Apple is accused again. In the viewfinder the alleged respect of privacy guaranteed by the company to its users. Apple claims that the analytics data provided by the user comes from anonymized before being sent to its servers (or those of third parties), but research by Tommy Mysk suggests this is not the case.
Mysk, which had already recently uncovered some disturbing user tracking practices by the App Store, claims that user data is actually transmitted by always adding a unique identifier that identifies the user.
The tests were conducted with two iPhones, one of which was jailbroken. The latter phone was used to decrypt most of the data sent from iOS to Apple’s servers, revealing that user data is tied to an identifier called DSID. This ID is associated with all the information you provide to Apple: Apple ID, first and last name, phone number, date of birth, email address, and so on.
In its guidelines, Apple states that personal data is either transferred without any connection to the ID, or that it is subject to anonymization techniques to prevent it from being traced back to the user. Still, the Mysk tests would show that the DSID it is always sent to Apple’s servers in the same package with the other analytical information.
“Knowing the DSID is exactly the same as knowing your name, it’s a unique identity,” the researcher explains. “All those detailed analyzes of your behavior and habits are directly linked to your identity. That’s a problem, because there’s no way to disable this setting.”
Source: Lega Nerd
