This story is part of our continuing coverage of CES 2020, including tech and gadgets from the showroom floor.
Privacy today is “untenable,” argues Rebecca Slaughter, a commissioner with the Federal Trade Commission (FTC). That comment may sound apparent to you and I, but it was something of a slap in the face to the other folks on a Tuesday panel at CES: Privacy execs from both Facebook and Apple.
“The burden needs to be placed not just on the consumer, but on the collectors of data to minimize what’s collected, minimize what’s retained … without generating this endless trove of data that can disappear into the ether,” Slaughter said.
How Apple protects your privacy
The comment was clearly directed at big tech companies, given the backlash against them in recent months — Facebook in particular. Jane Horvath, senior director of global privacy at Apple, was quick to jump in, citing efforts the iPhone maker has made to ensure privacy. Horvath’s appearance marks the first time Apple ha sent someone from company leadership to CES in decades, showing that Apple has a lot less to lose by pushing for greater privacy protections than some of its rivals.
She started with differential privacy, a technique that sends up data noise — false bits and bytes that mask your data — to ensure that the company doesn’t collect too much personal info. Consider the emjois on your phone: To figure out which ones are most commonly used could be a privacy concern, so Apple sends up data noise at the same time that it gathers that info from your phone.
In addition, random number generators on your phone mask the information that is sent to the cloud, notably from mapping information, making it harder to aggregate and abuse your location.
“It really starts from the beginning. We have a team of privacy lawyers that report to me and we have a team of privacy engineeers. And for every new product, at the beginning, we have a privacy engineer and a privacy lawyer assigned to work with the team,” Horvath said. “[Apple CEO] Tim Cook is incredibly committed to privacy, and it flows through the company.”
Is the consumer electronics industry doing enough? There’s always room for improvement, she said.
“We always have to be pushing the envelope, we always have to be looking at new innovations,” Horvath said.
And then there’s Facebook
Horvath’s words clearly resonated with Erin Egan, chief privacy officer for Facebook.
“Everything Jane said about privacy at Apple resonates with everything we do at Facebook,” said Egan. “But things keep changing, and there’s a need to continue iterating.”
“The landscape is evolving,” she said, citing how Ring doorbells have made the simple act of a person showing up to your door into a privacy issue.
But what do people expect and understand about how their data is being used? That’s going to take work, she said, citing a recently launched privacy checkup tool. “We added a bunch to it this year in light of feedback around privacy.”
Two companies, two business models
There’s a reason why Apple can be more forthright about privacy than Facebook. Apple sells products, Facebook sells ads targeted based on your personal data.
“At Facebook, we have a different business model than Apple, but both are privacy protected,” Egan said. “What’s absolutely important is not putting burdens on people,” she said in reference to moving responsibility and accountability off of the shoulders of consumers. Rift and Oculus VR headsets store data, she noted, and sharing some of that data is imperative. Facebook is based on sharing data — which by definition means moving it off your device.
“You can’t always do things on the device, but that doesn’t meant that one is more privacy-focused than the other,” Egan added.
She pushed back on the argument that the advertisements Facebook serves up are “surveillance.”
“Are people deriving value from advertising business models? Yes, we believe they are. There is value in free services for business and for people,” she said. Is it manipulative? No, she argued, noting that the Off-Facebook Activity tool helps people control the information that is gathered, and inform them as to what is being done with their data.
But big picture, is privacy solvable? What model will work to give consumers informed consent over their data?
“We believe privacy is a fundamental right people have,” said Egan, but Slaughter was quick to point out that many companies — not only Facebook — haven’t done enough to protect user data and privacy.
“As a general matter, no, I don’t think privacy is generally protected,” she told the audience. “The question is, does it need to be? And what is the degree that it needs to be? Do we need to be in a universe where no data is shared? What’s the minimum amount of data that can be collected, used, shared to ensure that people aren’t being harmed?”
Today’s business models place the burden of work and challenge of staying on top of privacy on consumer shoulders, Slaughter said, and often they aren’t even aware of what is happening in the background.
“There are a lot of ways that we as a society can think about enhancing that balance,” she said.
Follow our live blog for more CES news and announcements.
Correction: This story previously misattributed a statement to Facebook’s Erin Egan.