On startup installation, macOS and iOS do have opt-in screens for certain things like analytics, improving Siri, stuff like that.
And yet there is some data stored in my iCloud account, even though the first thing I did when I bought an iPhone was spend an hour turning off every setting that I could see that would permit uploading anything. How did that happen? Apple introduced some new settings in a subsequent iOS update, and defaulted them to being turned on.
It's easy to find fault in retrospect but it doesn't make sense to have opt-in screen for every conceivable feature.
OK. Just provide a single, clearly marked option to enable or disable telemetry globally, and require that all Apple software and all apps in the App Store use APIs that are gated by that option for all relevant data uploads. That would be very clear about user intent, if you want to be seen to support user privacy as a genuine goal.
Apple generally has a great track record of responding to criticisms like this and making things clearer for users.
And yet huge amounts of data uploaded to iCloud still isn't end-to-end encrypted, even optionally. A lot of Apple users don't realise this, but plenty who do have called Apple out on it for a long time, and it hasn't been fixed. You can read whatever conspiracy theories and subjective arguments you like about why that might be, but the insecurity is an objective weakness in the system that hasn't been fixed.
Zoom, WhatsApp and other companies have recently been criticized for lacking proper end-to-end encryption as well. I don’t know much about that technology but it appears to be tough to do at scale, or at least, this is a more general flaw in the industry than specifically Apple’s problem.
The basic principles of end-to-end encryption aren't particularly difficult if there are only two communicating parties[1]. However, you do need an architecture that supports it.
I suspect a lot of online communications and data hosting services now have a barrier to implementing E2E simply because they already have established infrastructure and software architecture but everything was originally specified to support a centralised system. You can't just drop in a different library or edit a handy configuration file to turn one type of system into the other. Fundamentally, you need to build something new and with a different architecture to work on an E2E basis, which is a major investment and a significant risk if you already have an otherwise successful product operating on a large scale.
The main challenge with E2E, as far as I'm aware, is still how to scale up the basic principle effectively as the number of participants increases.
However, none of this affects the iCloud functionality I've been referring to, where essentially you're only storing data for one party anyway.
[1] This statement is made in the context that encryption in general is a field where you really want people who know what they're doing implementing everything and if you don't have experts in-house then you should probably use someone else's tried and tested implementation instead of attempting a home-grown version.
And yet there is some data stored in my iCloud account, even though the first thing I did when I bought an iPhone was spend an hour turning off every setting that I could see that would permit uploading anything. How did that happen? Apple introduced some new settings in a subsequent iOS update, and defaulted them to being turned on.
It's easy to find fault in retrospect but it doesn't make sense to have opt-in screen for every conceivable feature.
OK. Just provide a single, clearly marked option to enable or disable telemetry globally, and require that all Apple software and all apps in the App Store use APIs that are gated by that option for all relevant data uploads. That would be very clear about user intent, if you want to be seen to support user privacy as a genuine goal.
Apple generally has a great track record of responding to criticisms like this and making things clearer for users.
And yet huge amounts of data uploaded to iCloud still isn't end-to-end encrypted, even optionally. A lot of Apple users don't realise this, but plenty who do have called Apple out on it for a long time, and it hasn't been fixed. You can read whatever conspiracy theories and subjective arguments you like about why that might be, but the insecurity is an objective weakness in the system that hasn't been fixed.