Apple has long promised that what is on your iPhone stays on your iPhone. But that pledge came with the caveat that if law enforcement had a warrant for someone’s iCloud account, Apple could provide a file of unencrypted messages, photos and notes.
Now, the company is planning to close that loophole.
On Wednesday, Apple said it was expanding its end-to-end encryption system to keep most iCloud data indecipherable, even when it’s stored in data centers. The increased protections, which are optional, aim to make the sensitive data inaccessible to hackers and governments. Previously, encryption covered only select information, such as passwords, payment and health data.
The change sets up a potential conflict with the U.S. government and other governments that have clashed with Apple over access to data on criminals’ iPhones. Though Apple has refused to assist law enforcement in unlocking iPhones over the years, it has fulfilled thousands of requests annually for iCloud backups that include unencrypted messages and photographs.
Law enforcement has been able to obtain confidential messages in high-profile cases, including its prosecution of Paul Manafort, chairman of former President Donald J. Trump’s 2016 campaign. In the first six months of last year, the company received requests for 7,122 iCloud accounts in the United States. These security upgrades would close off that access.
“It’s great to see companies prioritizing security, but we have to keep in mind that there are trade-offs, and one that is often not considered is the impact it has on decreasing law enforcement access to digital evidence,” Sasha O’Connell, an executive in residence at American University and a former section chief at the Federal Bureau of Investigation. “The big question is: Who decides that trade-off? It continues to sit in Apple’s hands.”
Apple hadn’t fully encrypted iCloud data because it wanted to make it easier for customers to retrieve information for users who were locked out or lost access to their accounts. But data breaches have tripled over the past seven years, as more data has migrated to the cloud, spurring Apple to want to enhance its security.
Apple’s new protections are part of a broader push by tech companies to improve customer security. Google recently introduced end-to-end encryption for group chats in its Messages app, and Facebook’s WhatsApp started offering encrypted backups a year ago.
Users who opt in to increased encryption for iCloud, which Apple calls Advanced Data Protection, can also separately increase their account’s security by getting a hardware security key, Apple said. The added protection can be used by everyone but was designed to safeguard the data of public figures who can be targeted by hackers, including celebrities, journalists and government officials.
Only three categories won’t be covered — Apple’s Mail, Contacts and Calendar systems — because they are connected to legacy technology, the company said.
The program rolls out later this year in the United States and worldwide starting next year, Apple said. It will be available to customers in China, where a Chinese company manages storage of their iCloud accounts.
A separate plan to scan iPhones for images of child sexual abuse has been abandoned, Apple said. That proposal, which was introduced last year, faced blowback from privacy activists.
Instead, Apple said, it will update its messaging system in the future to cover nudity in videos. It will also make the technology behind those protections available to other messaging apps.