Apple 2011 Annual Report Download - page 19

Download and view the complete annual report

Please find page 19 of the 2011 Apple annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 107

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107

Please also refer to the discussion of risks related to the March 11, 2011, Japan earthquake and tsunami and the recent flooding in Thailand in
Part II, Item 7, “Management’s Discussion and Analysis of Financial Condition and Results of Operations, under the subheading
Japan
Earthquake and Tsunami and Thailand Flooding,” which is incorporated herein by reference.
The Company may be subject to information technology system failures or network disruptions that could damage the Company
s reputation,
business operations, and financial conditions.
The Company may be subject to information technology system failures and network disruptions. These may be caused by natural disasters,
accidents, power disruptions, telecommunications failures, acts of terrorism or war, computer viruses, physical or electronic break-
ins, or similar
events or disruptions. System redundancy may be ineffective or inadequate, and the Company’
s disaster recovery planning may not be sufficient
for all eventualities. Such failures or disruptions could prevent access to the Company’
s online stores and services, preclude retail store
transactions, compromise Company or customer data, and result in delayed or cancelled orders. System failures and disruptions could also
impede the manufacturing and shipping of products, delivery of online services, transactions processing and financial reporting.
The Company may be subject to breaches of its information technology systems, which could damage the Company
s reputation, business
partner and customer relationships, and access to online stores and services. Such breaches could subject the Company to significant
reputational, financial, legal, and operational consequences.
The Company’s business requires it to use and store customer, employee, and business partner personally identifiable information (“PII”).
This
may include names, addresses, phone numbers, email addresses, contact preferences, tax identification numbers, and payment account
information. Although malicious attacks to gain access to PII affect many companies across various industries, the Company may be at a
relatively greater risk of being targeted because of its high profile and the amount of PII managed.
The Company requires user names and passwords in order to access its information technology systems. The Company also uses encryption and
authentication technologies to secure the transmission and storage of data. These security measures may be compromised as a result of third-
party security breaches, employee error, malfeasance, faulty password management, or other irregularity, and result in persons obtaining
unauthorized access to Company data or accounts. Third parties may attempt to fraudulently induce employees or customers into disclosing user
names, passwords or other sensitive information, which may in turn be used to access the Company’
s information technology systems. To help
protect customers and the Company, the Company monitors accounts and systems for unusual activity and may freeze accounts under suspicious
circumstances, which may result in the delay or loss of customer orders.
The Company devotes significant resources to network security, data encryption, and other security measures to protect its systems and data, but
these security measures cannot provide absolute security. The Company may experience a breach of its systems and may be unable to protect
sensitive data. Moreover, if a computer security breach affects the Company’
s systems or results in the unauthorized release of PII, the
Company’s reputation and brand could be materially damaged and use of the Company’
s products and services could decrease. The Company
would also be exposed to a risk of loss or litigation and possible liability, which could result in a material adverse effect on the Company
s
business, results of operations and financial condition.
The Company’s business is subject to a variety of U.S. and international laws, rules, policies and other obligations regarding data protection.
The Company is subject to federal, state and international laws relating to the collection, use, retention, security and transfer of PII. In many
cases, these laws apply not only to third-
party transactions, but also to transfers of information between the Company and its subsidiaries, and
among the Company, its subsidiaries and other parties with which the Company has commercial relations. Several jurisdictions have passed new
laws in this
17