are being created on a regular basis.
Even when turning telemetry off there's still a huge amount of data going to apple.
For example the gatekeeper revocation check leaks a lot of data about what kind of apps you run. I'm sure some departments of apple really care about privacy but it's a big company and clearly not all of them do.
My understanding from talking is that internally they set a high bar for telemetry data, which includes non correlatable data through techniques like data slicing and differential privacy.
In the case of private relay, I believe they are using privacy pass such that a token indicating authorization is anonymous on use. So say, Apple knows who someone is, but Cloudflare and the like who do the actual producing can only tell that Apple authorized proxy access and (for HTTPS) what domains are being accessed.
So Cloudflare in this example may be able to get some statistics of use and share them with Apple, but it will be more about the relative popularities of pornhub.com and cnn.com, and not what percentage or who frequent both.
My understanding of the design of private relay is that Apple cannot see this data as it works with a third party relay (Cloudflare I think?) to blind themselves to it
That complaint by the telcos is what convinced me to turn it on, the entire thing was a big whinge by them about not being able to spy on users anymore (and the hilarious claim that Apple was doing it to move users off Safari)
They cannot see the data because they have chosen not to see it. That is different than being unable to see it. As the creator of the software, Apple could disable to circumvent its own system to bypass these protections, perhaps in response to a legal obligation. A proper implementation, something like Tor, would be a designed to blind all network participants, including the evil ones.
Then the tor exit node people could read the traffic.
Do what I do, i encode all emails into giant QR codes on paper that will fade in 72 hours. I then have a staffer chain a briefcase with the email to his or her wrist and fly to the recipient in a private jet. The one time pads are delivered by a separate courier.
We’re talking about a company like Apple building a global infrastructure.
Any such scenario would result in the company or their providers controlling a lot of the infrastructure.
That’s why private relay isn’t a bad thing. You’re replacing thousands of individual risks with one. IMO, the protection of Apple’s PR is stronger than any tech.
This is a pointless argument though, since Apple can deliver arbitrary over the air updates to iPhones anyway. There is nothing that iPhone hardware is physically capable of doing that Apple could not release a software update to do. Thus any evil you can conceive of is trivially within the slippery slope.
That may be the case, but it misses the point. If Apple is not presently doing this, then they are not abusing their market position in gain an unfair advantage.
> That complaint by the telcos is what convinced me to turn it on
To be fair to telcos, (who totally don't deserve it), the original argument they made is that if all phone traffic gets routed to a relay endpoint, and not its real destination, it reduces their ability to network plan and add capacity to the routes that are actually in use.
Hearing this argument means they didn't get what they want and wanted to pull in the antitrust argument, and tipped more of their hands.
Apple explicitly documents that they ensure that private relay data is opaque to them, the also document the audits to show that they cannot spy on the data. As a result iCloud Private Relay is strictly more private than any other VPN service.
Another reason I wish Apple just stuck to hardware and software rather than expanding into stuff like Apple TV. Can’t be anticompetitive if they’re not in the market!
