A privacy campaigner who made Facebook change its data transfer methods has now targeted the Apple IDFA ad tracking service. This group, called NOYB, has filed complaints with the Spanish and German data protection authorities to outlaw the service. The complaint accuses Apple and other apps on the company’s ecosystem of collecting user’s web-browsing data without their consent.
“With our complaints we want to enforce a simple principle: trackers are illegal, unless a user freely consents,” said Stefano Rosetti, a lawyer with the NOYB. The group is headed by Max Schrems, the same campaigner who argued that Facebook was compromising user data by transferring it to the U.S.
Apple IDFA And European Privacy Laws
For the uninitiated, IDFA stands for identifier for advertisers, which is a random number assigned by Apple to its devices. When advertisers use IDFA to track users, they’re getting the usage patterns and stats but not personal details like names and addresses. However, with iOS 14, the company has decided to let go of the service.
At the WWDC 2020, Apple introduced certain privacy updates to the then-upcoming, and now functional iOS 14. These upgrades include a mandatory “opt-in” option for user’s to allow advertisers to track them. For reasons unknown, the company has decided to wait till next year before completely killing IDFA.
However, one of the caveats of Apple and the whole IDFA situation is that the company killed the service for third parties, but not itself. This means advertisers will need your express consent to track you, but Apple won’t. “Apple places codes that are comparable to a cookie in its phones without any consent by the user. This is a clear breach of European Union privacy laws,” said Rosetti.
The whole complaint is based on the legal grounds that the IDFA is present in iOS devices at the time of the first setup, and that it can be accessed by Apple as well as third parties. So the purpose of the NOYP complaint in the Spanish and Berlin courts is to clarify that “tracking must be the exception, not the rule”. Be it iOS or Android, both have advertised their latest updates around privacy. Both have quietly set themselves as exceptions to all that privacy. Google is also being sued in the U.S. for collecting user data without their consent.
The recent findings of a U.S. Congress report also held Apple in violation of antitrust laws. In a time of turmoil for the big tech, it’s high time for the companies to realize they’re part of the deal as well. Locking out third-party advertisers does no good as long as anyone has a backdoor into user’s privacy and data.