Apple Directors Overrule Shareholders on Spy Lockout as Woz Joins Movement

Despite Crisis Over Its “GoToFail” Internet Back Door, Apple Rejects “Best Practices To Protect User Data” as Co-Founder Steve Wozniak Joins Spy Lockout Effort

Cupertino — At Friday’s Apple shareholder meeting, Apple’s directors overruled an urgent, popular shareholder resolution entitled Spy Lockout, aimed at improving security and keeping NSA surveillance and other intruders out of Apple’s products and systems. The same morning, Apple co-Founder Steve Wozniak endorsed the SkyLockout initiative.

Apple had quietly advised shareholders in its January 10, 2014 Proxy Statement that directors Bruce Sewell and Peter Oppenheimer would exercise their discretionary voting authority — their ability to cast votes for on behalf of shareholders who toss their voting forms in the trash — to defeat the proposal, without citing any reason.

The proxy statement does not refer to the proposal as “Spy Lockout” but as a “Floor Proposal” that “if approved, would, among other things, ask the Board ‘to enact a policy to use technical methods and other best practices to protect user data.’”

An eligible shareholder has notified us of his intent to propose a resolution at the Annual Meeting that, if approved, would, among other things, ask the Board ‘to enact a policy to use technical methods and other best practices to protect user data.’ This shareholder proposal is referred to as the ‘Floor Proposal.’ … If the Floor Proposal is presented at the Annual Meeting, then to the extent permitted by applicable rules, the proxy holders will have, and intend to exercise, discretionary voting authority under Rule 14a-4(c) under the Exchange Act to vote AGAINST the Floor Proposal.
(bold face ours, capitalization Apple’s)

Apple gave no indication why it would vote against a resolution to follow best practices recommended by industry technical experts and the Electronic Frontier Foundation to protect users.

Apple has likewise been conspicuously silent about a very serious internet security flaw, increasingly referred to as GoToFail, that was on all Apple mobile devices running iOS 6 or iOS 7 from September 2012 until last Friday, February 21st 2014, and which was on all Macintosh laptops and desktops running Mavericks OSX until the Tuesday before the meeting.  Apple has received growing criticism that, while it has now released upgrades that resolve the flaw, it has not alerted users or provided any info describing how GoToFail may have compromised their data. The flaw allows any machine on the same network as an Apple customer to impersonate any site, whereafter the Apple user may then enter password information or unwittingly hand over control of their machine.

Experts on Apple and security have noted that within weeks of GoToFail’s silent introduction in 2012, the NSA reported internally that Apple had joined the PRISM bulk surveillance program providing “direct access” to Apple users’ data. These experts could not rule out complicity by Apple, perhaps under gagged National Security Orders. Although National Security Letters were ruled unconstitutional in March of last year, Apple privacy officer Jane Horvath refused to answer whether it is still cooperating with new orders. Apple’s most recent transparency report says it may have cooperated with more than 200 such requests just between January and June of last year. more…

Apple Directors Overrule Shareholders on Spy Lockout as Woz Joins Movement

Despite Crisis Over Its “GoToFail” Internet Back Door, Apple Rejects “Best Practices To Protect User Data” as Co-Founder Steve Wozniak Joins Spy Lockout Effort

Cupertino — At Friday’s Apple shareholder meeting, Apple’s directors overruled an urgent, popular shareholder resolution entitled Spy Lockout, aimed at improving security and keeping NSA surveillance and other intruders out of Apple’s products and systems. The same morning, Apple co-Founder Steve Wozniak endorsed the Spy Lockout initiative.

Apple had quietly advised shareholders in its January 10, 2014 Proxy Statement that directors Bruce Sewell and Peter Oppenheimer would exercise their discretionary voting authority — their ability to cast votes on behalf of shareholders who toss their voting forms in the trash — to defeat the proposal, without citing any reason.

The proxy statement does not refer to the proposal as “Spy Lockout” but as a “Floor Proposal” that “if approved, would, among other things, ask the Board ‘to enact a policy to use technical methods and other best practices to protect user data.’”

An eligible shareholder has notified us of his intent to propose a resolution at the Annual Meeting that, if approved, would, among other things, ask the Board ‘to enact a policy to use technical methods and other best practices to protect user data.’ This shareholder proposal is referred to as the ‘Floor Proposal.’ … If the Floor Proposal is presented at the Annual Meeting, then to the extent permitted by applicable rules, the proxy holders will have, and intend to exercise, discretionary voting authority under Rule 14a-4(c) under the Exchange Act to vote AGAINST the Floor Proposal.
(bold face ours, capitalization Apple’s)

Apple gave no indication why it would vote against a resolution to follow best practices recommended by industry technical experts and the Electronic Frontier Foundation to protect users.

Apple has likewise been conspicuously silent about a very serious internet security flaw, increasingly referred to as GoToFail, that was on all Apple mobile devices running iOS 6 or iOS 7 from September 2012 until last Friday, February 21st 2014, and which was on all Macintosh laptops and desktops running Mavericks OSX until the Tuesday before the meeting.  Apple has received growing criticism that, while it has now released upgrades that resolve the flaw, it has not alerted users or provided any info describing how GoToFail may have compromised their data. The flaw allows any machine on the same network as an Apple customer to impersonate any site, whereafter the Apple user may then enter password information or unwittingly hand over control of their machine.

Experts on Apple and security have noted that within weeks of GoToFail’s silent introduction in 2012, the NSA reported internally that Apple had joined the PRISM bulk surveillance program providing “direct access” to Apple users’ data. These experts could not rule out complicity by Apple, perhaps under gagged National Security Orders. Although National Security Letters were ruled unconstitutional in March of last year, Apple privacy officer Jane Horvath declined to answer whether it is still cooperating with new orders. Apple’s most recent transparency report says it may have cooperated with more than 200 such requests just between January and June of last year. 

While the shareholder presenting the Spy Lockout resolution on Friday referred specifically to the importance of following best security practices and to the GoToFail crisis, Apple CEO Tim Cook declined to comment or take questions on GoToFail or Spy Lockout at the meeting.

Shareholders Employ Floor Proposal Tactic

The Spy Lockout resolution was led by Apple shareholders affiliated with Restore the Fourth, a national constitutional rights organization aimed at defending the 4th Amendment’s guarantee that government search requires a specific warrant and bulk surveillance without suspicion is unconstitutional, through its Bay Area chapter Restore The Fourth SF.

(more…)