> No, it could not. Cryptography can make it as difficult as necessary.
This is just a failure of imagination. The API could be as restrictive as necessary to ensure privacy.
For example, maybe an app is only authorized to upload specific fields of data and a maximum rate.
How does an app only allowed to upload 10 int32 metrics per day going to secretly upload even a single photo?
> Not even going to touch how unacceptable it would be for Apple to require that it be able to inspect all internet traffic from a person's phone.
There are lots of options for how to implement things so that Apple isn't getting copies of private photos or chat messages. Apple is certainly more trustworthy and accountable than a random app developer from a random foreign country.
Personally, I want a smartphone/app ecosystem that is completely free of any centralization. I'm just talking about how Apple could improve their proprietary/centralized system, which actually does make some of these kinds of things simpler.
This is just a failure of imagination. The API could be as restrictive as necessary to ensure privacy.
For example, maybe an app is only authorized to upload specific fields of data and a maximum rate.
How does an app only allowed to upload 10 int32 metrics per day going to secretly upload even a single photo?
> Not even going to touch how unacceptable it would be for Apple to require that it be able to inspect all internet traffic from a person's phone.
There are lots of options for how to implement things so that Apple isn't getting copies of private photos or chat messages. Apple is certainly more trustworthy and accountable than a random app developer from a random foreign country.
Personally, I want a smartphone/app ecosystem that is completely free of any centralization. I'm just talking about how Apple could improve their proprietary/centralized system, which actually does make some of these kinds of things simpler.