In brief: In the EU, privacy advocates are accusing Apple of violating European privacy law through the implicit use of a tracking code on users’ iPhones without their consent. The company naturally disagrees and promises to offer regulators all the explanations they need on how it works.
Apple is under fire by privacy advocates in the EU who previously targeted Facebook for not abiding the European Union’s General Data Privacy Regulation, all while lamenting the Irish Data Protection Commission’s severe lack of funding that has slowed investigations to a crawl.
Austrian activist Max Schrems and his non-profit group NOYB (None of Your Business) recently filed two complaints to authorities in Spain and Germany accusing Apple of breaching European privacy law. Specifically, they allege the company has been tracking iPhone users for advertising purposes unlawfully as it doesn’t ask for explicit consent from users.
The complaint refers to Apple’s Identifier for Advertisers (IDFA), which is stored on a user’s device and allows the company and third parties to track their online behavior and consumption preferences. Schrems essentially argues that these codes that Apple uses are comparable to cookies, which require consent by the user under EU privacy legislation.
Some of you may be familiar with Apple’s plan to bolster privacy in iOS 14 by using a new transparency feature that works very much like “food nutrition labels.” The announcement caused panic among advertisers as it hindered their ability to provide targeted ads, so Apple agreed to delay the feature, which will goes into effect starting December 8.
On Apple’s IDFA, NOYB notes that “just like a license plate, this unique string of numbers and characters allows Apple and other third parties to identify users across applications and even connect online and mobile behavior (‘cross-device tracking’).” In the complaint, NOYB explained that Apple shouldn’t be allowed to create this tracker in the first place, as a smartphone tends to be a person’s most intimate device.
In a statement, Apple said the claims are “factually inaccurate, and we look forward to making that clear to privacy regulators should they examine the complaint. Apple does not access or use the IDFA on a user’s device for any purpose. Our aim is always to protect the privacy of our users, and our latest software release, iOS 14, is giving users even greater control over whether or not they want to allow apps to track them by linking their information with data from third parties for the purpose of advertising, or sharing their information with data brokers. Our practices comply with European law and support and advance the aims of the GDPR and the e-Privacy Directive, which is to give people full control over their data.”