←back to thread

France fines Apple €150M for “excessive” pop-ups that let users reject tracking

(arstechnica.com)
250 points sebastian_z | 10 comments | 31 Mar 25 17:38 UTC | HN request time: 1.434s | source | bottom
Show context
nottorp ◴[31 Mar 25 17:45 UTC] No.43537683[source]
Actually Apple were fined because they don't apply the same standard to their own pop-ups that allow users to reject tracking. On Apple popups you seem to need one click, while on 3rd party popups you need to confirm twice.

So the fine seems to be for treating 3rd parties differently from their own stuff.

They could make their own popups require double confirmation instead...

replies(5): >>43537947 #>>43538151 #>>43538242 #>>43538615 #>>43538944 #
tedunangst ◴[31 Mar 25 19:38 UTC] No.43538944[source]
I'm actually okay with the Apple Camera app asking me once and the Domino's Pizza app having to ask me twice. Who are the consumers being harmed here?
replies(12): >>43539083 #>>43539089 #>>43539214 #>>43539342 #>>43539689 #>>43539799 #>>43540084 #>>43540518 #>>43540657 #>>43541588 #>>43541784 #>>43562780 #
burnte ◴[31 Mar 25 20:11 UTC] No.43539342[source]
You might be ok with it, but the regulators want Apple to treat third parties the same way they treat their own apps, and that's a good thing. Either everyone would generate two prompts, or no one, but excluding yourself is just favoritism.
replies(3): >>43540071 #>>43540528 #>>43546124 #
1. briandear ◴[31 Mar 25 22:11 UTC] No.43540528[source]
Apple doesn’t have a track record of abusing user privacy, unlike the plethora of third party apps that want to aggressively track you and sell that data.
replies(4): >>43541566 #>>43541848 #>>43541850 #>>43547238 #
2. epolanski ◴[01 Apr 25 00:30 UTC] No.43541566[source]
Apple makes more than 10B $ on advertising unless you've been leaving under a rock, and it's virtually all targeted ads.

In fact them limiting more and more third party access to data is just a play to boost their own selling of your data.

replies(1): >>43542575 #
3. wpm ◴[01 Apr 25 01:18 UTC] No.43541848[source]
I don't care. We don't have to wait for Apple to show they're untrustworthy before we hold them at arm's length like we hold any other app developer or advertiser.

Apple has convinced a lot of people through sheer PR force that they are 100% trustworthy and therefore all of their restrictions and self-bypasses of those restrictions are warranted. Either all of it is OK, or none of it is, unless Apple enjoys getting it wrong and getting fined.

4. autoexec ◴[01 Apr 25 01:19 UTC] No.43541850[source]
Apple's track record on privacy isn't really much better than Google's.

Google and Facebook also insist that they never sell the massive amounts of personal data they collect on their users.

That doesn't mean that your data isn't being exposed to random people or that it isn't being used against you.

https://www.theguardian.com/technology/2019/jul/26/apple-con...

5. shuckles ◴[01 Apr 25 03:34 UTC] No.43542575[source]
There is a big difference between targeting and tracking.
replies(1): >>43546913 #
6. itishappy ◴[01 Apr 25 14:02 UTC] No.43546913{3}[source]
Tracking is just targeting integrated over time. If you can be targeted a number of times, and somebody can connect those data points, that's tracking!

So I guess the question hinges on if the data Apple shares with their partners can be fingerprinted or not.

replies(1): >>43548592 #
7. burnte ◴[01 Apr 25 14:31 UTC] No.43547238[source]
So? In that case they should have no issue at all for adhering to the same rules as others.
8. shuckles ◴[01 Apr 25 16:19 UTC] No.43548592{4}[source]
Apple does not share identifiable personal data with partners for the purpose of advertising, which is why its apps don’t ask for permission to track. Almost everyone arguing against Apple in these comments seems to misunderstand this, likely because of motivated reasoning.
replies(1): >>43549231 #
9. itishappy ◴[01 Apr 25 17:13 UTC] No.43549231{5}[source]
What are Apple apps asking permissions for?

As as I understand, declining to use the ATT framework just means they don't share the system advertising identifier (IDFA). That does not mean the information they do share cannot be fingerprinted.

replies(1): >>43552292 #
10. shuckles ◴[01 Apr 25 23:14 UTC] No.43552292{6}[source]
Losing access to IDFA is the technical mitigation, but the ATT prompt also places policy obligations on developers. Preventing tracking technically entirely is a technical dead end. There are too many sources of entropy. ATT primarily operates at a policy level.