
Tim Cook makes blistering attack on the “data industrial complex” - laktak
https://techcrunch.com/2018/10/24/apples-tim-cook-makes-blistering-attack-on-the-data-industrial-complex/
======
burtonator
I'd like to think I'm one of the good guys here. I was one of the inventors of
RSS and Atom and worked to push open content and social media.

I started a social data search platform named Datastreamer
([http://www.datastreamer.io/](http://www.datastreamer.io/)) which is
basically a petabyte-scale content indexing engine.

We provide API feeds to search engines and social media analytics companies
needing bulk data but don't want to have to build a crawler.

For the last 5 years we've had major problems with customers coming to us
asking for data which we felt was unethical (at best).

We actually had Saudi Arabia approach us... It was clear that they were
intending to something pretty evil with the data.

Their RFP questions were a bit frightening:

\- can you track people by religion?

\- can you give us their email address?

\- can you provide their address?

\- can your provide their ethnicity?

\- can you provide their social connections?

We're actually losing business to other companies that are performing highly
unethical and probably illegal techniques.

We just can't compete with data at that type of fidelity.

If you're a researcher and you want to access bulk data for combating this
type of non-sense WE WILL PROVIDE DATA AT COST. We can provide up to 1PB of
data but for now we have to charge for the shipping and handling of that data.
We're reaching out to some other companies like Google and also the Internet
Archive to see if we can provide more cost effective solutions.

I'm working on more tools to give the power back to the users.

Polar ([https://getpolarized.io/](https://getpolarized.io/)) is a web browser
which allows people to control their own data. The idea is that I can keep a
local repository of data and eventually build our own cloud platform based on
open systems like IPFS and encrypt the data using group encryption.

~~~
da_chicken
And people wonder why I've argued that, at some point, IT needs to be a
certified and regulated profession like lawyers, doctors, engineers, nurses,
pilots, accountants, electricians, plumbers, teachers, etc. If the future is
going to be built using software and data, it's probably going to be essential
that the general public have some agency -- public or private -- to safeguard
the public interest.

It takes years of dedication to be a professional electrician or plumber, but
anybody off the street can build an application that aggregates personal
information and isn't subject to any sort of regulation or oversight or system
of professional ethics.

That doesn't just safeguard the public. It also safeguards the employed
individuals when they say, "No, that is not allowed under the ethics of my
profession."

This isn't about "let's make the government save us," it's about creating a
legal framework to protect the interests of the public and give ethical
considerations in data management and software design some legal backing.

~~~
blihp
That won't help even a little bit in this case. That's like trying place the
responsibility to reduce the amount of garbage generated on those who drive
the garbage trucks. The decision to engage in the bad behavior usually doesn't
come from IT staff or engineers, it comes from management. Hold the leaders of
these organizations responsible and you'll see the problem fixed real quick.

~~~
ken
Why not? The decision first comes from management, but engineers are the ones
who implement it.

I think things would change pretty quick if engineers responded to such
requests with "I can't do that, because my professional association would
remove me from their membership, which would revoke my license to write
software in this country at all".

That's how (AIUI) law, medicine, (real) engineering, etc., work today.

~~~
blihp
Unless you've got a legal/regulatory structure to enforce it, it can't work.
And there is absolutely no will on the part of corporations or Congress to do
such a thing as it runs contrary to their interests. Even if it were feasible,
software development is one of the easiest things to jurisdiction shop since
it can be done anywhere. So unless you further mandate where the development
must be done, it still won't work.

Keep in mind that most law/medicine/engineering work has some local component
anchoring it to local laws. (i.e. currently, someone typically needs to be
'boots on the ground' in the jurisdiction to provide the service) Software
doesn't have that.

(edit: obviously, this is a U.S.-specific view of the situation. Other
countries may not have the same issues)

~~~
Misdicorl
What about an organization which

1) Maintains a membership list 2) Maintains a list of software which is signed
off on by members 3) Browser/OS/etc utilities which refuse and/or warn when
trying to run software not in the registry 4) Member expulsion if registered
software is found to be nefarious

This is basically the system Apple/Microsoft/Debian/etc/etc already use for
official software distribution. We just need the organization to move out of
their walled gardens.

The big leak here is users which have to use resources they don't control. I
can imagine an IaaS company which won't run software unless its in the
registry, and then companies can boast that your data is 'safe' (or at least
not nefarious) because they run in this kind of environment.

------
reacharavindh
Disclaimer: I use Apple products, and trust them slightly more than anything
Google/FaceBook/startups because they don't have a business front selling my
data to advertisement companies or 3rd party miners(as much as I know of).

But, I'm baffled by this PR as if they are the privacy messiah. Didn't they
just sellout their Chinese users icloud data to the Chinese government?

Yeah. "It's the law, and Apple has to obey the law" is an argument, but here
is a company that is willing to compromise their user's privacy in order to be
able to sell phones in China. So, if US govt finds a way to say "it's the law"
to reveal user data, I'm sure they'll bend over. This grand stand in media is
just sickening and theatric.

/rant.

~~~
s3r3nity
I struggle with Apple's China situation as well, but the more I turn it over
in my head, the more I think it's that Tim is pulled between two parties:

1) His team + Apple Directors that I firmly believe, both in words AND in
their action, are strong proponents of privacy of the user

2) The Apple Board + Sharedholders that would revolt if the privacy principles
from (1) prevented access to a market of ~1.4 billion people, and potentially
gave a competitor like Huawei a further leg up.

In this scenario, I don't see it as "grand-standing," but more of a necessary
public act that US should move more in the policy direction of the EU, in
spite of steep lobbying from most of the Valley / FANG group that would
benefit from less-strict privacy regulations.

~~~
paxys
You can make this exact argument for Google or Facebook or anyone else. Simply
bringing up "evil shareholders" doesn't absolve any company or individual from
criticism.

~~~
s3r3nity
I think you misunderstood my argument - apologies for not being clearer.

There is a difference between a company's _incentives_ to do something that is
permitted by law - for which I would agree that said company is worthy of
criticism to a reasonable extent - and that which a company is _compelled to
do so by law._

My point was that Tim Cook's speech was largely to prevent scenarios that
would lead to law-makers wanting to create laws like the latter. And Apple
_should_ get credit that they have a bunch of incentives to collect user data
at will, like many other tech companies, but explicitly avoid that as company
policy.

------
mark_l_watson
I like Tim Cook, I think his heart is in the right place and as much as a
corporation can, Apple generally does the right thing.

I was having lunch with several lawyers at my company a few weeks ago. One of
them was talking strongly about quality devices and Apple’s strong privacy
stance. He literally said that we as a society should be grateful for having
Apple.

~~~
tinco
Perhaps it is cynicism, but I'm pretty sure this is just Apple exploiting a
competitive edge, and does not necessarily reflect his own opinion, he is
speaking to benefit the company.

Of course, it's very nice that Apple made the decision to pick this edge, but
they did it because they could not compete with Google on web services. So now
they're publicly speaking to try and take the sting out of Google's edge. And
that's healthy competition, the direct result will be that the consumer
benefits, and I can agree we can be grateful to have these powerhouses
fighting for our satisfaction.

~~~
jimbokun
Apple is also the only major computing player that doesn't make its revenue
primarily off of mining and exploiting user data. Maybe Microsoft, too?
Certainly the rest of FAANG have huge financial temptations to misuse their
data.

So Apple is the one big technology player whose interests are most closely
aligned with the consumer in terms of supporting data privacy.

~~~
RestlessMind
Amazon, fwiw, has giant revenue streams (AWS, retail) that they can pile on
the privacy bandwagon and attack Google / Facebook / rest of the shitty
adtech. In fact, it would be great if Apple, Microsoft, Amazon, Mozilla et al
all combine their forces and propose strong privacy friendly regulations.

~~~
thinkling
Amazon has gotten into the advertising business [1] and I believe are growing
quickly. I find it a disturbing move on their part; I have to trust that
they're not mining my purchase history for ad targeting. If they do do so, it
may be susceptible to targeted discovery. (Run ads with unique URLs for each
selection keyword; everyone who sees the ad is apparently someone who bought
that kind of product.) I hope Amazon is smart about the risks they take.

[1] [https://www.fool.com/investing/2018/09/23/amazon-is-now-
the-...](https://www.fool.com/investing/2018/09/23/amazon-is-now-the-third-
largest-digital-ad-platfor.aspx)

------
ChuckMcM
It would be interesting if there were a civil penalty accessible to
individuals if their personal data was divulged by someone to collected it.
Lets say that it was $1,000 to $10,000. And that individuals need only file a
simple form with the appropriate agency naming the company, identifying
themselves, and the information divulged and get paid. The amount would vary
based on how detailed the information was, more detail more penalty.

So someone like Equifax would be on the hook for $1.4T in civil penalties for
losing the data on 143 million customers. That would have effectively put them
out of business.

If you set up such a system, then it is very easy for engineering in an
organization to explain why they need to invest in the security safeguards
they need, and it is very hard for product managers to argue for collecting
even more detailed information. All because you have created an existential
threat to the company if they screw up.

~~~
kodablah
Can I waive the company's liability for my data? Regardless of the answer,
herein lies the problem.

~~~
ux-app
> Regardless of the answer, herein lies the problem.

don't pursue damages?

~~~
kapad
I think the point being made was companies would add a statement in their
terms of service. As always, you would likely agree to this without reading it
and one the clauses would have you waive your right to sue for damages. and
then we're back to square one.

------
orbifold
It's sad how the introduction of a new class of devices "smartphones" brought
along with it a surveillance software platform in the form of Android. Where
it is clear that the only incentive for google to develop it is exfiltration
of as much personal data as they can. In contrast in the case of Apple you
have a customer relationship with the company that sold you the device and
they have an incentive to keep you as a customer without having a need to
extract as much advertisement revenue as they can.

~~~
stult
I would kill for a Linux phone, but until that happens I would settle for a
phone that comes with root access (or at least allows technically capable
users to get it) and let's me control my own data and device from the bare
metal up. Because even if Apple has less incentive to exfiltrate data, I don't
want to have to trust _any_ company to do the right thing or to keep doing it.

~~~
chappi42
You don't have to kill... but some compromises you'll have to do. Librem and
(partly) Sailfish/Jolla give you much more control but they are by far not as
polished/broad as iPhones or Androids. Here a link, maybe the Sailfish 3
version will get a bit more traction?

[https://together.jolla.com/question/191235/official-event-
sa...](https://together.jolla.com/question/191235/official-event-
sailfish-3-day-helsinki/)

~~~
ocdtrekkie
Can I buy a Sailfish phone ready to go that works on Verizon yet? The biggest
thing about this niche OSes is you always have to flash them on a limited set
of compatible hardware yourself, and they generally only work on GSM carriers.

~~~
chappi42
I'm not sure, but from a
[https://together.jolla.com/questions/](https://together.jolla.com/questions/)
search I suppose it doesn't work on Verizon. Maybe ask on together?

------
andy_ppp
Seeing as Google pays Apple $12bn to be the default search engine on iOS
devices I’m tempted to call hypocrisy here...

[http://fortune.com/2018/09/29/google-apple-safari-search-
eng...](http://fortune.com/2018/09/29/google-apple-safari-search-engine/)

~~~
denzil_correa
> I’m tempted to call hypocrisy here..

You can call it hypocrisy but it doesn't affect the validity of Tim Cook's
argument [0].

[0]
[https://en.wikipedia.org/wiki/Tu_quoque](https://en.wikipedia.org/wiki/Tu_quoque)

~~~
scoon1329
It may not affect the validity of the argument, but it may suggest something
about the motivations of the person making the argument.

Each person's idea of where something sits on the spectrum of right and wrong
differs.

If someone is being hypocritical, it can lead people to question the motive
behind the words.

~~~
andy_ppp
This is considerably better than the way I put it! Thanks!

------
Ensorceled
The only problem is that Apple is the Mercedes of mobile devices. We really
need a Honda and Kia version, a more affordable device that doesn’t track you.

Apple is never going to give up their premium position.

~~~
kkarakk
why not just buy an older device? bought a brand new iPhone se as soon as the
new iphones x maxx was announced. mobile phone development as plateaued imo,
there is nothing out there you really need unless you're fooling yourself.
photos - I bought a nice mirrorless with the money I saved. apps - se runs
everything tolerably fast except for snapchat and Instagram, which I've
decided to cut down on anyways.comparison is the thief of joy and all the new
social media apps promote comparison as the primary feature. games - bought a
Nintendo switch and it has fortnite as well.

all told 300+400+300 = 1000 which is STILL lower than the cost of the iPhone x
max

~~~
jjulius
>why not just buy an older device?

As devices age, they stop being supported by security updates.

~~~
nneonneo
Apple, unlike many Android outfits, supports their hardware for a pretty long
time. This chart ([https://www.statista.com/chart/5824/ios-iphone-
compatibility...](https://www.statista.com/chart/5824/ios-iphone-
compatibility/)) suggests that they're supporting devices up to 5 years old;
since the SE is just 2, it has a good 3 years of software and security updates
to look forward to.

------
rfinney
Dwight Eisenhower's Farewell Address ...

 _We must guard against the acquisition of unwarranted influence, whether
sought or unsought, by the military-industrial complex. .... Yet in holding
scientific discovery in respect, as we should, we must also be alert to the
equal and opposite danger that public policy could itself become the captive
of a scientific-technological elite._

[ source :
[https://en.wikipedia.org/wiki/Eisenhower%27s_farewell_addres...](https://en.wikipedia.org/wiki/Eisenhower%27s_farewell_address)
]

------
move-on-by
If anyone is interested in watching the Keynote speech for themselves and form
your own opinions, it can be watched on YouTube here:
[https://www.youtube.com/watch?v=kVhOLkIs20A](https://www.youtube.com/watch?v=kVhOLkIs20A)

Warning, Google will be tracking that you watch this speech :P

------
zmmmmm
I wish I could separate his position from Apple's marketing stance.
Unfortunately here he seems to use such hyperbolic language that it puts me on
the side of "this is marketing". It seems very hard to separate cause and
effect (is Apple's market strategy because of his beliefs on privacy, or is it
the other way around?). But this kind of tilts me towards the latter.

~~~
oddevan
Why not both?

Apple's market strategy was already primed towards a privacy-focused stance,
since their profit center is selling physical devices. Thus, when privacy
becomes a Big Deal in the world, Tim doesn't have to push hard to get Apple to
line up with his beliefs. If Apple had been an advertising-focused company
before Snowden, I doubt we'd be seeing as hard a push as they're giving right
now.

------
nappy
This is pretty much a textbook example of an attempt at regulatory capture,
though more explicitly aimed at hurting competition than normal.[0] It's hard
to take Apple as sincerely looking out for the best interests of consumers
given their stance against repairs.

[0]
[https://en.wikipedia.org/wiki/Regulatory_capture](https://en.wikipedia.org/wiki/Regulatory_capture)

------
Lio
I think that it's ironic that Techcrunch make it so hard to read the article
without agreeing to surveillance when they could just look at the Do Not Track
headers.

~~~
icebraining
It actually works very well if you disable JS - unlike many other sites, you
get a nice view of the article, without any distractions.

------
EastSmith
I have owned couple of google phones (Nexus and Pixel). Today for the first
time ever I am considering buying an iPhone. I would pay premium for privacy
on Google devices if they make it available. And we now know what the price is
- $40 in EU. Just sell it like this Google.

~~~
gaius
_have owned couple of google phones (Nexus and Pixel). Today for the first
time ever I am considering buying an iPhone_

I was a BlackBerry die-hard until they switched to Android. A privacy-focused
phone using a Google OS, what a joke. Switched to iPhone and it’s pretty good,
only thing I miss is the real keyboard.

~~~
mdm_
I have a Key2 which I bought because I like the physical keyboard, battery
life, features, and physical appearance/feel, but I don't buy any of the
security/privacy marketing for a second. The phone runs a boatload of services
from Google and BlackBerry which I don't know what they're actually doing and
you can't turn off or disable without breaking features. I operate under the
assumption that Google can (and does) track what I'm doing and where I'm
going, even though I've disabled as much of this tracking as the settings
allow, and that BlackBerry could decrypt my "secure" file storage locker and
bypass my fingerprint/PIN in an instant if they wanted/were compelled to.

------
kopo
Good to see. Also nice to watch Facebook and Twitter and Youtube employees
being called out for what they have enabled. If you are smart enough to get a
job anywhere, why even work to keep these toxic machines propped up? Time to
bail before things get worse. Or read a book about the decline of Yahoo.

------
thefounder
Well Apple can start by making Siri work locally/without internet and then I
believe their stance.

~~~
nemo846
If they could I believe they would. They rather not be reliant on whoever is
providing their speak recognition.

~~~
Cthulhu_
A limited subset of functionality should already be possible, especially if
they can have the speech recognition trained specifically to the user.

~~~
callalex
I get the impression that this is already happening to a certain extent and
they are testing the water. On newer/faster devices, you’ll notice Siri
transcribing on the screen nearly instantaneously, faster than any server
round trip, but with poor accuracy. Then a few seconds later once the server
connection is established you’ll see some of the transcription change to be
more accurate.

------
nyxtom
I originally took this opportunity to critique the idea that Cook can stand to
take a strong stance on privacy because their business model relies on selling
an actual product and said product can only be affordable if you leverage
cheap labor (and given historical context: very questionable working
conditions).

However, for the sake of maintaining consistency with the article and staying
relevant I have revised this post.

Tim Cook is there to give a speech at a Privacy conference. I thought his
comments were consistent with how Apple has been presenting itself over the
last years. This gives me some confidence that Cook will continue to lead and
push for stronger privacy laws while fighting against politicians who look to
weaken encryption

~~~
nneonneo
I'd like to take this opportunity to point out that Apple was in fact aware of
those issues, and has in fact worked both on documenting them and fixing them:
[https://www.apple.com/supplier-
responsibility/](https://www.apple.com/supplier-responsibility/)

This is transparency - following through and actually giving a damn about
things like child labor. They found 2 cases of underage labor in 2017 after
auditing 756 facilities and over 1.3M workers. They made it a core violation
of their supplier code, meaning that if and when underage labor is found via
audit, that supplier loses its business with Apple.

Go read the report - you might find that Apple is a pretty damn thorough
company when it comes to responsible labor. Is there more they could do? Yes,
there always is - but they're doing quite well so far.

~~~
nyxtom
Indeed, my original comment referenced the transparency reporting that I have
grown to appreciate from Apple. I wish more companies did as thorough job
showing every piece of the supply chain. I revised the comment because I felt
like it was just bashing without relevance to the actual article content.
Thanks for the follow up comment to further clarify the transparency aspect. I
know not every company wants to show exactly where they get their material
from, but it is pretty incredible to see where material is sourced from and
how it is manufactured and ultimately made into a product. Supply chains need
to be this transparent

------
walterbell
Hi Apple. Please:

• add VPN on/off to control center

• allow per-app VPN via Apple Configurator, without enterprise MDM

• once the above two are available, we can use Tor, IDS, DPI or pihole on a
per-application basis, to reduce data harvesting

• bonus1: allow the open-source iOS MDM community OR the iOS Shortcuts
community to make it easy for novice users to have one-click install of
"privacy-plus configurations"

• bonus2: provide open-source code for on-device, silicon-enabled voice
recognition using Neural Engine. In the meantime, allow anonymous (no iCloud
login) use of Siri via Tor on a per-application basis

~~~
rubyfan
I’d like to see better sand boxing of the Photo album on iOS. Facebook,
LinkedIn and others are known to raid your photos if they have access to it.
Ideally you could limit their ability to read and write to just a specific
photo album. Or limit write and read separately. At the moment your ability to
enable and disable the permission is based on what permission the app requests
and they show up together.

~~~
saagarjha
iOS has long had an API for allowing access to individual photos from the
system photo picker. Unfortunately many apps eschew this because they prefer
having access to all of the user’s photos.

~~~
bloak
That shouldn't matter. The OS should let you create a fake photo collection
which gets shown instead of the real one to apps you don't trust. This idea is
obvious and very old. At least in the case of Android contact lists people
have been asking for this for as long as I can remember. Why has it still not
been implemented on iOS at least? Or has it now been implemented? I've been
avoiding both Android and iOS because of stuff like this.

Does anyone want to sell me a phone that runs Debian with the option of
running Android or iOS in a VM with appropriate management functions that
would make it very hard for an app to misbehave?

~~~
acqq
> The OS should let you create a fake photo collection which gets shown
> instead of the real one to apps you don't trust.

Many times yes. And even more important, the contacts!

Now it's you have to "give the app _all_ the contacts" even if you know you
want to give it only one or two. And of those one or two, just the number. Not
the picture, not the date of birth, not the address.

In short we should be able to pre-select what any app actually sees of of all
the databases, records and fields.

It sounds too technical but it could be done properly.

~~~
Karunamon
It could be done properly for us (techies), but this would go over poorly for
normal people.

"Why do I have to click through all this mess when I just want to post this
picture I just took to Facebook?"

"I think I set it right but now Facebook can't see the picture I wanted to
post"

et cetera. These granular controls aren't something that regular people want
to deal with.

------
trashtester
First response: This sounds good, maybe I should consider Apple for my next
device?

Second response: Was undermining Google the reason he held the speech in the
first place?

~~~
blinky1456
Also my first response, 'is this just marketing?'.

'Buy apple products, we care about your data. We will help protect it. Encrypt
it. Not share it. And block others form trying to get your data'

But are Apple as benevolent as they say? Do you trust such a gigantic
corporation? Are they colluding with governments instead of just advertisers?

~~~
CaptainZapp
Let's put it this way:

Apples' core business is not to violate your privacy left and right, which
probably gives them an edge about the likes of Facebook and Google (at least
in my book) in this sphere.

------
dvfjsdhgfv
That's very good. The more high-profile people speak up against what's
happening, the more the general public realizes what's really going on.
Frankly, most non-technical users have no idea how they're profiled and what
the real and potential dangers are.

You know what's funny? We reached a point where 100% private conversation
between two endpoints is finally possible, without the dependence on any third
party (be it the Post Office, GSM operators,, Google, Apple, or anyone else).
That's a huge step for communication privacy. And yet, most people choose the
other way, they prefer to share their most intimate details with Facebook via
Messenger and WhatsApp, with Google via Gmail, with Microsoft via Skype...
Mostly because they're unaware of how things work and that other, more secure
ways are available. So kudos to Cook for helping that cause just a bit.

~~~
Y_Y
WhatsApp is (we are told) end-to-end encrypted using the same protocol as
Signal.

~~~
akuji1993
As far as I understand this, correct me if this is wrong, this means the
content of your messages is encrypted. There is still important data to fetch
about who you talk to, how much and when.

~~~
SmellyGeekBoy
Indeed. Besides, the app itself has access to the full content of your
conversations so what happens in-between is pretty much irrelevant.

~~~
dvfjsdhgfv
I don't know why you're downvoted because that's exactly the point: the
creators of closed-source applications may claim whatever they want, but you
have no way of verifying their claims. Especially if the owner is the company
whose income is based on profiling you, and the fight over FB<->WhatsApp
profile linking is no longer a secret now.

------
buboard
Why doesn't he put the the money where his mouth is? I haven't seen Apple
making any attempts to create funding model for publishers, even though the
success of their products depends on the wide availability of free content.

~~~
bunnycorn
There was iAd, and nobody used it because it didn't steal users data.

------
pluma
I read this as "military industrial complex" and was positively surprised to
see such a strong sociopolitical statement coming from Tim Cook, then I
noticed the article talks about "data industrial complex" and realised this is
still tame enough to count as aggressive marketing.

~~~
varjag
Apple can effect data industrial complex, unlike the military industrial
complex. Doing the opposite would be empty posturing.

~~~
brainwad
Cook is only making this statement because it's in Apple's business interest
to cripple ad-based competitors by convincing policy makers to hobble them
with regulation. He's not a neutral observer.

~~~
rubyfan
Does Apple really compete with Facebook and ad platforms? Does Apple even
really compete with Google? Isn’t the Android competition mostly not Google,
e.g. Samsung?

~~~
pluma
But non-stock Android still typically uses Google services and these
integrations are built into the OS. So whether the Android devices are sold by
Google or Samsung doesn't really make much of a difference, Google still gets
the data it wants.

------
a-dub
He's right.

Apple's schtick has long been "technology without the bullshit"\- and well,
the behavioral data gold rush is basically bullshit for consumers, so sure,
they're on the privacy bandwagon in the interests of their own company and
it's market strategy.

Regardless, it does not make him any less right.

------
MaysonL
Video available here: [https://www.ped30.com/2018/10/24/tim-cook-brussels-
data-secu...](https://www.ped30.com/2018/10/24/tim-cook-brussels-data-
security/)

------
izacus
Is that the same type of moral speech as he did when he said "Privacy is
fundamental human right" and then gave keys to iCloud to Chinese government
some time later?

He's a CEO of a multi-billion publicly traded corporation. Content warning
applies for everything he (or any such CEO/PR service) says.

~~~
simonh
Apple's stance has been completely consistent. They comply with the law while
making their ethical beliefs and stance as a company clear where they disagree
with it.

What do you suggest Apple should do instead of comply with the law? Require
it's employees to incriminate themselves?

~~~
chongli
_What do you suggest Apple should do instead of comply with the law? Require
it 's employees to incriminate themselves?_

I'm not the GP but I've seen this exact form of complaint many times. I think
the usual response is "stop doing business in China." I don't know how that's
supposed to work, though, since Chinese companies make all of Apple's
hardware.

~~~
thecatspaw
I guess it would extend into "dont buy chinese hardware"

~~~
pcnix
Then you'd have a competitor stepping in that bought Chinese hardware. A
company's ethics stretch only as far as it's survival is guaranteed.

Corporations are black boxes that optimise for profit, not ethics or
integrity.

------
runn1ng
I know this is a little unrelated, but Apple makes me agree to giant EULAs and
"terms of use" every time they update their damned iTunes store.

I wish that would go away and the Apple EULAs and agreements would get shorter
instead of getting longer.

------
breatheoften
I think that framing these new requirements as rights is a really good
approach.

Being able to find out what data is being collected and how it is being used
is a prerequisite for any accountable system of balances that could create
negative incentivizes for abusive practices.

Obviously preventing all abuse will prove impossible just as preventing all
crimes of any other type is impossible — but as with other kind of crime,
undesirable outcomes can definitely be reduced when deliberate will is
informed by wisdom and fueled by effort ...

------
whyagaindavid
Well overall Cook is right but... apple needs to provide alternatives to the
common people!

1\. There is no equivalent for Facebook and apple cannot build a one with
privacy 2\. There is none from Google-Search and apple has not built one 3\.
About WhatsApp? (iMessages - yes only within walled garden!) 4\. Google
groups-? 5\. Browser? Safari? 6\. Calendar -> Even creating a icloud account
needs iDevice 7\. Cant create more than 2 Apple account from same iphone!

------
quadcore
_We should celebrate the transformative work of the European institutions
tasked with the successful implementation of the GDPR. We also celebrate the
new steps taken, not only here in Europe but around the world — in Singapore,
Japan, Brazil, New Zealand. In many more nations regulators are asking tough
questions — and crafting effective reform._

I disagree, I think technology should solve that pproblem, like Tim Berners-
Lee's.

------
mattferderer
Are there any good resources or studies on the effects of laws against
technology that is widely available & easy to implement?

I would imagine a culture's history has a great effect to. Guns in America for
example.

I am curious how one would police data privacy when it's incredibly easy to
collect data secretly. Do you only go after the big offenders?

------
iMuzz
Then why take a check from google for $12B so that they can remain the default
search engine?[0]

[0] [http://fortune.com/2018/09/29/google-apple-safari-search-
eng...](http://fortune.com/2018/09/29/google-apple-safari-search-engine/)

------
writepub
And how would this announcement have looked if Apple's iAd platform actually
succeeded?

While the weaponization of data is a legitimate cause for concern, Apple - the
company that maintains a score on you - is hardly the one to be believed as a
defender of your data or privacy

~~~
krrrh
"Why iAD failed"

> Advertisers grew increasingly frustrated with Apple’s unwillingness to grant
> them access to the wealth of data the company possessed from its customers
> and Apple’s hundreds of millions of iTunes accounts. Every decision in
> advertising is born in data — 70 percent of agencies and 73 percent of
> brands use data to target the desired audience. Strong analytics tools are
> becoming ever more important as advertisers strive to keep ads relevant.

From: [https://techcrunch.com/2016/03/28/the-downfall-of-the-
walled...](https://techcrunch.com/2016/03/28/the-downfall-of-the-walled-
garden-heres-why-iad-failed/)

~~~
writepub
This is an opinion, not a fact.

It's likely that the incumbents, Google & Facebook, were both much further
ahead and entrenched for Apple to break through. Apple also tried social
networking (ping) and failed. And self diving cars. I don't see any real
evidence for Apple not sharing data out of some moral high ground. If they
could actually boost their bottom line and not drive away existing customers,
they'd do it. They rolled over like a timid puppy when China asked for all,
that's ALL of China's iCloud data. They could've walked away from the China
business if they had a sliver of moral turpitude, but they obviously don't,
which is also evident from their tacit tolerance of child labor and
unreasonable working conditions from their suppliers in China

------
rajacombinator
“Those Google guys are really evil! Here, buy our privacy-first $9 DRM
dongle!”

------
51Cards
While I agree with this in principle let's also be frank and say that this is
a much simpler stance to take when your company doesn't exist based on data.

~~~
bunnycorn
What's hard is to not base a company on data. When you have more than a
billion of active users, and you don't have just another app, you have the
entire operating system and you are the sole gatekeeper to third party
applications.

How many investors did Apple lose for not data mining users?

Look at the P/E of Google and Facebook and then look at the P/E of Apple...
Apple sweats every dime of their $1T valuation.

------
HissingMachine
And regular people won't care thanks to years and years of "If you have
nothing to hide, you have nothing to worry"-type bs.

------
torgian
Damn. This makes me gain a bit more faith in apple, even though I can’t see
myself buying a new Apple product anytime soon.

------
tqi
If Apple is serious about the data practices of these companies, why don't
they ban them from their platform?

------
diegoperini
Is there a video of the talk I can watch?

~~~
yash1th
Someone provided this link above

[https://www.ped30.com/2018/10/24/tim-cook-brussels-data-
secu...](https://www.ped30.com/2018/10/24/tim-cook-brussels-data-security/)

~~~
diegoperini
Appreciated. :)

------
cromwellian
Smells like Regulatory capture by a competitor.

------
fareesh
Pretty rich to hear about ethics from Tim Cook considering the criminal
enterprise that is Apple's repair scam

------
no_wizard
I generally agree with Tim Cook's words here as I also believe the large
amassing of personal data and the aggregation of it there of is potentially
(and I believe as to many others, already is) very dangerous territory indeed.
We have already seen the downsides of this with things like Cambridge
Analytica for instance.

I have to call out Apple on something here, and this is something that Tim
Cook could personally do something about very actively, however. And it has
nothing to do with customer/consumer privacy, which I think Apple does a
wonderful job with, typically. It has more to do with the ethos of the
corporation.

Apple is just as guilty as anyone else about actually _buying and using this
data_. It may not always be the case that is sourced from wherever, but they
use the same tactics in their hiring and keeping tabs on employees that they
are so deride in the media. For instance, if any of you are Apple employees,
go ahead and check out the HR policy and procedure for publishing your
information _including your salary_. I think you'll find that to be very eye
opening. I can't recall the firms name off the top of my head, but they report
that information to one of these firms that aggregates this information and in
turn sells it in turn.

Oh and use a personal device at work? Apple's own employee contract states
that if you connect a personal device to their network, even once, they have
the right to demand any contents of that device subject to termination.

I get some of that is for secrecy, don't get me wrong. I understand that i'm
highlighting things from a point of view that I don't agree with these
policies and that I'm not, and it is quite intentional, discussing why these
policies may be in place. For what its worth, I'm okay with secrecy, in the
sense of protecting investments, IP, etc. I get business need. What I don't
understand is why Apple's own policies don't reflect these values they often
tout in public. I personally feel like they have this dual face a lot, where
they say things publicly that I agree with but I know `privately`, if you
will, the corporation does not reflect these values when its not convenient
for doing business

Don't even get me started on Apple not being at the forefront of the Net
Neutrality debates, where I think Apple could have real impact (the general
population as a whole tends to listen to Apple/Tim Cook more so than any other
CEO I can recall in recent memory, as do politicians of all stripes, its quite
a trip how must esteem they hold in the public mind, which is why I think its
so important they talk about something that should, at least according to
their public statements, be right in line with their ethical underpinnings Tim
Cook talks about very often).

Rubs me the wrong way, I guess. Am I glad he's at least a CEO of a huge public
company that has weight and is talking about this in a way that is agreeable
(mostly) and likely far better for the average person? Yes, yes I am, but I
think its important we remember the other facts too.

Disclaimer: I did work at Apple, and for what its worth I left on good terms,
and I would generally recommend working there, I just want to be honest about
the things I saw and felt. There is a lot of good too, believe me.

------
IBM
Fun fact: I emailed Tim Cook in August after reading this story in the NYT,
asking him to publicly oppose a weak federal privacy bill in the US [1].

I thought they might do it when Bud Tribble, Apple's privacy czar, testified
in Congress at the hearing about privacy [2]. He was mostly non-committal
until about the time when someone asked if California's law should be
preempted, and he answered 'yes' but only if the law is strong enough, so I
kind of had a feeling that Apple would at least advocate for it in a minor
way. Now it makes sense why he was so non-committal, they were saving it for
Tim Cook.

This is a full-on endorsement of GDPR in the best possible forum for this, a
keynote speech at a conference for data privacy regulators. This is more than
I could have hoped for. Crucially, this removes any possibility of a united
front as the ad-tech lobbying machine kicks into gear.

I don't know if this was already planned or if it was my email, but I'm
ecstatic either way.

[1] [https://www.nytimes.com/2018/08/26/technology/tech-
industry-...](https://www.nytimes.com/2018/08/26/technology/tech-industry-
federal-privacy-law.html)

[2] [https://www.c-span.org/video/?451963-1/google-apple-
amazon-t...](https://www.c-span.org/video/?451963-1/google-apple-amazon-tech-
companies-testify-data-privacy)

~~~
jarsin
Since Tim listens to you please tell him to buy SNE.

------
huffmsa
Apple blew it's lead with Siri and is now trying to hamstring it's competition
from passing it by with features that aren't animated emotions or only
allowing certified Apple parts in repairs.

~~~
huffmsa
Thirdly, Mr Cook should put some of that $250b cash mountain he sits on to
work making this stuff happen.

Prove that localized models built on small datasets work.

Invest in cryptography and user anonymity technologies.

Instead he's just sitting on it like smaug.

~~~
saagarjha
> Prove that localized models built on small datasets work.

> Invest in cryptography and user anonymity technologies.

That’s what they literally do. Much of iOS’s “proactive” features are done on-
device, as is things like photos analysis. And most of Apple’s products
utilize at least some sort of cryptography and anonymized logging.

~~~
huffmsa
Clearly they're not doing enough, if they were, Siri wouldn't have fallen so
far behind. I know it's a new and difficult field (I work in it) but it's also
one where you could throw buckets of cash at the problem and get better
results.

~~~
theshrike79
Siri is far behind _because_ Apple has a pro-privacy stance.

They've effectively hamstrung themselves by anonymising the data and not
cross-correlating between users as much as Google does.

Google on the other hand has no qualms about using the mountains of data they
collect on every single user on their platforms. They can teach Google
Assistant stuff that Siri can't even try to do yet.

~~~
kkarakk
siri is behind because apple thought buying a natural language assistant
startup was enough work/money spent to get into the smart assistant game.
there is literally no research coming out of apple on smart assistants or
machine learning(that isn't photos) and it shows

~~~
saagarjha
> there is literally no research coming out of apple on smart assistants or
> machine learning(that isn't photos)

[https://machinelearning.apple.com/](https://machinelearning.apple.com/)

------
pentae
It must be difficult to uphold such strong principles for the free world while
routing all your Chinese customer data through government surveillance
servers. I guess it's better than the alternative- not selling in your (2nd?)
largest market.

------
tomelders
Well done everyone. Never let the actual content of an article get in the way
of some good old Apple bashing.

At the time of writing, I can only find one top level comment (by
'dvfjsdhgfv') that's making any attempt to discuss or expand upon the content
of Cook's comments.

This is one of the most important issues facing mankind, and the ball is very
much in our court. We all get plenty of opportunities to criticise our
favourite tech companies and their practices, but if every single mention of
them becomes an invitation to shoehorn in our gripes and complaints then this
entire endeavour is just a massive waste of time.

~~~
AnIdiotOnTheNet
> This is one of the most important issues facing mankind

I'm not even sure it rates in the top 50 outside of paranoid tech workers with
nothing more important to worry about.

~~~
fhood
Hmm, I mean I'll take climate change, racism, education, and some particularly
nasty geopolitical issues above it, but other than that, I would say it ranks
pretty high.

~~~
tomelders
I'd argue that the weaponisation of personal data and hyper targeted
advertisements/disinformation are making all of those issues worse. It's what
has created the current wave of climate change denying nazi sympathising
maniacs to grow.

------
ilamont
_“Our own information — from the everyday to the deeply personal — is being
weaponized against us with military efficiency,” warned Cook. “These scraps of
data, each one harmless enough on its own, are carefully assembled,
synthesized, traded and sold._

If personal data has value, and companies are making billions or even
trillions of dollars from it, shouldn't these firms be paying the source (us)
to use it? Real cash, as opposed to discounts or in-kind exchanges?

~~~
AnIdiotOnTheNet
For many of them, we get to use their services for free. That's the
arrangement.

~~~
ilamont
Not all. Certainly not brokers serving the ad industry, credit bureaus, and
retailers. And for others such as Google business services and Microsoft, we
pay them. Even for the "free" services, is it a fair exchange of value?

~~~
AnIdiotOnTheNet
We seem to be willing to pay it, meaning the market will bear it, so yes?

------
_Codemonkeyism
Until Apple growth streak breaks and they start to use data like everyone else
and using data is a good thing.

~~~
Cthulhu_
That would mean they pivot from a hardware company to an advertising company;
I don't see that happening myself.

~~~
pbhjpbhj
I thought they were a design/branding company -- what proportion of hardware
do they make themselves. Again I thought they outsourced [most of] that?

~~~
mitchty
> I thought they were a design/branding company

A design/branding company that designs their own chips? Sure then they are a
design company. A company that builds brands, also sure.

What proportion of hardware do they have to "make" themselves to be considered
a hardware producer? Having TSMC fab silicon doesn't make Apple any less of a
hardware company than BMW not being a car company because they buy ECU's from
Bosch.

~~~
pbhjpbhj
I've no idea about BMW but if they did the design and someone else did the
manufacture, then BMW would still be a car company; they would 'just' be
designers and not manufacturers. What's wrong with that?

So, if Apple make [all] their own hardware except the silicon then you could
have answered the question rather than composing a strawman.

Yes, if BMW don't make their own electrical systems it makes them less of a
car company. Is that controversial to you? It's supremely sensible for a
company to buy expertise by outsourcing elements of manufacture of complex
products IMO.

~~~
mitchty
> I've no idea about BMW but if they did the design and someone else did the
> manufacture, then BMW would still be a car company; they would 'just' be
> designers and not manufacturers. What's wrong with that?

In a nutshell, it ignores modern reality. BMW isn't in the business of
building ECU's, they leave that to Bosch. Similarly to how Airbus and Boeing
both don't build their own APU's and buy/contract out the building of that to
experts.

> So, if Apple make [all] their own hardware except the silicon then you could
> have answered the question rather than composing a strawman.

Strawman how? You've an absolutist view of manufacturing that no manufacturer
could meet. I'm almost certain that any phone you have has an 8 bit micro that
guaranteed wasn't designed or built by the people that put it in. Same as
capacitors.

Apple designed their A series chips, their faceid stuff, touchid, security
enclave, ac chargers, etc... They contracted out to someone else to build it
and used other things like qualcomm LTE chips when there isn't much other
choice. I work at a company that does the same for custom hardware as well.
I'd be hard pressed to hear that we didn't "design" our own stuff.

> Yes, if BMW don't make their own electrical systems it makes them less of a
> car company. Is that controversial to you? It's supremely sensible for a
> company to buy expertise by outsourcing elements of manufacture of complex
> products IMO.

Is it controversial to me? Yes only in that you completely contradicted your
own viewpoints in a single post. Your end is sensible, the start is not.
Mostly as its not a very useful view of modern manufacturing. Lots of
components are off the shelf from other companies. More than you might think.

Doesn't mean BMW isn't a car company, or Boeing isn't an aircraft company. It
is no different than pulling in a shared library for xml or json parsing
instead of rolling your own.

------
miguelrochefort
Personal information is extremely valuable. I don't understand why people are
opposed to collecting and making use of it. Not doing so would be inefficient
and foolish.

While I believe that those who collect such data would make the world a better
place if they freely distributed it, I don't think they should be forced to.

I'm sure that whatever hypothetical problem that could result from such
collection of data could be solved more efficiently in a different way.

~~~
simion314
Edit: OP changed his comment, so my response is looking off-topic now

Sure, please paste here your email and other accounts logins.

Maybe you say you can't trust some random stranger on the internet but why
would your trust companies, they have no morals, they want only to make money
for themselves and on top of that they are incompetent and they can lose your
data and random people on the internet will have it.

~~~
compcoffee
> _Sure, please paste here your email and other accounts logins._

That is not privacy, it's security. Are you implying that Facebook and Google
don't take security seriously?

~~~
nneonneo
Facebook sure doesn't seem to. 50,000,000 of their accounts were breached just
last month, apparently by spammers intent on harvesting private account
information.

And Google supposedly shut down their Google+ service over a potential
security bug that could have exposed a few hundred thousand accounts, but of
course there were more reasons than that.

