iPhone = Privacy?
kerkour.comApple seems to prioritize privacy more than the competition, while for Google collecting, and combing through to monetize, your personal data is a big part of their business model.
Much of this criticism seems misplaced or invalid. Apple tracks your IMEI? Well, sure, unless you choose otherwise, and they've given you a convenient place to turn off. Apple chipsets track your location down to the meter? Well, yes, that's a feature most people enjoy - and they've given you a convenient place to turn off, if you don't. Apple is using third party app Siri interactions to train Siri? How is this even a privacy issue... has any real world privacy problem ever occurred because of this? If you don't want Apple to hear your voice or process your Siri requests... don't use Siri? They've given you a convenient place to turn it off.
The only one I agree on is the image scanning for CSAM. The idea of a device I own acting as a state informer using AI to detect what it thinks is a crime is not my idea of a step forward.
> The only one I agree on is the image scanning for CSAM. The idea of a device I own acting as a state informer using AI to detect what it thinks is a crime is not my idea of a step forward.
The likely reasoning behind this, although unspoken, was to (at some point in the future) enable E2EE for iCloud Photos. Currently, Apple doesn't do nearly any CSAM scanning on iCloud Photos[0], so the FBI et al. are pushing for them to change that - instead of licensing PhotoDNA, they tried to create something that would keep image data out of their hands while not further enabling CSAM distributors.
0: "According to NMEC, Apple submitted 205 reports in 2019 (a third my my reporting volume). Apple increased a little, to 265 in 2020, but then dropped in 2021 to only 160 reports. That's nearly a 22% decrease over two years!" https://www.hackerfactor.com/blog/index.php?/archives/955-NC...
Yeah, I'm a huge privacy advocate but the part people are missing with this fiasco is that client-side scanning before _anything_ is uploaded is objectively less invasive than every single photo being scanned on iCloud (the direction legislation is heading). Again, this is an _opt-in_ behavior when you enable iCloud Photos, for photos that you're trying to upload (currently not E2EE) anyway. The feature comes with the potential upside of allowing Apple to enable E2EE for all photos, while credibly proving to the government there's no CSAM.
>client-side scanning before _anything_ is uploaded is objectively less invasive than every single photo being scanned on iCloud
That's like saying cyanide tastes better than strychnine. It might be true, but I'd rather just not have either one.
I mean, iOS uses the same client-side machine learning to "scan" your photo library for tons of things. You can search "Dog" and get results, with nothing ever touching Apple's servers. We're happy with this but not happy with the other?
>We're happy with this but not happy with the other?
Yes?! What's hard to understand about the difference between:
1) An application using AI to scan photographs to provide categorization benefits to the owner/operator/user
2) An application using AI to scan photographs to provide accusation and punishment to the owner/operator/user
...especially when feature #1 can be turned off, but feature #2 cannot be turned off?
iCloud mischaracterizing a baby picture as a "dog" might cause some dinner table chuckles, but it's never going to cause meaningful harm. iCloud mischaracterizing a baby picture as a child abuse image can VERY plausibly cause extremely severe harm.
As a matter of principle, my devices shouldn't be designed to act against my will as an active informant for the authorities against me. The point that they do is the point that I join the flannel and wooly beard set out in the mountains eschewing technology and living "off the grid".
> but feature #2 cannot be turned off?
The CSAM scan would not be enabled if you had iCloud Photos turned off. All it did was move the scan on-device, it still only ran if those photos were destined for the cloud.
> We're happy with this but not happy with the other?
One carries the risk of not finding a photo you're looking for.
The other carries the risk of a possibly life-ruining criminal investigations being opened against you.
This is a new surveillance vector that explicitly gives your phone the required functionality to report any flagged content on your device directly to the authorities, something that is clearly a slippery slope with questionable effectiveness at best. I'm not sure how you can compare it to strictly local face recognition AI.
> has any real world privacy problem ever occurred because of this
Yes. People who don't quite understand how Siri works will divulge a lot of personal information. There's many stories from workers at these third parties about how much intimate detail they've heard when listening to these clips.
Now, that said, Google and Amazon do this too. It's truly a strike against all providers.
When you setup a new Apple device, Apple asks users whether they want to share Siri recordings with Apple.
>There's many stories from workers at these third parties about how much intimate detail they've heard when listening to these clips.
Assuming those internet stories are even true - can anyone show me actual harm occurring to anyone based on Apple's use of Siri training? I've heard some Alexa stories, but frankly, Apple seems to do a really good job of protecting that information, at least so far, at least as far as the public knows.
A lack of reported harm does not imply a lack of the ability to harm.
"Siri, order medicine X and deliver to address Y" is a simple example of how a simple command - whether valid or not - can expose someone's medical history, and while an ethical reviewer (probably 99%+ of reviewers) would do nothing with it, an unethical reviewer could.
> "Siri, order medicine X and deliver to address Y" is a simple example of how a simple command…
FWIW, Siri isn't capable of anything resembling this. For fun, ask "Siri, how many days are left in this year?"
IME, using "virtual assistants" is as much about training you as it is about training them.
If you as the question as "Hey Siri: how many days until the end of the year?", you get a valid response. I intuitively guessed that the word "until" was a trigger that would make Siri understand what I meant.
In other words - it's not that Siri isn't _capable_ of doing things like ordering medication, but that the syntax for doing so is still obscure and specific enough that most people aren't using it for purposes like that.
I've set up a number of shortcuts that I regularly use. For instance: "Tell my wife I made it" will send her a text message letting her know that I've arrived wherever I was going. "Tell _them_ I made it" will send the same message to my wife, daughter, and mom.
Until the NLP algorithms get better at inferring intent, a combination of user training and custom shortcuts will be needed to do things like this.
No, Siri isn't capable of doing things like ordering medication, because that requires more than just improving NLP capabilities.
It requires there being some specific facility for Siri to place orders. It requires some mechanism for conveying payment. It requires being able to determine where to order from in any given case (because Apple, unlike Amazon, does not attempt to be the one-stop-shop for everything under the sun).
This really seems to be just perpetuating the popular, but dangerous, fallacy that "AI" is all basically the same thing, and if you keep feeding enough data to your NLP algorithms, at some point they'll become able to do things that affect the real world purely by some kind of handwaved "ability to connect to the network".
Which I acknowledged in the following four words.
Not all commands are valid, but the invalid commands are reviewed as much (perhaps even more) than the valid ones. "Was it incorrectly invalid" is a question I, as a developer, would want to know.
>A lack of reported harm does not imply a lack of the ability to harm.
The assertion wasn't that there is a possibility that Siri could cause privacy harm. The claim was that it DOES cause privacy harm. So yes, a lack of reported harm is actually evidence here.
Because the code of IOS is closed source, we have to trust these settings actually stop transmitting data back to Apple. Given how valuable such data is to central collectors, this trust is a big leap for some of us. Comparing Apple to Google is a false dichotomy since many alternatives now exist.
> The only one I agree on is the image scanning for CSAM. The idea of a device I own acting as a state informer using AI to detect what it thinks is a crime is not my idea of a step forward.
There's also a convenient place to turn it off: CSAM scanning doesn't happen if you don't use iCloud photos/files syncing.
Yet.
Seems to - because it's a great marketing.
This is all reasoning we heard in the past to defend Google.
With Google, it was all true and still is...
> Apple seems to prioritize privacy more than the competition, while for Google collecting, and combing through to monetize, your personal data is a big part of their business model.
My TV also doesn't have data as its main business model, however ... it still collects data on me.
The cost of TVs is now heavily subsidized by the data-mining, though, whereas I don't see much evidence that's the case for Apple products, whatever their other problems (if such evidence does exist, I'd be interested to see it).
> whereas I don't see much evidence that's the case for Apple products
https://www.barrons.com/articles/apples-advertising-business...
I don’t see what the issue is, unless Apple is violating my privacy to serve their ads.
(I’m not a fan of ads, but don’t see how this is necessarily a privacy issue)
Well there's the disingenuous way in which they present the choice, defaulted to opt in with flowery language, versus the popup third party developers have presented to their users.
There's also the "app store health card" which the cynic in me would say is designed to scare people away from "competing" apps, because none of the Apple equivalents have a health card. Additionally there's no nuance - both iMessage and Twitter ask for location data - but only if you want to share your location. End result? People looking at Twitter in the App Store surmise "well, they must be tracking my location at all times!".
> none of the Apple equivalents have a health card.
Apple's apps on the App Store most certainly do have health cards. Not sure what you've been looking at...?
Built in apps - iMessage. And yes, that does seem to be in the app store now, however, there's a lot there that seems to be missing - access to photos for example isn't listed in the health card, neither is microphone access - both of which are core features of the app.
Are they?
It looks like the way it's implemented, access to photos comes through a Photos extension to iMessage (I think I recall these being called "iMessage apps"?), rather than it being inherent to the app.
And options for the microphone similarly seem to belong either to the extensions, or to the system—which handles microphone input as a substitute for typing.
It's possible you're right, and I'm missing something, but that's how it appears to me.
Is that available to other apps? If not - then this just looks like they're skirting around things they foist on third party developers to make themselves look squeaky clean.
I don't know the details, but I know that third-party apps can add iMessage apps. And the microphone input to replace/supplement the keyboard is a systemwide thing, working on any(?) text input.
The microphone access is also for voice messages, which are supported by other messaging apps, but again, has to be listed in the health card - and looks nefarious.
> I don’t see what the issue is, unless Apple is violating my privacy to serve their ads.
Google also claims they don't violate our privacy by hiding our data from third party advertisers. They still collect massive amounts of data ...
Ads that rely on tracking is a problem for privacy, not all ads.
> Apple ad exec wants to more than double ad revenue with new ads across iOS
https://arstechnica.com/gadgets/2022/08/report-apple-is-expl...
> Apple seems to prioritize privacy more than the competition, while for Google collecting, and combing through to monetize, your personal data is a big part of their business model.
It's puzzling to me how this keeps getting repeated without any strong foundation. This story that others sell your data while Apple holds it secure is a narrative established by Apple that keeps coming up like a mantra.
The implication is that Google is gathering personal data to then then sell it to third parties.
But this is not their business model. They profile their customers via their behaviors and personal data, match them to a persona and then sell services to third parties to advertise to users fitting that persona.
I don't see how Apple is doing any less of customer profiling and persona generating than Google. They are both in the business of profiling their users and then monetizing them by offering services to internal/external customers who look for a certain audience.
The core of this is exactly the same between Apple and Google. Neither of them is selling the user-data directly, they both process it in order to package their users into a service they can sell to others.
The main thing that Apple does differently is, that they took stronger measures to ensure that the data THEY collect from their users can only be collected by THEM.
So Apple took action to protect their unique market position of selling ANY kind of goods to users of Apple products, and they claim that they are more honorable to hold and process all your data for financial gain just because (so far) they failed to compete in the advertising industry.
>The implication is that Google is gathering personal data to then then sell it to third parties.
No, the implication is that Google collects as much of your personal data as possible, stores it forever, and monetizes it. You can tell because that's what I actually said. What you're responding to is a red herring - you brought up third parties, not me.
If I use the Apple Mail app with default settings from my iCloud account to e-mail ten lawn care services, I won't start seeing web ads for lawn care. If I use Gmail with default settings, I will.
> The main thing that Apple does differently is, that they took stronger measures to ensure that the data THEY collect from their users can only be collected by THEM.
No, the main thing that Apple does differently is make their money by selling hardware, software, and services directly to end users. This is in stark contrast to Google, whose typical business model offers free services that make the end users into the saleable product.
> If I use the Apple Mail app with default settings from my iCloud account to e-mail ten lawn care services, I won't start seeing web ads for lawn care. If I use Gmail with default settings, I will.
That's because Apple doesn't operate ad-services on scale at this point, particularly not on the web. The fact that they are scanning each and every email was made clear when they announced their CSAM scanner you also mentioned. I strongly doubt that Apple operates a crime-fighting division and that is the only purpose of scanning content. It's much more likely that they already analyze messages and content with other ML-models to refine the persona they created of a user.
So yes,they don't show you personalized ads on webpages, but without them operating in ads that's not an indicator of privacy. After failing to compete on Ads since 2010, their effort just started to ramp up in the last year.
> No, the main thing that Apple does differently is make their money by selling hardware, software, and services directly to end users.
Agreed, but Hardware is a segment that is close to saturation, and the majority of SW R&D resources are spent on the OS which is provided free of charge when purchasing the Hardware. Their growth-strategy is quite obviously based on services, with the strongest-growing of them being platforms of consumption (Appstore, Music, TV,...) and platforms of data-aggregation (Cloud, Pay, Card, CarPlay, Homekit,...).
Those consumption platforms serve content of third parties competing with each other for the user, and as the platform provider Apple offers those sellers paid services to reach the user.
I am fine to disagree, but in the growing world of services which are about to reach 25% of Apple's revenue soon, the Apple user who created the hardware revenue is the product being sold by Apple. To App-Developers, Music publishers, Movie Studios, Mobile carriers,...
> Thus, anyone who has access to your iCloud account, whether it be a hacker, an Apple employee, or a government agency, has also access to that data.
Lost a lot of credibility here by including Apple employees, as that’s not a thing.
Honestly this just reads as a bunch if FUD for what appears to be no reason. There’s no new info, no new perspective, no attempt at fair explanation of why those things might actually be desirable for the customer…
Just a bunch of bad faith interpretations of how an iPhone works to try and scare or confuse the reader, and no discernible reason for why.
The CSAM scanning would have required Apple employees to view flagged photos to confirm if they are CSAM - so yes, Apple employees will have some level of access to iCloud data, otherwise, legal requests for data would be impossible.
This wouldn't be an issue if iCloud was E2EE, but they probably save a chunk of money by only storing one copy of the "meme du jour" on their servers.
Honestly would an apple employee be able to access my icloud account? I understand that the icloud data is encrypted in the cloud and the decryption key is part of signing onto icloud via 2 factor to authorize the device.
Would an apple employee be able to view icloud without the 2nd factor to pull down the decryption key?
icloud data isn't end-to-end encrypted, so there are undoubtedly some employees who can view icloud data.
In a well-run organisation this power would only be available to a small number of employees, would require a good reason and multiple people's authorisation, and would produce audit records. Is Apple such an organisation? Nobody knows.
> icloud data isn't end-to-end encrypted, so there are undoubtedly some employees who can view icloud data.
This is more FUD; it doesn't need to be e2e encrypted to prevent an Apple employee (who isn't breaking a litany of laws and/or company policies) from viewing iCloud data.
I'm... just tired of baseless accusations like this, so casually thrown around. I've worked in this industry for 15 years, and when something like this is specifically possible, we say so because we have specific knowledge about how it would actually happen, not general "Yeah sure probably."
We have to do better, because if we don't, we sound like chicken littles and people just ignore us.
For me it's a question of incentives. Apple makes the vast majority of its income selling hardware to people. That makes me the customer. Google makes the vast majority of its income selling user data to advertisers. That makes me the product and advertisers the customer. Which company has more of an incentive to compromise my privacy by accessing my data in a dishonest way?
Thats a bit naive approach. Both (and other) companies exist primarily to earn money to owners. If Apple will find it can extract even more money from consumers on top of hardware, ie overpriced forced walled gardens called app shops, it will. As long as it doesn't affects its main money pipeline which are devices. Like it or not, most folks don't care about nor understand privacy, so Apple has a lot of leeway there.
The idea of taking Apple seriously on privacy is a bit of bad joke when they block Firefox having ublock origin or implement at least the same for its Safari, and give users full option to install plugins for this browser (even if only from Apple-curated plugin store). It would be trivial for army of Apple devs to create similar blocking, yet they just curate what ads you see based on what they think is maximum acceptable amount & type for users, so no real privacy choice there.
I've heard even comments here on HN about how its actually a good thing to not have this freedom as 'power user'. Can't say I know how to respond to such schizophrenia so I'll pass on that, everybody can make up their own opinion.
Apple - fix this, and I will start taking your PR about security seriously. Till then, I simply can't since its obvious you talk more than actually do where it matters most, the wild unruly Internet of these days.
On the contrary, I’d say access to user data is a liability for Apple.
Apple saw how damaging the iCloud privacy scandal and Cambridge Analytica were. They responded by fully hitching Apple’s brand to the privacy train.
If Apple were to be caught intentionally violating user privacy now, the damage to the brand would be immense.
Apple makes their money primarily by selling cool stuff to people. If they tarnish their brand by violating people’s privacy like Google or Meta, end users have far less incentive to buy Apple’s products.
I work in IT whole life, ie Swiss private banks for more than decade and almost a decade elsewhere. None of the colleagues and friends properly cares about this. You are experiencing HN (or maybe SV) echo chamber effect in 200%.
People I know in category above, and rest as well buy Apple since its premium product, there is a lot of ads on it everywhere, its a lot in media ie Hollywood product placement, they like the design, they like photos it makes, and the price you have to pay makes you stand out as non-cheapskate in same vein cool fresh haircut or expensive clothing/jewelry does. Privacy isn't in top 10, ever.
Scandals? What scandals? In current world they come and go, people have little attention span with covid, wars, environmental crises and so on. That goes for Android too, people en masse simply don't care about phone privacy. Makes me a bit sad but it is what it is.
Apple has indeed less incentives than Google [0]. But a third alternative also exists (see my other comment).
[0] https://www.barrons.com/articles/apples-advertising-business...
Apple want to vastly increase the amount of money they make from ads - that blurs the line somewhat, no?
What is the source for this claim? I haven't heard anything to this effect and nothing I've seem from Apple signals anything along these lines.
https://techcrunch.com/2022/08/15/report-apple-tested-ads-in...
There are MANY stories about their push into ads to augment their other newer services money streams. That's just one.
> When you put your phone in airplane mode, you are simply telling your phone's OS to stop using the mobile network. The baseband system is still on and can be pinged by the mobile network.
I just started reading and there is already a sentence I don't believe very much, even less as a generalization. Does anyone here have a basis that could explain this bold statement ?
> Does anyone here have a basis that could explain this bold statement ?
It's just wrong. On iPhones, Airplane Mode turns off all radios except Bluetooth.
WiFi still remains on, no?
By default the WiFi system is turned off, but you can turn it back on individually. If you want to connect to an in-flight system for watching shows, as an example.
I think they probably mean that this switch is software-based, so turning it on does not physically disconnect the underlying hardware.
I doubt there is any proof that some kind of system activity is still taking place while in airplane mode, but that might be irrelevant.
For some people, depending on their threat model and personal preference, what's important is that it's impossible to prove beyond any doubt that this is _not_ the case.
Ok I see, I understood the first sentence like you then but wasn't sure what was the point of a blanket statement there. I do feel like this this is something measurable with tool it could be easy to prove but I guess this isn't the point of this paper.
Technically, you are only asking your software to turn the modem off. It can disobey if it wants, you can't be sure.
The reason airplane mode exists is a radio 30000 feet above the ground violates assumptions baked into the terrestrial cellular architecture. If iPhones were regularly flying around with their radios enabled we would have heard about it by now.
It doesn't have to do this "regularly", only when someone (not you) wants it.
How would the baseband get the signal to reenable itself?
Hypothetically, it could switch on every hour waiting for a command.
The place where Apple is the most dishonest is in their scaremongering popup dialogs that constantly prompt me to re-authorize Google Maps, which I use daily, to access my location. They exempt themselves from this authorization by laundering Apple Maps location access through "System Services". iOS will never, ever pop up a dialog asking if you were aware that "System Services" has accessed your location on behalf of Apple 10000 times in the last month for the purposes of improving maps and providing traffic data to other Apple Maps users. Even if you, like me, never intentionally use Apple Maps, Apple silently accesses your location for these purposes. And even if you, like me, have been an intentional and fully-informed user of Google Maps for 15 years, Apple will still regularly urge you to revoke location data access from Google Maps.
To me, this seems really dishonest.
Huh, I use Google Maps daily too and have never had a popup since the first time I used it and picked "While using". I could have picked "Always", which worked too, but choose not to for reasons outlined in other posts here.
You can also easily turn off "Maps" tracking or limit it the same way if you choose.
I got to admit that I don't see the meat in this burger, so to speak.
If you go into privacy settings and try to disable the “system services” it will prompt you, twice, with a big scary warning about how nothing on your iPhone will ever work again.
I can go into Settings -> Maps -> Location -> Never, and then when I use Apple Maps it says "Location Services is off" and can't figure out where I am. Is that different than what you are talking about?
Yes, that is different. Apple will still be collecting location data to "improve maps" and for other enumerated purposes.
> Another innovation announced yesterday for the iPhone 14 event was Satellite communication. Apple is now able to locate an iPhone anywhere in the world (where it would require connectivity to the mobile network, Wifi, or another device before.
Thats just plain wrong. Poorly researched article.
iPhone = Not perfect but better than all comparable alternatives
Perhaps the biggest advantage of the iPhone, aside from Apple making most of their money selling real products not your data, is that every concern he had was accompanied by a setting to disable it
These settings tend to magically change in your disadvantage after you update some software or click yes somewhere when you weren't paying attention.
> Perhaps the biggest advantage of the iPhone, aside from Apple making most of their money selling real products not your data
This is the reason why I have a certain degree of confidence in Apple’s privacy aspirations. Apple makes their money primarily by selling cool stuff to end users. Their business model heavily disincentives mass tracking.
Google and Meta couldn’t ever be as privacy-friendly as Apple, due to their business models.
Every concern he had that wasn't based on fabrication, yes.
Airplane mode leaves the cellular radio on? Not according to signal tests!
I feel that GrapheneOS is a good compromise. It's significantly more private than an iPhone and after 2 years of using it I really don't feel like I'm missing out on anything.
Couple that with a Nextcloud instance, and you are golden. This private cloud is where you can synchronize your contacts, calendar, photos, files, bookmarks, passwords, location, news, podcasts, music, tasks, notes and host chats and video calls.
To mitigate telco surveillance, switch your number to VOIP and use burner SIM's or pretty good phone privacy.
I like how "First, it generates a lot of false positives" is linked to an article about Google, not Apple, scanning cloud photos, not on-device, and it was only a false positive in the intent of the photos - the actual photos (of a child's penis) are exactly what should be flagged, no?
(Human review with explanation and consultation with the doctor / police should have led to "ok, false positive this time".)
> With all that information, I think it's reasonable to say that iPhones are far from private. But, as the alternatives are even worse
Android smartphones are indeed worse, but it's not the only alternative. Consider GNU/Linux phones if you care about privacy and want to support it: https://puri.sm/products/librem-5 and https://pine64.org/pinephone.
There are also things like /e/OS (Edit: and GrapheneOS), but they are installed on Android phones and must obey their planned obsolescence due to the proprietary drivers (tied to an old Linux kernel).
Also GrapheneOS [1] but hardware options are limited. LineageOS [2] and its fork /e/ [3] appear to have some more hardware support.
How many years will a phone running these be usable on average?
[1] - https://grapheneos.org/faq#device-support
[2] - https://wiki.lineageos.org/devices/
[3] - https://e.foundation/
Didn’t you just challenge someone for ‘shifting goalposts’ and being off topic? What has GrapheneOS got to do with Apple?
I said that GrapheneOS is a relatively good alternative to Apple, although with a downside. Where is shifting goals? It's important to discuss solutions to the problem, not to say "you are also spied by other people and companies".
And that phone also sends your IMEI and your location to the carrier. It has to enable to work.
It does only if the hardware kill switch is on. You control it. Also, it doesn't send anything else to anyone.
If the cellphone carrier has your IMEI and location so do third parties that they sell it to and law enforcement.
It's true. At least with a hardware kill switch, you know exactly when they do not have this information about you.
Are there articles that actually audit the data sent from your phone? My biggest gripe is we're supposed to take all marketing at face value.
> iOS sends a lot of data about your phone to Apple, such as your phone number, your unique device identifier, your location and your IMEI number
Oh no! The manufacturer of my phone knows the unique identifier they created and assigned to my phone? Whatever shall I do?
Seriously? Obviously the problem isn't that they know the IMEI, it's that they now have an IMEI linked to a specific person along with your UDI, location, and phone number.
Turn off location, buy a secondhand iPhone with a gift card, create an apple account with a throwaway email, move to a cabin in the woods to work on your manifesto. Easy peasy.
If one did not need to register the device to one's real ID when activating it, this would not be such a big issue. I ditched my Iphone long ago for this reason, and to my knowledge it is still not possible to make an Iphone anonymous unlike other Android or Linux based devices.
They may know IMEI, since they made the phone. But why do they have to know your phone number and location? How can I avoid that?
They 100% need the phone number for some of the base features like imessage. The location however without the "find my phone" it shouldn't have a reason, I guess it's to allow them to put on the map any apple tags you have in range. I think these tags are opt out but I'm still stuck on how Apple casually sell the biggest semi-passive stalking tool ever made.
You need to read for five minutes about AirTags and how they work, and how Apple addressed any stalking issues already, before casually tossing around accusations like this with vagaries like "I think these tags are opt out" attached to them.
> But why do they have to know your phone number and location? How can I avoid that?
By not using a phone, because your carrier knows this information too and also sells this data (Apple does not).
The topic is about Apple knowing your data, please do not shift goals.
Hey fsflover, I'm not sure how answering your question "How can I avoid that?" is moving goalposts. My answer stands — don't use a phone if you don't want your location captured and shared.
It's trivial to turn off Location Services on an iPhone, in which case your location data isn't sent to Apple. You can also control this on an application-by-application basis if you wish. However, this doesn't stop your carrier from capturing and sharing your location data.
Hopefully this clears it up for you.
>> But why do they have to know your phone number and location? How can I avoid that?
> By not using a phone, because your carrier knows this information too and also sells this data (Apple does not).
What my carrier is doing has nothing to do with the problem at hand, which is Apple collecting unnecessary data on me. Not using a phone is not a (reasonable) solution to Apple invading my privacy. I can use another phone instead, which doesn't do that.
> It's trivial to turn off Location Services on an iPhone
Let me remind you that this thread started with "iOS sends a lot of data about your phone to Apple, such as your phone number, your unique device identifier...". How can I prevent Apple from collecting my phone number? You didn't reply to that, you shifted goals to location tracking of my carrier.
Correcting an incorrect assertion is not shifting goalposts.
I don't see where an incorrect assertion was corrected. "They" was about Apple, not someone else.
Leave it at home or turn it off.
No phone == privacy
There's no privacy. There's just a price tag to your private data.
Same as with security.
privacy (prī′və-sē) [noun] - The quality or condition of being permitted to terminate pregnancies.
(This definition brought to you by Marshall's Englishish Dictionary)
Privacy wise, I'd argue that GrapheneOS and the like are not at all worse than an IPhone. You have a significant level of control with one of these rooted phones that have stock android.