Uber breaks Apple's iPhone rules

For some months in 2017, in one of a series of high-risk missteps, Uber violated Apple's privacy guidelines by tagging and identifying iPhones even after their users had deleted Uber's app. When Apple discovered the deception, CEO Tim Cook told Uber CEO Travis Kalanick to cease the practice or face having the Uber app barred from the App Store. 

External Link to Story

https://www.nytimes.com/2017/04/23/technology/travis-kalabnick-pushes-uber-and-himself-to-the-precipice.html

What is Privacy International calling for?

People don’t know or control what data is on devices and how it is used by others, and how this can be used against them. In the future, individuals’ data held on technologies and devices can be exploited beyond the control of the individual, to anybody with the authority and capability.

The era where we were in control of the data on our own computers is nearly over. We were once able to access, process, and delete our data on our devices, with few exceptions. Now industry is building an era where devices and services are

  • generating data we cannot control,
  • storing data we cannot access,
  • using systems we cannot monitor, and
  • accessing and sharing data without our knowledge.

Often, there is more data being generated than is necessary for the provision of a service, the functionality of a device, or the clearly-stated business purpose. This excessive generation of data, often done beyond our control, leads to excessive processing, often done without our knowledge, and may exceed the reasonable expectation of users.

Data beyond our control, invisible to the individual

People must be able to know what data is being generated by devices, the networks and platforms we use, and the infrastructure within which devices become embedded.  People should be able to know and ultimately determine the manner of processing. 

Principle 1. People must know