Differential Privacy. Bane or Boon?

Ben Thompson of Stratechery on Apple’s implementation of Differential Privacy:

The broader challenge for Apple is this: in a fair fight the company would have a hard time matching Google or Facebook’s big data capabilities, which increasingly means a worse user experience, but this isn’t a fair fight: Apple is tying its own arm behind its back. The focus on privacy is admirable, to be sure, but there is absolutely a conflict with Apple’s focus on the user experience, and my question is whether or not Apple is being explicit in their decision-making about balancing the chances of datasets being stolen (or abused) + de-anonymized + compromising information being found + that information being abused, versus taking reasonable privacy steps (i.e. anonymizing data) that are not perfect but make it much easier to enhance the user experience for its hundreds of millions of users.

Quote via Apple 3.0

I don’t disagree with Ben Thompson lightly. He’s one smart dude. But I think he might be missing a trick here. He says that differential privacy guarantees a worse user experience…

…but isn’t privacy a part — and perhaps a very large part — of the user experience?

Published by

John Kirk

John R. Kirk is a recovering attorney. He has also worked as a financial advisor and a business coach. His love affair with computing started with his purchase of the original Mac in 1985. His primary interest is the field of personal computing (which includes phones, tablets, notebooks and desktops) and his primary focus is on long-term business strategies: What makes a company unique; How do those unique qualities aid or inhibit the success of the company; and why don’t (or can’t) other companies adopt the successful attributes of their competitors?

21 thoughts on “Differential Privacy. Bane or Boon?”

  1. Unlike you, I don’t know Ben Thompson, nor do I care too much about business matters which he reports. So I have no issue disagreeing with him, smart dude or not.

    This, of course, makes it an instance where I agree with you. I’ll go further.

    “Differential Privacy” better be optional at the user’s sole discretion. Unlike Google and Facebook, who get paid for their services and software using your privacy as currency, Apple gets paid in cold hard cash. Non-optional would be double-dipping.

    1. Differential Privacy cannot be optional. It’s an incredibly complex algorithm baked into (or not baked into) the operating system.

      I’m not sure I understand your statement that “non-optional” would be double-dipping. Apple is going to great lengths to protect their customer’s privacy. The only downside might be that Apple’s quest to provide privacy makes it harder for Apple to gather the information they need to provide competent artificial intelligence. That is the “one hand tied behind their back” that Ben Thompson is referring too. And he may well be right. But I’m not so sure….

      1. Apple is betting that a billion users will be plenty for AI purposes. I would tend to agree.

      2. That can easily be handled with a setting. Please!

        If the customer’s behavior is contributing to Apple’s knowledge base, then Apple is no different than Google, though the customer has already paid a hefty premium in real money for goods and services. That’s double dipping.

        You could say that the customer is getting a better additional service for providing the behavioral information. I say fine, as long as it’s optional, otherwise it’s a forced subscription.

        1. “If Google can have customers opt out of things, I’m sure Apple can.”

          Perhaps it should be a case of opting IN, not OUT. Perhaps people’s data should be truly anonymous (not possible to tie it to you by any means) by default; then opt IN if you are OK with Google using your data in the way they do.

          “If the customer’s behavior is contributing to Apple’s knowledge base, then Apple is no different than Google”

          Except for what Differential Privacy means and signifies, you mean.

          1. As with Google, if Apple makes money from your information then “you are the product”! Except, you’ve already paid.

            Opting IN would be better.

          2. The purpose of Differential Privacy is that Apple doesn’t get “your information”, they just get information about large groups, trends, behaviours, all of which can be used to improve services, software, and hardware. This works much better than anonymization of data because that can be cross-referenced or hacked in various ways to gain information about the individual. Differential Privacy solves this problem. By using this method Apple can improve the value/benefit they deliver to me without selling my data or putting my personal privacy at risk. It’s a win-win and is quite different from what Google is doing. I realize this will fall on deaf ears, you’re just looking for a false equivalence talking point.

          3. It does get “my information” even if it doesn’t identify me.

            Opt-in would only make me willingly contribute MY information, yet somehow that bothers you. It seems that all forms of choice bother you when it comes to Apple.

            What if I don’t want to contribute to Apple’s benefit beyond what I already paid for? Where did I sign my rights away? (Hint: I didn’t)

            Edit: As a social experiment a city’s school system decided to turn on all microphones on all devices within the school. All voices were converted to the same robotic frequency base, all other identifying information was also removed, and all conversation regarding sex, drug use, political speech, and politically correct speech were recoded and maintained in a database….

            I guess you would be fine with that, as long as it was Apple U of course.

          4. Your social experiment is what Google does, anonymizing and obfuscating the data. Differential Privacy is quite different. I invite you to learn more about it. The concerns you raise demonstrate that you have not bothered to learn much about Differential Privacy. Again, I suspect you have no interest in learning why you’re wrong, you just want to find a way (however logically unstable) to be able to say Apple is the same as Google on this issue.

          5. Excuse me. Right or wrong…”Apple is gathering user information by whatever means.”

          6. You keep making this mistake. Differential Privacy means you gather information, but not user information or individual information or your information. It’s more accurate to say Apple is gathering information about very large groups. I didn’t think the distinction was that hard to grasp actually.

          7. This is why I don’t understand it, it’s a logical fallacy. Each individual user does indeed contribute information. Whether anonymously or not, they contribute information. All I’m saying is that the user should do so knowingly, willingly, and optionally. I’m not hung up as to “how” Apple collects the information.

            So long as Apple is enrichment from their user’s use patterns, then they the user should voluntarily participate.

          8. Users do not contribute information anonymously, that’s not how Differential Privacy works. In fact some of the information sent to Apple is actually false, that’s part of how it works. There’s nothing here for individual customers to consent to because there is no use of individual information. Logical fallacies don’t factor into this. Differential Privacy as implemented by Apple is not similar to what Google is doing re: user data. It simply isn’t, no matter how much you wish it was. How the data is handled matters very much, you should be hung up on this aspect, it’s important. I’m repeating myself now, I think we’re done. Feel free to go on believing Apple and Google are the same now.

          9. I repeat…”That they are even contributing information, by whatever means…”
            I’m not arguing privacy here.

            Edit: To quote our mutual friend jfrutral, I reserve the right to tell Apple to “get off of my lawn.”

          10. Dang Americans! Even when spelling my last name as it is already spelled out for you, you guys want to put an ‘r’ where it isn’t! Why is this so hard?

            Joe

          11. Sorry friend, English is indeed my second language. 🙂
            No offense meant Joe. Will you help to keep Apple off my lawn?

          12. No offense taken. It is just amazing. People in the US have an awful time pronouncing my last name (often putting the ‘r’ where you did). When I toured Europe, no one mispronounced my last name. There is some linguistic thing going on that I don’t understand. Apparently it affects spelling it, too.

            Joe

          13. Ironic considering its the land of the Spelling B(ee). Ironic considering its much harder to say with two r’s. They just love their Rs and they love rolling them. Also kicking them.

          14. Oi vey. Btw, why are you hitting yourself? Can you imagine trying to teach a roomful of these people? Could this be #realdonaldtrump?

Leave a Reply

Your email address will not be published. Required fields are marked *