Apple Dropped Full Encryption Plans for iCloud Backups After FBI’s Request
Apple canceled its plans to enable full encryption for device backups on iCloud, after the FBI complained that such a change would affect its investigations. This decision was made 2 years ago, as per a revealing report by Reuters.
Apple has been a major proponent of privacy and has taken extra steps to implement security precautions in its hardware and various services like iMessage and FaceTime. The company has also been taken to the court by the Justice Department over its refusal to create a backdoor for iOS, which could help the FBI with investigations. Therefore, Reuters’ report comes as a surprise to almost everyone who follows Apple closely.
As per the report, it has been 2 years since Apple gave up on implementing end-to-end encryption of devices backups in iCloud. Back then, when Apple told the FBI that they would be implementing end-to-end encryption for iCloud backups, the FBI was not happy about it. Encrypted iCloud backups could put a major roadblock in the FBI’s investigations.
Even though Apple had refused to unlock any iPhones that the FBI has requested, the company provided Florida shooter’s iCloud backups to the FBI for investigation. This is what the company was referring to in its statement when it said that it provided all the support that it could give.
After Apple changed its plans regarding iCloud backup encryption, there was no public statement on the change. Even internally, most employees were unaware of the reason behind this change. As per Reuters:
“Legal killed it, for reasons you can imagine,” another former Apple employee said he was told, without any specific mention of why the plan was dropped or if the FBI was a factor in the decision.
An Apple employee told Reuters that the company was afraid of being attacked by public officials and being taken to the court again. The company believed that such a change could also be used as an excuse to create new legislation against encryption, which might have a major impact across the industry. Ultimately, they decided to not “poke the bear anymore”. Apple was convinced by the FBI’s argument that the backups provide “vital evidence in thousands of cases”.
Another possible reason was if users find themselves locked out of their iCloud backup, Apple would not be able to provide support if the backups have end-to-end encryption since the security key would be with the user and not with the company.
Apple shares data for more than 90% of the legal requests that it receives for investigation assistance. This data includes emails, contacts, photos and even chats backed up from WhatsApp and iCloud, even though they support end-to-end encryption during communication. Health data and passwords are still encrypted and are not part of these backups.
While all this contradicts Apple’s current stance on unlocking iPhones, it makes one thing very clear. The company is willing to respond to legal requests and provide assistance. Apple has chosen to keep a balance between keeping its devices secure and keeping its user data insecure, which might not make sense to everyone. However, it seems to be a trade-off to make sure that the company can honor legal requests by governments and security agencies while ensuring that legislation against on-device security and encryption is not implemented.
The biggest problem here, which is not mentioned by Reuters, is that if the FBI and the United States government can request user data from Apple, so can other governments. Even those governments that could misuse such data to prosecute their citizens.
Perhaps, what happens on your iPhone, doesn’t stay on your iPhone after all.