Privacy Talk with Ashley Gjøvik, JD, Apple Whistleblower and A.M. Gjovik Consulting, LLC:Do Apple customer and Apple employee privacy concerns intersect?
“This interview recorded on 8th November 2022 is talking about employment privacy and human rights.”
Kohei is having great time discussing employment privacy and human rights.
This interview outline:
- You were working with GreatFire & AppleCensorship? What is this project & how does it connect to privacy?
- Do Apple customer and Apple employee privacy concerns intersect?
- Message to listeners
- You were working with GreatFire & AppleCensorship? What is this project & how does it connect to privacy?
Ashley: Yeah, so I worked on this project with a group called GreatFire for several months this year. GreatFire is this wonderful group established to try to get people in China ways to circumvent the Chinese GreatFirewall, and it has since expanded to some additional projects like this AppleCensorship project I worked on.
AppleCensorship was created after GreatFire apps for circumventing censorship were removed from the Apple App Store by Apple at the request of the Chinese government. And the activists were quite shocked that Apple would be complicit in censorship compared to Apple’s kind of marketing on freedom of expression and human rights.
So AppleCensorship became this watchdog group watching Apple’s App Store, they created a tool to monitor takedowns, so they could follow up and see if it was something a developer did on their own or if it was censorship and then try to highlight those instances and push back.
One area that’s always really contentious with these types of things is VPN apps. So with VPNs, people have some level of privacy to what they do online and allow them ways to circumvent censorship. So of course censorship driven governments are always quick to try to get VPN apps taken down from the App Store.
So that was one area we really focused on. The project taught me a lot about some of the ways that these Big Tech companies are able to influence privacy even outside their own platforms, as they do this content moderation and you might not think of content moderation with Apple like the same you might have with Twitter or Facebook.
But they are with their app store. And they’ve been caught several, numerous times. You know, censoring via their apps or taking down apps, that maybe it’s not even direct content, but it’s things like VPN that would allow someone the courage to go access additional content, thinking that they’d have some privacy. Apple’s taking those down, and not even communicating that they’re doing it or why, which is troubling.
Kohei: I see. So Apple is the one of the leading companies trying to protect consumer privacy but a new project on your research says suppose there are some of the concerns related to some of the privacy actions. So then do Apple customers and Apple employees’ concerns intersect? Do you think about it?
- Do Apple customer and Apple employee privacy concerns intersect?
Ashley: Yeah, definitely. So for example, that app on my iPhone that was taking a secret videos of me all the time, those videos also not just when I was at home or at work, but when I’m running errands, hanging out with friends and in class, so on, that’s capturing non employees and their data too, and assumably also gathering all of their biometrics you know, even kids, anyone that around me — it will take a video when it thought it saw a face.
Who knows how many people are in that data, which is horrifying, right? So these people have no idea they were even being captured for one, which is an issue. And then two, Apple claims that the feature doing this is top secret and that they’d fire an employee for even talking about it.
We could not even warn people they’d be captured if they were around our phones, which is really concerning. And Apple very heavily pressures R&D teams to have one phone, just one for work and personal, and have the work device with this very invasive configuration on it for testing quality.
I mean, they monitor and send us emails when we’re not on that internal device that you need to be sure you’re on that internal device. So we’re carrying around this essentially spyware, not just for us, but anyone around us. And then similarly, their employee privacy policy says we have no expectation of privacy whatsoever, and they’ll even spy on our personal devices and our friends personal devices if they feel like it.
So a non-employee with an iPhone might think they’re protected by whatever the consumer privacy policy is, but apparently now if they’re friends or talking to an Apple employee, now they have no privacy too, but they were never told.
And I also brought up the concerns in my complaint to their governments that this would apply. You know my friends in London, my friends in Paris, my friends in Cork.
These people are also protected by GDPR. well not in the UK anymore. They have their own version. But you know, there’s other privacy protections that I don’t know how they’re getting away with this. It’s very concerning to me.
So I think other people should be concerned about that too. Clearly by Apple’s own internal policies, which I’ve now published and tried to make public because I want to cause conversation about this, they are not respecting those consumer privacy policies. If there’s footnotes, maybe talking to an employee, maybe talking about, you know, who knows what we don’t even know.
So I think we should all be concerned about the privacy of big tech employees. I mean, the entanglements with these privacy intrusions as I’ve been talking about, but I think also these internal practices really show how these companies actually feel about privacy regardless of what their marketing is. So we should ask a lot more questions.
Kohei: Thank you. So maybe we should progress to make an affordable and safe space in tech companies and also other companies as well because a lot of companies tried to become digital first. Maybe it’s been a migration to go to the digital environment. Of course includes employee privacy and customer privacy.
So in this case, what we should look for in the future is what we can do together with those companies, they are still embracing some of the issues but they can improve, they can improve together with us. So do you have any good things for the future?
Ashley: I think we should all be more critical of employment practices in the United States which generally are still far behind other nations. But specifically also with this privacy and surveillance.
It should sound crazy for a big corporation to formally claim their employee should have no expectation of privacy, anywhere for the rest of their lives It’s what that their policy implies, if not says outright, just because we sign an employment agreement. We all need to push back on that type of reasoning.
You can keep an eye on my work and see how these cases progress against Apple. Apple’s bizarre justification for firing me is now the crux of lawsuits.
So we’ll be discussing everything we’ve been talking about this session, in agencies in court probably for years to come. I’m really hoping that fight and those discussions do drive some progress or at least further conversation and critical analysis on all of this.
Kohei: Thank you. So lastly, I’d like you to share some of the message to the listeners because the employment, the privacy and also the customer privacy is the one of the concerns.
So maybe you have assembled a great experience to have great ideas to share to solve these issues together, or the future. So I’m very happy to give and share the message.
- Message to listeners
Ashley: Oh, I wish I had the solution. I think our very first step is just people pushing back on the norms in the United States right now. The norms are really concerning, which is the “oh you know, they work at these big tech companies.
It’s fine if they have no rights, they signed some contract.” That seems very common here which again, is extremely concerning, especially with these big tech companies, the stuff they’ve already been caught doing. The need for more whistleblowers, who probably didn’t even have to become whistleblowers.
They could just, you know, talk to a government asking for help and ask for intervention. When there’s no privacy when you’re under surveillance, you’re censored.
It’s implicit censorship, because you’re always being watched. You don’t feel like you have that privacy that you can have conversations with your co-workers about, “is this right?” Or talk to a government and say this feels like they might be breaking the law. Can you help me understand?
Because it not only feels like your employer is watching you 24/7 They say they are. The global implications of that and consumer implications are enormous and highly concerning.
So I wish I had the solution for all of it. But I think right now, being more critical and dismissing what these companies have been telling us should be the norm. Start to demand basic privacy rights. Again, even California is so far behind GDPR and California is probably the most progressive with this that I’ve seen in all of the United States.
So getting them to catch up with basic privacy protections for employees. really demanding better treatment. And then I highly recommend if a company comes out and says we fired employees because they protested our arguably unlawful and unethical surveillance, like roast that company, especially if it’s hypocritical of their marketing message, right?
Say, okay, well help me understand where you really stand on this because your practices don’t match what you’re saying.
So I think as we start pushing back, we start having more critical discussion. I think that’s where we start building the policy of what makes sense for our states and then at a federal level for these protections. I think we’re just so far behind that even starting the conversation still needs to begin.
Kohei: So, that’s a great message. I think it’s very important to improve the quality of the dialogues and between the corporate structures. So it’s a time to discuss more things, what we can do together to create a better future. So this is our point. Our goal is not one takes all, it’s a win-win. Thank you for having a conversation, Ashley at this moment.
Ashley: Thank you so much for having me. I really hope this helps folks think about this on a deeper level.
Kohei: Thank you.
Please contact her direct if you want to reach below.
https://gjovik.co/home/contact/ or ashleymgjovik@protonmail.com
Thank you for reading and please contact me if you want to join interview together.
Privacy Talk is the global community with diversified expert, and contact me below Linkedin if we can work together!
