Yesterday, Apple announced that iPhones will soon include a new set of security features. The option to enable end-to-end encryption (E2EE) for iCloud backups is one of these features. US users will be the first to have widespread access to this feature, with Apple targeting the end of the year for the US release and the beginning of next year for the global rollout. The Federal Bureau of Investigation (FBI) views Apple’s plan to implement E2EE for iCloud backups as a “threat” to the American public.
Apple stores fourteen categories of iCloud user data encrypted end-to-end by default. The company considers iCloud Keychain and Health data to be more sensitive than other categories. However, the forthcoming Advanced Data Protection feature will allow users to expand E2EE to include a total of 23 iCloud data categories. This expansion will include data for iCloud Backup, Notes, and Photos.
End-to-end encryption ensures that user data can only be decrypted and accessed with their private keys on their own devices. E2EE places the responsibility of data access on the user, as the company hosting the data on its servers, does not know the encryption key and cannot restore access to the data if a user forgets his password. Apple’s Advanced Data Protection feature emphasizes this during setup and prompts users to configure an alternative recovery method to prevent data loss.
In practice, E2EE is both a privacy and security feature, as it prevents unauthorized access to data that users may wish to keep private. Apple presents itself as a company that values user privacy, going so far as to call it a “fundamental human right” and enshrine it as one of its “core values.” However, Apple’s history regarding privacy is somewhat complicated. Even when analytics sharing is disabled, many of Apple’s apps collect extensive user behavior data. A recent report indicates that the company intends to expand its advertising business, which already utilizes user data to target advertisements.
In the past, Apple has touted iCloud backups as a means for law enforcement to access the contents of criminals’ phones without physically breaking into the devices. Apple planned to search iCloud Photos data for Child Sexual Abuse Material (CSAM) and report it to the National Center for Missing and Exploited Children (NCMEC). However, the company ultimately put this plan on indefinite hold in response to significant opposition from privacy advocates. This summer, Google’s CSAM scanning system resulted in a man being permanently locked out of his Google account after he took pictures of a swelling on his toddler’s genitals. This incident demonstrated the potential flaws of a system similar to the one Apple originally intended to implement.
In public debate, safety, particularly child safety, often conflicts with user privacy, with law enforcement frequently arguing that it needs access to user data to prevent or prosecute assault, human trafficking, and other violent crimes. In this regard, governments and law enforcement agencies occasionally request user data from end-to-end encrypted messaging services such as Signal or ProtonMail, but the providers of these services do not have access to their users’ message content.
Apple, like many other companies, still collects a substantial amount of user information without encrypting it end-to-end, making it a target for various search warrants that require the company to hand over this information to law enforcement. Apple signaled earlier this year that it would prefer not to be required to provide user data to law enforcement, joining other tech companies in support of legislation that would prohibit geofence and keyword warrants in New York.
Now, with the introduction of Advanced Data Protection, Apple will encrypt iCloud Backup and Photos data end-to-end, preventing both Apple and law enforcement from accessing iCloud. A spokesperson for the FBI told The Wall Street Journal that law enforcement needs “lawful access by design” in response to this news. She added that the FBI was “deeply concerned about the threat posed by end-to-end and user-only access encryption” because it “undermines our ability to protect the American people from criminal acts such as cyberattacks, violence against children, drug trafficking, organized crime, and terrorism.”
Apple’s decision to offer E2EE for iCloud backups will likely put the company at odds with the Chinese government during a period of domestic unrest. Chinese citizens are currently protesting against the country’s authoritarian government and the exceptionally strict COVID-19 lockdowns. The Chinese government utilizes extensive technological surveillance and censorship to maintain strict control over its population.
Apple has complied with many of the Chinese government’s requests in this regard, opting to store the data of Chinese users on servers located in China, where they can be accessed by the government. Apple has also recently released an update to iOS in China that restricts the functionality of AirDrop, as protesters have been using it to share files and information. However, the Advanced Data Protection feature is scheduled to arrive in China sometime in early 2019, and the government will likely not be pleased that its access to Chinese user data will be severely restricted by E2EE.
We’ll have to wait and see if Apple follows through with its plan to implement full end-to-end encryption for iCloud Backup and Photos data, or if it limits this feature in response to pressure from law enforcement and governing bodies.
