this post was submitted on 14 Jul 2023
65 points (95.8% liked)
Technology
59197 readers
3563 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
IIRC Apple does apply differential privacy - sending wrong information randomly about your trips to themselves, where they then average over all users to get rid of the noise they added so it becomes useful aggregate data.
And they never submit the start and end locations of the trips. Maybe the privacy is still terrible but it’s way way way better than Google’s IMO
Source: https://techcrunch.com/2018/06/29/apple-is-rebuilding-maps-from-the-ground-up/
“We specifically don’t collect data, even from point A to point B,” notes Cue. “We collect data — when we do it — in an anonymous fashion, in subsections of the whole, so we couldn’t even say that there is a person that went from point A to point B. We’re collecting the segments of it. As you can imagine, that’s always been a key part of doing this. Honestly, we don’t think it buys us anything [to collect more]. We’re not losing any features or capabilities by doing this.”
The segments that he is referring to are sliced out of any given person’s navigation session. Neither the beginning or the end of any trip is ever transmitted to Apple. Rotating identifiers, not personal information, are assigned to any data or requests sent to Apple and it augments the “ground truth” data provided by its own mapping vehicles with this “probe data” sent back from iPhones.
Because only random segments of any person’s drive is ever sent and that data is completely anonymized, there is never a way to tell if any trip was ever a single individual. The local system signs the IDs and only it knows to whom that ID refers. Apple is working very hard here to not know anything about its users. This kind of privacy can’t be added on at the end, it has to be woven in at the ground level.
Still.. its closed source. I can tell you that my closed source code that i only have access, doesnt track your movement everywhere. "Trust me bro" move. The first sentence doesnt make sense at all.
They added noise and then removed the noise?
You're absolutely right that closed source makes it much harder to verify that software does what it's supposed to do. I'm not sure in the absence of ability to view the source how we can be sure that Apple does what they say. (maybe network packet sniffing? Are there privacy audits? Must it be disclosed in GDPR requests?) I hope someone with the appropriate qualifications is able to chime in on this.
I'm sorry for my poor explanation, and unfortunately I do not specialise in differential privacy. My layman's understanding is that they add noise to the segments of your navigation before sending it to themselves. Once they receive the noisy data, if they average out many samples, the noise is "averaged out" in aggregate statistics. I hope an expert on differential privacy is able to chime in.