Apple CEO Tim Cook took to the stage at the annual International Association of Privacy Professionals (IAPP) conference on Tuesday to talk about privacy, security, ad tracking, and sideloading.
Calling privacy “one of the most essential battles of our time,” Cook lambasted companies that moneteize large user data collection operations, comparing them to real-world stalkers.
By contrast, he claimed that Apple maintains “a commitment to protecting people from a data industrial complex built on a foundation of surveillance.” To vigorous applause from the audience of privacy professionals, he voiced his support for US privacy regulations akin to those passed in Europe in recent years.
On the other hand, he said he and Apple are “deeply concerned about regulations that would undermine privacy and security in service of some other aim,” like protecting competition.
Although he did not name them specifically, he was likely referring to the European Union’s Digital Markets Act and the United States’ Open App Markets Act, which incorporate language about forcing platform holders like Apple to allow sideloading.
The current iteration of the Digital Markets Act no longer includes a sideloading requirement, but it is still not finalized. The Open App Markets Act still has a sideloading requirement; the Senate Judiciary Committee recently approved it, but it has not yet been brought to the floor in Congress.
On new regulations like these, Cook said:
That means data-hungry companies would be able to avoid our privacy rules, and once again track our users against their will. It would also potentially give bad actors a way around the comprehensive security protections we’ve put in place, putting them in direct contact with our users, and we have already seen the vulnerability that creates on other companies’ devices.
He cited one notable example to support this point: Android users who sideloaded seemingly legitimate COVID-19-tracking apps and consequently found their phones infected with ransomware.
“If we are forced to let unvetted apps onto iPhone, the unintended consequences will be profound,” Cook said. “And when we see that, we feel an obligation to speak up—and to ask policymakers to work with us to advance goals that I truly believe we share, without undermining privacy in the process.”
One key part of his argument is that sideloading could become so commonplace that important apps will only be installable by that method, rather than through the App Store, which Cook claims is safer. If that happens, Cook argues, then the notion of giving users a choice goes away because they might feel pressure to sideload apps, thus exposing them to malicious actors.
Cook also tried to reassure listeners that “Apple believes in competition.” However, he did not offer any alternative solutions for those concerned that Apple’s control over the App Store allows it to charge app developers exorbitant fees or subject developers to capricious or unfair rules.
Cook’s speech was not the first time an Apple executive took the stage at a large conference to make the case that new regulation meant to ensure continued competition could undermine user security and privacy. Craig Federighi made a similar speech at Web Summit 2021.