Privacy watchdogs in Europe are considering a complaint against Apple made by a former employee, Ashley Gjøvik, who alleges the company fired her after she raised a number of concerns, internally and publicly, including over the safety of the workplace.
Gjøvik, a former senior engineering program manager at Apple, was fired from the company last September after she raised concerns about her employer’s approach toward staff privacy, some of which were covered by The Verge in a report in August 2021.
At the time, Gjøvik had been placed on administrative leave by Apple after raising concerns about sexism in the workplace, and a hostile and unsafe working environment which it had said it was investigating. She subsequently filed complaints against Apple with the U.S. National Labor Relations Board.
Those earlier complaints link to the privacy complaint she’s sent to international oversight bodies now because Gjøvik says she wants scrutiny of Apple’s privacy practices after it formally told the U.S. government its reasons for firing her and “felt comfortable admitting they’d fire employees for protesting invasions of privacy”, as she puts it accusing Apple of using her concerns over its approach to staff privacy as a pretext to terminate her for reporting wider safety concerns and organizing with other employees about labor concerns.
The U.K.’s Information Commissioner’s Office (ICO) and France’s CNIL both confirmed receipt of Gjøvik’s privacy complaint against Apple.
A spokesperson for the ICO told TechCrunch: “We are aware of this matter and we will assess the information provided.”
France’s CNIL also sent confirmation that it’s looking at Gjøvik’s complaint.
“We have received this complaint which is currently being investigated,” a CNIL spokesperson told us, adding: “I cannot communicate any further details at this time.”
The development was first covered by the Telegraph which reported yesterday that it’s thought to be the first time Gjøvik has sought to press her privacy complaint against Apple in the U.K.
Ireland’s Data Protection Commission (DPC), which is Apple’s main data protection regulator in the European Union for the pan-EU General Data Protection Regulation (GDPR) and which would, under the regulation’s one-stop-shop mechanism, likely take a lead role on any inquiry related to a GDPR complaint that’s also been lodged with other EU privacy regulators (such as France’s CNIL) declined to comment. Nor would the DPC confirm or deny receiving Gjøvik’s complaint.
A spokesperson for the DPC said: “The DPC cannot comment on individual cases. All queries that come before the DPC are assessed and progressed in line with the DPC’s complaint-handling functions, where it is appropriate to do so.”
Ireland has a number of GDPR probes ongoing into Apple data processing practices including into the company’s privacy policies, but the DPC has not yet issued any decisions in relation to those multi-year-long investigations.
Were the DPC to decide this complaint merits opening a fresh investigation into Apple, it would likely take years to reach a public outcome given the Irish regulator’s extensive GDPR case file backlog.
In a conclusion to the complaint, Gjøvik urges the regulators to “investigate the matters I raised and open a larger investigation into these topics within Apple’s corporate offices globally”, further alleging: “Apple claims that human rights do not differ based on geographic location, yet Apple also admits that French and German governments would never allow it to do what it is doing in Cupertino, California and elsewhere.”