Skip to main content

Complaint made to European privacy watchdog that Apple doesn’t fully comply with GDPR

A complaint has been made to a European privacy watchdog that Apple does not fully comply with its GDPR obligations.

The General Data Protection Regulation requires companies to supply, on request, a copy of all the data they hold on you. Having tested this with ten users, an Austrian non-profit organization said that Apple failed to supply a complete set of data …

GDPR is the world’s toughest privacy law, and places a number of obligations on companies which collect the personal data of European Union citizens. Four of the key ones are:

  • There must be a specific, lawful reason to process the data
  • Personal data must be encrypted
  • You have a right to a copy of your data
  • You can ask for your data to be deleted

Apple said that it planned to extend GDPR-standard protection to all its customers worldwide, not just EU citizens. In order to comply with bullet three above, it created the ability to submit an online request – which is also open to those in the US, Canada and some other non-EU countries.

Once you submit your request, it can take up to seven days for Apple to supply a link to download a copy of your data.

However, Reuters reports that non-profit organization noyb found the feature wanting.

Apple and Amazon are among eight tech firms named in a complaint filed in Austria by non-profit organization noyb, which cited their failure to comply with GDPR.

The action by noyb, chaired by data privacy activist Max Schrems, also named Netflix, Spotify and Youtube, after it tested them by requesting private data the companies hold about the user.

“No service fully complied,” noyb said in its statement.

Schrems said that some of the companies don’t even come close to handing over all the data they hold on individuals.

“Many services set up automated systems to respond to access requests, but they often don’t even remotely provide the data that every user has a right to,” Schrems said. “This leads to structural violations of users’ rights, as these systems are built to withhold the relevant information.”

Spotify reached out to us to say that it believes it is fully compliant.

The complaint comes at an awkward time for Apple, a day after Tim Cook called for ‘comprehensive federal privacy legislation‘ in the US. Cook made the call in an op-ed column in TIME Magazine.

Photo: Shutterstock


Check out 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications