There’s no doubt that in today’s world, data is king. In fact, it’s a currency–for both businesses and hackers. In a year in which we’ve seen a huge abuse of data through the Facebook-Cambridge Analytica scandal and daily reports of leaks or breaches across every industry, it’s time for a serious call to action. Apple CEO Tim Cook appears to be leading the way in the US.

Cook spoke on Wednesday at the International Conference of Data Protection and Privacy Commissioners in Brussels. Expressing support for GDPR, Apple’s CEO called for GDPR-like federal regulation of privacy in the US. Reuters notes that Apple has avoided the scandals dusted up by Facebook and Google because it designs many of its products so that user data is not visible to Apple.

Misconfigured or simply unprotected servers leading to data leaks and other lax cybersecurity efforts have made it easy for hackers to help themselves to personal data. On top of that cyberattackers are taking advantage of businesses that have not updated their cybersecurity infrastructure to keep pace with the scale and sophistication of current methods of cyberintrusion. All of that has led to troves of personal identifiable information exposed–and sold on the dark web.

Spyware firms, especially, have been notable offenders. Due to the nature of the type of data stored on their systems, their inability to secure information has been appalling. One example reported this week concerned German spyware firm Wolf Intelligence. The firm supposedly provides surveillance services and hacking technologies to governments worldwide. And yet, Motherboard reports it exposed its own data, as well as that of its surveillance targets. “The leak exposed 20 gigabytes of data, including recordings of meetings with customers, a scan of a passport belonging to the company’s founder, scans of the founder’s credit cards, and surveillance targets’ data, according to researchers.”

Saying that data is being “weaponized with military efficiency” and referring to the exchange and exploitation of data as a “data industrial complex,” Cook warned, “These scraps of data … each one harmless enough on its own … are carefully assembled, synthesized, traded, and sold.”

Just a day after Cook pushed for more stringent regulation, a UK data watchdog slapped Facebook with the maximum possible fine–£500,000, the equivalent of about US$644,000, for the Cambridge Analytica fiasco. According to The Verge, regulators say it should have been significantly higher.

Get the full story at Reuters.