Tim Cook took to the stage this morning in Brussels, at the 40th International Conference of Data Protection and Privacy Commissioners. And he went in with all guns blazing.
His targets? Not for the first time, the Apple CEO took aim at his Silicon Valley peers and what he calls the “data-industrial complex.” According to Cook, people’s personal data is being “weaponized” with “military efficiency,” and technology is being used to deepen divisions and “undermine our sense of what is true and what is false.”
“Data assembled to create a digital profile lets companies know you better than you know yourself. This is surveillance,” he said. It will be interesting to see what Mark Zuckerberg, due to appear at the conference via video message this afternoon, will add on this front. Apple of course has a less data-centric business model than Google or Facebook, and a CEO who has no reason to be on the defensive.
Here’s Cook neatly expressing what I’ve been yelling about for a long time: “We will never achieve technology’s true potential without the full faith and confidence of the people who use it.” Especially after this year, with its myriad Facebook and Google scandals about people’s data ending up in unexpected places, that faith is now sorely lacking.
Cook’s proposed cure, however, is not as controversial as it may at first seem: A “comprehensive data privacy law in the United States,” along the lines of the European Union’s General Data Protection Regulation (GDPR).
When the GDPR came into effect this past May, tech industry lobbyists claimed it would be a disaster for the Internet. But then California passed a sweeping new privacy law that, like the GDPR, gave people the right to demand companies tell them what personal data of theirs is being stored, why it’s being stored, and with whom it’s being shared. Consumers will be able to demand their data is deleted, too.
Like it or not, these measures are starting to be introduced in the U.S. and, as Veeam’s Danny Allan wrote yesterday in a Fortune piece, there’s a real risk of a regulatory patchwork that makes life difficult for businesses trying to operate across state lines. What people often forget about the GDPR is that it was largely designed to fix a similar problem in the EU, harmonizing data protection rules across member states to make life more predictable for businesses.
This is why Apple, Google, Amazon and Twitter all pressed for a national data protection law last month. The big question now is what such a law might look like—and what it will mean for a Silicon Valley where not everyone is ultimately singing from the same hymn sheet.
A version of this article originally appeared in Wednesday’s CEO Daily newsletter. Subscribe here.