Rotten to the Core: Apple’s Privacy Policy

By Allen Zhou ’23
​Apple’s recent product launch once again displayed its capability of churning out new gadgets every September. However, capturing my attention were two conflicting narratives about Apple Inc.’s action on user data. On Apple’s Chinese storefront, a customer does not have to look very far to see an image stating in Mandarin: “We strive to protect your personal information, that is very iPhone”. Yet, as an article in the New York Times revealed, Apple has made several major concessions to the Chinese government to remain within China’s lucrative market. Evidently, despite Apple's dominance of the global smartphone industry and its status as one of the most valuable companies in the world, it still has to bend over backward for the newly minted world power: China.

An examination of Apple’s current process may offer some insight. In an attempt to appear more transparent, Apple publishes the number of requests they receive from the government for user information. In China, the most recent number was about 2000 per year, a shockingly low number for a government that wishes to monitor its citizens’ every move and conversation— until we examine some reporting done by the New York Times. There, an article shows that under the guise of an effort to “improve iCloud services in China mainland [sic] and comply with Chinese regulations” Apple placed all user data on a server controlled by a local company called Guizhou Cloud Big Data, which is a government-owned entity. Furthermore, Apple moved the cloud encryption keys from the US to this same data center in China, which provided the government with direct and easy access to any information they wanted. This explains the minuscule amount of government requests for data as Apple officially logged. If one can walk into the kitchen to have a free buffet, who would want to sit down in the dining room to order, wait, and pay for their food? This clearly renders Apple’s “Government Request Registry” window dressing, and its prior assurance that they strive to protect the data of their consumers a blatant falsehood.
 
All of this speaks to a greater ill present in all interactions that Apple has with China: the company has traded its core values of privacy and freedom of speech in favor of profit.
 
Defenders of Apple may claim that the company is doing all that it can. After all, corporations must remain in compliance with local laws. This begs a bigger question: If one of the largest and most lucrative companies in the world is unwilling to stand up to the encroachment of basic liberties by an increasingly totalitarian regime, who else will? Can Apple do better? Yes, definitely.
 
First and foremost, Apple should acknowledge its inability to properly guard the data of its Chinese customers and stop making unfulfilled promises. Full disclosure of what’s going to occur to a consumer's data after it is uploaded to the cloud is a critical step in better informing the customer base. Apple should have told its users in China that their data is actually stored on a government run server, with encryption keys at the same place. The company should also fully clarify what exactly was meant by “users in China”. For instance, if someone had lived in China for a period of time and used a local phone number linked with an Apple ID created in the US, would their data be stored in a local Chinese server? And when they moved to the US, would the data then be stored in a US server again? Does the Chinese government still hold a legitimate claim over the data after the move? Is it possible that Apple may “accidentally” reroute US users’ data to China as Zoom once did? All of this information is indispensable in allowing the people to know the risks they are taking, so that they can appropriately modify their actions when they deem necessary.
 
Secondly, Apple currently holds far more leverage than any other foreign tech company over China. Google and Facebook both gave up on their attempts to enter China due to fundamental differences in ideology, unwilling to sacrifice their values for profit. Because of this, they don’t possess any kind of manufacturing or suppliers in the country. Apple is the opposite: it produces the majority of its hardware in China, and its suppliers and factories employ millions there. This grants Apple a powerful bargaining chip against the Chinese government and, in a worst-case scenario, makes a threat to exit the nation entirely very potent. Admittedly, that would be very risky and damaging to both sides: Apple would lose a massive source of revenue ($17.7 billion/year from China) and China, a massive employer. But this could be the ushering in of a new era; its links to China severed, Apple would still have several avenues to explore in terms of a new manufacturing base. Undoubtedly, there are dozens of countries with cheap labor that can better uphold Apple’s supposed core beliefs and would be more than happy to accept such a large source of revenue and prestige.
 
This discussion so far has left out the most important party — the user. With the highest market capitalization of any company in the world, Apple has intertwined itself with everyday life and is next to impossible to fully boycott because alternative options simply do not offer the same convenience and accessibility. Most users outside of China probably have little interest in what occurs with the data of a Chinese user and those in China would find it difficult to meaningfully organize under the watchful eye of the party who loathes social instability. In fact, under the false claim of “ensured protection” Apple has effectively deprived the people of their rights of knowledge, and denied them the opportunity to take action. With Apple’s ambiguity of what is treated as “Chinese user data,” not only people in China are affected by their dishonest actions, but also you and me, who somehow interacted with people in the country, even if we have ever lived there. None of us is in a safe haven. Some grassroots efforts should happen, to pressure Apple to provide more honest disclosure, and to lobby the government outside China to come up with better legislation to counterweight the occurrences there. This is the best case to call for “Corporate Social Responsibility,” our liberty is under assault. We should all tell Tim Cook that he needs to stop only talking the talk and start walking the walk.