It's nice to see that he thinks user privacy is something valuable, and that this is an issue worth talking about. However, I think he's really only addressing one of the three ways that user data can be compromised when it's held by a company:<p>1. Selling or using it internally (e.g. Google's ad targeting)<p>2. Stolen by criminals (e.g. Apple's recent snafu)<p>3. Requisitioned by the government (e.g. Yahoo's daily fines for refusing to join PRISM)<p>Data that isn't collected in the first place can't be lost, but that isn't always possible (and it often defeats the entire purpose of the service).<p>I think he's mostly talking about the first one, that Apple hasn't built their business around harvesting user data to feed advertising or other systems. I think that's laudable. I would rather a company focus their energies on one product, rather than selling a byproduct of their real money maker. I also don't really like being the fuel for a free service -- I'd rather pay for what I use and have everything above board.<p>Security is where I think Apple has its biggest problem with user privacy. Relative to companies like Google, they just aren't very good at running Internet services. Despite operating several huge services (iTunes, a CDN that handles iOS updates, iCloud, etc.), they aren't an Internet company at heart. Google and others are leaps and bounds above them in this regard.<p>They can improve this with hiring and changing the culture in those groups, and I think they started this process a year or two ago. It will take some time, and they're never going to be the world's best at this stuff.<p>Tim Cook touches on the third point a little, and some people think he is being disingenuous in his description of how iMessage works. I think that it doesn't really matter. It's great that Apple has designed a system that places an emphasis on keeping user conversations private, but there is literally nothing that they can do about government interference if they want to continue operating as a legal entity.<p>I hope that they do everything in their power to curb government overreach. Ultimately the government will get what they want. Simply building a system designed to keep you from accessing the data that flows through it is not sufficient: you will be forced to subvert that system or face serious consequences.<p>I strongly believe that the only way people will ever have privacy from the government again is to decentralize the Internet and the services that run on it. I doubt that a political solution is possible now that pandora's box has been opened, and it seems like it will only become more widespread as companies have to answer to more governments around the world and the technology to broadly intercept traffic becomes more commonplace.