Apple CEO Tim Cook Urges US to Introduce for GDPR-like Data Protection Legislation

Apple CEO Tim Cook, speaking at a conference on data privacy in Brussels, has called for the United States to introduce data protection legislation as stringent as the European Union’s General Data Protection Regulation (GDPR) regime which became enforceable in May this year.

Cook was delivering the keynote speech at the 40th edition of the International Conference of Data Protection and Privacy Commissioners (ICDPPC) when he became critical of silicon valley companies, which he tried to distance Apple from, for encouraging trade in digital data which has exploded into a “data industrial complex”.

He said: “Taken to the extreme this process creates an enduring digital profile and lets companies know you better than you may know yourself. Your profile is a bunch of algorithms that serve up increasingly extreme content, pounding our harmless preferences into harm. We shouldn’t sugarcoat the consequences. This is surveillance.”

Referring to the EU’s introduction of the GDPR legislation he said: “It is time for the rest of the world, including my home country, to follow your lead.” GDPR brought with it the introduction of stringent penalties of up to €20m or 4% of annual global revenue, whichever figure is higher, for companies that are not in compliance and do not protect their clients data adequately.

Following his speech Cook listed four priorities that he would that to see US legislation address on his Twitter account. They included:

  1. “Companies should challenge themselves to de-identify customer data or not collect that data in the first place.”
  2. “Users should always know what data is being collected from them and what it’s being collected for. This is the only way to empower users to decide what collection is legitimate and what isn’t. Anything less is a sham.”
  3. “Companies should recognize that data belongs to users and we should make it easy for people to get a copy of their personal data, as well as correct and delete it.”
  4. “Everyone has a right to the security of their data. Security is at the heart of all data privacy and privacy rights.”

Cook also took aim at Artificial Intelligence and the consequence that it has on the security of private personal information. He said: “Advancing AI by collecting huge personal profiles is laziness, not efficiency. For artificial intelligence to be truly smart, it must respect human values, including privacy. If we get this wrong, the dangers are profound.

He added: “At its core, this technology promises to learn from people individually to benefit us all. We can achieve both great artificial intelligence and great privacy standards. It’s not only a possibility, it is a responsibility. In the pursuit of artificial intelligence, we should not sacrifice the humanity, creativity, and ingenuity that define our human intelligence.”

This comes following a number of high profile GDPR investigations beginning into the business operations of companies including Google – which experienced a suspected breach of its Google+ users – and Facebook which revealed that the private data of up to 50 million users may have been breached.

These incidents, along with the contents of Mr Cook’s keynote speech, further highlight the importance of US companies dealing with the private personal data of clients in ensuring that it is completely secure.