Here’s the next big step Apple should take to protect our privacy
Just about every major tech company and startup is talking about privacy these days—and it’s about time. For over two decades, most consumers have given their online privacy about as much thought as they do to the same Starbucks drink they order day after day. But if any good has come from all the major data breaches and privacy scandals of the past few years, it’s been that people are becoming more aware of how much their online privacy matters.
The other major trend in tech that companies can’t shut up about in 2019 is services. They encompass any product that a company sells you as a subscription: Think Spotify, Netflix, Office 365, paid cloud storage plans like Dropbox, and much more. The industry loves services because they’re a guaranteed recurring revenue stream that a company can count on to boost its bottom line.
The tech company that has talked the most about services this year is Apple. For decades, it’s relied on selling shiny new devices to customers year after year. But in recent years, the rate people upgrade their smartphones at has lengthened, from an average of 22.7 months in 2016 to 24.7 months in 2018. That two-month increase might not seem like that much to you or me. But for Apple, which is used to selling tens of millions of iPhones a quarter, any slowdown can drastically hurt its bottom line.
Which is why Apple is playing up services so much right now. This year wasn’t even three months old when Apple announced no fewer than three new subscription services: Apple News+, Apple TV+, and Apple Arcade. Those are in addition to the company’s existing Apple Music and iCloud subscription services. It is these five services, Apple hopes, that will spur its growth in the future as some of its old-reliable hardware lines continue to stagnate.
But though Apple is the tech company that talks the most about privacy and talks the most about services, it has yet to offer the number one privacy service everyone needs: a VPN. Here’s why it should do just that.
Many people find VPNs confusing
Earlier this year, I argued that the single most important thing you could do to protect your online privacy is to use a Virtual Private Network, or VPN. VPNs encrypt the network data (the websites you visit and the data you send) on your devices so that others–such as your ISP or someone snooping on a public Wi-Fi network you’re using–can’t read it.
Unless you use a VPN, your internet service provider can see every website you visit. And from this web history, it can deduce a virtually unlimited amount of specifics about you, including—but not limited to—how you like to spend your free time, whether you are pregnant, if you have any health conditions, your religious and political affiliations, what time you go to bed, where you go out to eat, and more. Furthermore, ISPs can now legally sell most of the information they collect about you too, meaning your right to privacy in your own home and on your own computer is nonexistent.
Unless you use a VPN, that is. The problem with VPNs, however, is that for the average internet user, they can be confusing on multiple levels. First, there are dozens upon dozens of VPN services on the market, and each one offers something different, such as the length of time it preserves logs of your activities, where its servers are located, and how much bandwidth per month you’re allowed. All this information is important. Yet, few consumers know what makes a good logs policy or why server location is important, so it’s hard to make an informed decision on which VPN to choose.
VPNs also vary widely when it comes to price. Some cost as little as a few dollars a year, while you could pay $100 a year for others. Then there are also VPN companies that offer up to 90% off the annual price if you sign a three-year agreement. This makes it hard to judge the worth of a VPN based on price alone.
Setting up a VPN on your PC, smartphone, and tablet can also be wildly different experiences depending on what service and devices you use. And the onboarding process of most VPNs is moderately complex at best. Sometimes there’s an installer, sometimes you set up the VPN manually in your system’s settings, and sometimes the VPN takes the form of a mobile app you need to launch on your smartphone or tablet.
Finally, it’s very hard to know if a VPN service provider is trustworthy. Anyone can set up a VPN service overnight with a few servers and a website. And just because that VPN service says they don’t keep records of your IP address or web browsing doesn’t mean that’s actually the case. There’s really no way to tell if any VPN provider is truly abiding by the policies it proclaims.
Apple is already selling privacy as a service
The complexity of choosing a VPN and difficulty of setting up a service on all your devices leaves the gate wide open for some trusted company to swoop in and offer a VPN service that “just works” with close to zero setup.
That company should be Apple. It has a long history of making convoluted, “techie” things easy to use. Think of the iTunes Music Store in 2003, which made finding and purchasing high-quality music online dead easy. Or the company’s FileVault technology, which made encrypting your entire hard drive as simple as clicking a button. Or even Apple’s original iSync solution, also from 2003, which made keeping your calendars, contacts, and other info updated across devices dummy-proof—something unheard of back then.
At one point, all these things were needlessly complex, until Apple came in and made them so approachable that even newbies could take advantage of them in seconds. This is what Apple needs to do for the VPN, so its mainstream customers can keep more of their online privacy in their own hands.
The obvious existing bundle this VPN could slip into would be iCloud. Apple could offer an “iCloud VPN” service to all paid iCloud subscribers. And because Apple controls all the hardware and operating systems of the devices it makes, its VPN setup could be dead simple: if you’re signed into iCloud on your device, iCloud VPN is set up, running, and protecting your browsing activity from outsiders without you having to click a single button.
An iCloud VPN isn’t a far-fetched idea. After all, this June at WWDC, Apple did unveil a “privacy as a service” product called HomeKit Secure Video. The feature works with select third-party home security cameras and stores footage recorded by those cameras in an end-to-end encrypted format on the user’s iCloud Drive, the storage space you get with an iCloud subscription. No one but you–not Apple or the security camera company—can see this stored video.
Up to 10 days of HomeKit Secure Video recordings don’t count against a user’s normal iCloud storage limits if they are subscribers to the 200GB iCloud plan or higher. And subscribers to a 2TB iCloud storage plan can use up to five cameras with HomeKit Secure Video.
HomeKit Secure Video immediately made an iCloud subscription much more appealing to the relatively small number of people who use smart home security cameras—thus increasing the chances Apple would lure in new subscribers. That group of people is also probably just a fraction of the number of users who want, and would benefit from, a dead simple, trusted VPN service.
One small step for Apple
If Apple doesn’t bundle an iCloud VPN service with a current iCloud subscription plan, it could sell it as a separate service. Either way, such a privacy-as-a-service subscription now seems like a natural—almost inevitable—Apple product.
A year ago, I wrote that when you buy an Apple product, you’re buying privacy. There is now no doubt that Apple considers itself the privacy company—this 2019 ad campaign proves that. Apple’s embrace of services in 2019—with no fewer than five paid subscription services—also shows that it is no longer treating services as an afterthought.
So the next step is for Apple to plug the privacy hole that most computer users still leave wide open. An easy-to-use, Apple-branded VPN would go a long way toward proving that the company will help users protect their data in ways regulators and other tech giants won’t. It would show that Tim Cook is serious when he says that Apple believes that “privacy is a fundamental human right.”
And, of course, such a service would likely bring in a ton of cold, hard-recurring subscription cash for Apple, which I’m sure the company values almost as much as it does our privacy.