126 comments

[ 3.0 ms ] story [ 191 ms ] thread
Yeah, this is strange. The submitted link is the same as the one you've mentioned. Sometimes it works otherwise it requires a refresh.
FWIW, I clicked the link in this thread (twice). First time was a 404, second time it worked.
And the refresh button disappeared in the latest Firefox (v84.0.2)? I have to use F5, but still 404s 80% of the time... looks like a similar problem that Twitter has been having for months (sometimes it says "content is not available to you" unless you refresh).
> the refresh button disappeared in the latest Firefox (v84.0.2)?

Well that's just... terrible UX. Surely there's a setting to enable it again?

> still 404s 80% of the time... looks like a similar problem that Twitter has been having for months (sometimes it says "content is not available to you" unless you refresh).

Sounds to me like a CDN problem in both cases. Content not propagating and possibly not being cached correctly at the endpoint you're trying to use until you refresh a few times.

Just a guess mind, but a relatively informed one since I've had similar issues on my own sites that usually require CDN cache invalidation to fix.

The latest Firefox is actually v86, and the refresh button is right there for me.

Could you maybe have accidentally removed it in the Customize menu?

It came back with my linux distribution's provided update... not sure what hapenned but I didn't remove it.
(comment deleted)
I have no issue with making Facebook ask for for permission for users, that is ok. But my bigger problem is the hidden intentions behind Apple.

Why aren't Apple's apps themselves also having to ask for permission? I personally do not trust Apple one bit, just as I do not trust Facebook. So why is it so much harder to disable Apple's tracking, compared to Facebook's?

Something like this could have grounds for anti-competitive behaviour.

Only apps that do this sort of tracking have to ask. Otherwise there is no need. Does that make sense?
We don’t know whether Apple’s apps will ask yet do we? Not until the next iOS update.

And when an app doesn’t ask, does that just mean there is no tracking going on or is it some nefarious scheme to achieve who knows what?

The nefarious option will probably become most popular on the interwebs, obviously. I can already see the HN posts: “Pages caught loading an asset from apple.com, violating their own tracking policy! Is Apple doomed?”

Check out your iPhone’s Settings > Privacy and scroll to the very bottom. You’ll see “Analytics & Improvements” and “Apple Advertising”, which both contain toggles and details about the data that has been gathered so far. There was also an iOS update in the past where the onboarding flow asked me to grant these permissions, though I vaguely remember seeing it on every major iOS version update.

Now, that’s not to say that the iPhone setting guarantees that Apple is not up to something sketchy. We can’t tell what’s going on under the hood or in their servers, but if we really wanted to be extremists about privacy, then we have to resort to apps that we’ve built and self-hosted ourselves.

So who investigates whether Apple’s apps do this sort of tracking or not?
Story removed as not useful
Not stealing user’s private PDF file during crash is very low bar for privacy.

I agree that Apple cares about this stuff, but your story doesn’t really show it.

> Well, I worked at Apple for about NN years. ... If Apple was claiming it cared about privacy, but was secretly doing the opposite, I think this fact would not remain secret.

> I will give one more concrete example: the crash reporter system would send me a detailed stack trace, but NOT the original document. I was told explicitly that this was done for reasons of privacy ... I had no idea who the user was or what was in the document.

So you’ve had access to everything at Apple in your long career there, investigated it deeply the whole time and you’ve found nothing out of sorts. Got it.

This jives with what I’ve read about Apple’s internal culture - that there’s no compartmentalization at all and employees can roam freely around the halls collecting whatever information they want from any department.

I feel good now that you’ve investigated your own company and found no issues! Police unions should look into using this tactic of self-investigation. It seems quite effective!

(I hope I protected your privacy by removing the irrelevant parts of your comment. Sorry I had to paste them in there but you deleted them and then my response made no sense.

Also, sorry to have to use all of that sarcasm but you could’ve just answered the question. It’s Apple. Apple investigates if Apple apps for doing any sort of improper data collection.)

OK, I get the point, which is why I removed the story. Do you mind deleting what I wrote from your comment?
I removed most of it. I guess email dang if you feel that what’s left is too sensitive.
Personal attacks will get you banned here. We've had to warn you about this more than once before. Please don't do it again.

(Edit: I got this part wrong - sorry wayneftw! It's particularly bad that you bullied another user into removing what was probably an interesting story. That makes the thread strictly worse, whether or not you felt like it answered your specific question.)

Would you mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the spirit of this site more to heart? The intention is curious conversation—not bashing other people or their positions, even if you feel like they have wrong positions.

> It's particularly bad that you bullied another user into removing what was probably an interesting story.

That's not what happened. They removed it before I even posted a reply. By the time my reply came up, their story was gone and I had to navigate backwards to copy it. Please look at timestamps or something and remove this warning.

Aside from that, the story was not interesting. It just said that they worked there for a number of years and that their coworkers seemed trustworthy. Also that they couldn't get user documents along with stack traces. I left the most salient bits.

> Personal attacks will get you banned here.

Where's the personal attack? I responded directly to what their comment said, nothing more. And, I didn't get personal - I got sarcastic about what they said. And I apologized for it.

Yikes that's bad - I'm sorry! I made up a story around a wrong assumption. I try not to, and I tell HN users several times a day not to, yet it's still incredibly easy. I've added a note to my comment above, and I'll try to remember this case for similar occasions in the future.

Re personal attack - if you go after what another person is saying that aggressively and use the second-person pronoun a lot, it starts to bleed into personal attack. Particularly "you’ve found nothing out of sorts. Got it" struck me as attacking the other person's integrity.

Apple's stand on privacy is quite flexible at the top of the pyramid - for example in China they were happy to axe hundreds of VPN apps which were allowing people in HK and mainland China access to content without risking being thrown into jails.

So I am unable to infer that Apple consistently puts privacy (and the right to privacy) ahead of profit.

To be fair, I strongly suspect the various VPN apps out there are doing Facebook-style shenanigans with user activity. Especially the free ones.
It was a blanket ban on all VPNs.

Their exact statement said: "We are writing to notify that your application will be removed from the China App Store because it includes content that is illegal in China..."

Because the company follows the law?

(To be clear, I'm not suggesting China is righteous, just that Apple still has to follow laws, even if it doesn't like them)

Exactly. Apple's choice here is either follow Chinese law or get their devices and services banned from China.

The CCP is awful in many ways but I can understand Apple preferring to follow the law rather than lose their second biggest market.

All kinds of people. You frequently see analysis and reverse engineering of Apple’s app and network traffic here on HN.
> Why aren't Apple's apps themselves also having to ask for permission?

If you look at the list of example reasons [1] that would require an app to ask for tracking permission, they are (broadly) in two buckets: correlating and/or consuming user data from multiple sources, and sharing data with a data broker for advertising purposes.

Apple does not share data outside of itself, and their apps do not display ads.

-- [1] https://developer.apple.com/app-store/user-privacy-and-data-...

> their apps do not display ads

Except for the App Store and Apple News, AFAIK.

Apple News doesn’t display Ads except the upsell for Apple news+. They don’t sell advertising on Apple News.

The App Store does display ads, but those are based on advertisers bidding for keywords in the search terms.

At least not 3rd party ads. The App Store has ads for apps plus non-stop Arcade+ advertising. The News app is full of ads for News+ and loads of restricted links as well.

This is, however, very different, as you point out.

These do not rely on tracking or personalization - which is very obvious to me (I don't play games - and they constantly have game promotions etc).

Google gets this much better - with a ton of SAAS / biz focused apps. So I imagine google is tracking me somehow (I use google search / chrome etc) and apple does not seem to be doing that good a job.

To be honest some of their apps, like the Podcasts app do much more tracking. It is kind of described in the privacy policy but you can’t turn it off.
Apple has a specific definition of "tracking," which involves sending information collected to third parties. Apple doesn't do that. For that matter, it generally doesn't even collect information unless it's needed to perform a task (ie: location to show the weather). In those cases, it minimizes the data used, and doesn't associate it with you.
> Why aren't Apple's apps themselves also having to ask for permission?

They are. This question is based on a false premise.

I see it repeatedly. It’s starting to sound a lot like “have you stopped beating your wife yet.

I don't have a iota of trust in Apple, but it does seem that they would have little to gain and a lot to lose from just selling user data.
> Why aren't Apple's apps themselves also having to ask for permission? I personally do not trust Apple one bit, just as I do not trust Facebook. So why is it so much harder to disable Apple's tracking, compared to Facebook's?

They do ask, either on every OS install or upgrade (things like Siri) or first use (non-core apps). If you look at the various privacy settings, Apple’s own apps are listed and you have the same controls to block or limit the data they can access.

> Except, small businesses can still advertise to their customers. They can still use all of the information Facebook knows about its users--like their gender, age, location, and interests, to show ads. If you're a small business, none of that changes. The only person that really stands to lose seems to be Facebook.

I'm not sure that is true: Facebook would argue that with tracking users interests are better understood. A small model railway business can advertise to people who aren't just members of facebook railway groups and visit railway pages on facebook but also those who are visiting model railway websites outside of facebook too (that have FB tracking pixels). When people are visiting websites reviewing a new engine and start clicking on that businesses adverts for the engine, FB will show the ad to more of people who have visited those webpages too, making the ad more cheaper as you're not competing with other ad purchasers.

[EDIT] I'll still be saying no to facebook tracking.

> When people are visiting websites reviewing a new engine and start clicking on that businesses adverts for the engine, FB will show the ad to more of people who have visited those webpages too, making the ad more cheaper as you're not competing with other ad purchasers.

I don't care. They can take their entire immoral business model and fuck themselves to the graveyard. Next.

Why couldn't facebook instead facilitate that same small model railway business advertising on the railway group pages, and non-facebook pages about model railways? Why not just tie the ads to the content of the page visited?

With targeting you're correct that facebook (and others) can instead follow the user around the internet and show them (perhaps) relevant ads on sites that may be cheaper to advertise on (e.g. some crappy link-bait / SEO built site) which may be more effective than an ad otherwise shown on _that_ click-bait site but perhaps less effective than a railway ad shown on a railway related website.

Facebook can transfer revenue from the higher quality site on railway topics to lower quality sites that may just be click-bait and capture nearly all that difference for themselves.

Bottom line is you de-fund high quality sites (railway hobbyist sites in this example) and encourage surveilling individuals for only facebook's benefit.

> Why couldn't facebook instead facilitate that same small model railway business advertising on the railway group pages, and non-facebook pages about model railways? Why not just tie the ads to the content of the page visited?

Because google adsense has already effectively captured that market.

This is a bit of a red herring but I'll reply anyway.

Agreed that adsense serves ads to 'open web' properties already. However they do this with user tracking, just like facebook already does. The suggestion above is to instead use contextual ad targeting.

Secondly - adsnese has no access to facebook's walled garden hence facebook could exclusively served contextually relevant ads on its own highly trafficked sites free from competition.

Thirdly - what's wrong with competition? facebook has the scale, relationships with publishers and advertisers, and technology. They could, if they wanted to, take a page from Apple and compete on the concept of privacy if their brand wasn't so tarnished by their insistence that they surveil their users.

Back to the core point - facebook and others facilitate transfer revenue from high quality sites (railway hobbyist sites in this example) and encourage surveilling individuals for only facebook's benefit.

Google Adsense didn’t always used to do with user tracking. Adsenses original business model, heck, Google’s original business model, had nothing to do with user tracking. In fact, it was possible to share links with people (at least locally) by simply telling someone to search for a specific keyword and look halfway down the results on the 2nd page.

It’s kind of amazing to me that it’s now become ingrained that advertising must involve user tracking when even 15 years ago companies like Google did almost no tracking at all.

>* adsense serves ads to 'open web' properties already. However they do this with user tracking, just like facebook already does.*

nit: AdSense does both contextual and personalized advertising. It launched as contextual only, and that is still part of what it's doing: https://en.wikipedia.org/wiki/Google_AdSense

(Disclosure: I work on ads at Google, speaking only for myself)

(comment deleted)
> Why not just tie the ads to the content of the page visited?

Because then page-owners would have more power, instead of being relegated to the bulk commodities that Facebook and Google user-tracking systems are designed to limit them to.

That's a fascinating point-- but I wonder if the counterpoint also holds.

Right now, you can theoretically make a page with arbitrary "real" content and populate it with reasonably lucrative ads, stuffed based on external profiles and tracking. This seems to be the model for non-premium news media in particular-- because you can't really expect to have super-relevant ads on stories about car crashes and vaccination schedules, they lean in heavily to stuffing the site with externally-targeted ads and begging for tracking cookies.

If the ads were solely tied to page content, what sort of site design would we end up seeing to woo the highest yielding ads? I can imagine four line news articles floating amid a 500kb sea of mesothelioma and life insurance copy to reach for the priciest ads.

Problem with targeted advertisement is not tracking part, problem is abusing with this tracking. All ad networks are showing you ads that are more like likely to profit them, not what you are most likely to be click.

So basically it is some Expected Value from the impression. if I am 1% chance to click some ad, but they are paying 20x more than the ad with 10% chance, you will see this low quality ad first.

Why they would pay same guy's impression 20x more? Cause they are trying to target some vulnerability there. Things are worse than you can imagine, with targeted advertisement you can:

- advertise some weight loss scam to be people who are not confident about their body ( or you can even advertise them candies )

- advertise them dropshipping items with huge margins ( cause you can afford to bid 10x for their impressions )

- advertise your partner about interest area before xmas with inflated prices ( if you have motorbike, they can advertise your SO with "best accessories for bikers" with inflated prices )

Basically targeted advertisement is not about showing us the most relevant ad, it is about making the profit from the impression.

Wow! All those big datacenters, both Apple and Facebook!
Facebook wants all your data. Apple wants all your data. Apple is preventing Facebook from the data it used to get via Apple.

This is nothing about privacy. Albeit we see fine statements about 'privacy' and 'open internet'.

This a little corporate fisticuffs about which entity gets to own your data to monetize your life. Both assume the right of 'open privacy' when it comes to your data.

I know “both sides” narratives offer an easy way to tune out of an issue you don’t wish to engage with, but that’s a huge unsupported claim. Apple and Facebook have entirely different business models and Facebook has had a history of dishonesty about what they collect or how they use it, not to mention even shadier practices (remember when they suckered the news industry with that “pivot to video” based on fake data?).

It’s important to remember that large companies don’t have your best interests at heart but simply reaching for false equivalencies by reflex makes you prone to being fooled, not sophisticated. Facebook PR spends a lot of money trying to encourage this kind of apathy.

I'm all for "companies aren't your friends" as an attitude, but pretending Apple and Facebook are the same on privacy and what they do with your data is simply unsupported by the facts.
This is a deep misunderstanding of Apple's business model. Apple doesn't 'want all your data' because that's not useful to their core business. They're selling you privacy as a secondary effect, but they are indeed selling you privacy.

Apple publishes explicit statements about their privacy standards. Believing that Apple "wants all your data" requires believing that many, many written documents they publish, many of which would be easily falsified if untrue, are bald-faced lies. It's simply not reality.

Apple wants all your data to be stuck in their walled garden, but indeed not for the nefarious data mining/reselling practices of Facebook — more old fashioned lock-in reasons.
We have seen repeatedly that Apple does not want your data at all. Maps, for instance, goes far out of their way to not know who you are.
>Everyone's News Feed is unique, which means you're more likely to see content you want to watch, groups you want to join, creators you want to follow, and products and services you want to buy.

This is so bullshit. It means that I'm more likely to see content Facebook wants me to see, that maximizes some of their metrics. There's nothing for me there.

Yes, Facebook restricting Pages’ organic reach only to require the Page owners to invest heavily in advertising to make up for the difference was a real death knell for the concept of the digital public square on there.
It’s possible for those two initiatives to be aligned.
Highly unlikely, that’s just a lie marketeers tell themselves so they can sleep at night.
for the "products and services you want to buy", metric is maximum revenue for facebook. There is no chance these two initiatives can be aligned, as long as there is "bid" part in the equation. If you have 0.01% interest in my product but I have deep pockets, you will see my ad all the time.
That’s not how businesses work. They don’t burn money on useless ads, just to annoy you.
But that means products with more margin (which will profit from me more) can replace products which I would like most.

There are already on instagram products selling for 10x their market price with 40% discount (limited time offer)

Basically annoying me is side effect, not their purpose

I've tried to hide / report things in the feed but it keeps feeding me the same BS I don't want. So yeah, they show what they want us to see.
(NOT a FB supporter) At least one can block/unfollow certain people/pages. I assume that would finally leave them out of your sight. Yes you would have to block-list 99% of their junk so you can only be shown what you really care for. It's a never ending battle against their machine.

In a similar note (show/block/hide) I despise that Netflix is (not) doing, that does NOT create the "I don't want to see this ever again" option, and it keeps pushing the same stuff I have already watched (either within or outside Netflix) or the stuff I will never watch.

When I can follow exactly two organizations and nothing else and not be able to see them in my timeline, the site isn’t worth my time or attention.
I've seen ads on Facebook where a prominent show host has a beaten up face, full with bruises, and the tagline "you wouldn't believe what happened to him". More than twice, two different personalities. I'm pretty sure these ads were made without the consent of the displayed persons, or their management.

If Facebook wants to show me this kind of ads, it tells me all what Facebook is about. They don't have control about the ads they show, nor do they care about what ads they show.

And no, I am not a violent person, am not interested contact sports, so this is not a personalized ad, and no context exists where these ads could be helpful or meaningful.

I really do despise Facebook.

It's a big reason I bailed on FB years ago. Friends would post and yet FB's algorithm decided I was not interested in it. And vice versa.

I know it's easy, algorithmically, to simply show me all posts from my friends since the last time I logged in. And that's actually all I expected of FB.

Can we talk about the video?

First time I see it and it's just so awkwardly bad. It feels like something out of a low-effort parody. Never before have I felt that FB is crumbling but how the heck did this pass internally?

I guess it was a rush job, because it certain looks like it.

Besides the cringe factor, I think the bigger problem with it is "who is this video for"? If I didn't already know about the Apple/Facebook controversy, I'd have no idea what message it was trying to get across, and even then it's extremely vague. If I didn't pay attention to the bizarre voice over, I'd assume it a video for a new photo app or filter or something.

Apple isn't blocking Facebook from doing anything. It will just now be asking users to confirm they are ok with the tracking behaviour first. Facebook will have to do a lot better than this cringefest video to convince people why this is such a bad thing.

Curiously, Safari asked me if I want to allow Facebook to track me when I clicked on the video. When I declined, the video stopped. (Clicked again, let the video play out in the background, then declined. Oh well.)
I noticed the same thing. They're so petty they'll cancel the video mid-stream when you choose not to let them cookie themselves all over your browser. Think about it: Some engineer (maybe even someone who reads HN) programmed that business logic. Thank you, developer #48814 for being part of the problem rather than part of the solution.
(comment deleted)
Evergreen point that if users actually wanted this tracking, if they actually believed that ads and tracking made their timelines better, then they would say "yes" when asked if they wanted to be tracked.

Apple's change doesn't make tracking opt-in or opt-out, it forces users to make a choice, with both choices being equally easy to make. It's a perfect compromise between default privacy and default tracking -- presenting the user with an unskipable dialog that makes sure that neither option is buried in a setting someplace, that presents both options on equal terms.

So Facebook wants to argue that it's a worse experience for consumers if they're not being tracked, but the truth is that they know a large portion of users don't want the experience that Facebook is offering. That's why Facebook is scared. Not because Apple is bullying users into being private, not because (in this case) they're attacking the Open web, but because Facebook knows that when users are presented with a clear choice that makes it equally easy to opt into or out of tracking, they choose to opt out.

Advertisers are always saying that people want what they're offering. But they are so stinking scared about being asked to prove it.

I think the problem is that facebook never had to fight for tracking. Everyone just just got tracked and fb could do what they want. They never cared whether it was really useful, they just tried to show as much relevant ads as possible. A complete disregard for the user-experience thanks to it's monopoly, which also shows in fb getting unpopular (at least in my circles).
I don't know. When I first heard people talking about dark patterns in UI design, Facebook was the platform that immediately sprung to my mind.

It was always laughable (?) the hoops you had to go through to turn on various aspects of privacy in their settings. And it was constantly changing, requiring users to constantly go back into settings to turn off yet another flag that was introduced default-on.

They seem to have known very early on that user's would not appreciate their crap.

I'm a bit of an ideologue on this point, but I would argue it's not just Facebook -- nearly all modern advertising is divorced from the idea that ads need to provide value to consumers. At best, ads are treated as an annoyance that users put up with in order to access content that they want.

But the advertising industry desperately doesn't want to acknowledge that. They want to stick their heads in the sand and ignore that most users don't want to see anything that they're making. They want to argue that most users are benefiting from ads, even though that's clearly not true.

A system that aligned incentives between advertisers and consumers, where advertisements themselves actually needed to justify themselves and inform/entertain users enough that they provided positive value to the viewer -- that system would look very, very different from the advertising world we have today.

I think that disconnect is why you see people in the advertising industry fighting about ideas like users' Right to Filter, or why they're so paranoid about users having more control over which ads they see. Advertisers know that nobody likes ads and that for the average consumer, their ads aren't providing any kind of actual value. There's no incentive for most online advertisers to make ads that improve the quality of anyone's life -- the biggest incentive in the current system is to alter consumer behavior against their will regardless of whether that ad helps or hurts the viewer.

Presenting both options on equal terms is hard to measure, Apple is calling it "Tracking" when other (Facebook's) advertising networks do it, but they are calling it "Personalized Ads" when their advertising network does it.

Apple doesn't mind if users turn off the data feed to Facebook, but obviously they don't want users disabling the same data feed to their advertising network.

It’s very possible to personalize ads without personal information.

It’s not possible to de-personalize Facebook, its whole knowledge graph is built around identities. Permission to use that data can be managed internally but it’s always gathered and processed initially as personalized.

Ok, but is that actually what Apple is doing? If the distinction is purely hypothetical, it's not relevant.
It's OK to be angry that Apple exempts themselves from privacy requirements, but that doesn't mean that users aren't showing their true preferences when they opt out of tracking. The options in regards to Facebook are still being presented on equal terms.

It would of course be good for Apple to call their own behavior "tracking" as well, because that's what it is; that is the most accurate word for what is happening. "Personalized ads" do not accurately reflect what is happening because ads can be personalized in lots of different ways, only some of which involve user tracking.

But I don't think that has anything to do with Facebook's argument. Facebook's argument here isn't "everyone wants to exploit users, but only Apple is getting to do it", their argument is that users like tracking, that the tracking Facebook does is not exploitative. Well if that's the case, then if you show users a dialog that asks them whether or not they want to be tracked and there's a "yes" button and a "no" button, then users who do want to be tracked will click "yes."

When I say that the options are shown on equal terms, I mean that neither option is privileged for Facebook. It's exactly the same amount of work for a user to opt into Facebook tracking as it is for them to opt out if it. That means that Facebook can't blame application defaults for consumer behavior, consumers are actually making a real choice here.

Calling it tracking is more honest. Maybe personalized ads is a derivative of tracking data. It since it requires tracking to produce personalized ads, asking if you want to be tracked is the honest approach. Apple is trying to avoid dark patterns that Facebook was essentially built upon.
Plus I have zero confidence that if I were to turn off what Facebook calls personalized ads, they would stop tracking me.
That’s because Apple’s ad personalization doesn’t revolve around cross-site tracking. It’s based on demographic information you provide them and preferences you select within Apple’s universe of services. The only place it arguably starts to cross into the realm of tracking your activity is when it determines your genre preferences based on which movies/music you buy on iTunes or which publications you subscribe to in Apple News. But I don’t think anyone would be surprised by or offended about Apple Music recommending you more music that’s akin to other music you like.
The distinction Apple makes is that iAds don't "track" you because they don't use cross-site or cross-app tracking in third party services the same way Facebook or Google do.

Apple is of course still performing data collection for targeted iAds, but that's the reason they don't call it "tracking."

If you go to Settings > Privacy > Apple Advertising on iOS it tells you so:

"The Apple advertising platform does not track you. It is designed to protect your privacy and does not follow you across apps and websites owned by other companies. You have control over how Apple uses your information."

Note that I'm not necessarily agreeing that what Apple does doesn't fall under the description of "tracking." Just pointing out why Apple calls what Facebook does "tracking" but not their own iAds.

You assume that Apple is telling the truth. The cynic in me thinks that they narrowed the definition of tracking and follow in a legal sense but not in the way we would think of it. Or they are outright lying. It is also possible that it isn't apple doing it but a third party doing it on Apples behalf.
It's possible they're lying, that's true, but I think it's unlikely a secret like that could be kept long term. Employees have no reason to remain loyal when no longer employed by Apple and partner company employees would have to know about it too. The reputation damage would be catastrophic, so IMHO it seems unlikely they would take such a reckless risk.

So it's a matter of making a call between using vendors we know for a fact are tracking you, some of which have lied about it (see, hard to keep these things secret), or one that at least claims not to and has a lot to lose if caught out.

The burden of proof would be on you to prove Apple is using third parties to track its users in that case. Without proof it's just a goofy conspiracy theory.

My first question would be... why? What's their motivation?

Facebook has to track users to make money, it's their entire business model.

The same is not true of Apple, who make almost all their profits from hardware sales and are worth over $2 trillion.

Going out of their way to get a third party to secretly spy on users on their behalf sounds like far more effort and risk than it's worth to me. It's not like they're desperate for extra cash.

And it's not like it'd be impossible to find out if it was indeed the case. iOS gets reverse engineered all the time. I can see all the traffic my iPhone sends through my DNS logs. If this hypothetical third party was embedded in iOS spying on user activity, it'd be spotted quite easily and quickly.

So I ask again, why would Apple do that? Aside from being a total PR nightmare it'd be straight up illegal.

I trust Apple because I don't see what reason they have to lie when they've built a multi-trillion dollar business without tracking their users already.

> Or they are outright lying.

It seems unlikely Apple is going to outright lie about something like that considering it could open them up to serious legal liability (CCPA, GDPR, etc).

>So Facebook wants to argue that it's a worse experience for consumers if they're not being tracked, but the truth is that they know a large portion of users don't want the experience that Facebook is offering.

I think this is true for a lot of people on social media. They're there for the people and topics they care enough about to explicitly opt into. Ads and recommendations can fuck right off.

It’s an unwarranted assumption that people given a question to answer always understand what it’s asking and answer truthfully. Another possibility is that many users won’t understand or care much and will just click at random to make the dialog go away. Or they might use default rules like saying “no” to anything they don’t understand.

Since we can’t ask users what they meant, it’s not something we can know.

For more skepticism about the over-interpretation of survey results: https://carcinisation.com/2020/12/11/survey-chicken/

So this argument reduces to: “People might not understand a question which is important that they understand. So let’s just not ask them in case they misunderstand and assume they answer in a way that is beneficial to us.”

Does that sound right?

Not at all. I didn’t suggest any alternative. Given the controversy, I’m not sure there’s a better one.

But you might compare to what browsers do these days for visiting websites with fishy-looking certificates. They don’t just put up a dialog, they heavily discourage it, because the assumption is that many users would say “yes” just to get rid of the dialog.

And with the vastly-majority of sites now using HTTPS certificates, the "invalid SSL certificate" page has become exceptional enough to have me actually read the "why" is the browser complaining so much, instead of just clicking on the "eh, whatever, I know the risk, drive me in!" button, which I would have clicked without remorse 15-20 years ago.
In general this is a an argument that users shouldn't be given a choice because "you" know better than some/many users. So "who" knows enough to force an option on everyone because some users might not understand this choice between having Facebook track information about them or not?

Would you argue that increasingly targeted advertisement is enough of a net good that the choice to avoid it should be gone?

I think Apple’s approach is reasonable and I don’t have a better way. I’m just warning against over-interpreting the results as a strong preference.
That could be a good argument for Facebook explaining why they ask for a permission before prompting, as many apps do. but it’s hard to believe this is their reasoning when they’ve strenuously avoided both asking permission and honestly explaining what they intend to use it for. They’ve had years to be more transparent and have presumably thought about why they’ve spent millions fighting it.
That’s also an argument against allowing everyone to vote.
It’s a fully general argument against trusting knowledge gained from surveys, and I do think we should be skeptical that voters always know what they’re doing. Particularly for elections they aren’t paying attention to.

The “will of the people” is something of a myth. Votes go in and the algorithm makes a decision. Do you feel represented when the decision isn’t what you wanted?

But it’s not an argument against elections because I’m not claiming I have a better idea. We do need some peaceful way of making decisions that people will accept. A legitimate, accepted process beats chaos, and new processes aren’t easily adopted.

Elections are less about finding the optimal will of the people and more about creating an adversarial environment for politicians in order to prevent capture by a single party.
Facebook has regularly taken the position that users know what they're opting into when they use Facebook.

If they want to take the position now that their users don't understand what "tracking" even is, then Facebook was lying before when they said they had informed consent from their users to do that tracking.

The advertising industry regularly wants to have its own cake and eat it too on this point. They want to say that users understand and consent to the system, but also that users are too uneducated or lazy to acknowledge that consent in any way.

And to a small extent, there is a grain of truth here: most users don't understand the full extent of what tracking is and how companies are targeting them. But that's not a point in the advertising industry's favor. Companies like Facebook acknowledging that users don't know what they're opting into or out of only makes it more obvious just how inadequate their click-through TOSes and privacy FAQs always were.

This describes it pretty much spot on. It’s the change to make it transparent and clear to end users. One of the core accusations against google and Facebook is that they have been doing this on the sly and in-transparently, as is well documented in the book surveillance capitalism by zuboff.

They have done this for decades, with google paving the way, by slowly and surely chipping away at peoples privacy. People then just give in over time, amplified by single sided terms of service that allow them to pretty much change anything at any time.

This is hopefully one of the major turning points where this kind of behaviour will no longer be tolerated. Expose privacy. Make it explicit. Let people actually decide.

> personalization, and it's the not-so-secret sauce

zation -> sation -> satum -> to sow

personal -> persona -> πρόσωπον -> mask

The truth hurts. Facebook, and everyone working for them, is interested in sowing our online masks!
I have zero sympathy for what Facebook is doing so I believe this is a step in the right direction.

A bigger step would be to just stop using anything Facebook. You attention is a precious resource and your time on Earth is limited.

That's a bigger issue, but I agree.

I broke the yoke of Big Cable and transcended the "vidiots" only to have become lazy and a "netiot".

A friend I know appears to limit his computer (and phone) time to the morning hours. (I mean, I've never asked him but if I email or even text him, I never see a reply until the morning of the following day.)

I am going to try and do that as well. Get some actual shit done during the day again.

Personally, after dumping Facebook and Twitter, I made a Mastodon instance to chill out on.

While it is arguably just as much of a time waster as any other social media, it doesn't track me, throw ads in my face, show me an algorithmic feed designed to manipulate me, "suggest" people and pages to follow, and since it's my instance I can choose what other instances I do or don't want to federate with.

The end result is a form of social media that's much better for my mental health. We've all seen the studies by now about the stress and other negative effects of Facebook. None of that applies to Mastodon and the fediverse in general. Or at least, much less of it. Ultimately, of course, it depends on how you choose to use it.

But yeah it's still just as easy to spend all day on there instead of actually getting shit done. Mostly.

One thing Mastodon doesn't do, which Facebook, Twitter, Snapchat, Instagram, and the rest do is bug you with notifications telling you what you're "missing out on" if you don't use it for a while. I've had Instagram go nuts sending me constant notifications telling me nothing except "this list of people posted recently, check out what you're missing!" Then, when I disabled its notifications, instead I get emails saying the same thing.

I'm probably gonna delete IG soon because it's Facebook owned and I don't use it anymore, but point is, these mainstream social networks are designed to pull you back in constantly. Federated networks are not. Much easier to not use Mastodon for a few days, nothing will bug me about it.

i used to do this before the pandemic. i would have limit my screen time and it worked wonders
The problem is Facebook isn't just... Facebook. It's Messenger. and Instagram. and WhatsApp. I could easily cut all of those things but unfortunately literally everyone I know uses Messenger for day to day messaging.
the struggle is real. but for people that want to talk to me there is Signal. I have seen a lot of people jumping on it lately. The tide is turning
(comment deleted)
Did not think that NPR's all-out war would end so fast...
National Public Radio? National Performance Review? Non-photorealistic rendering?
Explicit consent for privacy-related things is a great idea. It’s difficult to sympathise with Facebook here.
Apple and Facebook are vastly different companies with different incentives and business models. The former is about selling a very particular vision on the personal computing experience and controlling the platform that underpins that experience. The latter is about selling adverting space, business intelligence and access to large audiences.

To both of them, privacy is a liability or a business opportunity. They will engage with the issue of privacy to the extent that it fits within their business models.

As far as Apple is concerned, Facebook's stance regarding privacy today isn't a straightforward legal liability or even a moral quandry. It has become a deep strategic liability.

Over the past 15 years Facebook and others could freely leverage the affordances provided by Apple's platform - the app store, browser, API's, devices,... - to develop an environment that enables them to track its users. The endless string of deep issues caused by social media have rubbed off and put the entire industry - "Big Tech" including Apple - under public scrutiny.

Apple's relationship to Facebook isn't as straightforward as one might think: it's implicitly symbiotic. Audiences want to be able to connect with others via social media. And Apple is perfectly positioned as a middle man to provide an integrated platform - devices, OS, app store,... - to do just that. Being able to access your social network is a major selling point for Apple. Not having to build the infrastructure itself and letting others do it, was a massive opportunity for Apple. At least in so far that those actors didn't enter Apple's own markets.

And so, Apple's changing stance is born out of necessity. It's about safeguarding the brand and the vision that it wants to sell to the world. But it has to do that gingerly since it's products have become part of a digital infrastructure that underpin vast parts of economical and societal activities. Unlike Parler, Apple can't just remove Facebook from it's app store without hurting its own interests.

In all of this, I don't think that Facebook "admitted it has lost the Battle with Apple over privacy". Let alone that it actually lost that "battle" such as it is.

Even more so, if there ever is a battle over privacy, it's between Facebook - and other media companies - and the public as represented by it's legal and judicial institutions. Whether it's through hearings in Congress, or through the dealings with the EU Commission.

Apple itself is no stranger to it's products being front and center to privacy issues. It has a long-standing dispute with the FBI about adding backdoors that would allow public authorities to circumvent encryption. [1] However, this is less of a strategic issue threatening it's commercial interests: it's a legal issue in which public authorities - not a private actor - demand legal compliance from Apple. Which is a very different ballgame.

In the eyes of the general public, all of this may seem to revolve around the same set of issues. And Apple might be perceived as the "good guy" taking the private interests of its customers to heart as globally trust in big technology corporations has been damaged. But I think that's just too simple and naive a narrative. The reality is usually far more murky.

[1] https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_d...

This is a very interesting post. And you're of course correct, Apple wouldn't take a pro-privacy stance if it was bad for business. They're able to do so because their business model relies primarily on hardware sales.

Your points about Apple's position in the marketplace making it a part of consumer infrastructure, and the argument that Apple above all else wants to disassociate itself from the flack the rest of the tech industry as a whole is getting are also extremely valid.

However, even if Apple's incentives are based entirely on self-interest (it's a corporation, so this is not exactly a groundbreaking revelation) that doesn't mean the end result cannot be in the consumer's best interest as well.

Just as most people here would agree Facebook's business model works against the interests of the consumer, I'd argue Apple's business model is more in line with the best interests of the consumer even if Apple's motivation is 100% selfish and any benefits we get as consumers are secondary.

I don't really see how it matters. The benefits to us as consumers are the same regardless of motivation.

Exactly.

> I don't really see how it matters. The benefits to us as consumers are the same regardless of motivation.

This issue/debate doesn't take place in isolation. Consider it like casting a pebble in a pond: the waves cause all kinds of 2nd and 3rd order effects re-shape the environment in which things can happen.

For one, the comment section already hints at how the perception of Apple as a brand is being re-shaped. The million dollar question is in what direction this will prompt both Apple and many other stakeholders down the line. If Apple gauges customer sentiment, what does it take away from that? And how will it act on changing sentiments? How is Apple going to capitalize on those changing sentiments? Not just purely in it's short-term commercial proposition, but also in it's long term vision and strategy. How will changing perceptions shape the relationship between Apple and public authorities scrutinizing Apple?

Zooming out, this Apple adding a new feature: mandatory customer permission before sharing data. It sounds earth shattering novel but it really isn't in and of itself. That's what the GDPR has been enforcing since 2018. The key difference is Apple taking direct control over this transaction, instead of passively delegating things to the app developers.

It's quite questionable if this move is going to create more awareness or change the playing field to a point where people stop installing the Facebook app and reach out towards alternatives.

Far more interesting is seeing Facebook creating an ad as a response to this. You might think that this implies Facebook conceding defeat, but I don't think that's what's going on here. As far as FB is concerned, spending money on an ad is just a blip on its radar. It's above all a token display of dismay/disagreement towards Apple (that's what the article got right) and not much more.

In the short run, this won't change much and it will mostly be business as usual. What matters is how this fits into a bigger power play between Facebook and Apple. The present fog of war makes it hard to make out right now, but the significance will become clear in the future.

(comment deleted)
What is the next best alternative for a Facebook advertiser in a world of no third-party tracking?
Facebook and Google shouldn't be allowed to run ads on their ad networks without paying the same as customers pay to some 3rd party a charity, a tax, etc...

Likewise Amazon shouldn't be allowed to basically steamroll custom brands and replace them with Amazon products that are exactly the same.