EFF Calls on Apple to Let Users Encrypt iCloud Backups as Part of 'Fix It Already' Initiative

The Electronic Frontier Foundation (EFF), perhaps the most well-known digital rights non-profit, today launched a new "Fix It Already" campaign with the aim of getting technology companies to implement new privacy features in areas where privacy is lacking.

According to the EFF, the issues that it is demanding a fix for are "well-known privacy and security issues" that have "attainable fixes." From Apple, the EFF wants the company to implement user-encrypted iCloud backups that are inaccessible to the company and thus to law enforcement.

appleuserencryptedicloudbackups
iCloud content uploaded to Apple is encrypted at the location of the server and, with the proper legal requests, Apple can provide ‌iCloud‌ information that includes name, address, email, mail logs with date/time stamps, photos, Safari browsing history, iMessages, and more, with full details outlined by Apple on its privacy site. [PDF]

The EFF says that Apple should "let users protect themselves" and elect for "truly encrypted ‌iCloud‌ backups."

Apple has not encrypted ‌iCloud‌ backups because doing so would prevent Apple from being able to restore ‌iCloud‌ backups for users who have forgotten their passwords. As the EFF points out, though, Apple CEO Tim Cook has said in the past that Apple may move towards encrypted ‌iCloud‌ backups in the future. From an interview Cook did with German site Der Spiegel:

There our users have a key and we have one. We do this because some users lose or forget their key and then expect help from us to get their data back. It is difficult to estimate when we will change this practice. But I think that will be regulated in the future as with the devices. So we will not have a key for it in the future.

The EFF has demands for other technology companies in addition to Apple. Android, it says, should let users deny and revoke apps' internet permissions, while Twitter should end-to-end encrypt direct messages and Facebook should stop using phone numbers provided for account creation for targeted advertising.

WhatsApp should obtain user consent before adding users to groups, Slack should give free workspace administrators control over data retention, and Verizon should stop pre-installing spyware on some smartphones.

Tag: EFF

Popular Stories

new best buy blue

Best Buy's Memorial Day Sale Has Record Low Prices on iPads, MacBooks, and Much More

Friday May 24, 2024 7:12 am PDT by
Best Buy today kicked off its Memorial Day weekend sale, and it has some of the best prices we've tracked in weeks on iPads and MacBooks. Specifically, you'll find record low prices on the 5th generation iPad Air, iPad mini 6, M2 MacBook Air, and M3 MacBook Pro. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a purchase, we may receive a small payment,...
macOS 15 Feature

macOS 15 System Settings to Get Design Overhaul

Thursday May 23, 2024 12:51 pm PDT by
With the macOS 15 update that is set to debut at WWDC in June, Apple plans to rearrange "menus and app UIs," according to a report from AppleInsider. The System Settings app, which was last updated with macOS Ventura, will get one of the biggest updates. With macOS Ventura, Apple renamed the System Preferences app to System Settings, introducing a design similar to the Settings app on the...
6chatgpt mac app

5 Reasons to Use OpenAI's ChatGPT App for Mac

Thursday May 23, 2024 6:07 am PDT by
On May 13, OpenAI during its Spring Update announced that it would be releasing a desktop ChatGPT app for the Mac in the "coming weeks," and said that ahead of a wider launch it had started rolling out the app to some ChatGPT Plus subscribers. Subscribe to the MacRumors YouTube channel for more videos. After testing the app for a few days, we thought it was worth sharing some reasons why...
iOS 17

Apple Sheds More Light on iOS 17.5 Bug That Resurfaced Deleted Photos

Friday May 24, 2024 2:36 am PDT by
Last week, some iPhone users reported that Apple's iOS 17.5 update had introduced a bug that caused old photos that were deleted to reappear in the Photos app. Apple quickly released an iOS 17.5.1 update to fix the issue, but for many users, its explanation of "database corruption" in the release notes was all too brief, and did little to allay concerns about the privacy of their data. Apple ...

Top Rated Comments

cmChimera Avatar
69 months ago
I definitely agree with them.
Score: 34 Votes (Like | Disagree)
ersan191 Avatar
69 months ago
Just make it optional - people who know what they are doing can enable it and the regular people who are more likely to forget their passwords can leave it off.
Score: 22 Votes (Like | Disagree)
cmaier Avatar
69 months ago
We should be very careful what we ask for. While I value privacy, there are legitimate reasons for someone else to have the key to our files. For example, should something happen to your spouse or parent (stroke, severe accident, etc), all their info would permanently be locked out, including all their photos. We live in an age where the photos of all our loved ones reside on our iPhones and iCloud. There must be a way to salvage them.
If i wanted my heirs to have access to my stuff after I die I would be sure to arrange for that. I don’t need apple to do my estate planning.
Score: 15 Votes (Like | Disagree)
Apple_Robert Avatar
69 months ago
Glad to see the EFF publicly pushing for this. Apple needs to take heed.

I want safety. I promise not to complain if I go senile and forget by password.
Score: 13 Votes (Like | Disagree)
Ldubrov Avatar
69 months ago
We should be very careful what we ask for. While I value privacy, there are legitimate reasons for someone else to have the key to our files. For example, should something happen to your spouse or parent (stroke, severe accident, etc), all their info would permanently be locked out, including all their photos. We live in an age where the photos of all our loved ones reside on our iPhones and iCloud. There must be a way to salvage them.
Score: 9 Votes (Like | Disagree)
zorinlynx Avatar
69 months ago
Why can't it be treated the same way as FileVault?

If you forget your FileVault password, you lose your data, period. Just make it ABSOLUTELY CLEAR to the user that they must not forget their password or they will lose their iCloud backup data. They could even make it a choice; I believe FileVault asks if you want to let Apple keep a copy of the recovery key.

I know Apple is really big on keeping users from shooting themselves in the foot, but for those of us who understand the risks, we should be allowed to secure our data further.
Score: 8 Votes (Like | Disagree)