Apple Shareholders File Proposal on Privacy and Data Security
Submitted by michael on Fri, 2012-09-21 14:49
For Immediate Release September 24, 2012
Investors in Apple Inc. have filed a shareholder proposal asking the company to publish a report explaining how its Board of Directors is overseeing privacy and data security risks.
The proposal, which is intended for consideration by Apple shareholders at the company’s 2013 annual meeting, was co-filed by clients of socially responsible investment firms Trillium Asset Management LLC and Zevin Asset Management LLC.
“Unauthorized collection, disclosure, or misuse of personal information can cause great harm to individuals and society - including discrimination, identity theft, financial loss, loss of business or employment opportunities, humiliation, reputational damage, questionable government surveillance or physical harm,” the proposal states.
The shareholders assert that “Apple’s Board has a fiduciary and social responsibility to protect company assets which include the personal information of a variety of stakeholders.”
According to the proposal, Apple has recently confronted a number of cyber security and privacy controversies - drawing the attention of Congress and outside groups. The controversies include unauthorized access to iPhone users’ address books; Unique Device ID related litigation and the release of one million UDIDs; and security concerns related to iCloud. The shareholder proposal notes a recent study by the Ponemon Institute which found data breaches could negatively impact brand value and reputation by as much as 17 percent to 31 percent, with the average loss in brand value ranging from $184 million to more than $330 million.
In seeking a report, the shareholders state that “investors need to understand more fully how the Board is overseeing” concerns about privacy and data security. The proposal references a recentstudy by Carnegie Mellon University’s CyLab which surveyed corporate governance and enterprise security practices at a number of leading global companies.
The shareholder proposal at Apple was developed in consultation with the Open Media and Information Companies Initiative – or Open MIC – a non-profit organization that works with shareholders and companies to foster more open and responsible media policies and practices. A copy of the Apple proposal is available here.
Michael Connor, Executive Director of Open MIC, said the Apple proposal followed months of research into privacy and data security risks at major U.S. companies, with a particular emphasis on corporate governance and the responsibilities of boards of directors. “We expect similar shareholder proposals on this critical issue will be filed at other firms in the coming months,” Connor said.
Shareholders of telecom giants AT&T Inc and Verizon Communications Inc are seeking more details related to their sharing of customer information with governments, showing investors starting to push back over the role of communications companies in spying operations.
The investors are pushing for more openness after reports this year that major Internet companies and U.S. carriers have cooperated with government agencies by sharing some customer data. In June, the Guardian newspaper reported on a secret court order directing New York-based Verizon to collect call data.
Growing up in Iran I know too well the impact of unchecked government surveillance. Even as a small child, I had to worry about what I said and asked over the phone because the government could be listening and might use what I said against my family. So when I found out that AT&T and Verizon have been handing over information about millions of customers’ calls to the National Security Agency (NSA) I was outraged.
Citing intense global concern over the impact of disclosures regarding surveillance programs directed by the U.S. government agencies, investors in AT&T Inc. (NYSE:T) and Verizon Communications Inc. (NYSE: VZ) have filed shareholder proposals calling on the companies to publish semi-annual reports detailing how often they have shared information with U.S. or foreign governments and what type of customer information has been shared.
Citing the potential of “unprecedented and dangerous threats to the privacy of hundreds of millions of people” from government surveillance programs, a group of leading sustainable investment firms has called upon publicly-held U.S. companies to demonstrate leadership by adopting “a pro-active, principled approach to protecting the privacy and rights of their users.”
There is no "safe haven" for investors when it comes to privacy and data security, as clear risks exist for companies of all shapes and sizes. The onus is on investors to question how management is dealing with these issues. If companies aren't adequately addressing privacy and data security risks – and there's abundant evidence that's the case – shareholders need to highlight the gravity of the issue. For the 21st century digital economy to thrive, we all need assurance our personal secrets are, indeed, safe.