On a day in which Apple announced a wide variety of new products — including a $999 monitor stand — it was a small software feature that helped set the company apart from its competitors while also touching on one of the thorniest issues in the technology industry.
Apple on Monday launched its own version of the now-common “single sign-on” (SSO) buttons seen around the internet and most often associated with Google and Facebook. These SSO buttons make it easy for users to quickly sign into new websites with their profiles from those services, but that convenience can come at a cost of security and privacy.
Apple’s SSO is designed to counter those issues, even creating new email addresses for each website as needed so a user’s personal email address isn’t exposed. The feature was met with broadly positive sentiment from privacy advocates.
“Especially excited for Apple’s new private sign-in service,” Gabriel Weinberg, CEO of the internet privacy company DuckDuckGo, tweeted. “It helps plug a huge privacy hole in an elegant way.”
John Edwards, New Zealand’s privacy commissioner also tweeted support for the SSO: “I’d sign in with Apple!”
But in the fine print, Apple added a wrinkle — the SSO feature will be mandatory for any developer operating in the App Store who uses third-party sign-ins, alongside Google’s or Facebook’s or any other sign-on system.
Such a requirement forces any app developer looking to use what has now become a common tool to include Apple, which is the kind of heavy-handed rule that forces the SSO in front of consumers but immediately opens questions of whether Apple is abusing its market power.
That market power is the subject of growing scrutiny by politicians and government regulators. The House Judiciary Committee announced on Monday, just hours after Apple’s announcement, that it would be launching a bipartisan investigation into how tech companies use their market power.
Sen. Josh Hawley, R-Mo., who has voiced concern about the power of tech companies as well as the data economy in general, said in an email that privacy considerations could outweigh competition concerns with regard to the Apple SSO.
“I worry about anything that’s going to lock people into one platform’s ecosystem over others. But that’s what Facebook and Google already do to users of their own app sign-in systems, and those companies use that control to spy on their users,” Hawley said. “Apple’s new system looks like it gives consumers a real choice to keep more information private. I hope it works out that way."
This trade-off — between aggressive rules that can benefit consumers but that also allow Apple to elbow out competitors — comes as Apple tries to rein in the data ecosystem it helped jump-start. The company also announced some smaller privacy tweaks on Monday, including a way for users to share their locations with apps a single time only, as well as new rules on the use of tracking tools in kid-focused apps.
Apple has also worked to make consumer privacy part of its brand. In January, Apple literally loomed over the influential Consumer Electronics Show in Las Vegas with a massive advertisement that proclaimed: “What happens on your phone, stays on your phone.” In March, Apple released TV ads proclaiming “privacy matters.”
Apple CEO Tim Cook has also made privacy a recurring topic in his public appearances. He told CBS News on Monday that the company is “moving privacy protections forward,” adding that he sees an embrace of privacy as benefitting users as well as freedom of expression and democracy.
“You can imagine an environment where everyone begins to think there's no privacy,” Cook said. “And if there's no privacy, your freedom of expression just plummets.”
But with mounting scrutiny from politicians and regulators over how tech companies exercise their market power, Apple has to navigate between pushing consumer-friendly privacy features and ruling its digital world like a dictator.
Justin Brookman, director of consumer privacy and technology policy at Consumer Reports, the consumer advocacy organization, said that Apple has done more than most companies to improve privacy practices and that he sees the upside of its SSO outweighing the competition downsides.
He noted that since many apps can make money from user data, making the SSO mandatory might be the only way to make sure developers include it.
“I don’t see this as leveraging their platform to extract more rent,” said Brookman, who previously worked as the policy director for technology research and investigation at the Federal Trade Commission, the government regulator tasked with antitrust oversight.
And with Apple’s privacy push coming amid the broader consumer awakening about how many companies that offer free services collect and monetize their personal data, the trade-off could be tilted in Apple’s favor.
“I can't see how Apple can make anything mandatory across the web,” tweeted veteran tech journalist Walt Mossberg. “But the ad tech industry is a toxic spill that has polluted the entire web and app business. It is the cause of the rampant surveillance online. It should be exterminated.”
A new SSO won’t single-handedly destroy the digital advertising and app industries, but it adds to a growing list of moves by Apple, as well as other privacy-centric tech companies, that are beginning to gain traction with consumers. Taken together, those changes now offer consumers more options and more information regarding how they are tracked on the internet.
And if a few of those changes are dictated rather than coerced, that is a trade-off some are willing to make, considering how reluctant many consumers have been to insist on privacy measures on their own.
“Maybe Apple has a point that the only way to actually get uptake of this is to make it mandatory,” Brookman said.