Apple's Security Compromises in China Outlined in New Report

Apple has been making concessions on privacy and security in order to continue building and selling its devices in China, according to an in-depth report from The New York Times.

China iCloud Feature 2
The focal point of the report is Apple's decision to comply with a 2016 law that requires all personal information and data collected in China to be kept in China, which has led Apple to build a China data center and relocate Chinese customers' iCloud data to China, managed by a Chinese company.

Apple fought against China's efforts to gain more control over customer data, but given China's leverage over Apple, Apple had no choice but to comply. There were initially disagreements over the digital keys that can unlock iCloud encryption. Apple wanted to keep them in the United States, while Chinese officials wanted them in China.

Ultimately, the encryption keys ended up in China, a decision that "surprised" two unnamed Apple executives who worked on the negotiations and who said that the decision could potentially endanger customer data. There is no evidence that the Chinese government has access to the data, but security experts have said that China could demand data or simply take it without asking Apple, especially given compromises in encryption key storage and the fact that a third-party company manages customer data on Apple's behalf.

"The Chinese are serial iPhone breakers," said Ross J. Anderson, a University of Cambridge cybersecurity researcher who reviewed the documents. "I'm convinced that they will have the ability to break into the servers."

In a statement, Apple told The New York Times that it "never compromised" the security of users or user data in China "or anywhere we operate." Apple says that it still controls the keys that protect the data of Chinese customers, and the China data center is using the most advanced encryption technology available, which is more advanced than what Apple uses in other countries.

Apple has also been removing apps from the App Store in China at the request of the Chinese government after China began requiring an official license to release an app. Apple told The New York Times that it has done so to comply with Chinese laws.

"These decisions are not always easy, and we may not agree with the laws that shape them," the company said. "But our priority remains creating the best user experience without violating the rules we are obligated to follow."

The New York Times' report goes into much more detail on the compromises that Apple has made in China, and it is well worth reading in full.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tag: China

Top Rated Comments

icanhazmac Avatar
27 months ago

Apple had no choice but to comply.
There is always a choice, Apple simply chose to comply in order to sell product/services/etc in China. Not passing judgement, just stating facts. Saying "Apple had no choice but to comply" makes them sound like a victim, which they are not, they are a complicit partner.
Score: 88 Votes (Like | Disagree)
xlii Avatar
27 months ago
Apple just can’t bend over far enough to keep China happy.
Score: 50 Votes (Like | Disagree)
contacos Avatar
27 months ago
China is a good example how one nation managed to make everyone their little b … in such a short time. Ignorance is a bliss when you still make a lot of money I guess. It’s quite similar how other countries looked the other way with Nazi Germany and those initial „rumors“ of concentration camps back in the day, because making money was more important (until they tried to start a war on you). There should be a paper on that. Would be quite interesting to know how nazi Germany would have been handled if they had not started a war at everyone and kept to themselves. This is not bashing Apple, just telling about our society as a whole
Score: 44 Votes (Like | Disagree)
zakarhino Avatar
27 months ago
I’ve been referencing this for a while in response to the people that claim Apple fundamentally cares about privacy. They care to the extent that they need to for convincing marketing, that’s it. They will forever put money first over user privacy because that’s what they’re designed to do. If similar laws were passed in the EU or US Apple would comply without second thought (just as they did with the Prism program). There’s a long, long list of things they can do to improve user privacy but they refuse to do them.
Score: 38 Votes (Like | Disagree)
laz232 Avatar
27 months ago

There is always a choice, Apple simply chose to comply in order to sell product/services/etc in China. Not passing judgement, just stating facts. Saying "Apple had no choice but to comply" makes them sound like a victim, which they are not, they are a complicit partner.
Come on now, principled Tim Apple had no choice: those overpriced rainbow watchbands that are vital for virtue signalling slactivists don't have the same profit margin if they were made in those terrible racist Western democracies (what's left of them). Gotta appease China /s

(multicultural family with an aunt that came out as gay long before it was fashionable - I despise the cynical commercialisation based on intersectional theory that TC has brought to APPL)
Score: 25 Votes (Like | Disagree)
Deliro Avatar
27 months ago

Apple just can’t bend over far enough to keep China happy.
Neither can entities like the NBA and elected officials of the US (cough).

Since Apple is so about social justice, they showed little compassion or regard for the Hong Kong protests.

I really wonder how Jobs would have handled this. Kinda think the opposite of Cook.
Score: 20 Votes (Like | Disagree)

Popular Stories

google drive for desktop1

Google to Roll Out New 'Drive for Desktop' App in the Coming Weeks, Replacing Backup & Sync and Drive File Stream Clients

Tuesday July 13, 2021 1:18 am PDT by
Earlier this year, Google announced that it planned to unify its Drive File Stream and Backup and Sync apps into a single Google Drive for desktop app. The company now says the new sync client will roll out "in the coming weeks" and has released additional information about what users can expect from the transition. To recap, there are currently two desktop sync solutions for using Google...