Apple's taxing problem

New York Times accuses Apple of tax avoidance on a large scale

The New York Times has published an in-depth look at Apple's tax arrangements, which finds that the computing company avoided paying around $2.4bn federal income tax in the US last year. The company paid, worldwide, tax of $3.3bn on profits of $34.2bn, although it does not break down what proportion of that tax is paid in what countries, nor does it detail which years the tax is due to – as Worstall points out, American corporation tax is usually deferred, so some of that tax will actually be on last year's profits rather than this years.

Tax avoidance stories always raise the question of definition. In this case, for instance, much of Apple's tax bill will be naturally reduced by the fact that the company sells 64 per cent of its products outside of its American home, and makes almost everything in China. Since it doesn't have to pay American tax on something made in China and sold in Ireland, it perfectly acceptably reduces its liability.

Yet as with all of these stories, that sort of reduction is not all that the company is doing. Many of their accounting structures seem to be put in place with the sole purpose of abusing the tax laws of multiple nations to pay as little as possible. Take, for example, the accounting technique improbably known as "double Irish with a Dutch sandwich". If Apple sells something in the UK, the profits are accountable to an Irish subsidiary, which then passes them on to a Dutch company taking advantage of European capital mobility, then back to a second Irish company which is technically owned by a company in a country with a 0 per cent corporation tax rate.

On paper, then, the majority of Apple's profits are made outside of the US. Despite the fact that the majority of sales are also made internationally, the NYT points out that:

The majority of Apple’s executives, product designers, marketers, employees, research and development, and retail stores are in the United States. Tax experts say it is therefore reasonable to expect that most of Apple’s profits would be American as well. The nation’s tax code is based on the concept that a company “earns” income where value is created, rather than where products are sold.

Even when profits make it into the United States, Apple still moves them in ways that seem wholly to do with paying lower taxes. The company makes all of its corporate investments through a subsidiary with the pun-tastic name Braeburn Capital, which is based in Reno, Nevada – 200 miles from Cupertino, and with a 0 per cent state corporation tax rather than California's 8.84 per cent.

Apple is far from alone in behaving like this, but the company has managed to retain a remarkably spotless image while growing to become the biggest in the world. They already suffered greatly from the perception that they were callously mistreating their workers in China, and this report could create a problem almost as large.

San Francisco, California. Apple reported a 93 percent surge in second quarter earnings with a profit of $11.6 billion Photograph: Getty Images

Alex Hern is a technology reporter for the Guardian. He was formerly staff writer at the New Statesman. You should follow Alex on Twitter.

Show Hide image

Can Trident be hacked?

A former defence secretary has warned that Trident is vulnerable to cyber attacks. Is it?

What if, in the event of a destructive nuclear war, the prime minister goes to press the red button and it just doesn't work? 

This was the question raised by Des Browne, a former defence secretary, in an interview witht the Guardian this week. His argument, based on a report from the defence science board of the US Department of Defense, is that the UK's Trident nuclear weapons could be vulnerable to cyberattacks, and therefore rendered useless if hacked. 

Browne called for an "end-to-end" assessment of the system's cybersecurity: 

 The government ... have an obligation to assure parliament that all of the systems of the nuclear deterrent have been assessed end-to-end against cyber attacks to understand possible weak spots and that those weak spots are protected against a high-tier cyber threat. If they are unable to do that then there is no guarantee that we will have a reliable deterrent or the prime minister will be able to use this system when he needs to reach for it.

Is he right? Should we really be worried about Trident's potential cyber weaknesses?

Tangled webs 

The first, crucial thing to note is that Trident is not connected to the "internet" we use every day. Sure, it's connected to the main Ministry of Defence network, but this operates totally independently of the network that you visit Facebook through. In cyber-security terms, this means the network is "air-gapped" - it's isolated from other systems that could be less secure. 

In our minds, Trident is old and needs replacing (the submarines began patrolling in the 1990s), but any strike would be ordered and co-ordinated from Northwood, a military bunker 100m underground which would use the same modern networks as the rest of the MoD. Trident is basically as secure as the rest of the MoD. 

What the MoD said

I asked the Ministry of Defence for a statement on Trident's security, and while it obviously can't offer much information about how it all actually works, a spokesperson confirmed that the system is air-gapped and added: 

We wouldn't comment on the detail of our security arrangements for the nuclear deterrent but we can and do safeguard it from all threats including cyber.

What security experts said

Security experts agree that an air-gapped system tends to be more secure than one connected to the internet. Sean Sullivan, a security adviser at F-secure, told Infosecurity magazine that while some hackers have been able to "jump" air-gaps using code, this would cause "interference" at most and a major attack of this kind is still "a long way off". 

Franklin Miller, a former White House defence policy offer, told the Guardian that the original report cited by Browne was actually formulated in response to suggestions that some US defence networks should be connected to the internet. In that case, it actually represents an argument in favour of the type of air-gapped system used by the MoD. 

So... can it be hacked?

The answer is really that any system could be hacked, but a specialised, independent defence network is very, very unlikely to be. If a successful hack did happen, it would likely affect all aspects of defence, not just Trident. That doesn't mean that every effort shouldn't be made to make sure the MoD is using the most secure system possible, but it also means that scaremongering in the context of other, unrelated cybersecurity scares is a little unjustified. 

Barbara Speed is a technology and digital culture writer at the New Statesman and a staff writer at CityMetric.