Tim Cook rails against bad privacy regulation & sideloading in keynote speech

Kicking off the International Association of Privacy Professionals' annual event, the Global Privacy Summit, Cook took to the stage on Tuesday as part of its keynote address.

His keynote started by calling privacy one of the most essential battles of modern times. Referring to privacy as a mirror of policies and usage, Cook believes there are two disparate realities, with one where it "unlocks humanity's full creative potential," while the other is where "technology is exploited to rob humanity of that which is foundational: our privacy itself."

"A world without privacy is less imaginative, less empathetic, less innovative. Less human," said Cook to the audience, before calling privacy a fundamental human right that Apple is continually fighting for.

Data Mining and Bad Actors

That fight includes protecting people against a "data industrial complex built on a foundation of surveillance," referring to data mining firms using data supplied by websites and apps. Cook says the companies insist their work is "pure of intention," but one where they "don't believe we should have a choice in the matter."

Cook likens the data mining as something that wouldn't be abided by if it were a person following users around in their daily lives, filming their interactions.

Apple has given users tools to deal with this, including the option to decide who should be allowed to access this tracking data, Cook says, bringing up Apple's App Tracking Transparency initiative.

The second area is a battle against "an array of dangerous actors, sophisticated hackers and ransomware gangs, to the everyday con artist."

"We've long said that security is the foundation of privacy, because there is no privacy in a world where your private data can be stolen with impunity," Cook told the audience, insisting that Apple does a lot to safeguard its users.

This includes minimizing the data it collects from users, and maximizing the amount of data processing that happens on devices, the CEO says. "Because we know that centralized readable data is vulnerable data, and we want to reduce the risk to our users."

"It's why personal data on iPhone is encrypted by default," he adds, then pointed out that data stored on iCloud is end-to-end encrypted "so not even Apple can look at them." Cook then reaffirmed that Apple still fights to ward off backdoors for law enforcement, as "anyone can use it" once it has been created.

Privacy Protections and Sideloading

"But I fear we can soon lose the ability to provide some of those protections," Cook warns, bringing him to his third area of concern: "Regulations that could put our privacy and security at risk."

Cook immediately states that Apple is in favor of privacy regulation, supporting GDPR, and applauding countries with privacy laws of their own.

"We also continue to call for a strong, comprehensive privacy law in the United States," Cook said to applause. "But we are deeply concerned about regulations that would undermine privacy and security in service of some other aim."

This includes attempts at legislation that would force Apple to allow apps that "circumvent the App Store" through side-loading. "This would allow data-hungry companies to avoid our privacy rules, and once again track our users against their will," Cook insists, as well as allowing bad actors to work around security protections Apple has implemented in its ecosystem.

As an example of seeing this behavior in other platforms, Cook mentions how some smartphone users downloaded seemingly legitimate COVID-19 tracing apps, "only to find their devices infected with ransomware." The iPhone wasn't affected, Cook affirms, because of the presence of the App Store's defenses.

"These regulations argue that no harm would be done by simply giving people a choice, but taking away a more secure option will leave users with less choice, not more. And when companies decide they want to leave the App Store because they want to exploit user data, it could put significant pressure on people to engage with alternate app stores, where their privacy and security may not be protected."

Apple "believes in competition," Cook immediately continues, valuing its "role in driving innovation and pushing us all forward." Cook appreciates the supporters of such ideas have "good intentions," but if Apple were to enable third-party app stores onto its platform, he warns "the unintended consequences will be profound."

Cook asks policymakers to "work with us to advance goals I truly believe we share, without undermining privacy in the process." He also urges the privacy community to "join our efforts to make sure that regulations are crafted, interpreted, and implemented in a manner that protects people's fundamental rights."

Hoping for a future where "technology empowers people without intruding into their lives and serves as a unifying force for good," Cook says it is a future "that together, I believe we have the power to achieve."

Alan Westin and Pivotal Moments

Referencing the 50th anniversary of the Alan Westin landmark study "Databanks in a Free Society," Cook mentions Westin's conclusion "While the erosion of privacy was a legitimate fear, it was not an inevitable consequence of technology."

"What is collected, for what purposes, with whom information is shared, he wrote, are all matters of policy choice, not technological determinism," Cook continued. "He said that man cannot escape his social or moral responsibilities by murmuring feebly that The machine made me do it."

In his conclusion, Cook notes how the landscape has changed compared to half a century ago, "but those words strike me as more relevant now than ever before."

"This is a pivotal moment in the battle for privacy," Cook urges. "As we look to the future, it is clear that technology will continue to shape our world, but the impact technology makes on society is not predetermined. The loss of privacy is not inevitable, and those of us who create technology and make the rules that govern it have a profound responsibility to the people we serve."

"Let us embrace that responsibility, let us protect our data and secure our digital world, and let us declare that privacy cannot and will not become a relic of the past."

Cook is included as the headline keynote speaker at the conference, with the opening session also featuring speeches by former commissioner of the Access to Information Commission of Afghanistan Zahra Mosawi, as well as European Commissioner for Justice Didier Reynders. Other speakers taking part in the event include FTC Chair Lina Khan, NYT bestselling author Malcolm Gladwell, and Microsoft President Brad Smith.

Tim Cook has repeatedly spoken out about the need for privacy and data security, both as part of a speech and in interviews. In 2021, he spoke at the European Computers, Privacy & Data Protection conference in Brussels, three years after a keynote address at the International Conference of Data Protection and Privacy Commissioners.

He has also referred to privacy as "one of the top issues of the century," speaking in a January 2021 interview about it being in the same level as other worldwide problems like climate change. He once famously referred to privacy as a "basic human right," which he has repeatedly referred to over the years.

Cook's speech arrives less than a week after Apple dropped out of the State Privacy and Security Coalition (SPSC), citing concerns the trade group pushed for legislation that wouldn't adequately protect the data of users.