Tim Cook’s privacy summit keynote condemns app sideloading

Apple CEO Tim Cook called privacy a key battle of our time during a speech Tuesday. He extolled Apple’s commitment to protecting its users’ data and condemned regulations that would force Cupertino to accept app sideloading on iPhones.

“We are deeply concerned about regulations that would privacy and security in service of some other aim,” he said, referring to legislation that would force Apple to allow apps for its devices to bypass the App Store.

Cook made the comments during a wide-ranging keynote address at the International Association of Privacy Professionals Global Privacy Summit in Washington, DC

Read more about what he said and watch video of his speech below.

Tim Cook address IAPP Global Privacy Summit

In his speech at the IAPP summit, Cook started off by calling privacy one of the most essential battles of modern times.

Describing privacy as a mirror image of policies and usage, Cook referred to two disparate realities. In one, technology “unlocks humanity’s full creative potential,” while in the other, it “is exploited to rob humanity of that which is foundational: our privacy itself.”

“A world without privacy is less imaginative, less empathetic, less innovative. Less human,” Cook told the audience, before reminding it that Apple believes privacy is a fundamental human right.

Cook described three areas in the fight for privacy. The first attempts to protect people against a “data industrial complex built on a foundation of surveillance.” That refers to data mining firms and the information they get from websites and apps.

Cook said those companies insisted their work is “pure of intention,” but they “don’t believe we should have a choice in the matter.”

Cook compared data mining to physical surveillance. He said if it were a person following users around in their daily lives, recording everything they do, no one would abide it.

He noted that Apple has given users tools to deal to increase their privacy while using Apple products. That includes the option to decide who should be allowed to access tracking data. He referred to Apple’s App Tracking Transparency initiative.

Protection against data theft

Cook cited a second area in the fight to protect privacy as a battle against “an array of dangerous actors, sophisticated hackers and ransomware gangs, to the everyday con artist.”

“We’ve long said that security is the foundation of privacy, because there is no privacy in a world where your private data can be stolen with impunity,” Cook noted.

He said Apple minimizes the data it collects from users. And it also maximizes the amount of data processing occurring on devices, because “we know that centralized readable data is vulnerable data, and we want to reduce the risk to our users.”

“It’s why personal data on iPhone is encrypted by default,” he added, before mentioning data stored on iCloud is end-to-end encrypted “so not even Apple can look at them.”

Cook said the company still fights to ward off backdoors for law enforcement, as “anyone can use it” once it’s created.

Privacy protections and sideloading

“But I fear we can soon lose the ability to provide some of those protections,” Cook warned, introducing a third protect area in the battle to privacy: “Regulations that could put our privacy and security at risk.”

Cook underlined that Apple is in favor of privacy regulation, supports the EU’s General Data Protection Regulation (GDPR) and applauds other countries with privacy laws.

“We also continue to call for a strong, comprehensive privacy law in the United States,” Cook said, as the audience stood and applauded (for the only time in the speech). “But we are deeply concerned about regulations that would privacy and security in service of some other aim.”

That includes legislation that would force Apple to allow apps for its devices that “circumvent the App Store” through sideloading.

“This would allow data-hungry companies to avoid our privacy rules, and once again track our users against their will,” Cook said. He added it would allow bad actors to work around Apple’s security protections.

Cook brought up an example seen on other platforms. He described how some smartphone users downloaded seemingly legitimate COVID-19 tracing apps, “only to find their devices infected with ransomware.” The iPhone wasn’t affected thanks to the App Store’s defenses, he said.

Cook added:

These regulations argue that no harm would be done by simply giving people a choice, but taking away a more secure option will leave users with less choice, not more. And when companies decide they want to leave the App Store because they want to exploit user data, it could put significant pressure on people to engage with alternate app stores, where their privacy and security may not be protected.

Apple “believes in competition,” Cook went on to say. But if Apple were forced to enable third-party app stores on its platform, he added, “the unintended consequences will be profound.”

Cook asked policymakers to “work with us to advance goals. I truly believe we share, without undermining privacy in the process.”

Alan Westin’s landmark study

Cook also recognized the 50th anniversary of Alan Westin’s landmark study, “Databanks in a Free Society.” The Apple CEO referred to the legal researcher’s conclusion that “While the erosion of privacy was a legitimate fear, it was not an inevitable consequence of technology.”

“What is collected, for what purposes, with whom information is shared, he wrote, are all matters of policy choice, not technological determinism,” Cook said. “He said that man cannot escape his social or moral responsibilities by murmuring feebly that ‘The machine made me do it.’”

The landscape has changed compared to half a century ago, Cook noted as part of his conclusion. “But those words strike me as more relevant now than ever before,” he said.

Other speakers

Cook served as the keynote headliner. But the session also included speeches by Zahra Mosawi, former commissioner of the Access to Information Commission of Afghanistan, and European Commissioner for Justice Didier Reynders. The event’s other speakers include FTC Chair Lina Khan, New York Times bestselling author Malcolm Gladwell and Microsoft President Brad Smith.

It’s far from the first time Cook has spoken out about the need for better privacy and data security. In 2021, he appeared in a video aimed at the EU and spoke at the European Computers, Privacy & Data Protection conference in Brussels, for example.

Cook’s speech came just days after Apple dropped out of the State Privacy and Security Coalition (SPSC), citing concerns the trade group promoted legislation that served industry too much and consumer data privacy too little.

Leave a Comment