[HN Gopher] Apple requires account deletion within apps in AppSt...
___________________________________________________________________
Apple requires account deletion within apps in AppStore starting
January 31
Author : ezhik_
Score : 488 points
Date : 2021-10-06 19:06 UTC (3 hours ago)
(HTM) web link (developer.apple.com)
(TXT) w3m dump (developer.apple.com)
| bgro wrote:
| Can't wait for developers to implement "Mark your account as
| deleted, so you can't log in and actually delete your data such
| as photos later."
| paxys wrote:
| Wonder if this applies to Apple itself. There is no way to delete
| your Apple ID (or other info Apple knows about you) using the
| device.
| slownews45 wrote:
| "Apple gives you the ability to permanently delete your Apple
| ID account at any time and for any reason."
|
| That said, it's a pretty massive wipe.
|
| Photos, videos, documents, and other content that you stored in
| iCloud are permanently deleted; you can't receive any messages
| or calls sent to your account via iMessage, FaceTime, or iCloud
| Mail; and you can't sign in to or use services such as iCloud,
| the App Store, iTunes Store, Apple Books, Apple Pay, iMessage,
| FaceTime, and Find My iPhone. In addition, any Apple Store
| appointments and AppleCare support cases are canceled.
|
| Deleting your Apple ID is permanent. After your account is
| deleted, Apple can't reopen or reactivate your account or
| restore your data.
|
| You lose all your credits with apple (if any) app updates will
| stop working even for apps already downloaded and more.
|
| "Manage Your Data and Privacy." On the following page, select
| "Get started" under "Delete your account."
| paxys wrote:
| The point is they enforce that third parties have to allow it
| from within the app itself rather than a website. But Apple's
| account deletion process is only available on their website.
| zsmi wrote:
| That's an interesting corner case. Even if turnabout is fair
| play I wonder if it's even a good idea. If you have two
| devices, and you delete your Apple ID from one of them, do you
| brick the second device? I think there are dragons there.
| anarchogeek wrote:
| What about inmutable systems? My app (using scuttlebutt) creates
| an 'account' but it's located as crypto keys only within the app
| and apple keychain. So far the apple reviewers refused to believe
| that it works like. It's open source, they've got the code... but
| still....
|
| Same is true for anything crypto. The account as it were exists
| on many devices, but it's not something you as the app creator
| can manage.
|
| I think apple protecting privacy is good, but the effect on
| actually private systems is complicated.
| vmception wrote:
| Change your data model. That's the answer. Add setters to the
| smart contract to change variables. It's not that hard.
| detaro wrote:
| Scuttlebutt isn't a blockchain and doesn't have a concept of
| "smart contracts"
| jedahan wrote:
| Defining account will be interesting. One definition might be:
|
| The 'account' consists of the credentials required to add or
| modify data associated with a human.
|
| In that case, the person deleting their private key would
| suffice for deleting an account.
|
| There are plenty of things this doesn't cover, or even
| backfires. Just interested in what other perspectives people
| may have.
|
| ---
|
| Scuttlebutt actually could allow for 'deletion' in the sense
| that a 'compliant' scuttlebutt client could choose to interpret
| a 'delete this account' message as a filter for any messages
| that match said public key. Many client's UX understand that
| the state of messages may be incomplete due to the P2P nature,
| so thats kinda nice too.
| ChrisMarshallNY wrote:
| I'm writing an app that has an account on a server. A user
| with no account can send a POST form (through the app),
| requesting that we create an account for them. We do so,
| through an admin dashboard. It's easy to completely delete
| the account through the same dashboard, and I don't think we
| have any legal obligations to retain the account.
|
| I'm planning to add a "delete my account" POST form, in the
| logged-in app.
|
| I assume this will be fine.
| [deleted]
| floatingatoll wrote:
| Your app is incompatible with the Apple App Store.
|
| There's a lot of arguments that people will make about whether
| this is justified or not, but from a plain rules standpoint,
| that's not a permissible data management strategy if you want
| to publish an iOS app through Apple's store.
| Hermel wrote:
| Blockchain wallets are an interesting case. I would argue that
| for example an Ethereum wallet that generates an address for
| you in the Ethereum system is _not_ required to provide a way
| to delete that account again. Similarly, the Chrome app is not
| required to allow you to delete your hackernews account even
| though you created it using the Chrome app. Generally, if an
| app enables you to create an account in a system controlled by
| someone else, the account deletion rule shouldn't be
| applicable.
| vineyardmike wrote:
| Can you just delete the key and local data? Is the requirement
| to push that deletion to all other SSB instances?
|
| Seems like a case where in 2021 this rule is good, but blocks
| the creation of new business/product/tools that don't confirm
| with the 2020 way of thinking... which is good for apple.
| arkh wrote:
| > Is the requirement to push that deletion to all other SSB
| instances?
|
| Well if you follow the GDPR: yes. Article 17.2
|
| > Where the controller has made the personal data public and
| is obliged pursuant to paragraph 1 to erase the personal
| data, the controller, taking account of available technology
| and the cost of implementation, shall take reasonable steps,
| including technical measures, to inform controllers which are
| processing the personal data that the data subject has
| requested the erasure by such controllers of any links to, or
| copy or replication of, those personal data.
| jaywalk wrote:
| If the personal data is encrypted and you destroy the only
| key that can be used to decrypt it, is it still personal
| data? Or is it now simply some random bytes?
| arthur_sav wrote:
| What's funny is that all these laws and (appstore) rules
| are not very well thought.
|
| It comes down to the individual to interpret and enforce
| a solution that may or may not be in compliance.
|
| It's like doing taxes in the US. You may or may not doing
| it correctly and you'll only find out if they start
| knocking.
| cygned wrote:
| We built a system that creates backups of PII using that
| mechanism; throw away the key after data is supposed to
| be deleted. That is legal under EU GDPR.
| [deleted]
| mike_d wrote:
| I had this exact question for our privacy legal team and
| the answer I got was that deleting the keys to encrypted
| data is legally equivalent to deleting the data itself.
| jeroenhd wrote:
| This is why using the blockchain got user data is such a stupid
| idea. The immutability makes it impossible to redact or remove
| information, even if that information is encrypted. The same is
| true foor P2P services where there is no central accounting
| system.
|
| Deleting the account shouldn't be a problem if all the
| "account" info is stored on the device itself, so if your
| reviewers aren't completely incompetent I don't see why this
| would be a problem.
| judge2020 wrote:
| > even if that information is encrypted.
|
| Assuming that information is only visible to the owner of the
| key anyways, then disposing of the key effectively renders
| that encrypted data as garbage. Not being able to delete it
| only enables some unknown future attack that can decrypt any
| data without the key.
| rapind wrote:
| But it doesn't though right? If there's a database breach
| 10 years from now and I'm able to crack pki with like a
| quantum computer or something then I have that data... I
| think.
| jacobr1 wrote:
| You don't need the breach, the DB is already public (in
| encrypted form).
|
| So yeah, all you need is either a currently unknown
| mathematic weakness in the encryption scheme, or bug in
| implementation, or as you suggest some future quantum or
| other technical advance that defeats the encryption.
| vorpalhex wrote:
| For now.
|
| If the blockchain survives long enough, that info will
| become public in time.
| jimmaswell wrote:
| We invade the privacy of people from a few hundred years
| ago all the time and it's considered fine. Do you think
| there will be a breakthrough in encryprion breaking soon
| enough for it to matter?
| xg15 wrote:
| Assuming this will take a few hundred years.
|
| Browsers have to frequently deprecate cryptosystems that
| have become insecure. That's not possible with data
| frozen inside the blockchain.
|
| Also, we're at a point where quantom computers are just
| starting to become practically usable. So yes, I think
| the point of a "cryptographic breakthrough" that will
| crack _some_ configurations is quite likely.
| barsonme wrote:
| If AES is broken in your lifetime, you're going to have
| _way_ bigger problems than somebody decrypting your
| blockchain ciphertext.
|
| And if you're not encrypting data with AES (or one of a
| handful of other algorithms), then you should be worried
| _now_.
| olah_1 wrote:
| You can have decentralized p2p systems that respect users
| (allow deletes). One example would be Gun which allows you to
| "tombstone" your data. Just overwrite it with a blank.
|
| A new version of Scuttlebutt allows tombstoning too.
|
| I think mutable should be the default. Make it all ephemeral
| with optional permanence.
| [deleted]
| tibiahurried wrote:
| In event sourced systems, where the state of an application
| is stored as a sequence of immutable events, one way of
| solving the "delete" problem (e.g: GDPR) is to have all the
| events encrypted to begin with. The deletion (without
| performing a rewriting of the events) can be considered
| executed by simply "deleting" the key used to decrypt the
| events.
|
| The information is not deleted per se, but it is not usable
| anymore. Now, if you have access to new means that allow you
| to break the encryption, then yeah it could be a problem.
| nightski wrote:
| Hate to break it to you but banks are not deleting your
| account immediately when you close it. They legally can't.
| xg15 wrote:
| Your point being? Not deleting data for legal reasons is
| still better than the data being physically impossible to
| delete.
| fuddle wrote:
| Can confirm, I worked at a fintech company previously with
| a large number of users. They had a "deleted_at" column on
| the user table in the database. It's not actually deleted.
| nawgz wrote:
| Isn't this almost necessarily true for any system which
| needs an auditable history?
|
| Just thinking out loud, of course cascading deletes will
| fail, so I guess you could avoid using true foreign keys
| to the user table for things which are truly related, and
| then you'd know what the user did but presumably no
| PII... Seems insanely sketchy though. Way cleaner to soft
| delete if you ever need to recover history, which the
| fintech context amongs many obviously requires
| codedokode wrote:
| You don't need to delete the rows from the database. Just
| replace user's name, address and phone with random data.
| xxs wrote:
| The company needs 7 to 10 years of audit info. Of course
| they cannot 'delete' any account.
| datavirtue wrote:
| It's simple. Don't offer account deletion. You comply with
| both in that case.
| bpodgursky wrote:
| > all apps that allow for account creation must also
| allow users to initiate deletion of their account from
| within the app
|
| No, that doesn't seem true.
| wizzwizz4 wrote:
| What bank lets you create an account just from the app?
|
| ... Okay, the digital-only ones, maybe. But virtually all
| other banks I've used make you go to a branch.
| zerkten wrote:
| Revolut and many other apps allow creation of accounts
| from the app per local regulations. It may require SSN in
| the US to complete sign-up, but it's all done through the
| app and is immediate.
|
| The account falls under all the regular retention and
| reporting requirements, although these companies mitigate
| some classes of issues with stricter limits, not paying
| any interest (even though that'd be miniscule), etc.
| asdf3243245q wrote:
| I think most major brick and mortar banks allow you to
| open account fully online.
|
| Try going to random bank websites and click on "open
| account".
| SilasX wrote:
| I signed up for Schwab (and numerous other financial
| institutions that were not "banks" per se) without having
| to go to a branch in person. You usually just submit
| photos of documents and, in some cases, have your picture
| taken at your computer.
| wizzwizz4 wrote:
| Ah, yeah, that was the issue; I didn't have documents. I
| now remember that I could've signed up entirely online,
| had I had them.
| mritzmann wrote:
| I know at least two swiss banks.
| EastOfTruth wrote:
| Does that apply if you automatically create an "account"?
| TedDoesntTalk wrote:
| It doesn't actually say the account must be deleted. It
| says:
|
| "...must also allow users to INITIATE deletion of their
| account"
|
| Capitals mine. So I can allow the initiation of deletion
| but never actually completely delete the account... and
| my app complies.
| imchillyb wrote:
| > So I can allow the initiation of deletion but never
| actually completely delete the account... and my app
| complies. @TedDoesntTalk
|
| If the users that are requesting account deletions see
| that your app is purposely not complying, I don't imagine
| your app will be available for long in the app store.
|
| Your response is why Apple is implementing this change in
| the first place.
|
| Screw AOL and all of the rest of you making things
| impossible to delete, cancel, or otherwise NOT have an
| account.
|
| I sincerely hope you change your tune, and if you don't
| then I hope you receive a permanent ban from Apple's App
| Store.
|
| Seriously. This kind of bullshit shouldn't exist. If I
| can make an account easily, then I should be able to
| delete an account easily. If I cannot, then your business
| model should collapse around your fuckin' ears.
| runj__ wrote:
| It can just go through a manual review and delete the
| parts that they're are legally required to delete. While
| I don't agree with a lot of the money laundering/terror
| financing laws banks shouldn't have to delete your data
| if you're trying to avoid taxes or whatever.
|
| INITIATION is the important part, if they fail to delete
| the parts they're required to delete, F them: get them
| off the app store.
| filoleg wrote:
| > If I can make an account easily, then I should be able
| to delete an account easily.
|
| Sure, if you can open an account easily, then you should
| be able to delete an account easily. So if we make
| opening an account difficult, then it is fine that
| deleting one would also be difficult.
|
| Sounds like an invitation to make opening an account at a
| bank or a bunch of other services much more difficult aka
| impossible from the app.
| oaiey wrote:
| And not only banks. Everything which has audit or
| signatures as part of their requirements will have legally
| required user data after a user leaves.
| dogma1138 wrote:
| Banks are under a completely different set of regulations
| so are many other financial companies as well as other
| sectors like insurance and medical.
|
| They have specific regulation regarding record retention.
| unityByFreedom wrote:
| A deleted bank account is not publicly accessible.
| xxs wrote:
| Yes, pretty much anything that has anything to do with
| anti-money laundering takes 7 to 10 years to even consider
| forgetting your account.
| barneysversion wrote:
| Key management is how many comply with GDPR today. They
| encrypt the PII and associate it with the user. Then, when
| someone requests their info to be "deleted", they zero out
| the encryption key.
| EastOfTruth wrote:
| > This is why using the blockchain got user data is such a
| stupid idea.
|
| maybe for you, but there are use cases...
| wizzwizz4 wrote:
| There _are_ use-cases for blockchain.1 However, storing
| user data is not one of them.
|
| 1: All of them are silly, or could be done better with
| something else, but that's not relevant to the point I'm
| trying to make.
| EastOfTruth wrote:
| It probably could be fine for public user data that you
| want to spread out and be somewhat resistant to censor
| from governments.
|
| > but that's not relevant to the point I'm trying to
| make.
|
| why do you talk about it if it isn't relevant?
| wizzwizz4 wrote:
| > _It probably could be fine for public user data that
| you want to spread out and be somewhat resistant to
| censor from governments._
|
| Can you give an example? "spread out and be somewhat
| resistant to censorship from governments" is just a
| description of blockchain's strengths1.
|
| > _why do you talk about it if it isn 't relevant?_
|
| If I didn't mention it, I'd be lying by omission. In
| order for this discussion to make sense, I have to make
| the implicit assumption that blockchain is good for
| _anything_. I have never, in my life, encountered a
| situation where blockchain is better than alternatives.
| Heck, I 'm half-convinced that Bitcoin would've been
| better off with a block-graph (like Git); it models the
| dependencies better, and means attempted double-spend
| attacks have a lower impact on the rest of the ledger.
| (51% attacks would be a little easier, but only for very
| recent transactions, assuming even distribution of
| wealth2 and a free market economy3.)
|
| 1: though it isn't particularly good at either of those
| things in practice
|
| 2: this is a bad assumption, but it would only affect
| wealth hoarders so I don't care
|
| 3: this is a really bad assumption, but it wouldn't take
| much improvement to the world to make it a _sufficiently_
| reasonable assumption
| TrueDuality wrote:
| Maybe a tombstone record in your immutable system? It is
| technically marking the account as deleted and the data is
| unrecoverable if the only encryption keys have been safely
| purged...
| dogma1138 wrote:
| It's the same as trying adhering to RTBF/GDPR with a blockchain
| or any other immutable data store... Your design decisions need
| to match the regulatory or other commercial / situational
| requirements.
|
| But in your case I'm not sure what exactly is the problem other
| than Apple doesn't believe you... you can still delete the
| account it's just deleted locally.
|
| And you may be required to delete any server side identifiers
| if such exist.
| Zamicol wrote:
| I'm working on an application where a digest replaces the data
| on delete. The digest is immutable, which represents the data,
| not the data itself.
| wayneftw wrote:
| Honest question because I don't know: Can you delete your Apple
| ID from within one of the iOS system apps?
| philip1209 wrote:
| Let's say you're building a product like Slack where you have to
| balance company vs. individual account deletion rights. For
| instance, if I join an open Slack such as Kubernetes developers
| vs. a company slack as an employee vs. a company slack as a guest
| - I believe Slack doesn't differentiate and requires the company
| to manage data deletion requests. How are they able to do this?
| drewwwwww wrote:
| this is one case where slack's insane identity model might be
| beneficial, as membership to any given team is its own
| "account"
| excerionsforte wrote:
| Great, I detest when I can't delete accounts within apps.
| MarketWatch is one place where you cannot delete your account.
| knightofmars wrote:
| "Confirm that any third party with whom an app shares user data
| (in compliance with these Guidelines)--such as analytics tools,
| advertising networks and third-party SDKs, as well as any parent,
| subsidiary or other related entities that will have access to
| user data--will provide the same or equal protection of user data
| as stated in the app's privacy policy and required by these
| Guidelines."
|
| I call to all smart knowing license people of Hacker News. Is
| this a copy-left license attached to a person's data?
| dmitriid wrote:
| This is basically GDPR. You, as the creator of an app or
| service is the sole entity responsible for people's data. It's
| on _you_ to make sure to not spill that data to third-party
| services.
| pilsetnieks wrote:
| It could have been lifted verbatim from the GDPR.
| ManBlanket wrote:
| This policy seems purposefully vague.
|
| "Explain its data retention/deletion policies and describe how a
| user can revoke consent and/or request deletion of the user's
| data."
|
| My first question before looking into it was, "What an auth
| tenant or some other service that stores user data?" or, "what
| about like a banking or healthcare app that is just a portal for
| another system?" And, "What does deleted even mean? IsDeleted=1?"
|
| It would appear Apple's stance on those answers is a shrug emoji.
| I'm no appstore developer but I got a kick out of reading a lot
| this for the first time. This rule bearing no exception to a
| trend that for most part seems intended to give Apple the license
| to eliminate bad actors.
|
| I got a new one for Apple. "Like, do what you gotta do but don't
| be a jerk."
| floatingatoll wrote:
| It sounds like you'd like to work at Apple and help them
| improve their guidelines process. They don't offer what-if
| examples, and they note that it's by design that the guidelines
| are not detailed to the level you're asking, so that they have
| the flexibility to make judgment calls and prevent rules-
| lawyering problems that crop up with the more detailed approach
| you seek.
|
| 1. Auth tenant. Common sense says that if the auth provider is
| operated by you, it's your problem to handle deletions
| appropriately, either by removing their account or by warning
| the user that you're only deleting the specific site account
| and providing a link to delete the SSO account at your website
| or whatever. If you do not operate the identity provider, such
| as Facebook, then you need do nothing about it at deletion
| time. Apple would likely approve any of those paths without
| comment, but to defend against rules lawyering and loophole
| seeking, there's no way to be perfectly certain until it's
| approved.
|
| 2. Banking or healthcare app. If you can sign up in-app, you'll
| need to let people close/delete in-app, except where prohibited
| by contract or law. For corporate healthcare, you would pop a
| dialog that says "This account can only be closed through your
| employer", which would be absolutely sufficient. Ditto for a
| banking account with non-zero balances or a safety deposit box
| or whatever. It seems likely Apple will not have cause to
| enforce the deletion clause against brick and mortar banks,
| since they all have help/faqs on how to close accounts already.
| App-only banks will be held to the more strict standard of
| having some way to initiate deletion, being app-only, though of
| course they'll retain financial audit records as required by
| law.
|
| 3. Deleted means that all information not essential to
| compliance with financial and other auditing laws has been
| removed from your systems. Exceptions are understood to exist
| for recording that someone requested deletion, but you can't
| use those records for marketing or training AI or any other
| purpose beyond managing your deletions. If you can't explain in
| plain simple English how you handle deletions, they're likely
| to reject your submission until you can.
|
| All of this is obvious. It isn't comfortable to consider that
| you're at the mercy of human beings to evaluate your compliance
| -- human beings that see a thousand scams a minute trying to
| hack loopholes in the guidelines. But that's how it is today.
| debaserab2 wrote:
| When did "deleted" become a vague term?
|
| Deleted means removing as much PII as you reasonably have
| authority to do so. It means purging all that data from all
| databases with a guarantee that you will be removed completely
| from all snapshots in a reasonable amount of time.
|
| This should be the default, normal understanding of what it
| means to delete your account.
|
| It doesn't mean set a flag in a database so when your company
| gets acquired in a few years your new owner has a nice little
| trove of data to mine of people that explicitly opted out.
| itake wrote:
| One thing that is confusing about the concept of "deleted" is
| how do you minimize fraud on a social platform without
| retaining PII (indefinitely?) of your users.
|
| If there is a known fraudster and you have their selfie
| image, email address, and ML face vectors, the fraudster
| requests their account to be deleted. What should the company
| delete? Maybe the company can keep a one-way hashed email and
| face vectors, but what about hash-collisions or false
| positives?
|
| If there is a user that wants their account deleted, but then
| they come back to the platform (maybe abusing a referral
| bonus or first-time-only coupon), how do you stop this fraud?
| greysphere wrote:
| I mean... There are a zillion reasons this isn't trivial.
| Imagine I have an app that pays you, and it has to report
| taxes on it. It can't just delete your info. Imagine an app
| that sells alcohol, maybe it needs to make sure it has
| confirmation of your age/info in case of legal action.
| Imagine a chat application, if you chatted with someone and
| they deleted their account, would you lose the chat
| information (or even the name/record of who you chatted
| with?), no, that's 'your' information too, somehow.
| tediousdemise wrote:
| The right to be forgotten is just that - the right to be
| forgotten. _Your_ issues or needs, whatever they may be
| (tax info retention, age info retention, etc), take a
| backseat to the user 's rights.
|
| In other words: the right of one person's data to be
| forgotten supersedes the right of another person's data to
| be remembered.
| robmaceachern wrote:
| The press release sounds more flexible than the actual
| guidelines:
|
| Press release (emphasis mine): "all apps that allow for account
| creation must also allow users to _initiate_ deletion of their
| account from within the app."
|
| Guidelines: "If your app supports account creation, you must also
| offer account deletion within the app."
|
| Has anyone seen any clarification on what options might be
| acceptable? e.g. I'm wondering about something simple, like
| opening an email composer with the app support email address and
| a pre-filled message body requesting account deletion which would
| be performed async.
| zerkten wrote:
| Why would you want to make manual work for someone who just
| wants their account deleted? You're possibly better off
| offering an option in the delete flow for them to "talk with
| you to see if you can work something out" versus manually
| processing deletion requests.
|
| Effort on those requests might recover some users which may be
| especially valuable if you are a subscription business. If you
| can't benefit from interaction then immediately imitating
| deletion from an API seems the only thing that would pass
| muster.
| robmaceachern wrote:
| I think different use cases will call for different
| solutions. My use case is a relatively tiny number of users
| and any manual work they would generate for account deletion
| would be nil, or very close to it.
|
| It's not necessarily about recovering users who want to leave
| but rather minimizing the effort required to implement a more
| complex deletion flow that has a high probability of never
| being used by real users (in my case).
| newfonewhodis wrote:
| I wonder if it'll finally get me off nasty SV companies that
| treat my data like their kid's prom photos that need to be saved
| forever.
| ddoolin wrote:
| I was trying to delete my Instagram account just yesterday and
| didn't even get around to it since I needed to do it from their
| website.
| gumby wrote:
| Wonder if this can be used to unsubscribe from The NY Times?
| javagram wrote:
| Subscribing through the NY Times iOS app already solves that
| problem I think, there's no need to delete your account, just
| go to the Apple subscriptions management page and end the
| subscription.
| filoleg wrote:
| Yep, can confirm, did that myself earlier this year.
| Canceling the subscription for NYT that I had originally
| subscribed to through iOS was painless and took all 10
| seconds that it took me to open the "my subscriptions" panel
| in the App Store and clicking "cancel" on the NYT one.
| tylerrobinson wrote:
| I am not in California, and was able to unsubscribe recently
| using a simple UI and I did not have to chat with anyone.
| dfrankow wrote:
| Where was the UI? Help us!
| PontiacParade wrote:
| I had the same experience. Very simple with only one
| retention step of offering a discount. Once declined I could
| cancel.
| rpeden wrote:
| Same here. Perhaps they've updated the unsubscribe process?
|
| I was expecting a painful process based on what I'd read on
| HN and Reddit but it was just a couple of clicks.
| tgsovlerkhgsel wrote:
| People need to learn to just use registered mail. Yes, it's
| ridiculous that it's necessary, but the postage and hassle is
| probably less than dealing with those intentional hurdles.
|
| Alternatively, if the US legal system allows it and you can
| find a number: Fax. This has the advantage that it can be
| automated on your end so it's not much more hassle than a quick
| e-mail, and the delivery receipt (yes, trivially spoofable in
| theory, but I would assume it's widely accepted in practice)
| also shows what the content of the message was.
| jb1991 wrote:
| This raises one notable benefit of going through Apple for all
| payments -- as a customer, it buffers me from dark billing
| patterns of any random company. Companies like 37signals don't
| like it and claim it hampered their relationship with
| customers, and that might be true in some cases, but overall it
| seems like a benefit for customers to have a consistency
| process of buying, refunding, cancelling everything they use
| digitally.
| widowlark wrote:
| it buffers you from dark billing patterns of all companies
| except apple
| enos_feedler wrote:
| I'd be interested to hear what dark billing patterns you
| are seeing rn with Apple?
| gumby wrote:
| Here's one: they advertise "family" accounts: you buy an
| app and your purchase also covers your spouse.
|
| But your spouse has to know you (or which family member)
| bought it and click on their name in "family sharing" to
| get it for free. Else spouse will pay for it again.
| Zelizz wrote:
| > Else spouse will pay for it again
|
| It doesn't quite work like that. When someone in your
| family goes to hit the purchase button, it pops up a
| window saying that someone else has already purchased it.
| I'm not sure why you have to hit the button first, maybe
| for some measure of privacy from your family members?
| heartbreak wrote:
| That's simply not true. My spouse and I buy apps all the
| time from the App Store and when you try to pay for it,
| it pops up a message that a family member already has and
| proceeds to the download.
| 8note wrote:
| I'm not sure I see that as a benefit so much a government
| doing a poor job on regulations for subscription services and
| online payments
| r00fus wrote:
| Yes, to both. Gov could do better, and in the meantime
| until if/when that happens, may be worth it to use a
| trusted source (Apple) to manage that for you.
|
| Likelihood of Gov doing better seems tied to how much they
| can get away from Wall St. funding/defunding their re-
| election campaigns.
| not2b wrote:
| But if the price of that benefit is 30% off the top for Apple
| for all payments, it's a high price to pay. Perhaps better
| consumer protection laws would be a better way to fight the
| dark patterns.
| Arcsech wrote:
| As a consumer, I have effectively no control over laws. I
| do have control over which payment system I use. So if you
| as an app developer don't want to give a 30% cut to Apple,
| maybe push for better consumer protection laws so IAP
| doesn't have that incredible benefit for me.
| mithr wrote:
| You can believe that dark billing patterns are bad and this
| change is good, while at the same time also believing Apple
| should charge developers less -- these are not mutually
| exclusive.
| [deleted]
| arthur_sav wrote:
| [Unsubscribe Now Button] -> _click_ - > Popup -> "Call us <3
| and we'll reply in 10 business days xxx"
| madars wrote:
| I heard you can change your address to California, which then
| gives the option to cancel online (due to state law). It is
| absolutely ridiculous that NYT will happily take your card info
| online, but require you to be on hold to speak with their
| "customer care" to cancel. Maybe it is time to use virtual CC's
| a la privacy.com.
| ceejayoz wrote:
| Even better, when I had to cancel my NYT subscription, it
| said there weren't enough cancellation reps to connect me;
| "try again later".
|
| I went in via the normal support chat, said I wanted to
| cancel, and was immediately redirected to one. It was an
| outright lie.
| slownews45 wrote:
| Yep - and these are the SAME places posting LONG articles
| about how terrible Apple's store policies are. Uh, folks
| spend a lot on the apple store for a reason.
| gbear605 wrote:
| The problem is how Apple both profits from the app store
| and sets rules on the app store. It's incentivized to
| create rules that make it money without helping users.
| Apple needs to either stop making money from the app
| store or to create a separate body that can set rules
| without being incentivized by profit.
|
| Laws are good, but the lawmakers shouldn't profit from
| them.
| slownews45 wrote:
| Walmart profits from their store and sets the rules from
| their store. The incentive is to make the store a place
| people want to spend money. This is the same as almost
| any other store isn't it?
|
| You do that by making it safe and comfortable for users
| (or in androids case maybe by doing deals with phone
| companies to pre-load their apps and make money off users
| there ).
|
| Apple is only partly successful, they have 15% market
| share in phones or so. But one area they've been good at
| is trust - users on an iphone probably spend a lot more
| (it's also harder to pirate, so what developers give up
| in profits they make back in lack of pirating).
| ManBlanket wrote:
| Your boy at darkpatterns.org would love that gem. I don't
| know if you can give it a more succinct name other than,
| you know, lying.
| tshaddox wrote:
| In California the New York Times still requires you to chat
| with a customer support person on their website. You still
| have to wait in queue, then wait for the person (or maybe
| it's a bot at this point) paste in several attempts at
| retaining your subscription.
|
| The law needs to be that you can cancel all recurring
| payments through a standard interface. It's ludicrous that my
| online banking account doesn't just show me all subscriptions
| and allow me to cancel all future payments of any of them.
| 8note wrote:
| I should be able to tell my credit card company that I'm
| ending a subscription, and have them be in charge of
| notifying the provider that the subscription has been
| terminated
| lttlrck wrote:
| Yes for recurring subscriptions the control should be
| firmly under the consumers control. Perhaps there should
| be a special recurring transaction type on credit cards
| akin to those in PayPal.
| asdff wrote:
| you can do that already. just issue a chargeback and
| poof.
| ceejayoz wrote:
| Do that to a gym and they'll sue you for not paying out
| your contract.
| tshaddox wrote:
| And your bank will probably get upset at you too.
| sergiotapia wrote:
| Any banks that offer this service? I would switch my
| primary banking service for this.
| ilikepi wrote:
| You can kind of get close to this using merchant-specific
| card numbers from privacy.com (not affiliated). If you
| want to cancel a subscription, you just deactivate the
| number associated with that subscription.
| asdff wrote:
| All of them. if you don't like a subscription and don't
| care about burning a bridge, issue a chargeback.
| tshaddox wrote:
| Or just reject the payment the next time they try, that
| would be fine by me.
| jackson1442 wrote:
| I think my bank does this, when I called for another
| reason this week there was an option on the phone menu to
| stop a recurring payment.
| 6nf wrote:
| I've done this using my credit card company (not the
| bank) and they were very helpful. I explained why I
| wanted them to stop the recurring payment and they asked
| if I wanted to dispute any of the older charges, took
| less than 5 minutes. I call the 'fraud/disputes' phone
| number on the back of my card for this and I think that
| is not the bank, I think it's Visa / Mastercard
| themselves.
| core-utility wrote:
| That's my biggest use case for Privacy.com. I care less about
| the privacy aspect and more about the convenience. I've
| already had once instance where a single-use card I created
| for 1 specific vendor started getting fraudulent hits
| (declines) and all I had to do was delete that card.
| tlogan wrote:
| Be careful. You are still on the hook. And in many cases
| companies will sell you debt to collection agencies.
| JumpCrisscross wrote:
| > _all I had to do was delete that card_
|
| Careful. If you didn't properly terminate the contract, you
| still owe that money. I have a friend whose credit got hit
| because a service sold his debt to a collector.
| core-utility wrote:
| Thanks, good to note. In this case, they were declined
| transactions (nothing that went through) so it was only a
| tip-off to something fishy.
| arecurrence wrote:
| The Globe and Mail operates similarly. I spent some time
| while cancelling a few years ago informing them that making
| me call them to cancel is a crime in California. The person
| on the line cancelling my account was genuinely surprised.
|
| Canada was the first to require simple unsubscribe for email
| lists... I'm surprised it still does not have a law to
| require online unsubscribe for media subscriptions.
| murphyslab wrote:
| > I'm surprised it still does not have a law to require
| online unsubscribe for media subscriptions.
|
| Newspaper editorial endorsements are still a big thing in
| Canada.
|
| > The Globe and Mail operates similarly.
|
| But this is good to know. I was considering swapping
| another newspaper subscription for a Globe and Mail
| subscription, but after looking into it, the eventual
| unsubscribe hassle isn't worth it.
| SllX wrote:
| I dunno. I cancelled the other day now that I no longer care
| about the pandemic data and it was basically just three
| minutes of politely stonewalling in a chat box saying "No
| Thanks, please cancel my subscription." a couple of times.
|
| I live in California and would have tried cancelling online
| but actually couldn't find the option. I can't say it was
| difficult to cancel though once I picked a process and
| initiated it. Maybe that was the online option now that I
| think about it? I was expecting a button or link.
| gmadsen wrote:
| I did the same a few years ago and it was relatively
| painless, however there are many people that do not like
| confrontation and "stonewalling" is not an easy task. NY
| Times understands this and preys on a specific segment of
| the population.
| SllX wrote:
| I don't know. It's 6 words and you don't even have to be
| rude about it or get annoyed at the offers they throw at
| you. Then you get the confirmation email and you're set.
| kelnos wrote:
| I hate talking in the phone to people I don't know so
| intensely that I have wasted hundreds of dollars on
| various things because I procrastinated calling to
| cancel.
|
| This effect is real, and companies know it, and design
| their cancellation processes to extract extra money from
| people.
| vageli wrote:
| They don't have the right to my attention. If they were
| to cancel my service due to lack of payment (for
| example), do you think they would engage me in a dialogue
| to discuss it or just send me a notice in the mail?
| ribosometronome wrote:
| Do any banks do a good job offering this feature for debit?
|
| Back in one of the days, the PayPal TOOLBAR used to offer
| this feature, it was really convenient since you were
| essentially direct drawing from your bank account with it.
| electroly wrote:
| If you use PayPal to pay for NYT, you can cancel via PayPal
| and never speak to anyone.
| hashmymustache wrote:
| That's every newspaper online. And gym memberships. And many
| others. Easy to get, pain in the ass to end.
| ahefner wrote:
| I had no difficulty unsubscribing from The Washington Post.
| st3ve445678 wrote:
| I was going to say the same thing! They are the WORST. I had to
| cancel my subscription and the process was like a legal battle
| with the customer representative. He fought me so hard and it
| took so long. I lost all respect for the times after that.
| philwelch wrote:
| I had the same experience with The Economist. And they've
| been harassing me for months trying to get me to subscribe
| again.
| rapind wrote:
| Nevermind NYT, what about your gym subscription!
| ajb wrote:
| That's been so bad that there are now gyms which have 'easy
| cancel' as a selling point. Pure Gym (UK) allows you to
| cancel by just stopping the payment (they call this "No
| contract" which is legally illiterate, but whatever).
| Ironically my bank was suspicious about me when I did it.
| yohannparis wrote:
| This is mostly an internet meme, I subscribed and cancelled
| from the NYT many times without an issue with their online
| chat.
| thechao wrote:
| I canceled by clicking a button. NYT very much knows I'm in
| Texas, not California. It was so easy I almost signed back
| up...
| st3ve445678 wrote:
| Not a meme, I had the experience first hand. It's very much
| real.
| gumby wrote:
| Are you in California?
| xu_ituairo wrote:
| Isn't having to have an online chat an unnecessary artificial
| barrier? Why not a button like most other sites.
| Karunamon wrote:
| I think the problem is that it requires chatting live with
| someone who's job it is to prevent you from cancelling in the
| first place. If you can sign up in two clicks you should be
| able to cancel in two clicks.
| bshep wrote:
| SiriusXM is like this as well, you subscribe/upgrade online but
| you have to argue with a support person for 30-40mins to
| cancel, at least you can do it on a chat on their website.
|
| Honestly if you can subscribe with a button you should be able
| to unsubscribe with a button.
| CamperBob2 wrote:
| It's outrageous that you can't cancel online as easily as you
| signed up, and we do need legislation to correct that. But
| when you have to talk to them on the phone, just say, "I sold
| the car." End of conversation. What are you telling them that
| gives them the hook needed for a 30-40 minute conversation?
|
| If all else fails, "I was just diagnosed with a terminal
| illness" or "I am required to report to the state
| penitentiary on Monday" will work.
| bshep wrote:
| They say "well we have the online streaming you can use" or
| "we can txfer it to your new car" they're just stubborn and
| incitvized to try to keep you. Whats worked the best for me
| is "i haven't used it in 6months and dont want it". theres
| nothing they can say to that.
| jp57 wrote:
| If you buy your subscription as an in-app purchase, you can
| cancel it easily from your phone. Say what you will about the
| app store and in-app purchases, but when it comes to cancelling
| subscriptions they've eliminated the dark patterns.
| Jtsummers wrote:
| And they'll notify you of the subscription's upcoming renewal
| (about a month in advance). Which is very nice when you have
| a subscription that you forgot about or for an app/service
| you realize (with the reminder) you no longer need or use.
| aledalgrande wrote:
| Same as WSJ
| marstall wrote:
| from the Guide ... > If your app supports account creation, you
| must also offer account deletion within the app.
|
| big sigh of relief for me with a service companion app that
| delegates account creation to a web admin interface ...
| emkoemko wrote:
| can i buy a bunch of stuff and then charge back my credit card?
| then when they ban me can i then ask them to delete my account?
| so that i can make a new one and do it again?
| _fat_santa wrote:
| How is this supposed to work for insurance or banking apps? I
| would think those companies separate your "online account" from
| your actual account with them or something like that. I guess
| more generally how will this affect apps where "deleting your
| account" is a complicated affair (insurance, banking, mobile
| service, utilities, etc).
| floatingatoll wrote:
| How does it work today?
|
| All mobile banking apps that allow signup seem to also allow
| account closure, so there isn't exactly a problem there.
|
| If I sign up for insurance in an app, I expect (and Apple will
| enforce) that I can cancel it in an app. Setting aside certain
| health insurance scenarios where I have no legal authority to
| terminate my insurance, I expect that Apple will absolutely
| start enforcing that insurance account management apps need to
| have a way to terminate coverage. But I think this isn't the
| kind of business they're concerned about, so they might focus
| on other business categories first.
| nightfly wrote:
| > If your app supports account creation, you must also offer
| account deletion within the app.
|
| Insurance and banks probably aren't affected, since your
| account is created outside of the app
| greysphere wrote:
| "Paid functionality must not be dependent on or require a user to
| grant access to this data"
|
| This almost forces all software that does anything on the
| internet to be subscription based (or free).
| asimpletune wrote:
| Couldn't you have a signed token for ever capability that
| they've purchased? The app could easily check the signature
| without exposing the private key.
| greysphere wrote:
| That puts the burden on the user/client to maintain and
| transfer their key to new devices, which, well I can't even
| do that...
| BoysenberryPi wrote:
| I feel like this is an objectively good thing. On Android, there
| are many times I signed up for something just to try it out only
| to decide it wasn't for me and have no way to delete my account.
| Currently the only thing you can do is just throw in some dummy
| information and leave it in the wind.
| vrc wrote:
| In that regard, SIWA with relay emails is already saving folks
| a big headache.
| SV_BubbleTime wrote:
| Does directing you to go their website to create the account then
| count as the app offering account creation?
|
| I guess the precedent would be that they didn't used to allow
| redirecting to a website with the purpose of avoid in-app
| charges. Although I think that's over with now.
| Andrew_nenakhov wrote:
| I wonder how many email clients will suffer from this policy
| because they won't be able to delete email accounts from third
| party servers?
| tcit wrote:
| Those email clients don't allow for account creation, so they
| shouldn't be concerned.
| codetrotter wrote:
| For the most part a very good thing.
|
| Wonder what that means for third-party HN client apps though,
| since HN accounts cannot be deleted.
| spinax wrote:
| Not sure which reply to post this under, so I'll just reply
| under GP - it took me about 3 minutes to locate a popular HN
| client which specifically advertises account creation in the
| overview. https://apps.apple.com/us/app/octal/id1308885491
|
| (Android user, can't test it)
| psychometry wrote:
| Let's hope it's a wake-up call to HN admins that they need to
| rescind this unjustifiable and user-hostile policy.
| lacker wrote:
| It only applies to apps that let you create an account from
| within the app, so third-party client apps like this could just
| not handle the account signup. (I think they already tend not
| to handle it.)
| wvenable wrote:
| From the article: "...all apps that allow for account
| creation..."
| colpabar wrote:
| Great point! It's definitely a step in the right direction, but
| my immediate thought was "what about all the sites that don't
| actually delete anything?"
|
| Hopefully apple makes a more user-friendly announcement about
| this that will introduce people of the concept of data
| retention and how "deleting" an account isn't really deleting
| anything.
| vineyardmike wrote:
| > my immediate thought was "what about all the sites that
| don't actually delete anything?"
|
| Thats the whole point :) Apple is saying they need to or no
| iphone app.
| colpabar wrote:
| My point was that not all "delete account" buttons are
| created equal. Some sites just have an "is_deleted" column
| in their user table, and will continue to use your data
| after you "delete" your account. I don't think apple has
| any way to check for this, but hopefully they at least
| touch on this topic in their announcement of the new
| requirement to the non-developer public.
| TedDoesntTalk wrote:
| It doesn't actually say the account must be deleted. It says:
| "...must also allow users to INITIATE deletion of their
| account"
|
| Capitals mine. So I can allow the initiation of deletion but
| never actually completely delete the account... and my app
| complies.
| jmull wrote:
| From the message:
|
| > ...all apps that allow for account creation must also allow
| users to initiate deletion...
|
| So any third-party client that allows creating an HN account
| would need to stop. (Are there any?)
| ASalazarMX wrote:
| I hope third-party clients are not forced to, because making
| the delete API private would be a great opportunity to
| indirectly ban them.
|
| Edit: it's only for apps that allow account creation. If you
| expose the API for account management to third-parties, it
| would make sense to include account deletion.
| stevepdp wrote:
| Beyond issues of privacy, this is a nice quality of life fix for
| folks pursuing digital minimalism.
| murgindrag wrote:
| As much as I like the change, the 3-month window seems
| unreasonable. I don't currently have AppStore apps, and these
| kinds of whiplash changes are part of the reason.
|
| Microsoft, for all its faults, is much better than Apple or
| Google here.
|
| Businesses take planning and strategy, and these things lead to
| drop-everything fires.
|
| Economies rely on stability.
| wbobeirne wrote:
| To be fair, it's closer to 4 months, and it would appear that
| they won't yank you immediately. It's only for new submissions:
|
| > This requirement applies to all app submissions starting
| January 31, 2022.
|
| Unsure if this means new apps, or includes updates to existing
| apps. But I bet there'll be a bit more of a grace period if you
| don't have a new update to push.
| ryantgtg wrote:
| Plus, "initiate deletion of their account from within the
| app" sounds like the app can simply link to whatever account
| deletion functionality you have on your website.
| dhritzkiv wrote:
| This language in the past has come to mean all submissions:
| new apps and those being updated.
| alex_c wrote:
| This change was noticed and discussed in June, when Apple
| (quietly) added a clause to the App Store guidelines. We
| notified our clients back then.
|
| Details were very vague at the time and now we know when it
| will actually start being enforced, but overall it's more like
| half a year notice.
| bilbo0s wrote:
| I remember that change. I wondered at the time why people
| were not more concerned about what that change meant. I guess
| people either didn't fully apprehend the implications, or
| maybe they thought Apple wouldn't follow through?
| [deleted]
| floatingatoll wrote:
| Apple considers 3 months their standard level of advance
| notice, with WWDC serving as your warning and the release of
| iOS in September as the go-live date.
|
| However, in this case, they have ended up giving you 6 months
| and a courtesy reminder.
|
| If you aren't interested in maintaining your app annually,
| don't publish apps on Apple's store.
|
| Whether or not their level of notice is enough, they've been
| consistent for years in this practice of 3 months notice for
| significant and breaking changes, and they seem comfortable
| compelling annual updates from developers. I would not expect
| them to care that 3 months is difficult in your circumstances,
| as they assume you're prepared to maintain your app and
| proactively keep up with policy changes over time. It sounds
| like you did not attend to this year's policy updates and may
| well have been out of compliance for months now. Fortunately,
| they offered a grace period rather than just refusing your next
| bugfix update. Lucky you!
|
| (I am not sympathetic to your situation, because as a user of
| apps, I am exhausted of crappy apps and bottom-of-the-barrel
| behaviors from developers. I understand that others may feel
| otherwise, and that's fine too, just as long as those feelings
| do not get in the way of being a responsive app developer.)
| oauea wrote:
| Yet another developer-hostile apple policy. Amazing. You have
| to be crazy to stake your company on apple's goodwill at this
| point.
| jstsch wrote:
| This is great news, and again evidence of Apple pushing the
| privacy envelope forward for their customers. For many users,
| deleting an account by visiting an obscure flow on a web property
| is simply a bridge too far (assuming the service even offers an
| automated way of account deletion, which often is not the case).
| dathinab wrote:
| From the guidelines:
|
| > (v) Account Sign-In: If your app doesn't include significant
| account-based features, let people use it without a login. If
| your app supports account creation, you must also offer account
| deletion within the app. Apps may not require users to enter
| personal information to function, except when directly relevant
| to the core functionality of the app or required by law. If your
| core app functionality is not related to a specific social
| network (e.g. Facebook, WeChat, Weibo, Twitter, etc.), you must
| provide access without a login or via another mechanism. Pulling
| basic profile information, sharing to the social network, or
| inviting friends to use the app are not considered core app
| functionality. The app must also include a mechanism to revoke
| social network credentials and disable data access between the
| app and social network from within the app. An app may not store
| credentials or tokens to social networks off of the device and
| may only use such credentials or tokens to directly connect to
| the social network from the app itself while the app is in use.
|
| Also interesting:
|
| > (viii) Apps that compile personal information from any source
| that is not directly from the user or without the user's explicit
| consent, even public databases, are not permitted on the App
| Store.
|
| So why is Facebook still allowed? It still creates shadow
| profiles without permissions as far as I know.
| oauea wrote:
| Because apple applies one set of policies to you and me, and
| another set of policies to the bigcorps. See the leaked
| messages from the epic lawsuit where apple execs talk about
| netflix's iap cut.
| LegitShady wrote:
| >So why is Facebook still allowed? It still creates shadow
| profiles without permissions as far as I know.
|
| Maybe because the app itself isn't doing it? I'm not sure what
| "apps that" vs using the information the app gives you are
| really different but in technical detail it might be.
| CheezeIt wrote:
| Apple shouldn't be interfering with other businesses and their
| users like this. It's sad to see people here celebrating their
| inability to run unapproved software.
| nerdjon wrote:
| This is the cost of gaining access to users in iPhone.
|
| This also has nothing to do with unapproved software. The idea
| that a user can actually delete their data from your servers
| should not be a controversial topic. But of course it is for
| businesses and developers, which is why Apple has to make a
| policy like this.
|
| As a user I am very happy with this.
| echelon wrote:
| > This is the cost of gaining access to users in iPhone.
|
| 50+% of Americans for everything they do, say, buy, etc.
|
| This is a monopoly by sheer volume and scale of their reach.
| nerdjon wrote:
| Maybe it's time to realize that consumers continue to
| choose a more locked down platform for policies like this?
|
| Businesses will continue to complain but this protects the
| user.
| echelon wrote:
| Call and email your representatives like I do.
|
| You're not going to find support in a forum with 60+% Apple
| users. A lot of these people work for or have stock in this
| company.
|
| They don't see how this is a roadblock to competition and that
| this device is now in the critical path of 50+% of commerce.
| (Maybe they'll care more when they have to compete.)
| detaro wrote:
| Meh. I don't own Apple devices, am always arguing they
| shouldn't force apps to go through the app store and at the
| same time find this a very reasonable restriction for the app
| store to have.
| staunch wrote:
| The problem is that Apple has absolutely no way to enforce the
| deletion. An app can say "your account is deleted" but not
| actually delete any data off their servers.
|
| What would really give users the control they deserve is the
| ability to restrict what data can be sent off the device by an
| app in the first place.
|
| Apple should make it possible to deny internet access to an app
| entirely, and they should provide an API that allows apps to
| upload very specific kinds of data that a user has approved of,
| but nothing else. Of course, some apps need to be able to request
| unrestricted internet access.
|
| Permitting apps to collect private data _and_ have unrestricted
| internet access, by default, was always a terrible decision in
| terms of user privacy. Apple owes it to their users to fix the
| problem they created.
| Karunamon wrote:
| The test for that problem will be seeing what happens when one
| of these apps get breached. Unless Apple is willing to
| terminate developer accounts when it comes out that app makers
| are not actually deleting anything, this is completely
| toothless.
| joebob42 wrote:
| If you want to delete your account, and your primary goal is to
| prevent future data going to the owner of the app from your
| device, why not just delete the app?
| staunch wrote:
| My goal would be to keep my data on my device and in my
| control. It's crazy that giving an app access to your Photos
| or Health data means it can just start randomly uploading to
| anywhere on the internet without asking you.
|
| People in the future will be amazed we lived like this...
| jmull wrote:
| > Permitting apps to collect private data and have unrestricted
| internet access
|
| What apps are left if this is forbidden?
|
| "private data" can mean pretty much any user input.
| "unrestricted internet access" means pretty much any internet
| access.
|
| We're left with apps that either cannot accept user input or
| cannot access the internet at all.
| staunch wrote:
| A good system would probably have tiered permissions,
| something like:
|
| 1. No internet apps: store data locally on the device only,
| no upload or download.
|
| 2. Partial internet apps: store data locally, and only
| download data through an Apple proxy service that hides the
| user's IP address and any identifying info.
|
| 3. Full internet apps: store in the cloud,
| uploaded/downloaded through an Apple proxy that logs/filters
| everything. Or even stored in Apple's cloud.
|
| 4. Unrestricted internet apps: VPNs and web browsers, and
| whatever else actually needs arbitrary access to the
| internet.
|
| There's no reason my bluetooth scale app needs #4 (which it
| has today) when I would much prefer it have #1.
| jmull wrote:
| I don't believe "only download data through an Apple proxy
| service" does much for user privacy/control of data.
|
| A seemingly benign request that appears to simply request
| information can encode a user's private, sensitive data in
| the request URL, e.g.
|
| I think there's no real distinction between your 2. 3. and
| 4.
|
| There's a place for no internet access at all. It would be
| good if they had a permission for that.
| otterley wrote:
| Do you really think it's a good idea to lie to Apple and to the
| public about your data deletion policies? Do you really think
| bad actors won't be found out eventually? Is it worth the risk
| to your business?
| twobitshifter wrote:
| I think there is a point there. "Soft" deletions are
| relatively common in relational databases. Do we know that
| Apple means a "hard" deletion of data? Apple says to include
| your retention and deletion policies in the App description,
| so maybe that's where people would need to come clean on soft
| deletions?
| winternett wrote:
| Apple... Now protecting people's privacy much faster than the
| government... 0-60 real quick.
|
| But on the other hand, I think they should also carefully
| disclose the info they collect at their OS level...
|
| Just another case of that old CYA.
| jackson1442 wrote:
| When setting up your phone or accessing any apple apps for the
| first time, there's a (labeled) data collection icon at the
| bottom of the screen that you can touch for information about
| what data is collected by each app/process. For the apps, this
| information is also available in the App Store (just like any
| other app).
|
| You can also view any collected system analytics in Settings ->
| Privacy- > Analytics & Improvements. Seems relatively fair to
| me.
| nielsbot wrote:
| I think they do? Although it may be buried in several settings
| screens...
| jon-wood wrote:
| One of the first steps in setting up an iOS device is a great
| big screen telling you what data is collected and allowing opt-
| out. There's several of them for each feature you're setting
| up. There's then another of those for each first party Apple
| app on the device. I'm really not sure how much clearer they
| could be.
| judge2020 wrote:
| It's definitely carefully (not prominently) disclosed, you just
| gotta go to this privacy page:
| https://www.apple.com/legal/privacy/en-ww/
| winternett wrote:
| Let me get my reading glasses... Ahh... OK, they limit it
| only to accessing everything... lol.
| tediousdemise wrote:
| I think the right to be forgotten is spelled out in plain terms.
| If you have my data, and I don't want you to have it, that's the
| line in the sand. With a few exceptions (such as data
| decentralization), data is trivial to delete. The problem is that
| businesses and governments don't _want_ to delete data, because
| data is knowledge, and knowledge is power.
|
| Example: You are a typical business. A fire completely destroys
| all of your data, including financial data. If the IRS comes
| knocking for financial records, you have an excellent reason for
| why you cannot provide it - force majeure. A law protecting the
| right of a human to be forgotten should be treated the same as a
| fire. You do not question it, and should forcefully comply.
| spicybright wrote:
| They have a lot of good will to make up for the image detection
| they tried to push.
| turbinerneiter wrote:
| I remember that roughly 5 or 6 years ago, when I wanted them to
| delete my apple id, I had to call them. On the phone. And the guy
| told me, "if we delete your apple id, you will not be able to
| sign up with this mail again".
|
| I only realized after hanging up how little sense this makes.
| dmart wrote:
| It makes perfect sense, in order to prevent someone else from
| registering your old @icloud.com email address and
| impersonating you or performing password resets.
| turbinerneiter wrote:
| That does make sense, but I remember him talking about my
| gmail address. Not even sure I had an icloud email. But I
| could very well remember that wrong.
| programzeta wrote:
| You can have an iCloud account with any e-mail, including a
| gmail address - might have been the case there?
| bobbylarrybobby wrote:
| The point is that you don't want someone re-registering on
| iCloud with that gmail address because then they could
| impersonate you when interacting with Apple.
| asdff wrote:
| I still don't get it. You cancel the account, it should
| be gone like it never happened. Poof. If you make a new
| account with the same email, it should be a new account
| with no relation at all to the old account since that one
| has been deleted and is gone forever and there would be
| nothing to impersonate here.
| MattGaiser wrote:
| Presumably to prevent someone from hijacking accounts.
| wil421 wrote:
| I've had people try do use credential stuffing on my accounts
| after major breaches. It happened on a deleted instagram
| account and I'm glad they blocked it.
|
| I'd rather it work the way Apple does it than have someone try
| to recreate a deleted account.
| slownews45 wrote:
| This makes total sense, and good of them to warn you.
|
| MANY people tie things like password resets to your email, not
| to you and may not have a retail store presence you can get to
| for a password reset.
|
| He's telling you - once this email is gone, it is gone and no
| one, including you will get it again. That is good in the sense
| that no one can impersonate you, but bad if you have an "ooops"
| moment and want to do a password reset that needs that email.
| jackdeansmith wrote:
| Feels to me like public pressure is on Apple to actually justify
| their argument that their App Store policies are for the benefit
| of their customers. If that results in more policies like this
| that really do improve customer experiences, that's not the worst
| outcome.
| [deleted]
| duxup wrote:
| I feel like a lot of policies were always there for that
| reason. I don't consider this anything but just another policy
| like that.
| Despegar wrote:
| The App Store policies were always for the benefit of customers
| (and Apple). These policies will keep happening because the
| basic incentive of Apple's business model has been unchanged
| since 2008.
| gm wrote:
| I would rephrase it as "The App Store policies were always
| for the benefit of Apple (and customers)."
|
| The priorities have shown very clearly over time.
| mehrdada wrote:
| Indeed many people do not remember that Android ecosystem at
| the beginning deliberately was on the side of the _developer_
| (and Google) as opposed to the user with its lax permissions
| and liberal access to the system and took its leisurely time
| to add more useful permission controls for years (location
| access was _install time_ and you could not opt out of that
| specific permission unless you chose not to install the app
| at all).
|
| Priorities matter.
|
| P.S. I do see Apple business model changing to services
| bringing in some bad behavior associated with that: for
| instance, push notifications now are used as a spam/marketing
| mechanism for Apple services similar to Android; iCloud
| Storage nag is another example.
| slownews45 wrote:
| 100% this, folks do not remember that it was really apple
| leading on a TON of this stuff.
|
| The storage and other nags I hate, it's a real ethos
| breaker for me. Get that crap off my iphone. That's why I
| pay extra - for less crap (I like that they somehow can
| also block the carriers from installing unremovable apps,
| for some reason android phones sometimes come with weird
| apps from your carrier when you get them).
| hawski wrote:
| How does the app store searching and filtering work now? I
| had last contact with Apple devices around iPhone 4S. What I
| remember from that time (maybe wrongly) is that the
| experience was practically limited to a name search (as on
| Android). You can't filter for example for open source apps.
| I know that the example is not useful at its face value even
| if power users could show their less technical peers "this
| one simple trick". But it is just an example. From what I
| remember searching things in app stores is a lesson in
| frustration, because it is mainly there to input a well known
| brand or app name and quickly install it instead of helping
| with app discovery.
|
| Nowadays on Android I try to search for apps on F-Droid first
| or search on Github as a shortcut to find open source apps.
| Why open source? They are often a barebones version, that
| will probably not sell me out and will not use dark patterns
| (I know it can still happen). I have nothing against paying
| for apps, I do have a couple I bought, but sometimes I have
| simple itch, that I know for sure someone else already
| scratched for everyone else and I do donate sometimes. This
| lousy state of app stores leads me often to search for some
| simple web apps on github.io. At the same time I sold whole
| open source category to Microsoft. In the end it seems that
| all I want is a smartphone shell scripting equivalent, but
| that is a totally different point.
| dwaite wrote:
| > You can't filter for example for open source apps.
|
| There isn't metadata for this, as it is not part of Apple's
| relationship.
|
| They are a seller of software, and the creator of the
| software is responsible for making sure the software can be
| compatible with the licensing and copyright terms of both
| Apple and any dependencies.
|
| A semantic link to grab the source code for an app would be
| neat, but a pretty niche feature. That Apple can't verify
| that it is the same code (or that the separately hosted
| build process doesn't have malicious logic within it)
| probably quickly pushed them over the edge in terms of not
| supporting such a feature.
| Andrew_nenakhov wrote:
| Yeah, like the inability for the user to install an app after
| an authoritarian government decided that their subjects
| should not be using it, and Apple subserviently obeyed and
| removed said app from the Appstore.
|
| An extremely beneficial policy for the customers, right.
| simonklitj wrote:
| You're talking about something else. Do we expect money-
| making companies to be the ones to war against
| authoritarian regimes? Do we not also expect companies to
| obey the laws of the lands in which they conduct business?
| You can't just say screw it to GDPR and expect to continue
| to be able to conduct business in the EU.
| MrStonedOne wrote:
| Apple didn't have to lock users out of installing
| "unapproved" apps on their own. That isn't for the user's
| benefit and isn't necessary for apple to have a curated
| app store.
| dwaite wrote:
| What would the alternative be - the method of
| installation is the App Store, and Apple's compliance was
| removing the public and private presence from the App
| Store within that country.
| oauea wrote:
| Just allow sideloading. It's not hard to not block that.
| But apple is hell-bent on collecting every cent they can,
| so of course all app installations must go through their
| walled garden where they can take their 30%. Anti-
| consumer behavior at its finest.
| Andrew_nenakhov wrote:
| I do expect the company that sells hardware to their
| users to allow users to decide which apps to run on sold
| devices. Currently, Apple is behaving as if still owns
| those devices and decides which apps to run. Precisely
| this lock-in created by apple is actively exploited by
| authoritarian regimes.
|
| If Apple will allow third-party app stores or direct
| installation of applications on devices, dictatorships
| will lose this capability to harm Apple's customers.
|
| But of course we all know that this policy was never
| intended to protect users, it was to protect Apple and
| their appstore monopoly, which also allows Apple to
| extort developers of 30% of all of their revenues by
| forcing them into Apple's payment services. Finally, the
| world has had enough of this and starts to fight back
| against it.
| lovich wrote:
| > If Apple will allow third-party app stores or direct
| installation of applications on devices, dictatorships
| will lose this capability to harm Apple's customers.
|
| As someone who switched from the Samsung note line to
| iPhone, the only freedom I felt from the ability to
| install other apps was the freedom to deal with all the
| unrecoverable crap ware.
|
| There's other phones out there with greater freedom than
| the iPhone, people are aware of them, and are still
| choosing the iPhone.
|
| The curation is a benefit in that I have a corporation
| with thousands of employees working to prevent the other
| corporations from making my user experience worse. If the
| curation goes away I'd probably switch to a cheaper phone
| next upgrade and I'm sure apples aware of that
| slownews45 wrote:
| Most of their policies are ones CONSUMERS have liked but
| BUSINESSES have hated.
|
| The litigation / cases / govt intervention has been on behalf
| of businesses not consumers. A lot of folks in the "alliance
| for app fairness" have just horrible billing practices.
| Understandably, if they can get out of the app store, they can
| stop you from being able to do things like delete your account
| or unsubscribe with a few clicks.
|
| A lot of the newspapers make it easy to sign up, but then you
| have to call to cancel, the same papers that go on and on about
| how terrible the app store is. There is a REASON people spend
| fortunes, particularly in the apple app store - it's damn safe
| to do so in most cases.
| forty wrote:
| Honestly I'm more on the business side, but I fail to see how
| the fact that we cannot refund our customers is a benefit for
| them.
| Hammershaft wrote:
| Apple killed valve's steam link app because they couldn't get
| a cut of games consumers had purchased on a different
| platform. Hardly pro consumer behavior.
| dwaite wrote:
| They _temporarily removed_ steam link because the app
| allowed you to enter credit card information and purchase
| directly within the app.
|
| Once that was removed, Steam Link went right back up
| skunkworker wrote:
| Steam Link? It's on the App Store right now. Same with Xbox
| and PS remote play.
|
| They don't allow a native app for GeForce now, but it works
| with a browser.
| MrStonedOne wrote:
| Don't you think that is something apple should have thought
| of before doing what they did to cause outcry?
|
| Apple wanted to be the gatekeeper blocking out harmful apps,
| fine by me.
|
| Apple then wanting to use that gatekeeper status to steal
| money from app developers, block apps that compete with apple
| internal apps, and enforce moral choices on what kinds of
| apps you can install on your phone, evil by me.
|
| They could have done the former without doing the latter, but
| they fucked it up, and have to pay the piper.
| harles wrote:
| So the case for this practice is that Apple is the only
| corporation that can be trusted with billing - consumers are
| just being protected from all those evil corporations that
| aren't Apple. Seems like a straw man.
| zamadatix wrote:
| > Most of their policies are ones CONSUMERS have liked but
| BUSINESSES have hated.
|
| I'd agree here, the majority of the policies are likable by
| consumers.
|
| > The litigation / cases / govt intervention has been on
| behalf of businesses not consumers.
|
| Consumers don't have millions to throw around on litigation
| against Apple so it's no surprise the litigation is focused
| around business cases. On the government intervention side I
| disagree though, of the very little intervention there has
| been it has been consumer focused IMO.
|
| In either case there is also some overlap of "business
| interest" and "consumer interest" even if the vast majority
| of the time there isn't so blanketing that all litigation has
| been on behalf of businesses does not imply all litigation is
| about policies not in consumer interest. And I think the
| courts have been very conservative on which points are
| actually acted upon even if there is a bit of a "throw it at
| the wall and see what sticks" approach to many of the cases.
|
| > A lot of the newspapers make it easy to sign up, but then
| you have to call to cancel, the same papers that go on and on
| about how terrible the app store is. There is a REASON people
| spend fortunes, particularly in the apple app store - it's
| damn safe to do so in most cases.
|
| If people are truly buying Apple devices because they only
| want to purchase things from the controlled app store then
| the availability of alternative app stores wouldn't be a
| concern, they would simply go unused. The truth is most
| people don't actually buy the devices for this reason which
| is why Apple is so afraid to give that singular point of
| control up.
| bogwog wrote:
| Bad billing practices like the NYT's impossible-to-
| unsubscribe bullshit is not Apple's responsibility to fix:
| it's the market's first, the government's second. A
| corporation having the power to control/regulate society to
| such an extent is like textbook dystopian hell-hole stuff.
| syshum wrote:
| I am a consumer... I hate their policies which is why I do
| not consume their products
| blendergeek wrote:
| > The litigation / cases / govt intervention has been on
| behalf of businesses not consumers.
|
| There is actually a class action suit against Apple regarding
| anti-trust brought by consumers. Unfortunately, while the
| suit was filed in 2011, it wasn't until 2019 that the Supreme
| Court ruled that consumers even do business with Apple in the
| App Store [0]. So, a lawsuit filed in 2011 was allowed to go
| forward in 2019. I don't know what methods Apple had used to
| hold up the case since then.
|
| [0] https://en.m.wikipedia.org/wiki/Apple_Inc._v._Pepper
| echelon wrote:
| Feels like a celebration of "Apple sticks it to the stupid app
| developers, hooray!"
|
| Except app developers are mostly small shops and startups. One-
| person operations.
|
| How would we like it if the web were forced to behave according
| to some governing body? It feels like some North Korean 1984
| dystopia and we've all got explosive collars around our necks.
|
| It's anti-freedom, anti-American, anti-ownership, anti-
| Stallman. And I own five iPhones and an iMac.
|
| I just want my stupid software on the stupid fucking software
| execution device. No tap dancing bear rules. No praise to Apple
| or forced induction to the Church of Jobs.
|
| Steve Jobs made this artificial, ceremonious bullshit to make
| money. There is no other reason.
|
| I curse history that his authoritarianism won. It's become
| pervasive throughout the industry now. It should be illegal.
|
| I'll gladly charge 3x the price to Apple users for having to
| put up with this malarky.
| wruza wrote:
| Why don't you just use pro-everything devices. Even top
| quality ones exist now, which can be reprogrammed to function
| as you wish. Apple is not the only option anyone has.
| echelon wrote:
| Because it's impossible to ignore 50% of the market using
| iPhones. To do so would be to doom your company.
| [deleted]
| cientifico wrote:
| Is it only in Europe that this is already by law for every entity
| that stores personal data?
| kmetan wrote:
| So this will also apply to all banks with online onboarding?
|
| E.g. 1) Download an app (N26, Revolut, etc...) 2) Create an
| account 3) After login, the option to delete the account should
| be there...
|
| (Of course the bank should respect all data retention policies)
| sharmin123 wrote:
| Having troubles logging into your email? Get it hacked
| efficiently: https://www.hackerslist.co/having-troubles-logging-
| into-your...
| codingclaws wrote:
| Wow. I wonder how many apps this will take down due to not ready.
| nathanyz wrote:
| Is this now perhaps the easiest way to remove your Facebook
| account?
|
| Future guides will be like: 1) Buy an Apple
| device 2) Download and sign in to Facebook app 3)
| Click delete account button
| envy2 wrote:
| Deleting a FB account is already trivial.
|
| Instructions here (essentially, press "Permanently Delete
| Account" in settings and put in your password to confirm):
| https://www.facebook.com/help/224562897555674
| chaircher wrote:
| I am under the impression this varies wildly from country to
| conutry but am unsure - maybe someone else can chime in to
| confirm/deny?
| zenmaster10665 wrote:
| huh? you can deactivate and delete your FB account through
| Facebook...why would this be easier?
| nathanyz wrote:
| Don't they maintain shadow accounts and not actually delete
| the account in the background. That was my understanding from
| prior discussions around it. Basically they hide the account,
| not actually delete the account and all data associated with
| your use.
|
| Could be totally wrong here though...
___________________________________________________________________
(page generated 2021-10-06 23:00 UTC)