Apple CEO Cook: U.S. Needs Its Own GDPR As Personal Data Is 'Weaponized'


Apple CEO Tim Cook says "it is time" for the U.S. and other countries to follow Europe with strengthening data privacy laws, as companies increasingly engage in what he called "surveillance" of their own users.

During a speech Wednesday at a data privacy conference in Brussels, Cook levied biting criticism against tech industry players that are putting "profits over privacy," which he characterized as a "data industrial complex." Cook did not name any companies by name, though he previously has criticized the user data polices of Facebook and Google.

[Related: Four Of The World's Biggest Tech Leaders Weigh In On Data Privacy]

"Our own information, from the everyday to the deeply personal, is being weaponized against us with military efficiency," Cook said during the speech, according to a CNBC transcript. "Every day, billions of dollars change hands and countless decisions are made on the basis of our likes and dislikes, our friends and families, our relationships and conversations, our wishes and fears, our hopes and dreams."

Sponsored post

These pieces of data "are carefully assembled, synthesized, traded and sold," Cook said. "Taken to its extreme, this process creates an enduring digital profile and lets companies know you better than you may know yourself."

Cook has a track record of advocating for privacy and has placed a major emphasis on protecting Apple customer data—ranging from a commitment to not making money from customer data, to refusing to help law enforcement agencies with unlocking iPhones.

But when it comes to the data policies of other industry players, Cook contended that "we shouldn't sugarcoat the consequences. This is surveillance. And these stockpiles of personal data serve only to enrich the companies that collect them."

Speaking of the European Union's General Data Protection Regulation (GDPR), Cook called the rules a "transformative work."

The EU's policy, which began to be enforced in May, aims to give EU citizens and residents greater control over how their personal data is used. GDPR requirements include that users provide consent to have their data processed, that companies must anonymize data they collect and that users can have personal data erased upon request in certain cases.

"It is time for the rest of the world—including my home country to follow your lead," Cook said. "We at Apple are in full support of a comprehensive federal privacy law in the United States."

Such legislation should include components such as "the right to have personal data minimized" through de-identification of customer data; "the right to knowledge" about what is being done with personal data; "the right to access" of personal data for customers; and lastly, "the right to security," Cook said.

"Security is foundational to trust and all other privacy rights," he said. "It's time to face facts. We will never achieve technology's true potential without the full faith and confidence of the people who use it."