Apple CEO backs privacy laws, warns data being 'weaponized'

Friday, October 19, 2018, Vol. 42, No. 42

BRUSSELS (AP) — The head of Apple on Wednesday endorsed tough privacy laws for both Europe and the U.S. and renewed the technology giant's commitment to protecting personal data, which he warned was being "weaponized" against users.

Speaking at an international conference on data privacy, Apple CEO Tim Cook applauded European Union authorities for bringing in a strict new data privacy law in May and said the iPhone maker supports a U.S. federal privacy law .

Cook's speech, along with video comments from Google and Facebook top bosses, in the European Union's home base in Brussels, underscores how the U.S. tech giants are jostling to curry favor in the region as regulators tighten their scrutiny.

Data protection has become a major political issue worldwide, and European regulators have led the charge in setting new rules for the big internet companies. The EU's new General Data Protection Regulation, or GDPR, requires companies to change the way they do business in the region, and a number of headline-grabbing data breaches have raised public awareness of the issue.

"In many jurisdictions, regulators are asking tough questions. It is time for rest of the world, including my home country, to follow your lead," Cook said.

"We at Apple are in full support of a comprehensive federal privacy law in the United States," he said, to applause from hundreds of privacy officials from more than 70 countries.

In the U.S., California is moving to put in regulations similar to the EU's strict rules by 2020 and other states are mulling more aggressive laws. That's rattled the big tech companies, which are pushing for a federal law that would treat them more leniently.

Cook warned that technology's promise to drive breakthroughs that benefit humanity is at risk of being overshadowed by the harm it can cause by deepening division and spreading false information. He said the trade in personal information "has exploded into a data industrial complex."

"Our own information, from the everyday to the deeply personal, is being weaponized against us with military efficiency," he said. Scraps of personal data are collected for digital profiles that let businesses know users better than they know themselves and allow companies to offer users "increasingly extreme content" that hardens their convictions, Cook said.

"This is surveillance. And these stockpiles of personal data serve only to enrich the companies that collect them," he said. "This should make us very uncomfortable. It should unsettle us."

Cook's appearance was one-up on his tech rivals and showed off his company's credentials in data privacy, which has become a weak point for both Facebook and Google. That is facilitated also by the fact that Apple makes most of its money by selling hardware like iPhones instead of ads based on user data.

"With the spotlight shining as directly as it is, Apple have the opportunity to show that they are the leading player and they are taking up the mantle," said Ben Robson, a lawyer at Oury Clark specializing in data privacy. Cook's appearance "is going to have good currency," with officials, he added.

His speech comes a week after Apple unveiled expanded privacy protection measures for people in the U.S., Canada, Australia and New Zealand, including allowing them to download all personal data held by Apple. European users already had access to this feature after GDPR took effect. Apple plans to expand it worldwide.

Facebook CEO Mark Zuckerberg and Google head Sundar Pichai sent brief video remarks to the annual meeting of global data privacy chiefs.

Zuckerberg said the social network takes seriously its "basic ethical responsibility" to safeguard personal information but added that "the past year has shown we have a lot more work to do," referring to a big data breach and the scandal over the misuse of data by political consultancy Cambridge Analytica.

He also said the company is investing in measures to beef up protection, including building a new tool to let users clear their browsing activity and deploying artificial intelligence to detect fake accounts and take down extremist content.

They both said they supported regulation, with Pichai noting Google recently proposed a legislative framework that would build on GDPR and extend many of its principles to users globally.

The International Conference of Data Protection and Privacy Commissioners , held in a different city every year, normally attracts little attention but its Brussels venue this year takes on symbolic meaning as EU officials ratchet up their tech regulation.

The 28-nation EU took on global leadership of the issue when it launched GDPR. The new rules require companies to justify the collection and use of personal data gleaned from phones, apps and visited websites. They must also give EU users the ability to access and delete data, and to object to data use.

GDPR also allows for big fines benchmarked to revenue, which for big tech companies could amount to billions of dollars.

In the first big test of the new rules, Ireland's data protection commission, which is a lead authority for Europe as many big tech firms are based in the country, is investigating Facebook's data breach, which let hackers access 3 million EU accounts.

Google, meanwhile, shut down its Plus social network this month after revealing it had a flaw that could have exposed personal information of up to half a million people.

___

Follow Kelvin Chan at www.twitter.com/chanman