Apple Fined $11 Million in Italy for Employing 'Aggressive Methods' in Commercial Use of Private Data

Apple and Google were today fined 10 million euros ($11 million) by Italy's Competition Authority for allegedly using user data for commercial purposes without their explicit consent, an apparent violation of Italy's Consumer Code.

The authority claims that both Apple and Google utilize user data they collect through their services for promotional and economic activity without the user's consent. Apple "directly exploits the economic value" of user data it collects to "increase the sale of its products and/or those of third parties through its commercial platforms (App Store, iTunes Store, and Apple Books)," according to a machine-translated copy of the press release.

The watchdog claims that neither Apple nor Google provides users with sufficient and immediate information that their data will be used for commercial purposes. Specifically, the readout of the fine claims that Apple does not provide users with a way to opt out of the use of their data for commercial purposes. As per the press release (machine translation):

In the case of Apple, however, the promotional activity is based on a method of acquiring consent to the use of user data for commercial purposes without providing the consumer with the possibility of a prior and express choice on sharing their data. This acquisition architecture, prepared by Apple, does not make it possible to exercise one's will on the use of one's data for commercial purposes. Therefore, the consumer is conditioned in the choice of consumption and undergoes the transfer of personal information, which Apple can dispose of for its own promotional purposes carried out in different ways.

The Italian authority said when users create an Apple ID, which is essential for accessing any of Apple's services, Apple does not "immediately and explicitly provide the user with any indication on the collection and use of (their) data for commercial purposes." The watchdog added that Apple only tells users that their data will be used to improve and personalize their experience, not that it will be used for commercial purposes.

When using the ‌App Store‌, for example, Apple does show users a splash screen that informs them that Apple may use some of their data to "enable features, secure our services, or personalize your experience." While the authority correctly outlines Apple's lack of acknowledgment that data would be used for commercial purposes, it fails to provide examples or evidence that Apple has partaken in such activities.

Apple's privacy policy, accessible to all users on its websites, states the company will only use personal data to power its services, comply with local laws, prevent fraud, and for communication objectives. Apple's privacy policy also adds that personal data may be used for other purposes only with user consent, covering any possible ambiguity.

Italy's competition watchdog fined Apple over $150 million earlier this week for alleged anti-competitive practices with Beats and Amazon. The fine was a result of an investigation that found Apple and Amazon were limiting the sales of Beats products through third-party resellers in an attempt to stifle competition.

Update: Apple in a statement to MacRumors said that the authority's viewpoint is "wrong' and that it plans on appealing the decision. Apple also said that it only sends marketing emails to customers after receiving their explicit consent and that it uses its "Data & Privacy" screen to inform users of ways their personal data is being used. Apple also said it does not personalize any of its services, including its digital Stores, for children and allows users to disable personalization at any time.

We believe the Authority's view is wrong and will be appealing the decision. Apple has a long-standing commitment to the privacy of our users and we work incredibly hard to design products and features that protect customer data. We provide industry-leading transparency and control to all users so they can choose what information to share or not, and how it is used.