Apple Blocks Google’s Internal iOS Apps Over Privacy Abuses

Apple Blocks Google’s Internal iOS Apps Over Privacy Abuses

Yesterday, Apple killed Facebook’s access to internal iOS applications after it discovered the company was abusing its enterprise software applications to run aggressive data monitoring collection on teenagers. Today, it did the same thing to Google.

Google’s application, dubbed Screenwise Meter, appears to have been very similar to what Facebook deployed. Users had to be at least 18 unless they were part of a family, in which case 13 year-olds could join. Like Facebook, Google abused Apple’s enterprise certificates — which are only intended for internal use within a company — to collect data on every aspect of a user’s digital life.

When contacted about the issue, Google attempted to pass it off as a mistake, claiming:

The Screenwise Meter iOS app should not have operated under Apple’s developer enterprise program — this was a mistake, and we apologize. We have disabled this app on iOS devices. This app is completely voluntary and always has been. We’ve been upfront with users about the way we use their data in this app, we have no access to encrypted data in apps and on devices, and users can opt out of the program at any time.

It’s not clear when Screenwise explicitly launched on iOS. The earliest references to Screenwise online don’t mention a mobile application until 2014 (Screenwise launched in 2012). This article also explicitly mentions the age target: 13 and older, not 18 and over unless you are part of a family. And, as Techcrunch points out, the video below was released on August 29. The program was active right up until the present day.

It also isn’t clear when the application began requiring users to sideload an enterprise certificate to allow Google to track them more aggressively. This may have been a “feature” of the program from the very beginning, or it may have rolled out post-launch. Either way, this isn’t the kind of mistake that companies make by accident. Google had pages (now deleted, but thank-you Google Cache) walking people through the process of sideloading the app.

It’s so accidental, they wrote an entire help page to walk you through the process
It’s so accidental, they wrote an entire help page to walk you through the process

You can argue that Google was more ethical in how it treated the situation, given that it didn’t explicitly target teenagers for at least part of the time the program was running and was more upfront about the types of data it collected. But regardless, this is still an abuse of Apple’s enterprise policies. Beyond that, it shows just how rapacious companies are when it comes to seizing data they shouldn’t have a right to in the first place. Not only was Google willing to hoover up people’s data in exchange for some gift cards, it was willing to break its corporate agreements with Apple to do it.

Does Apple Deserve Any Credit?

At first glance, Apple looks like the good guy in this situation, locking down its servers and preventing abuse by companies like Google and Facebook. Writing for The Atlantic, Ian Bogost argues that this isn’t the case.

Apple didn’t take a position on Facebook’s creation of a paid “research” program to extract data from users. It enforced the terms of a licensing agreement; appearing to fight for user privacy is just a side effect. Apple is flexing its contract-law muscle, not its privacy muscle, and gaining a publicity win in the process. Crucially, Apple didn’t ban Facebook from the App Store or the iPhone platform: You can still download and use Messenger.

Bogost has a point. If Apple wanted to get serious about punishing Facebook or Google, it could stop partnering with Google on search. It could stop distributing Google and Facebook apps. It could put stronger limits on the types of data social media sites and search engines are allowed to collect off iOS devices and then enforce those limits when companies stepped over the line. At the very least, Apple could warn users upon installation that the companies who built the apps in question cannot be trusted with private user data.

Taking such steps would undoubtedly anger iOS users who rely on Google Maps, G Suite, Gmail, and Facebook — but it would also represent a genuinely courageous stand. Banning Facebook and Google from its enterprise application suite is nothing more than a slap on the wrist for either company. As demonstrations of courage go, it’s weak. And given that an Apple spokesperson has already told Buzzfeed that “We are working together with Google to help them reinstate their enterprise certificates very quickly,” even that weak punishment is likely to be over soon.

Continue reading

NASA Discovers Vital Organic Molecule on Titan
NASA Discovers Vital Organic Molecule on Titan

In the latest analysis, researchers from NASA have identified an important, highly reactive organic molecule in Titan's atmosphere. Its presence suggests the moon could support chemical processes that we usually associate with life.

New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove
New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove

Intel has released a bit more information about Rocket Lake and its 10nm CPU that's been back-ported to 14nm.

Pfizer Claims New COVID-19 Vaccine 90 Percent Effective
Pfizer Claims New COVID-19 Vaccine 90 Percent Effective

There have been a number of COVID-19 vaccines in development in the United States and around the world, and one of them has shown some very positive preliminary results in its Phase 3 trial. One particular vaccine developed by Pfizer and German firm BioNTech appears to be more than 90 percent effective in preventing symptomatic…

Sony May Let Users Move Games Off PS5, Xbox Series X SSD Is User-Replaceable
Sony May Let Users Move Games Off PS5, Xbox Series X SSD Is User-Replaceable

Microsoft is using a user-replaceable SSD for the Xbox Series X, while Sony is researching PS5 game transfers.