What: Apple has been called out by six unnamed sources for caving to FBI pressure to not block decryption of iCloud backups.
How: iCloud backups are encrypted, but Apple is still able to recover them in case of a lost password, which makes them able to do so for law enforcement, as well.
Why Do You Care: Apple has been extremely vocal about its commitment to user data privacy; this new report calls it into question.
Despite Apple’s hard-line stance on privacy of your user data, according to six sources familiar with the matter, the company decided against unbreakable encryption of that data when backed up to iCloud. As , the sources said that Apple caved to pressure from the FBI when the agency said such encryption would harm investigations.
Reuters’ sources say that Apple’s decision came two years ago, yet hasn’t been reported. The company and the FBI have been involved in a number of over unlocking phones of suspects in cases like the 2015 mass shooting in San Bernardino, California. Apple has, thus far, refused to do so, even writing a to explain why.
According to tech journalist Rene Ritchie, however, . It’s just that Apple can recover them if you lose your password, for example, which makes the company also able to recover your backups if legally compelled to do so. That, of course, doesn’t mean they will.
However, if the company decided to pursue this iCloud backup strategy in response to FBI complaints, that would represent a very different perspective on how it treats the privacy of all its users’ data. The existing encryption loophole, which was designed to give consumers access to their own locked out accounts (usually due to a lost password), makes it possible for Apple to gain access and share these backups with any law enforcement agency for use in their investigations.
This all came to light after last week’s Pensacola naval base shooting. Apple did in fact turn over the shooting suspect’s iCloud backups. Neither Apple nor the FBI has gone on the record to officially counter any claims as to whether agency complaints caused the company to scrap plans for encrypted backups.