27 comments

[ 4.0 ms ] story [ 33.2 ms ] thread
Do you get the same pop up on apple apps or only on apps you've installed?

Because I can see that being classed as favoring apple services and apps of it is the case.

Not sure why I am getting down voted, this was a genuine question.

Same popups for all apps (at least for me).
I think for the sake of conversation we would have to draw a dividing line between the operating system Apple makes and the apps Apple makes, even when that line can be very, very blurry. (Pre-installed apps, the App Store itself, etc.)

I'm having a hard time with the App Store, both as an example of an app that shows ads and should therefore not be allowed to use the device ID without prompting, but also being the app that manages the apps you run on a device, and therefore might require a device ID to function correctly?

But perhaps the answer is simpler than that, and Apple only needs to keyword-match to show ads in the App Store, no tracking ID required?

Personally, I would solve this dilemma by eliminating App Store ads. Users want the app they searched for, not the app a competitor is paying Apple to promote...

> Users want the app they searched for, not the app a competitor is paying Apple to promote...

But wait, you can apply this line of reasoning to any product that is promoted through ads.

You don’t need any kind of tracking for App Store ads, because the App Store is already aware of all your purchasing history. Same thing for any storefront: Amazon’s stats based on your history won’t be affected either.
> I think for the sake of conversation we would have to draw a dividing line between the operating system Apple makes and the apps Apple makes, even when that line can be very, very blurry. (Pre-installed apps, the App Store itself, etc.)

There is no meaningful difference when Apple uses "We already have an app for this" as a justification to remove third-party apps from their platform.

Apple has been asking for permission for privacy-sensitive features for quite a while now, with dialogs that are more intimidation than these.
Weird to see my favourite Newfoundland newspaper on Hacker News.

Unrelated fact -- my first job many decades ago was delivering the physical version of this newspaper.

I'm happy to see they are still in business, even if this is a Reuters wire story.

"French groups IAB France, MMAF, SRI and UDECAM complained to the French watchdog last year, saying the feature would not affect Apple's ability to send targeted ads to users of its own iOS software without seeking their prior consent."

What targeted ads are apple sending? iAd was discontinued in 2016, was it replaced with something?

Maybe the App Store’s ads (e.g. when you search).
I searched on that to try and find out, and found this:

"Ads that are delivered by Apple’s advertising platform may appear on the App Store, Apple News, and Stocks. Apple’s advertising platform does not track you, meaning that it does not link user or device data collected from our apps with user or device data collected from third parties for targeted advertising or advertising measurement purposes, and does not share user or device data with data brokers."

https://support.apple.com/en-ca/HT205223

That's some pretty tricky wording there. They are basically saying that you could target someone who reads something in Apple News for an ad in the App Store. This is behavior that they are preventing other companies from doing effectively by making others go through tracking screens but exempting itself.

Despite how much you might trust Apple, you can agree that they should have to have the same tracking restrictions that all other apps have.

> Apple’s advertising platform does not track you

This seems pretty straightforward.

(comment deleted)
Based on that wording, they could use the data to perform their own targeted advertising in those places. They just won't share the data with third parties.
Aren't those keyword-based?
Even if they did track that, it would be first-party tracking, which is fine. Just like Facebook can still show you ads based on what you do on Facebook.

It wouldn’t be fine if Apple sold that data to third parties.

This seems to be what most people expect. My mom knows that what she’s doing on Facebook is tracked by Facebook. She probably does not know that what she’s doing in other apps is also tracked by Facebook.

They aren’t. This is just FUD from groups that oppose getting user permission for tracking.
Technically the statement isn’t false (it indeed doesn’t affect their *ability’ to do so) but they don’t do targeted ads so it’s an argument in bad faith.
Also, surely the solution to that would be to force Apple to comply with the same rules, not to remove the feature entirely?

As another commenter said, it’s clearly an argument in bad faith

What Apple is doing sounds like requiring that tracking capability is only given in the case of users who actively agree with a meaningful opportunity to decline.

Whenever there is a discussion of GDPR and cookie popups, someone claims that “By using this website you automatically agree to cookies” is against the requirements of GDPR.

I am aware that my total lack of legal qualifications can make two unrelated things seem like the same thing, so a question to anyone who knows:

Is Apple requiring anything that is not already required by GDPR?

Apple gets to force a UI that says allow/decline instead of the usual website ui of “continue/advanced settings”
The ICO indicates the GDPR (Well UK GDPR now they've left the EU, but it hasn't had time to diverge yet) unambiguous consent is satisified by:

> Clear affirmative action means someone must take deliberate and specific action to opt in or agree to the processing, even if this is not expressed as an opt-in box. For example, other affirmative opt-in methods might include signing a consent statement, oral confirmation, a binary choice presented with equal prominence, or switching technical settings away from the default.

> The key point is that all consent must be opt-in consent, ie a positive action or indication – there is no such thing as ‘opt-out consent’. Failure to opt out is not consent as it does not involve a clear affirmative act. You may not rely on silence, inactivity, default settings, pre-ticked boxes or your general terms and conditions, or seek to take advantage of inertia, inattention or default bias in any other way. All of these methods also involve ambiguity – and for consent to be valid it must be both unambiguous and affirmative. It must be clear that the individual deliberately and actively chose to consent.

So allow/decline is a "binary choice presented with equal prominence" as required but "allow/more info" or "allow/advanced settings" is not equal prominence (especially when visual styling emphasises Allow, or more info/advanced settings is buried in text.

https://ico.org.uk/for-organisations/guide-to-data-protectio...

This article states that that is at least the view of the french antitrust watchdog after consulting with the body responsible for enforcing privacy laws in France.

Certainly by the spirit of the GDPR, Apple is enforcing the expectation. Whether there is legal wriggle room for a more limited interpretation appears to be up to your local regulator's decision making about who to prosecute.

I'm at least not aware of anyone winning a case on viewwrap or required consent, though privacy bodies aren't keeping up with people finding new excuses to not comply.

The GDPR mandates that any non-essential tracking should be strictly opt-in, and targeted advertising doesn’t fall into that. The problem is that the GDPR is not enforced (at least not that aspect of it - preempting “enforcementtracker.com” links trying to prove me wrong) so websites get away with it.

It is my understanding as well that the Apple changes don’t require anything new that the GDPR didn’t require anyway, so should these companies have been compliant it wouldn’t have been a problem.

It's not a mere watchdog, it's the French equivalent to the FTC.