The FBI is concerned by Apple’s announcement on December 7 of a series of new security measures, including end-to-end encryption for practically all customer data stored in its global iCloud storage system.
In a description of the new feature posted to Apple’s website, the California-based tech giant stated that its “Advanced Data Protection” optional setting would give customers the highest degree of cloud data protection and protect user data even in the case of a cloud data breach.
Using Advanced Data Protection, only your trusted devices can access the encryption keys for your iCloud data, securing it with end-to-end encryption. Aside from iCloud Backup, Photos, and Notes, Apple also said that additional data is protected.
According to the company, end-to-end encryption prevents even Apple from accessing the data. Data can only be retrieved using your device passcode, password, recovery contact, or recovery key if you lose access to your account.
According to Apple, the new functionality will be accessible on iOS 16.2, iPadOS 16.2, and macOS 13.1 by the end of the year for customers in the United States before rolling out to the rest of the globe early 2023.
Users may activate it by enrolling their Apple ID in two-factor authentication and establishing a password or passcode on their devices.
Apple Provides FBI With Account Information
Apple safeguards 14 kinds of sensitive data with end-to-end encryption by default. Advanced-Data Protection protects data, including iCloud Backup, photographs, notes, reminders, voice memos, and more.
This decision represents a turning point for Apple. Its iMessage and FaceTime services are encrypted, but the vast bulk of what customers remotely back up via iCloud, including photographs and videos, are not.
Apple stated on Wednesday that the enhanced data protections constitute “the next stage” in its continuous commitment to offer consumers even more robust means of protecting their data.
However, the move will also likely intensify continuing tensions with law enforcement, notably the FBI, which has repeatedly asked that Apple hand over data from iPhones. Business sources claim Apple does so, but not to the point of handing over the entire data.
In its most recent transparency report, Apple handed over data 3,980 times to law enforcement between January and June 2021, primarily to Brazilian and American authorities.
According to Apple, “Account requests” often seek information on Apple ID account information, including the account holder’s name and address, and links to Apple services; for instance, law enforcement investigations in which an account may have been used illegally. Account inquiries may also seek customers’ content data, such as images, email, iOS device backups, contacts, or calendars.
FBI ‘Deeply Concerned’
The FBI said it welcomes and pushes for encryption methods that offer “lawful access by design,” meaning that tech firms with a “legal order” can decode data and send it to law enforcement.
According to the agency, user-only access and end-to-end encryption continue to pose a significant threat, which it claimed inhibits its ability to protect Americans from an assortment of crimes, including cyberattacks and terrorism. However, proponents of expanded data protection have hailed the measure.
Associated professor of information security at the Johns Hopkins Information Security Institute, Matthew Green, wrote on Twitter that Apple is setting the standard for what secure (consumer) cloud backup entails, pointing out that competitors will chase them as the move has repercussions throughout the industry.
On Wednesday, Apple launched iMessage Contact Key Verification, via which users may verify they are interacting solely with whom they want. Apple also announced Security Keys. Security Keys allow users to log in using a physical security key.