Despite celebrating its privacy initiatives non-stop in recent years, Apple was surprisingly mum on the topic during its annual iPhone announcement event.
With millions of eyes focused on a single stage Wednesday, Apple CEO Tim Cook had every opportunity to address the series of embarrassing security foul-ups that have plagued the company over the past ye, including the recently disclosed iPhone exploit that enabled hackers to indiscriminately target Apple customers and the FaceTime bug that could turn virtually anyone’s iPhone into a hot mic.
But instead of acknowledging these errors, or promising that its new line of devices would do more to protect their users, Apple decided to sidestep the issue altogether.
This is a big shift for Apple, which only eight months earlier decided it’d be clever to troll other companies at CES 2019 in Las Vegas — an event it doesn’t attend — with a giant billboard touting its commitment to user privacy. (“What happens on your iPhone, stays on your iPhone,” the ad promised.)
It was immediately clear that Apple stuck its foot in its mouth. The ad prompted a number of reporters to fire back with evidence that plenty of personal information was being siphoned off its devices by third-party apps.
Washington Post tech columnist Geoffrey Fowler would later report that even as he slept his iPhone was communicating with “a dozen marketing companies, research firms and other personal data guzzlers.” Over a single week, he wrote, some 5,400 hidden trackers had tapped into his iPhone, gobbling up not only his phone number, but his email account, IP address and physical location.
None of this was surprising. But it did go to highlight that Apple had been trying to mislead its customers into thinking there was some big difference between how it and its competitors treated marketers and other third party vampires.
And then came the bugs.
In January, Apple was forced to disable FaceTime features after it was disclosed the app allowed users to hear the audio of the person they were calling even if they didn’t pick up. Essentially, the flaw allowed users to answer another iPhone owner’s call for them — without their knowledge. It’s hard to imagine a worse issue for a phone manufacturer.
The next month, Apple quietly patched a series of zero-day vulnerabilities that had allowed a small collection of websites to aimlessly infect thousands of iPhone users for over two years.
The real impact of the flaws, which Apple described as a “memory corruption” issue at the time, was detailed late last month by the researchers who discovered it. Adding insult to injury, the researchers work for Apple’s chief competitor, Google. In a blog post, Apple disputed the scale of the impact.
While Apple had plenty to say Tuesday about all its amazing gadgets — triple-camera phones, watches that can tell time, and its upcoming yet-another-streaming-service — it had virtually nothing to say about privacy, other than a couple of passing, obligatory nods when it helped to advertise certain core functionality, such as Face ID.
With all the planning that goes into these events, it’s hard to imagine that’s was an oversight. It seems far more likely that Apple decided it was better to keep its mouth shut than draw attention to a year’s worth of failures.