60 comments

[ 2.7 ms ] story [ 106 ms ] thread
"Tracking" is probably too aggressive a word here. Sounds like they're counting, while "tracking" opens up a lot more metadata potential.
do you think it only tracks emails if you are using the default Mail client?
I would cautiously assume so— though I don’t know enough about the innards of iOS to say for sure.

That is to say, my instinct is that it would be difficult (if not impossible) for the OS to extract meaningful data from, say, the Gmail app, if it’s communicating with its servers using end-to-end encryption.

The OS might be able to see 3rd-party app calls and emails through the API which allows app data to appear in Spotlight search, but that’s at least a permission the user can revoke.

1) Apple has a pretty good privacy record so I'm more inclined to trust them on this one. Go ahead, light me up for saying that. :-)

2) No one I know ever calls me anymore. I am however getting 10 to 15 spam calls a day (one literally just came through as I was typing this up). Its so bad that I had to install a paid spam blocker and even that only catches 80% or so.

If Apple is looking for ways to deal with these jokers, I am all about it. This is getting ridiculous.

I agree with you. FWIW, the article is talking about assigning each user a fraud score for iTunes purchases. I'm guessing it's so that people can't use new iTunes accounts to game apps, or to use in-app purchases to test stolen credit cards.

Having said that, Apple should definitely be more aggressive about blocking spam numbers. My perception is that it does absolutely nothing about them. Does Android do a better job here?

There's a whole market with several companies that do exactly what you ask for, block spam, but they are all 3rd party.
I've been pretty happy with the way Android is handling spammers. Not only it shows when a call is suspected to be spam, it also gives me the opportunity to flag a caller as such.
How is this configured? I've never seen an incoming call shown as possible spam.

In fact, when I tell Google Voice a number is spam, while it won't forward calls from that number anymore, it still forwards both calls and texts to Hangouts. The only way to prevent Hangouts from receiving known spam is to block the number, which is buried in the app. (I hate Hangouts, it has to be the best self-torture app ever.)

Edit: As I was typing this, I received notification on both my phone (Hangouts) and in my web browser (Hangouts) of a voicemail from a number previously marked as spam. "Our system is showing your local Google listing is currently not managed or has not been properly cleaned and verified ..." In Google Voice, this voicemail is in the Spam folder. And yet I received two notifications on my devices for it.

There is a setting on the Phone app just for Caller ID and Spam and you even have the ability to filter spam calls. I don't have Google Voice so I don't know if/how it works.
I worked for a company that scanned credit card transactions for fraudulent behavior and it was remarkable how reliable the correlation between stolen credit cards and iTunes purchases were. Identity thieves almost always tried to spend $0.99 as a test purchase and then hundreds or thousands of dollars of iTunes gift cards. Apple probably doesn't want to rely on the credit card companies to catch this if they can do it themselves.
The android phone app warns about suspected spam callers, and project fi has a spam filtering feature that has worked pretty well for me.
Apple should definitely be more aggressive about blocking spam numbers.

Apple does some work in this area. I know that occasionally I will get calls on my iPhones that have a line underneath reading "Possible spam" or something similar. But I think it's more of a carrier issue than a device manufacturer issue.

IIRC, there was a mention in one of the previous keynotes about spam prediction being available in China. I don't know if that's the same tech or not, but that's the only time I can remember Apple mentioning it.

Android does a much better job at this, and it baffles me why Apple doesn't. I get 5-10 spam calls every day on my iPhone, many of them early in the morning (I used to live on the east coast and am now on the west coast).

On my wife's phone, most spam calls are auto detected as "Spam Likely" and you can report new numbers as spam, which I presume Google uses to update its database of spam callers.

I suspect US regulations make it very hard to block incoming calls. I think it has to do with not blocking calls coming from another phone network.
I hope they add an option to opt out of this.
???

Opt out of spam calls?

Or opt out of having them count the calls coming from your phone?

I think you should have to EPLICITLY opt IN to spam calls. I think Apple should block them by default. (ie - I think you should be AUTOMATICALLY opted out of spam calls.)

Opting out of them counting your calls should be allowed by Apple. Of course, I don't expect Apple to just take on all the fraud that goes along with that. For instance, they should be more than free to subject your mobile app store activity to extra scrutiny if you opt out. Potentially even blocking you from being able to take certain actions on the stores. Because it's obvious that all of the criminals and fraudsters will opt out.

Which spam blocker did you use?
Hiya. They have a free option that is useless and a paid one that is less so.
I've tried Mr. Number but it's hit and miss. Also, not clear if it is actually a spam app. Ugh.

EDIT: Nvm, I reread your post. =) Mr. Number is owned by Hiya.

With Apple focusing on creating new mainstream users (beginners) using their devices, there are likely far more users making calls with iPhone than not.

With how much MacBooks have increased their phoning home.. But having visibility, wish I could say the same for iPhone/iPad as easily.

Your point about spam calls is a good one. I'm not sure how many years you've had your number, or how many people had it before you. I have had my current mobile number a long time and the spam calls from me being on a list are minimal, minus voip robo-dialers. Spam callers seem to use easily changeable voip numbers (sometimes calling from similar voip numbers to my own), part of the spam call issue is likely to encourage the voip phone providers to pay attention to high usage/turnover numbers.

The simplest thing Apple could do is allow us to block any call (straight to voicemail) where the number does not appear in your contacts.

I don’t understand why they don’t have this option. They have options that are close, like do not disturb except for favorites in your contacts, but this is a sledgehammer, where we need something more general purpose.

You can put all of your contacts in group X, and then DnD, allowing through group X. It comes pretty close to what you want.
…actually, that's a good idea. Thanks for the tip!
But DnD is the entire device, it’s more than we need here. What you’ve mentioned is a workaround, but not ideal.

I want an option specific to the phone function.

...but then you get no notifications whatsoever, except for calls or texts from your contacts.

Maybe this is what some people want, but it's not for me.

In the UK, a service named TrueCall solved this problem very effectively for landlines. When you dial in, it checks the number from caller ID against a whitelist and if your number isn't pre-approved, you get prompted to press a number on the keypad and then say your name. The phone then rings (only if you actually pressed the number, which already stops most robo-dialler spam) and the caller is announced by name but has no opportunity to speak directly to the callee. If the callee approves, they can press a button and the call connects as normal (and optionally approves the number for coming straight through later). If the callee doesn't want to take the call, they push a different button and the caller gets to hear a prerecorded message and gets their number blocked.

This technology seems to come built into various mid-range landline phones now, and it has stopped almost 100% of junk calls since we last updated our equipment and got one of those, though it has occasionally confused legitimate callers as well and you do need to turn if off if you're genuinely expecting an automated call such as from your bank to validate something you're doing online. That's not much of a hassle though, and I don't see any reason something similar couldn't be done for mobile phones.

Google Voice had a feature like this years ago didn't it? Man I thought it was a nuisance then but I would use the heck out of it now.
I am however getting 10 to 15 spam calls a day

I recently bit the bullet on that and installed an app on my iPhone that blocks robo and spam calls. It's a subscription but considering how much productivity I loose due to spam calls I figure it's worth it. I had no idea Apple exposed an API that lets an app block calls but it works. Every once in a while a call slips through and I add it to their database. So far I've only missed one call I wanted and that was from Apple Developer Support. Apparently their auto-dialer is listed. Such is life.

I bet you we bought the same app. Its cut about 80% of em out. Not perfect but I'll take it.
My simple algorithm can easily be implemented by Apple, and made an optional configuration:

If the number is not in my contacts list I redirect it to voicemail.

If Apple gives me that I'm a happier consumer.

And most of the time, I also google the numbers that I don't recognize, and block them if they are known offenders/spammers.

I believe there is a way to do this, if you use Do Not Disturb and make an exception for All Contacts.
Interesting idea, but sometimes I do that when I sleep, so I would need that exception list to be small.
Not really, because then you can't get any notifications you actually do want. (Turning on DND blocks every notification.)

Apple refuses to make it so you can actually manage how the "phone" can bother you, and I'm assuming they have some sort of deal with the carriers to be this way.

This would be a big feature for me, whether spam blocking is done by the telephone companies or by Apple. I don't know why they aren't more aggressive about it either; it's not like the USPS, where the USPS makes more money off every piece of spam they deliver. Reducing spam calls would increase customer satisfaction, enhance the brand, and provide a competitive edge in the marketplace.
The telecos are basically hamstrung, they cannot legally refuse to route calls so far as I know. I'm not sure that allowing that is the best route, either. That's a whole set of neutrality concerns that we don't need.

They should absolutely be doing something to stop spoofing, though.

They can however refuse to do business with people call spoofing using sip trunks. They can see the real phone # and should be able to compare it to the allocated numbers and reject the rest. If a reseller is allowing it to happen then they should cut off the reseller until they get their shit in order.
Yeah, numbers of calls and emails being sent could be useful as features in fraud detection. I’m totally fine with Apple collecting that. Reliable spam filter for sms and phone calls are something I wanted for more than a decade.
That sounds terrible. Have you considered changing your phone number? Putting up with constant bullshit calls would drive me insane. Heck, I'm at the point where I usually only answer the phone for known numbers, unless I'm expecting a call.
I've had the same phone number since my first mobile phone. I have so much crap tied to it that changing it isn't really an option.
> Apple has a pretty good privacy record

All companies have a good privacy record, until they don't

Wait, I'm confused:

Are spammers using Apple devices? I always assumed they were just generic VoIP devices in boiler rooms (or bots, obviously).

Why would you invest that kind of money into a device for making spam calls?

Believe it or not, people use mobile in-app purchases to test stolen credit card numbers. Then use the credit card numbers that pass the test to score bigger hits.

As horrible as it sounds, when you're trying to fight fraud, you have to think like a criminal. And the whole in-app purchase test is pretty standard practice among criminals.

I think that cliché comes to mind: "This is why we can't have nice things."

This isn't about call spam calls. This is about app review farms and spam reviews. The way the headlines are being made and the way it's being discussed is FUD trying to show that Apple is evil; they're just making an effort to make sure app reviews are legitimate.
To remove issues with fake reviews, remove the ability to post reviews and rankings for an application. Instead, enable a application refund system. If you don't like the application, you have 60-90 days to get a refund. No more nonsense with fake reviews and such. You as the individual will determine if an application or song or whatever is good for you. Don't rely on reviews, they can be faked.

peace

This is a really good idea!

Although, I suspect, app developers would absolutely hate it.

Because it would be a disaster. There are so many games that you can complete in a day or two. They may be absolutely FANTASTIC, like Monument Valley. But people already don’t like paying for apps so they’ll ask for their $.99 back after they’ve played the game.

The end result is the only games they can survive or 90 our games that are full of in app purchases. Every other app could be easily download it, used, and refunded it quickly.

As bad as monetization is in the App Store right now it would be in order of magnitude worse.

Build in a trial period then with limited functionality/levels. The cost of that trail period is a small percentage of the overall price. For isntance, let's say the game is $12 USD. The trial period of the game would be 2 days 1 or 2 levels & cost $2 USD. you can upgrade to the full game (no refunds) or pay as you go for each level/functionality.

Yes - maybe this is more programming, but we have better languages & libraries to make this happen.

I think there's a way to do this & eliminate nonsense.

$12 games are an absolute no-go on the App Store. If the app is paid its almost certainly $0.99, maybe $2.

So that doesn’t work, unless the ‘trial period’ is $0.20. And at that point Apple/etc is losing money on CC fees.

Great, now even these guys are doing it.
The title is misleading.

Most people would believe the title is saying "Apple is collecting information on who you call, who calls you, where, when; and it's reading your emails."

But then the article says: "information about how you use your device, including the approximate number of phone calls or emails you send and receive"

So, no, they aren't "tracking your calls and emails" in the layman's sense of the term. They're just counting the number of calls and emails.

In terms of privacy violation that's at least an order of magnitude less egregious, and so it's an important distinction.

Not to mention that those numbers aren't even sent to Apple directly. Again the article states: "The data that gets sent to Apple, according to the company, is a numeric score that is computed on the device itself."

yup. just came here to say that. this is 100% FUD spreading.
I'd guessed there's a reason the links being posted here on this are from low-trust sources: Sun, NYPost, etc.
These posts being flagged is a bit of a relief.
That is not what Apple says. Apple says that developers submitting apps to the store will be given a trust score to prevent spammers based on the approximate number of calls and emails made. It does not look at your emails or calls. If you use the phone for spamming purposes and say send 1000s of emails a day and 10000s of calls a day and marked as a spammer you will get a lower score to avoid abusing the app store.
Well, they could hardly do worse than Google has with Google Voice. 90% of the calls I get are spam and outright fraud, i.e. "Yes, hi sir. I am calling from Microsoft. The big company. And we want your computer to be safe! Can I have your password?"

Google is collecting a ton of data, and I no longer have any reason to believe they care about fraud and spam filtering one bit. It's far worse after porting the number to GV.

Honestly, I'd probably take this with a grain a sand while "nypost" are the ones reporting it without too many details. They aren't really known for high journalistic standards.
This sounds like something they should be doing. If someone used a tool or service I provided to commit fraud I would take it as a personal failing.

Privacy and security are the reasons I moved from Android to iOS four years ago. After reading the details this sounds like such a minor collection of data that it doesn't bother me.

> Originally published by BGR.

Well, there's your problem right there. Certainly explains why they would use a word like "tracking" when it doesn't apply.