Apple CEO Tim Cook’s open letter to users about privacy has sparked lots of discussion. The letter is appropriate given the recent iCloud celebrity hacking scandal, still-unfolding NSA surveillance scandal and the introduction of Apple Pay.

Here are a few key statements from the letter:

Users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product.

We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud.

iAd … doesn’t get data from Health and HomeKit, Maps, Siri, iMessage, your call history, or any iCloud service like Contacts or Mail, and you can always just opt out altogether.

[W]e have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

Cook is seeking, for various reasons and purposes, to give Apple users confidence in the privacy and security of its systems. Privacy and security were key themes of the Apple Pay announcement a week ago.

In the letter Cook does not explicitly discuss Google or Facebook or any other internet company. However he takes a swipe at internet advertising models broadly in saying that Apple doesn’t profile or monetize user behavior. That may not be entirely true to the extent that location-based apps on iOS grab location data as part of audience profiling (this is not Apple itself, however).

In a recent interview with Charlie Rose (available in full on Hulu), Cook discussed privacy extensively (see excerpt below) and said that Apple goes out of its way to not collect user data. He explains that the company could not provide certain types of information in response to government subpenas (e.g., iMessages) because the company simply doesn’t store the information.

In fairness to internet companies Cook and Apple have the luxury of a totally different business model; they don’t need to collect user data to sell ads and generate revenue. Apple is primarily a hardware company.

Having said that Apple’s more permission-centric, opt-in approach with location and other types of personal data is a generally better model than the “beg for forgiveness” models that otherwise prevail online.