Encryption is now coming to iCloud, Apple's cloud-based service that stores and syncs data across a user's Apple devices and provides backup for photos, videos, texts, contacts, notes, and more.
The encryption approach that Apple is implementing, named Advanced Data Protection, is technically referred to as an end-to-end encryption (E2EE). E2EE ensures that data is transmitted securely by allowing only the sender and the recipient to read the data, regardless of an intermediary's potential interception. The data is first encrypted on the sender's device before being sent to the recipient, who then decrypts it. The nature of E2EE means that internet service providers, government agencies, and even the company providing the service (in this case, Apple) are unable to understand or decode the encrypted data.
By switching on Advanced Data Protection, a user ensures that the key needed to decrypt their iCloud data is stored locally on their device and not on servers owned by Apple. If hackers were to successfully target Apple's data centers, or law enforcement or government agencies subpoena the iCloud information, the data stored in the iCloud account would remain encrypted and safe from prying eyes.
According to Apple's legal transparency report, "account requests generally seek information regarding customers' Apple ID accounts, such as account holder name and address and account connections to Apple services - for example, law enforcement investigations where an account may have been used unlawfully. Account requests may also seek customers' content data, such as photos, email, iOS device backups, contacts or calendars."
These types of data requests would not be frivolous and would require a court-issued warrant or subpoena. Government and Law Enforcement Authorities will still have access to some data via these requests such as iCloud email, calendars, and contacts. These will not be encrypted due to their role in interacting with other applications.
Users must opt into this new feature available on iPhones and iPads as it will be set to ‘off’ as Default. Once activated, users will be prompted to select a custom recovery key that should be a complex password kept securely stashed for future access. If a recovery key is lost or forgotten, the data will be inaccessible to both the user and the Apple corporation.
While Apple did previously encrypt sensitive data that warranted enhanced protection from unauthorized access, such as financial, health, and security data, allowing for the encryption of additional data stored on iCloud is a new move for the tech giant.
Encryption services are now available for customers in the United States, with the rest of the world scheduled to follow suit this year. Digital Privacy activists have cheered on this increase in data protection, highlighting the enhanced control it gives users over their personal data.
