Privacy Settings 'Had No Effect' on Apple's Data Collection: Complaints

Two more privacy class actions were filed against Apple Friday, alleging Apple tracks and collects a wide range of user data, even as the company advertises it keeps users’ personal information secure. Over a dozen such cases have been filed since the start of the year, with claims that Apple “flagrantly engages” in user tracking (see 2302010017), despite bold marketing claims it does just the opposite.

Lynch Carpenter law firm filed two class actions against Apple in U.S. District Court for Northern California in San Jose Friday for “wiretapping” communications of Apple mobile device users who interact with the company’s proprietary apps, including the App Store, Apple Music, Apple TV, Books and Stocks. Apple’s tracking of users’ app usage, browsing activity, personal information and device information violates the California Invasion of Privacy Act (CIPA), the suits allege.

Plaintiff Dorothy Teixeira of Long Beach, California, turned off the “Allow Apps to Request to Track” option and "Share iPhone Analytics” options on her iPhone, but Apple “nonetheless accessed, collected, and tracked” her data without her consent, alleged the complaint (docket 5:23-cv-00617). Plaintiff Francis Barrott of Chicago made the same allegations in a separate case (docket 5:23-cv-00618).

The lawsuits outlined a 2019 Apple ad campaign saying, “Privacy. That’s iPhone,” plus assurances from CEO Tim Cook in a tweet touting the company’s commitment to consumer privacy: “It’s your data. iPhone helps keep it that way.” The suits note Apple’s privacy settings “make an explicit promise to ‘disable the sharing of Device Analytics altogether’ when switched off.” Users reviewing the settings “would reasonably believe” that by turning off sharing options, “Apple would not track” mobile device users’ data, the complaints said.

The complaints cited a recent study from software company Mysk that said “mobile device users’ privacy settings had no effect on Apple’s data collection” when using the App Store, Apple Music, Apple TV, Books and Stocks “as Apple’s tracking remained the same whether or not the privacy settings were turned on or off.”

The App Store “harvests information about every single thing mobile device users do in real time in the app,” said the Mysk study, “including what was tapped on, which apps were searched for, what ads were displayed, how long an app was viewed, and how the app was found.” The collected data can be “sensitive," because searching for apps about religion, LGBTQ issues, health and addiction “can reveal details about a person’s life,” it said.

Apple apps’ software “is designed to alter the operation of a mobile device” by instructing the hardware to “run the processes that ultimately intercept the mobile user’s communications” and transmit them to Apple “without the device user’s knowledge,” the complaints said.

The complaints cited a May 2021 Wired article saying 85% of worldwide Apple device users, 94% in the U.S., chose not to allow tracking when Apple introduced App Tracking Transparency in a new software update. Plaintiffs and class members “did not consent” to Apple’s collection of their user data, choosing to turn off those options in the device’s privacy settings, they said.

Noting the tremendous value data holds for tech companies, the complaints said Apple deprived the plaintiffs and class members “of the economic value of their User Data without providing proper consideration for their property.” Plaintiffs claim violation of CIPA, invasion of privacy and unjust enrichment. They seek statutory damages and restitution, legal fees and an order restraining Apple from engaging in the described “misconduct.”