In the past weeks, I have been critical of Privacy International, an organisation that describes itself as a watchdog focusing on privacy intrusions by government and businesses. Its recent rhetoric has indicated little interest in reaching an accommodation with the online advertising business, and appears to work from the principle that the industry is inherently evil.
My anxiety has been that in failing to recognise advertising's value - funding great content that consumers don't want to pay for - Privacy International risks damaging a democratising force, just as it seeks to ensure its compliance with democratic principles.
Last week, however, with the furore surrounding Apple's tracking of users' locations, it hit the nail on the head.
In the unlikely event that you missed it, iPhones and iPads take time-stamped samples of users' locations, saving this data to a file and transferring it to PCs and Macs whenever the device is synched. Users have, unsurprisingly, been rather upset.
In an open letter to Apple chief Steve Jobs, Privacy International asks four important questions. Why does Apple collect this information and back it up? Who has access to it? What security is in place to prevent unauthorised access? Does Apple have users' consent, and does it offer them the ability to deny this and control the data?
I would add: Why the hell did it think this was a smart thing to do? At the time of writing, six days after the revelation, Apple has yet to issue a statement. This, you might consider, speaks volumes.
Of course, Apple isn't the first tech company to generate a privacy scandal. Google tripped up badly with its Street View data trawl, when it collected information about users' wi-fi networks. Facebook has one most weeks.
Most of these events seem to have been neither cock-up nor conspiracy; someone in the organisation thought it would be interesting to gather or share a particular data set, because they could. The failure has been due to the organisation neglecting to put in place the culture, processes and enforcement that sufficiently value users' privacy.
So, even if it is all completely innocent, it isn't. It simply isn't good enough that companies are so arrogant as to think they can collect first and ask questions later. Brands can't hide behind wordy privacy policies; the ethical question 'Would users consider this such a beneficial action that we can justify not clearly telling them about it?' has to be asked within the organisation.
Apple's products are great, but the terms on which Jobs lets you play with his toys are clear: it's his way or the highway. You can't have USB, Flash or an SD card on an iPad, because according to the Apple site, the iPad2 is 'the Holy Grail of computing'. Nevertheless, users make an informed choice about this; they buy into the cult and, largely, the pros outweigh the cons.
However, apart from a few law enforcers, no one knew about Apple's little infohoover, and there is a lesson here for us all. We need to ask searching questions about our own capture and use of customer data, realising that because the law lags behind technological development, it should be regarded as a minimum standard when considering privacy.
Nowhere is this going to be more keenly felt than in mobile. While privacy is a big issue, it's one that most users wilfully ignore. When it hits the device in your pocket, it becomes personal in a way that you can't avoid.
If you were in Syria right now, would you want an iPhone?
Andrew Walmsley is a digital pluralist
30 SECONDS ON ... Privacy International
- The organisation was formed in 1990, by more than 100 privacy experts and humanrights organisations from 40 countries, in response to growing concerns over threats to privacy.
- It is registered in the UK as a non-profit, private limited company. Its US arm is administered through the Fund for Constitutional Government in Washington DC. It receives funding and support from a range of foundations, academic establishments and non-government institutions.
- The organisation describes itself as being simultaneously a 'troublemaker, think-tank, campaigner and researcher'.
- Stated objectives include: raising awareness and providing education about threats to personal privacy; monitoring the effectiveness of measures to protect privacy and personal data; and monitoring surveillance activities of security forces and intelligence agencies.
- Privacy International claims to have assisted law reform and human rights organisations in at least 20 countries.