Information doesn't have to be explicitly linked to a person in order to identify them. Search browser fingerprinting as an example. The best policy is really to not collect this information.
> The best policy is really to not collect this information.
Quoting from the flowchart:
"Touch ID or FacelD are stored locally and cannot be accessed by the operating system
or applications."
Called out as if it's a bad thing??? It's a really weird flow chart.
Meanwhile, Apple did more work on differential privacy than anyone, famously sandbagging their Maps directions / routing by refusing to collect your route A to B, instead segmenting the trips and disassociating them.*
Across the board, they create incredible hurdles for themselves at great expense.
One wonders why, when Apple have to compete head to head with firms that do not sandbag themselves.
Perhaps it's because Apple has to get most of its revenue from device sales and user subscriptions, while the others get almost all of their revenue from turning user data into ads, so they actually are fundamentally different in mindsets?
Google does all this anonymization across services as well and it doesn't at all get them off the hook in any way. It's so easy to just cross correlate data later.
