Photo by TheDigitalArtist
Tim Cook Calls for GDPR-Like Laws around the World
Apple CEO Tim Cook gave an impassioned speech at the 40th International Conference of Data Protection and Privacy Commissioners praising Europe’s General Data Protection Regulation (GDPR) legislation and calling for similar laws around the world, including in the United States (for more on the GDPR, see Geoff Duncan’s “Europe’s General Data Protection Regulation Makes Privacy Global,” 2 May 2018). Without calling out specific companies like Facebook and Google, Cook lambasted the “data industrial complex,” saying “Our own information, from the everyday to the deeply personal, is being weaponized against us with military efficiency.” While Cook’s privacy stance is laudable and we encourage everyone to read the full transcript of his speech, it’s worth remembering that privacy has also become a major business differentiator for Apple.
Tim Cook at a conference on privacy in Brussels, further differentiating Apple from Google and Facebook.
Interesting. I’m jealous of the EU’s GDPR protections even if I don’t know about all of its nuances in great detail.
What makes me really sad is that it is unlikely that any law like the GDPR is unlikely to be proposed, let alone passed, in the US, despite all the continuing bad press and congressional hearings over data breaches and harvesting, ethic cleansings, interference in elections, inciting drug wars, etc., etc.
I wouldn’t get too jealous of GDPR if I were you. While in the long term it may prove beneficial, at the moment it is a monumental pain in the neck. The steps which have to be taken to comply are not clear (and I write as a lawyer, albeit with a practice which doesn’t involve the law of privacy or data protection) and widely differing advice is given about the exact degree of paranoia which is appropriate. For example, some say that storing data on Dropbox is unlawful because Dropbox’s servers, or at least some of them, are physically located in the US; others, that US privacy legislation provides adequate protection.
On a more general level, “we can’t do that because of GDPR” has overtaken “we can’t do that because of health and safety” as the mantra of the lazy employee who needs an excuse for not doing something.
Be careful what you wish for; you might get it.
Totally agreed, and it’s unfortunate that the largest and most egregious abusers are the firms that are the best able to throw money at coming into technical compliance.
That said, I’m happy to see government actually trying to protect people from corporations that have so completely overstepped the bounds of what’s reasonable, often without the ability to even protect the data they’ve hoovered up from everyone. See:
Join the discussion in the TidBITS Discourse forum