Comment by ComputerGuru
4 years ago
It’s now common knowledge (as mentioned in the article) that Apple refrained from adding a feature at the government’s behest in the past. It’s a fine line between not adding a feature they don’t like and adding a feature they do.
This claim is often repeated but the only source for it I’ve found is reporting in Reuters citing anonymous sources. The user experience challenges of end to end encryption are immense, especially since iPhone is many users’ only iCloud client, and I find it hard to believe Apple was moments away from announcing a solution to them but the FBI pressured them out of it. That is not the extraordinary evidence such a claim needs. For example, Bloomberg reported an even better sourced story about supply chain compromises to Apple’s cloud services which has been more or less entirely debunked.
In addition, the emphasis on the on-device portion of this scanning project is evidence that Apple views losing access to iCloud data as part of its roadmap.
The Bloomberg claims were explicitly denied by Apple and several other companies. To the best of my knowledge, Apple has never publicly denied the Reuters reporting, and explicitly declined to comment when given the chance by Reuters. It’s certainly one thing to extend the benefit of the doubt to a company in a dispute with a reputable news agency; it’s entirely another thing to take issue with the claim when even the affected company won’t do so.
So you are suggesting that FBI pressure is the primary reason Apple did not pursue plans to end to end encrypt iCloud Backups on the basis of one news article and lack of comment from Apple?
(There is other counter-evidence: Apple rarely comments on speculation. In an interview with the WSJ, Apple’s answer to why now was that they figured out how to do known CSAM detection in a way they felt met their privacy requirements. The omission is at least slightly informative, if you think FBI pressure is critical. Finally, people more familiar with the legal context have argued it would jeopardize the program for there to be evidence that Apple is doing this work in response to FBI pressure as suggested. Finally, Tim Cook offered a more straightforward explanation and vision for iCloud end to end encryption in an interview with a German newspaper:
SPIEGEL ONLINE: Is the data as secure on your iCloud online service as on the devices?
COOK: Our users have a key there, and we have one. We do this because some users lose or forget their key and then expect help from us to get their data back. It is difficult to estimate when we will change this practice. But I think that in the future it will be controlled like the devices. We will therefore no longer have a key for this in the future. )
If so, what information would change your mind? How confident are you that this is the full story?
4 replies →