This year's CES, the Consumer Technology Association's annual technology and media trade show, was rife with panels on privacy and cybersecurity issues. One of the most buzzed-about sessions was titled "Chief Privacy Officer Roundtable: What do consumers want?," as it included an official appearance by Apple Inc., 28 years after the company's last official CES sighting.
Moderated by Rajeev Chand, head of research at Wing Venture Capital, the panel featured Jane Horvath, Apple's senior director of global privacy; Erin Egan, Facebook Inc.'s chief privacy officer for policy; Susan Shook, global privacy officer of The Procter & Gamble Co. and Rebecca Slaughter, a Democratic commissioner at the U.S. Federal Trade Commission.
Horvath highlighted three steps the company takes to protect user data on Apple devices: differential privacy, which applies "noise" to user data to add a layer of anonymity; "on-device processing," which allows users to utilize tools and services such as facial recognition via private, encrypted clouds; and random identifiers that masks sensitive data for Apple Maps and Siri voice recognition platforms.
 Chief Privacy Officer Roundtable at CESSource: S&P Global Market Intelligence |
"At Apple, the way we define privacy is to put the consumers in the driver's seat," Horvath said. "They should have control over their data. They should have choices over their data."
She added that for every new product, even at the beginning design phases, Apple has a privacy engineer and a privacy lawyer assigned to work with the team to ensure any potential issues are dealt with.
Facebook's Egan fielded questions targeting the company's privacy policies and practices at the receiving end of scrutiny across the globe, including a historic $5 billion fine by the FTC.
Egan talked up Facebook's newly updated Privacy Checkup tool, which aims to make it easier for users to find and change several important account settings.
FTC Commissioner Slaughter criticized systems that burden consumers with deciphering complex privacy policies associated with their data.
"I am concerned about a universe where the entirety of the burden to protect one's data lies with the consumers," Slaughter said. "Even if consumers can walk through a privacy checkup, the amount of information that you have to process to figure out what is happening with your data is untenable for most consumers."
Slaughter stressed that companies such as Facebook, which act as collectors and stewards of user data, have the responsibility to minimize what they collect and retain without creating an endless trove of sensitive information.
Egan insisted that Facebook's data-collection methods were both legal and relevant to its ad-based business.
"We collect the data we need to service people and service relevant advertising," she said. "We are not gathering too much. You can offer a privacy protected ad business model and we do."
When asked if Facebook's method of tracking its users to provide targeted advertising was a form of "surveillance capitalism," Egan once again went on the defensive.
"I take real issue with the idea with what we do at Facebook, the advertising that we serve, is somehow surveying people," she said. "We work so hard to be transparent. Surveillance connotes surreptitious activity that people don't know about."
Commissioner Slaughter continued to maintain a steady line of offense against aggressive data-gathering practices. She stressed that she was not against businesses that relied on ads to run their businesses, but was more at odds about the amount of data that was collected.
"I don't think user privacy is generally protected," Slaughter said. "The amount of data that is collected about any individual in this room... I don't think anyone could tell us accurately who has what data about them and how it is being used."