Some of us worry about big companies being able to access our most intimate data. Others are concerned about the Government getting its hands on it.
Out of all the major tech companies, Apple has often been touted as one of the better ones when it comes to privacy. A lot of this is true, although the company does make privacy missteps as well.
There’s one big question where we see a lot of confusion:
Can anyone access the data on your iPhone?
If you use the default settings, then the answer is yes. Both Apple and government authorities are technically capable of accessing a significant portion of the sensitive data that you store on your phone. How often they access this information, and in which circumstances are debates for another time.
While this may seem like disappointing news for privacy-conscious people, Apple has recently made it a whole lot easier to have the vast majority of your sensitive data encrypted from end-to-end, through its Advanced Data Protection for iCloud feature. When it is enabled, Apple does not have a copy of the keys used to encrypt the data, which means that neither the company nor its employees can access this information. It also means that Apple is unable to turn over this data, even if a government agency threatens it.
The long road to freedom (from prying eyes)
To explain how this end-to-end encryption feature works, it may be best to back up a little and explain the road the company took to get here. Apple has long offered end-to-end encryption for at least some user data, but there has also been a gaping hole that left many users less protected than they may have thought. While much of this data was end-to-end encrypted, backups for much of the data stored in iCloud were not.
Since most people don't bother changing the default settings to any great extent and using a third-party backup service involves a lot of messing about, this means that the bulk of most peoples' data was not completely protected. As a consequence, Apple was able to access this data. It could and did hand it over to authorities that were pursuing criminal cases.
According to Reuters, back in 2018 Apple did attempt to release a feature that would allow users to easily encrypt their iCloud backups so that neither the company, nor the authorities could access the data. However, the company dropped this plan after being pressured by the FBI.
Will client-side scanning save the day?
In 2021, Apple announced plans to introduce client-side scanning directly on users' devices in what seems to have been a move to appease the FBI, while still offering users more protection.
In short, many major tech companies scan user files that are stored on their servers for known child sexual abuse material (CSAM). Apple's plan wanted to shift this scanning process from the company’s servers onto user devices instead. It proposed to do it in a way that was mostly privacy preserving.
Doing the scans on user devices would mean that Apple didn't have to do them on its servers, which would also open the door for the company to fully encrypt the user data it stored on its iCloud servers. In theory, this should have kept the FBI happy, and enabled users to make most of their data truly private.
However, many in the tech community felt that Apple's client-side scanning would set a terrifying precedent. In effect, it would mean that a device that you paid for could be used to spy against you and report you to the authorities.
Sure, it was only being used to protect children from abuse now, but what if the same principles were extended to other crimes? It's not hard to envision a dystopia where the same technology is used to send users to jail for Googling "how to report government corruption" from their phones. Amid the controversy, the plan for client-side scanning was quietly scrapped.
Advanced Data Protection for iCloud
In late 2022, Apple bounced back with another privacy push by announcing the optional feature of Advanced Data Protection for iCloud. If users enabled it, it would allow them to easily encrypt their cloud backups, and for them to have the vast majority of their Apple data encrypted from end-to-end. The only things not included are iCloud Mail, Contacts and Calendars, all of which are only encrypted in transit and on the server.
Users do have to opt in to this feature, but it is a massive privacy improvement upon the status quo, simply because it’s so much easier than setting up a third-party backup service.
While this is great for those with privacy concerns, it also means that users of this feature are the only ones responsible for their disaster recovery. It's the user's responsibility to ensure that they have backed up the key and have recovery strategies in place. If they fail to do this and accidentally get locked out of their data, there is nothing that Apple can do to help them.
At this stage, it's not really known how the FBI has responded to this move, or whether Apple faces harsh resistance from the authorities. However, there is a bunch of metadata that is not protected by end-to-end encryption. This includes things like checksums of files and photos. At this point we are getting purely speculative, but it remains a possibility that these checksums could be compared against the checksums of known CSAM, and any matches could possibly be reported to the authorities. But once again, this is just speculation.
And just in case you think we're being too pro-Apple, no, it's not all sunshine and rainbows at the Cupertino headquarters. Despite this and several other privacy-affirming moves from the company, Apple is slowly moving more and more into the advertising space. Given the privacy intrusions of advertising behemoths like Google and Facebook, this is not a positive trend at all.
Advanced Data Protection for iCloud is a great step forward for user privacy, but there is still a long way to go, both within Apple and the wider tech landscape.