The FBI is ‘deeply concerned’ about Apple’s decision to add new security protections to its cloud storage system because it would hinder the agency’s ability to prevent a range of crimes.
The company already uses end to end encryption for iMessages between Apple devices – which means the messages can only be read on the smartphones, not by Apple or law enforcement.
With this update announced Wednesday, the tech giant will allow users to protect the vast majority of the data they upload to iCloud.
‘This hinders our ability to protect the American people from criminal acts ranging from cyber-attacks and violence against children to drug trafficking, organized crime and terrorism,’ an FBI spokesperson told the Washington Post.
The FBI is ‘deeply concerned’ about Apple’s decision to add new security protections to its cloud storage system nationwide because it would hinder the agency’s ability to prevent a range of crimes
The FBI added that it was ‘deeply concerned with the threat end-to-end and user-only-access encryption pose.’
‘In this age of cybersecurity and demands for ‘security by design,’ the FBI and law enforcement partners need “lawful access by design.”‘
The new encryption option will be available for public software testers immediately, for all U.S. customers by the end of this year and for other countries starting next year, Apple said in its announcement – adding that it may not reach every country by the end of 2023.
‘Advanced Data Protection is Apple’s highest level of cloud data security, giving users the choice to protect the vast majority of their most sensitive iCloud data with end-to-end encryption so that it can only be decrypted on their trusted devices,’ Ivan Krstić, Apple’s head of Security Engineering and Architecture, said in a statement.
WHAT IS END-TO-END ENCRYPTION?
End-to-end encryption ensures only the two participants of a chat can read messages, and no one in between – not even the company that owns the service.
End-to-end encryption is intended to prevent data being read or secretly modified when it is in transit between the two parties.
The cryptographic keys needed to access the service are automatically provided only to the two people in each conversation.
In decrypted form, messages are accessible by a third party – which makes them interceptable by governments for law enforcement reasons.
Facebook-owned WhatsApp is already encrypted, and now Mark Zuckerberg is looking to do the same with Facebook Messenger and Instagram Direct.
According to security experts cited by Apple, the total number of data breaches more than tripled between 2013 and 2021, exposing 1.1 billion personal records across the globe in 2021 alone.
This is not the first time that Apple has been in conflict with law enforcement over providing access to users’ data.
In 2020, Apple decided to scale back plans to further encrypt iCloud data after receiving significant pushback from the FBI, multiple sources said at that time.
During a six-month period covered in Apple’s recent transparency report, the company said it had turned over users’ content for legal reasons 3,980 times, mostly in the United States and Brazil.
Privacy experts were very pleased with Apple’s announcement.
‘This is great,’ Meredith Whittaker, president of Signal, an encrypted chat app, told the Post. ‘There’s been enough pressure and enough narrative work that they see the side of history forming. It’s really incredible.’
The tech giant also said it was making iPhones compatible with physical security keys that connect to the phone so that users can require them to access their device. This would prevent attackers who steal passwords and user names from breaking into phones.
‘At Apple, we are unwavering in our commitment to provide our users with the best data security in the world. We constantly identify and mitigate emerging threats to their personal data on device and in the cloud,’ said Craig Federighi, Apple’s senior vice president of Software Engineering.
‘Our security teams work tirelessly to keep users’ data safe, and with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications.’
Despite Apple’s reputation for being pro-privacy, two developers recently put out a report that found the company is collecting data on its customers while they use pre-installed apps – such as App Store, Apple Music, Apple TV, Books and Stocks – even when they have turned off analytics sharing.
These apps sent Apple requests that include what apps a user looked at, including those relating to sexual preference and religion, the stocks they are watching and what advertisements they saw.
The data collection also includes ID numbers and the type of device used, which is enough for device fingerprinting.
‘In this age of cybersecurity and demands for ‘security by design,’ the FBI and law enforcement partners need “lawful access by design,”‘ the agency said
‘This is great,’ Meredith Whittaker, president of Signal, an encrypted chat app, told the Post. ‘There’s been enough pressure and enough narrative work that they see the side of history forming. It’s really incredible’