All of this could have been prevented if Facebook had a coherent and comprehensive data policy to inform its product decisions. This is in direct contrast to Apple, which takes a far more conservative approach to user privacy.

The difference between the two tech giants should be a guide to all tech companies as they grapple with the rising chorus of demands for better measures to protect user privacy and user data.

The scraping of years of call histories is only the latest problem with user privacy to emerge at Facebook, coming quickly on the heels of revelations that the massive social network allowed a dodgy political consulting company, Cambridge Analytica, to scrape tens of millions of users’ information after they installed an app that stated it was to be used for academic research.

Let’s contrast Facebook’s approach to that of Apple. Apple takes user privacy seriously, and has been willing to fight for it. Witness the court battle Apple mounted against the FBI to prevent the government from forcing it to install backdoors that would allow investigators to circumvent encryption.

Apple emphasized user privacy long before its rivals did. The company built end-to-end encryption into iMessage and FaceTime from their inception. Apple also makes it exceptionally easy to encrypt your entire hard drive; in fact, this is a core feature of the Mac laptop operating system. And Apple Pay is designed in way that really enhances privacy—by not storing actual credit card information on users’ phones or computers and instead using one-way encryption for payments.

Equally important, Apple has invested heavily in building data mining tools that respect user privacy and attempt to anonymize and obfuscate user data in mathematically defensible ways. Called “differential privacy,” the technique injects noise into user profiles and activities to mask identities while gathering anonymized data into larger groups that are useful to Apple but difficult to trace back to individual users.

Apple is the only major tech company to take such a step. Even though some critics argue that differential privacy may not provide as much protection as Apple claims, they still laud Apple for trying to implement a better vision for user data and user privacy—something that Facebook has yet to clearly articulate beyond intoning that user privacy matters.

It’s important to note that Apple makes money by selling products and services to users and relies to a much lesser degree than Facebook does on advertising money. Apple’s direct link to customers has likely given the company a far stronger internal compass to design products with its users’ best interests in mind.

Yui Mok—PA Images via Getty Images

But that’s no reason to cut Facebook much slack. CEO Mark Zuckerberg and the company’s other leaders make the same broad statements as Apple does about putting users’ privacy and needs first. Yet revelation after revelation indicate otherwise.

Yes, Facebook has a data policy. Every tech company does. But the proof is in the product decisions, and that’s where it’s clear that Facebook preaches one thing in data and builds another. In contrast, Apple practices to a much greater degree what it preaches.

This fundamental distinction may be the difference between life and death for Facebook. Social networks all have implicit contracts with their users: They must feel safe inside the network. And, more importantly, a rapid loss of users on a social network can translate to its rapid demise. Just ask the folks who built Friendster and MySpace about that.

Facebook may face this same fate unless it can quickly correct its privacy issues, not only with statements, but also with a change in how it builds its products and executes its business decisions.

Alex Salkever is an author, public speaker, and former vice president of marketing at Mozilla. He is the author of The Driver in the Driverless Car: How Our Technology Choices Will Create the Future.