Differential privacy in Safari isn't about harvesting data or building user profiles. It's about making a better web experience.
Apple is using differential privacy in macOS High Sierra to figure out how best to tackle web sites that use excessive power, memory, or crash the browser tab. Basically, looking for more trends it can address, like it's already doing by actively blocking third party trackers.
Today's public release of macOS High Sierra brings with it some key updates to Safari — including the ability to disable cross-site cookie tracking and turn off autoplaying ads. Arriving alongside those features is a less publicized new addition to Apple's proprietary browser: data collection. The company is using its newly implemented differential privacy technology to gather information from user habits that will help it identify problematic websites.
This is true but it's also also being misinterpreted by those referencing the article as Apple harvesting your data to — oh, the irony! — protect your data from others. But that's not what's going on.
Here's a super-simple example of how differential privacy works:
You're at a large family dinner and a question comes up: Who likes Star Wars better and who prefers Star Trek? You want to know the split but you don't want to cause any long standing feuds. So, here's what you do: Everyone flips a coin. Anyone who gets heads marks down the true answer. Everyone who gets tails marks down a lie. Then, when you collect the answers, knowing the odds of truth vs. lie, you map back to a fairly accurate ratio. But here's the thing: You have no way of knowing which individuals lied, which means you can't figure out who really likes which franchise. So, their privacy remains inviolate, and there are no ugly food fights over Vulcan Science vs. Jedi Academy at the dinner table.
Differential privacy takes it several steps further, though. For example, if you're answering more often, it'll throttle you down so there's no chance of an identifiable pattern emerging. Likewise, if there are too few samples (perhaps rural vs. downtown in some situations) it can preemptively opt you out to preserve privacy.
In other words, Apple wants the trends — the big picture. It doesn't want the individual details that make it up. It's about stats.
Companies that harvest your data want the details. They want you. They relentlessly record every scrap of data that can to build as precise a profile of you as they can, so that they can better target you for ads.
Apple doesn't care about any of that. All Apple wants to know, in powerfully anonymize aggregate, is which web sites are giving you a bad experience, so the company can do things like suppress their trackers.
It doesn't want you. It want's the websites.
And if you haven't deliberately opted in to Apple's device analytics system, the company doesn't even get that. It gets nothing.
But irony of the fact that the company is collecting more browsing data in order to make its browser more secure won't be lost on some.
Apple using differential privacy to improve user experience and performance in Safari isn't the least bit ironic. It's not even poetic. But it's damn clever.
It's also yet another manifestation of the company's fierce belief in user privacy — or, if you're cynical, the privacy-first strategy Apple knows its competition simply can't compete with.
There are plenty of things you can call Apple to task over, like the abandonware status of Mac mini and Mac App Store, but using differential privacy to improve Safari isn't one of them.