Two years ago, Apple abandoned its plan to encrypt iPhone backups in the iCloud in such a way that makes it impossible for it (or law enforcement) to decrypt the contents, a Reuters report claimed on Tuesday.
Based on information received by multiple unnamed FBI and Apple sources, the report says that the decision was made after Apple shared its plan for end-to-end encrypted iCloud backups with the FBI and the FBI objected to it.
According to the sources, Apple:
- Didn’t want to be attacked for or be seen as protecting criminals
- Was convinced by the FBI’s arguments (i.e., that being able to access the contents of iPhone backups in the iCloud is crucial to the success of thousands of investigations)
- Didn’t want to get into another court battle with the FBI over the matter or getting used as an excuse for new legislation against encryption.
End-to-end encrypted iCloud backups are not available, but…
Apple and the FBI declined to comment on these claims. Also, more importantly, and despite how it might seem initially, “Reuters could not determine why exactly Apple dropped the plan.”
Whether the decision was made entirely or partly because of the FBI’s objections is, therefore, unknown. One of the Reuters sources – a former Apple employee – said it was possible the encryption project was dropped for other reasons (e.g., to prevent customers being locked out of their backups because they forgot their passphrase).
Daring Fireball publisher John Gruber pointed out the same thing, and said that he “would find it less surprising to know that Apple acquiesced to the FBI’s request not to allow encrypted iCloud backups than that Apple briefed the FBI about such a plan before it was put in place.”
If you want to keep your backups for your eyes only
Whether Apple has canceled its plan to offer encrypted iCloud backups for good or just temporarily, the fact that users need to be aware that some of the information they back up in the iCloud can be decrypted by Apple and, consequently, be made available to law enforcement.
The data that is encrypted end-to-end (i.e., is protected with a key derived from information unique to the user’s device and their device passcode) includes things like the iCloud Keychain (which includes all of user’s saved accounts and passwords), Wi-Fi passwords and payment information.
Data that is encrypted in transit and on the server, but with a key known to Apple, includes the device’s backup, Safari history and bookmarks, photos, calendars, contacts, voice memos, and more.
And, while Messages in iCloud does use end-to-end encryption, if the user has iCloud Backup turned on, their backup includes a copy of the key protecting their Messages (so they can recover them if they lose access to iCloud Keychain and their trusted devices). That means that law enforcement can access them also, if Apple allows it.
In short: if you use an iPhone and you want all of your data to remain private and encrypted in a way that makes it impossible (or very, very difficult) for anyone to decrypt it, don’t back it up into iCloud. Instead, opt for an encrypted local backup on a Mac or PC through iTunes, choose a strong passphrase, and make sure to remember it.