Speaking at the 40th International Conference of Data Protection and Privacy Commissioners in Brussels, Tim Cook condemned the practice of personal data collection for better advertisement targeting.
He said: “Every day, billions of dollars change hands and countless decisions are made on the basis of our likes and dislikes, our friends and families, our relationships and conversations, our wishes and fears, our hopes and dreams.” Cook added that these scraps of data, each one harmless on its own, are carefully assembled, synthesized, traded and sold by what he called a “data industrial complex.”
Sputnik: What is your thought about Tim Cook’s statements?
Kenneth Shak: Well, first of all, I would like to say that these are all my own and biased personal opinions. Now, in view of Tim Cook’s statements, I strongly agree with him.
I believe that there should be restrictions on how much, what can, and how can personal data be harvested or collected. Again, the key word here is “personal.” Every single person has the right to know where their data is going, how is it actually being used, when is it going to be used and how is it being gathered, and what is going be exposed. I am all for data security and privacy.
Kenneth Shak: I believe this correlates to what Tim Cook said, that data was being weaponized against us. These little bits of data, which we share on the internet or anywhere, may seem harmless.
For example, our names, our telephone numbers, maybe for two-factor authentication, our addresses, may look harmless by [themselves], because this data is usually easily accessible. But if all these data are collected, even if it’s separate, through data harvesting it can be assembled and synthesized to an extent that it will be very useful to a lot of people. So, in some ways, it is actually data science.
Now, how these data are actually being used is very broad according to the objectives. What Tim Cook has said in context to it being weaponized is what we thought was harmless initially, has become a sort of weapon that could potentially harm or affect us. I’ll give an example: a phishing attempt to gather banking accounts or sensitive data can be carried out more effectively because the trap actors can actually use all this legitimate data to appear as someone that is legitimate, for example, bankers.
Sputnik: Why do you think he was saying this at this point in time? Do you think he is talking about just Facebook and Google, or is he talking about other companies as well? Why at this point in time did he come out with this statement?
Kenneth Shak: In my point of view, I don’t think Tim Cook is referring just to Google or Facebook. It may seem like it because, well, you know recently Facebook had the huge data breach back in September. He may not be necessarily just be talking about both of them. I do believe it’s a general message to all companies out there.
I don’t think he chose this particular time to point this out. What I have noticed is that he actually placed even more importance and attention on data privacy and security since the FBI’s request to Apple to unlock the San Bernardino shooter’s iPhone. Apple’s refusal to unlock the iPhone shows both the good and the bad side of data privacy.
The good is that it actually further cemented their stand on privacy and the users can rest assured that they actually delivered on their promises. The bad, law enforcements cannot really get information to carry out their duties and a lot of malicious users will actually use this as an advantage.
Kenneth Shak: From what I can see is it’s the right step moving forward.
It depends on how you look at it. Maybe the people or companies that are complaining about the GDPR, maybe complaining about it affecting their business operations, perhaps; but from my point of view, the GDPR is a good step ahead.
It’s actually not really restricting the data, but it’s basically offering people that their data will be more transparent in the sense of where their consent must be taken. If there is a breach, they must report it within 72 hours.
So, that is very good. Also users should have the rights to opt in or opt out at any time they want and also to be forgotten. I mean, companies don’t own this data, the people do. So, I am all for GDPR, just that it should be refined even more.
Sputnik: How close do you think that the US or even China are to putting into effect similar legislation?
Kenneth Shak: Looking at the current climate, I cannot really feedback on whether it will be passed any time soon.
But I really do hope that something that can benefit the users’ data privacy is passed soon. It’s really the time for data privacy and security to be taken very seriously.
Views and opinions expressed in this article are those of Kenneth Shak and do not necessarily reflect those of Sputnik.