You really had to hope that Apple would be more above board than other companies about who has access to our iData. We love them so much: half of all U.S. households own at least one Apple device. They’ve sold us on documenting our growing kids, cooking for our families and debuting new haircuts with iPhones, iPads and Macs.
Instead, Apple initially denied any involvement in PRISM, the National Security Agency’s massive e-spying program. Then, like Facebook and Microsoft, the Cupertino company issued a statement meant to clear things up but the numbers released by all three companies just confuse and minimize the issue.
So if they all did it, why am I seeing red about Apple? We deserve more from a publicly-traded company that has built its reputation on products that aspire to “enhance the life it touches” as in the above two-page ad timed to appear in the Wall Street Journal the day of the PRISM statement.That statement, headlined “Apple’s Commitment to Customer Privacy,” seems about as phony as this Android iPhone clone.
Brushing aside the pseudo-sentiment, the numbers are the real problem. There’s an old rule of thumb in journalism that a good numbers story should limit the number of digits to eight in every paragraph, so instead of:
The Office of Redundancy’s budget rose 48 percent in 2001, from $700.3 million to $1.03 billion.
Over the past year, the Office of Redundancy’s budget grew by nearly half, to $1 billion.
That may seem conservative in this era of big data, but the average reader sees too many zeroes and can’t put two and two together. If there are too many numbers without context, our brains just skim. It caught my eye that in all three statements there were sets of large numbers that made comparison tricky and meaningful comparison nearly impossible.
Apple’s paragraph on the disclosure starts with the full dates of the period in question — at 11 digits that’s already over our benchmark – and the smallest number first, 4,000 to 5,000 requests.
From December 1, 2012 to May 31, 2013, Apple received between 4,000 and 5,000 requests from U.S. law enforcement for customer data.
That’s nothing, right? But the next sentence says that between 9,000 and 10,000 accounts or devices were specified in those requests, meaning the number of accounts actually accessed is twice as high — because the NSA or the police make one request to access both Fred and Mary’s iPhone metadata, for example.
What if Apple had said: “In the last six months, government authorities accessed around 10,000 customer accounts?”
Not the same thing. Almost all of the news stories focus on the smaller number of requests – not the access – and then compare it to the global (not U.S.) number of users, so what you get is a number that seems tiny by comparison.
After puzzling over it myself, I threw together this simple bar chart with the numbers of accounts accessed from all three statements — they already look more substantial, right?
A few other things jump out: Microsoft has about three times more customer accounts accessed by the authorities than Apple. Maybe Apple’s lawyers do more to deflect those requests or maybe it’s the encryption that locks even Apple out of iMessages and FaceTime. We have no way of knowing.
Also, all three companies pull back the curtain on a paltry six months’ worth of data. It doesn’t take Nate Silver or some PhD student who can dream in R to see that the smaller the window, the smaller the numbers look.
Just for kicks – and because Microsoft was the first to join PRISM in September 2007 – what if Microsoft’s 30,000 customer accounts accessed in six months was an “average?”
That number is probably still not enough Microsoft customers to crowd their retail stores in proportion to their overall user base, but it starts to look less like something you can immediately dismiss.
Today, Yahoo jumped on the faux-disclosure bandwagon, revealing that there were 13,000 requests in the last 18 months, which means the number of accounts accessed is probably twice that.
I think we’ve come to expect more from Apple.