by CUPERTINO, CALIFORNIA – JUNE 6: Apple CEO Tim Cook views a display of a brand new redesigned MacBook Air laptop during WWDC22 at Apple Park on June 6, 2022 in Cupertino, California. Apple CEO Tim Cook opened the annual developer conference WWDC22. (Photo by Justin Sullivan/Getty Images)
Justin Sullivan | News from Getty Images | Getty Images
Apple announced on Wednesday that it wants to allow users to encrypt additional types of iCloud data on its servers, including full backups, photos, and notes.
The feature, called Advanced Data Protection, will prevent Apple from seeing the contents of some of the most sensitive user data stored on its servers and make it impossible for Apple to provide law enforcement with the contents of an encrypted backup.
Encrypted backups will be optional, Apple says, and will be available in the US before the end of the year.
While Apple previously encrypted much data stored on servers, entire device backups containing text messages, contacts, and other important data were not end-to-end encrypted, and Apple previously had access to the contents of the backups.
The move will please security advocates, many of whom have previously pointed to unencrypted iCloud backups as a flaw in Apple’s privacy policy. It also means that user data content would not be exposed if Apple’s servers were ever breached.
It could anger law enforcement agencies, who have used Apple’s policy of not encrypting backups as a way to obtain materials in investigations even though Apple’s iMessage and devices are encrypted.
Apple famously fought the FBI’s attempt to force it in court to unlock an encrypted iPhone used by a terrorist in San Bernardino. Back then, Apple said an unencrypted iCloud backup on its servers was an option to keep the same data.
Law enforcement officials around the world generally oppose encryption because it allows suspects to “walk in the dark” and denies law enforcement access to potential evidence that they could previously access under lower security levels.
In 2018, Apple CEO Tim Cook said in an interview that one factor in Apple’s decision-making regarding end-to-end encrypted iCloud backups is that its users expect Apple to be able to protect their data to restore. If users forget their passwords and have Enhanced Data Protection enabled, Apple cannot recover the account because it does not have the required encryption key.
Apple also announced two more security features on Wednesday. Users will soon be able to use a physical key as second-factor protection for Apple ID logins. Another update allows users facing significant security threats to confirm that text messages are not intercepted.
Last year, in an apparent attempt to placate law enforcement, Apple announced a system to scan for illegal content such as child sexual abuse materials, using a complicated system that would still allow Apple to encrypt user photos on its servers . The system was opposed by privacy advocates, who said it would essentially allow Apple to scan people’s hard drives.
Development of the system has been halted, according to the Wall Street Journal.
