Apple CEO calls for comprehensive U.S. privacy law
Tim Cook criticizes vast data collection, while calling for regulation inspired by Europe
BRUSSELS—Apple Inc. Chief Executive Tim Cook issued the tech giant’s strongest call yet for U.S.-wide data-protection regulation, saying individuals’ personal information has been “weaponized.”
Mr. Cook’s call came in a sharply worded speech before a privacy conference organized by the European Union, which in May enacted the General Data Protection Regulation in a bid to both improve user rights and bolster the 28-member bloc’s power as a global rule-maker. Mr. Cook told the audience of EU privacy regulators that the U.S. should enact a comprehensive federal privacy law that follows their example.
“Our own information—from the everyday to the deeply personal—is being weaponized against us with military efficiency,” Mr. Cook said. “Today, that trade has exploded into a data-industrial complex.”
Mr. Cook’s comments underscore how he is trying to insulate his company—the largest Silicon Valley firm by market capitalization—from rivals including Facebook Inc. and Alphabet Inc.’s Google that have grappled with recent scandals involving access to personal information. It also shows how increasingly important it is for tech firms to make their case directly before EU privacy regulators, who are now empowered to issue fines of up to 4% of a company’s worldwide annual revenue.
Facebook admitted in March that it had allowed information of up to 50 million users to be given to Cambridge Analytica, a political data firm. Earlier this month, The Wall Street Journal reported
that Google had exposed the private data of hundreds of thousands of users of its Google+ social network. Google chose not to disclose the issue earlier this year, after noting the potential for regulatory blowback in an internal memo. Google says it didn’t disclose the issue in part because it had no evidence the data were misused.
Apple has argued that because it makes the bulk of its money by selling devices, rather than advertising, that it has far less incentive to exploit its customers’ data. But Mr. Cook went further on Wednesday, likening the underlying data-collection practices of the targeted online-advertising world—a business worth tens
of billions of dollars a year—to surveillance. It is language more common from privacy activists than tech CEOs.
“These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded, and sold,” Mr. Cook said. “This is surveillance. And these stockpiles of personal data serve only to enrich the companies that collect them. This should make us very uncomfortable.”
Apple gets relatively better marks from privacy activists and regulators in Europe because it says it anonymizes and limits much of the data it collects on users. But the company also generates revenue from digital
searches across its devices by collecting licensing fees of more than $5 billion annually from Alphabet Inc. to make Google the default search engine on browsers across Apple devices, according to analysts.
Some privacy advocates were also alarmed earlier this year when Apple started complying with a Chinese law that required it to store sensitive encryption keys locally. Apple said it would store the keys in a secure location and retain control over them and hasn’t created any back doors to access customer data. Unlike Europe, the U.S. doesn’t have a single piece of comprehensive privacy legislation. Instead, companies face a patchwork of privacy rules across states, including a package that California recently enacted over the objections of some tech companies, and federal laws that protect specific types of information, such as health data or financial records.
Mr. Cook wasn’t alone among tech firms on Wednesday in calling for U.S. legislation. Kent Walker, Google’s chief legal officer, said the company supports a comprehensive federal law, and pointed to a set of recommendations the company issued in September, drawn in part from the EU’s new privacy law. Facebook’s chief privacy officer Erin Egan said during an onstage appearance that her company would support comprehensive U.S. privacy law, to applause in the audience.
Facebook Chief Executive Mark Zuckerberg also defended his company’s targeted advertising model in a prerecorded video address, saying that Facebook’s goal is to offer a service to as many people as possible, and his service is paid for by advertising. “You don’t need thousands of dollars to connect with people who use our services,” Mr. Zuckerberg said.
But, in what appeared to be a pre-emptive swipe at rivals, Mr. Cook in his speech said companies often voice public support for data regulations but they lobby behind closed doors to weaken any initiative. A spokesman for Google and a spokeswoman for Facebook declined to comment specifically on that point.
“Technology is and must always be rooted in the faith people have in it,” the Apple chief said. “We also recognize not everyone sees it that way— in a way, the desire to put profits over privacy is nothing new.”