Comment by whatgoodisaroad
4 years ago
I don’t understand why this outrage seems so US-centric. This is the same Apple that hands over all your iCloud data (photos and otherwise) to the CCP if you happen to live in China. And they’ve done this openly for the last several years.
What am I missing? Isn’t that a much much much much worse thing for Apple to do? Why are we only suddenly suspicious of Apple’s privacy claims with this matter?
As an American I couldn’t care less that Chinese people’s data is handed over to Chinese people’s government, especially considering the alternative would be that Chinese people’s data is handed over to a US entity and by association the US government.
Contrary to popular belief, iCloud data, while encrypted, can be decrypted by Apple and is subject to US law enforcement requests. *
Considering this fact, it is pretty one-sighted to see this as some sort of unconceivable act. However if you look at it from the other side would we want all American user data (assuming Russia had a company that had such pervasive penetration into American lives as Apple does globally) to be sitting on Russian servers subject to arbitrary Russian laws?
So if you only consider American interests, it’s unconceivable for us to give up such power and control over other sovereign nations, but perhaps other countries don’t care about American interests like we do.
All Apple did in China was comply with local laws to stay in business there. What Apple is doing in the US is not mandated by law (as far as I know).
From the American side Apple has marketed itself as privacy focused, even fighting the FBI publicly at the risk of negative publicity. This about face is unexpected but also betrays those of us who invested in the Apple product line under the expectation they continue this standard of privacy and security that was marketed. Chinese people probably never expected this level of privacy to begin with, but we did and we can.
* iCloud messages backups can be decrypted
This to me is a surprising attitude. As an American whose outlook is generally framed by American values, it’s very upsetting to think of how privacy and freedoms are systematically impinged upon in so many parts of the world. If we can be upset about invasion of privacy in one country, why would those principles change at geopolitical borders?
The imposition of our own values onto others is how wars start. If you think that our values are encoded in laws, and accept that different sovereignties have different laws, then you should be able to accept that different people have different values and standards. Maybe to the EU we are barbarians because our consumer privacy laws are so lacking...
Those principles are not universal because different cultures have different values, beliefs, standards, and situations. If you've been taught otherwise then you've been brainwashed by a propaganda machine designed to motivate you to support and fight wars of value imposition like the Iraq or Afghanistan wars.
Plus, no country was around to teach the Americans how to build a society back then, and you could say we turned out fine enough.
We are big proponents of democracy but not only do we acknowledge that democracy is not a perfect system to begin with (something we are taught in schools), but our version of democracy isn't even a perfect execution of it, much like how China isn't really a communist utopia. We are more like a capitalist democracy, where effectively the wealthy can leverage more of a vote (through advertising, propaganda, PACs, etc). So if all our systems are flawed, who are we really to impose our flawed values. The answer is that the real motivation for imposing our values isn't some belief in fundamental ideals or values, but rather for American interests. We didn't setup a puppet bureaucrat in Afghanistan because of democracy, we just wanted a friendly government in the Middle East. The CIA operating in your country doesn't give you relief! No, they are not there to help YOU or your people.
9 replies →
As a non-American, consider that many of us live in countries with better policies than yours, and we’d prefer not to have your ideas imposed on us by fiat, thanks.
So I’m quite happy that Apple has to follow local rules, and I respect Chinese citizens enough to believe that they can advocate for the change they want to see, over time.
Because the Chinese people value different things than the American people and they're governed by different norms and nobody nominated Americans to be privacy commander in chief.
I think gun laws in the US are terrible but I recognize the US has a different history and it's not my place to tell them how to live. Simple as that.
4 replies →
> Chinese people probably never expected this level of privacy to begin with, but we did and we can.
Taiwanese users data is also backed up to China. This was confirmed to me by an Apple Support in China. Whether you believe Taiwan is part of China or not, I can assure you users in Taiwan do expect this level to privacy.
What we are seeing is a slow deterioration of user privacy across the Apple ecosystem, not just the US. So even if you don’t care about Chinese users data, it does show what Apple management as a whole thinks of your data.
Tic-toc
> Contrary to popular belief, iCloud data, while encrypted, can be decrypted by Apple and is subject to US law enforcement requests.
The most seem to forget, that with this newcoming feature this is not possible anymore. Apple can’t decrypt your images anymore by request. (Read Apple’s PSI system)
There is also strong evidence that same is coming for backups. On iOS 15 beta, there is backup recovery option by authentication key.
They can’t decrypt the safety vouchers, which contain low resolution versions of your image until the conditions are met … which makes no sense as they have access to the cleartext full resolution image right there.
Unless of course this is a precursor to an E2E encrypted iCloud wherein Apple does not have the ability to decrypt your images server side. I don’t see how this design makes sense unless that’s the next step
8 replies →
Apple didn’t wake up one day and decide to do this on a lark.
They’re being proactive, probably in a minimalist form, to anticipate regulatory powers on what is unarguably the largest or second largest platform used for illegal porn.
If FB screeners have ptsd and are killing themselves over what they have to see every day, imagine what is on iCloud and iPhones. Right now, nobody is required to filter that content while social media is. The alternative to “sure, you tell us what is illegal and we’ll scan for it” is “We’re the govt and we want to see everyones photos for the children.”
Sure, the latter may still happen, but probably later than sooner now. I’m surprised it has taken this long,
There was a great comment by joe_the_user on hn responding to this before: https://news.ycombinator.com/item?id=28261573
>Government by threatened legislation is much worse than government by actual legislation. Legislation is public, Legislation can be opposed, legislation can be reviewed by the court and so-forth. Allowing yourself (and your users) to controlled by threats of legislation is allowing democracy to be discarded.
It's my understanding that Apple simply can't operate in China without playing by those rules. So really, the onus is on the CCP.
In this case, is Apple being compelled to do this by the US government? Or is it a choice Apple has made purely internally? I think that makes a difference.
I agree the question of whether Apple was compelled by whatever government (or if they did this voluntarily) has implications on the ethics of these decisions. They may genuinely have no choice.
But I don’t see how it affects the question of whether Apple’s privacy assertions are trustworthy.
>> They may genuinely have no choice.
There is a choice. Don't comply and have the CCP make you stop selling there.
Apple has no principles that can't be tossed aside in exchange for a large market - in other words a lot of money. This should not be unexpected.
3 replies →
Maybe similar pressure was placed on them here and we just aren't privy to it.
ding ding we have a correct answer
18 replies →
> is Apple being compelled to do this by the US government? Or is it a choice Apple has made purely internally? I think that makes a difference.
You're being downvoted but it's a critical issue.
If Apple is currently being compelled to do this, it likely means the US Government has a massive new privacy obliterating program underway and Apple probably isn't the only tech giant joining the human rights violation parade. It's important to find out if that's going on. We can be certain they didn't stop with PRISM.
If it turns out to be the case, that Apple has joined up to another vast human rights violating program (they already did it at least once before, remember), the US needs to move forward toward Nuremberg-style trials for all involved Apple management and all involved Apple employees (and not only them). That's the only way it stops.
Such human rights violations should not be allowed to continue. How many tech employees at these companies got away with extraordinary human rights violations related to PRISM? Employees at these companies were responsible in part and critical to helping to make it happen. Who are these enablers? Why aren't they in prison? Why is this so rarely discussed on HN? (yeah we all know why)
HN is pretty amusing about this topic. Privacy is a human right? Yeah? Also universally HN: but let's not talk about the people actually responsible for the human rights violations; let's not talk about all the techies being paid princely sums to commit human rights atrocities. Let's not talk about prison sentences for what they've done to their fellow humans. Let's not hold tech employees responsible.
The Jan 6 commission is using the riots as a pretext to collect and inspect private speech/communications from a huge list of people who had absolutely nothing to do with January 6 [0] but were politically active for Trump or his campaign or just posted memes on Twitter etc.
The massive list of people they're demanding records for is shocking. Privacy doesn't mean anything to the current establishment, if people could just take off their partisan blinders for two seconds they would realize this and we could probably form a plea to congress as unified voice.
Give this CSAM system another few years and they won't even have to subpoena for most of the private communication they're already going after today.
https://www.forbes.com/sites/andrewsolender/2021/08/25/jan-6...
I imagine because most of us care more about US policies in general than Chinese because most of us live in the US. If fixing Chinese lack of free communication were on the table I'm sure we'd mostly be for it, but that's a whole other thing that ultimately goes back to their government.
I mean, that’s also bad? But the CCP is not going to budge on this, and it doesn’t affect me as much as an American, so I feel like I can be upset about both and more upset about the one that affects me directly.
Because most of Chinese keep silent with their government?
People care more about what happens to them than others and people care more about what happens where they are than elsewhere.
As far as is documented, the behavior of iCloud does not change, just the operator. In particular, the difference is that end to end encrypted data in iCloud remains that way, so saying all iCloud data is handed over is incorrect.
In fact, iMessage is the only end to end encrypted messaging service operating in the country (for example).
It’s my understanding that the keys used in that “end-to-end” encryption are also under the control of the operator [1], so from a privacy perspective it is the same as handing over that data in plaintext.
[1] https://www.nytimes.com/2021/05/17/technology/apple-china-ce...
It’s an incorrect reading of the article. The HSMs in the data center are operated by the Chinese company so any CloudKit data escrowed by Apple could be accessed, but end to end encryption keys are synced through iCloud Keychain which uses a different protocol with device secrets.
3 replies →