top | item 41123086

(no title)

lulzury | 1 year ago

This really doesn't say much though. What specific measures are in place to ensure user privacy and data protection?

Does personal information get sent to OpenAI or Claude as part of the functionality? Can users request deletion of their data, and if so, what is the process? Are there specific protocols in place to ensure security? (i.e. Do you use encryption at rest?).

discuss

talldayo|1 year ago

> What specific measures are in place to ensure user privacy and data protection?

Unless you intend to personally audit their code, I'd argue it couldn't possibly matter. Even businesses like Apple publish all kinds of documentation that belies the reality of their infrastructure. The iMessage Security Overview doesn't mention the NSA's retention period for encrypted communique; the push notification documentation doesn't tell you about the government middleman processing each alert.

You either trust people blindly, or you validate them personally. Getting a pinkie-promise about privacy from the CEO is worth absolutely nothing in real-world security terms.

floam|1 year ago

But there is provable, verifiable transparency with what Apple is doing with private cloud compute.

https://security.apple.com/blog/private-cloud-compute/