Apple ramped up its efforts this week to differentiate its business on the basis of privacy and security, a risky move given risks to its cloud-based backup service and a challenging privacy environment globally, particularly in China, where the company says it is struggling.
Apple took a high-profile swipe at Google, Amazon and Facebook at this year's Computer Electronics Show, with a full-building ad touting "What happens on your iPhone, stays on your iPhone." CEO Tim Cook has criticized competitors for their privacy practices and their willingness to share data with third parties.
Apple is now also reportedly hiring ex-Facebook engineer Sandy Parakilas, who called Facebook a "living, breathing crime scene" because of its misuse by Russian hackers in the 2016 election. (Parakilas is reportedly taking an internal spot as a privacy product manager at Apple, a role not likely to include public-facing statements like these in the future).
For sure, Apple's core business is different from Facebook's and Google's. Apple makes the bulk of its money selling iPhones and other computing devices, and charging consumer subscriptions for things like Apple Music. That means Apple has little reason to compile detailed information about users, and even less incentive to sell that information to third parties. But Facebook and Google make the vast majority of their money from advertising.
But putting such a big stake in privacy as a differentiator may be a risky business move.
First, Apple is just one iCloud breach away from an embarrassing incident that could damage its "what happens on your iPhone, stays on your iPhone" claims.
Scandals in the past years involving major celebrities who have had nude photographs stolen from their iCloud archives have been dangerously close. Apple has said these incidents involved username and password theft, giving criminals access to iCloud files through the celebrities' password information, not a breached iCloud database.
But iCloud relies on the same cloud-based network architecture most companies rely on, including Amazon Web Services, Google's cloud platform and Microsoft Azure. No database is impenetrable, and that includes those iCloud uses. A single instance of leaked data or an insider theft could put the company at serious reputational risk.
Third-party applications are also a potential sticking point. From a security point of view, Apple's app store has stringent safeguards in place that make it more resilient to security issues like application spoofing than competitors such as Google's Play store.
But independent iPhone apps still have the capacity to misuse data. The company routinely removes applications from the store for providing user information to unauthorized third parties. The New York Times reported earlier this year that numerous free iOS apps track detailed user information and provide it to third parties.
So Apple may also be one data-tracking scandal away from significantly denting the idea that data necessarily "stays on your iPhone."