Apple's Security Compromises in China Outlined in New Report

Apple has been making concessions on privacy and security in order to continue building and selling its devices in China, according to an in-depth report from The New York Times.

China iCloud Feature 2
The focal point of the report is Apple's decision to comply with a 2016 law that requires all personal information and data collected in China to be kept in China, which has led Apple to build a China data center and relocate Chinese customers' iCloud data to China, managed by a Chinese company.

Apple fought against China's efforts to gain more control over customer data, but given China's leverage over Apple, Apple had no choice but to comply. There were initially disagreements over the digital keys that can unlock iCloud encryption. Apple wanted to keep them in the United States, while Chinese officials wanted them in China.

Ultimately, the encryption keys ended up in China, a decision that "surprised" two unnamed Apple executives who worked on the negotiations and who said that the decision could potentially endanger customer data. There is no evidence that the Chinese government has access to the data, but security experts have said that China could demand data or simply take it without asking Apple, especially given compromises in encryption key storage and the fact that a third-party company manages customer data on Apple's behalf.

"The Chinese are serial iPhone breakers," said Ross J. Anderson, a University of Cambridge cybersecurity researcher who reviewed the documents. "I'm convinced that they will have the ability to break into the servers."

In a statement, Apple told The New York Times that it "never compromised" the security of users or user data in China "or anywhere we operate." Apple says that it still controls the keys that protect the data of Chinese customers, and the China data center is using the most advanced encryption technology available, which is more advanced than what Apple uses in other countries.

Apple has also been removing apps from the App Store in China at the request of the Chinese government after China began requiring an official license to release an app. Apple told The New York Times that it has done so to comply with Chinese laws.

"These decisions are not always easy, and we may not agree with the laws that shape them," the company said. "But our priority remains creating the best user experience without violating the rules we are obligated to follow."

The New York Times' report goes into much more detail on the compromises that Apple has made in China, and it is well worth reading in full.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tag: China

Top Rated Comments

icanhazmac Avatar
23 weeks ago

Apple had no choice but to comply.
There is always a choice, Apple simply chose to comply in order to sell product/services/etc in China. Not passing judgement, just stating facts. Saying "Apple had no choice but to comply" makes them sound like a victim, which they are not, they are a complicit partner.
Score: 88 Votes (Like | Disagree)
xlii Avatar
23 weeks ago
Apple just can’t bend over far enough to keep China happy.
Score: 50 Votes (Like | Disagree)
contacos Avatar
23 weeks ago
China is a good example how one nation managed to make everyone their little b … in such a short time. Ignorance is a bliss when you still make a lot of money I guess. It’s quite similar how other countries looked the other way with Nazi Germany and those initial „rumors“ of concentration camps back in the day, because making money was more important (until they tried to start a war on you). There should be a paper on that. Would be quite interesting to know how nazi Germany would have been handled if they had not started a war at everyone and kept to themselves. This is not bashing Apple, just telling about our society as a whole
Score: 44 Votes (Like | Disagree)
zakarhino Avatar
23 weeks ago
I’ve been referencing this for a while in response to the people that claim Apple fundamentally cares about privacy. They care to the extent that they need to for convincing marketing, that’s it. They will forever put money first over user privacy because that’s what they’re designed to do. If similar laws were passed in the EU or US Apple would comply without second thought (just as they did with the Prism program). There’s a long, long list of things they can do to improve user privacy but they refuse to do them.
Score: 38 Votes (Like | Disagree)
laz232 Avatar
23 weeks ago

There is always a choice, Apple simply chose to comply in order to sell product/services/etc in China. Not passing judgement, just stating facts. Saying "Apple had no choice but to comply" makes them sound like a victim, which they are not, they are a complicit partner.
Come on now, principled Tim Apple had no choice: those overpriced rainbow watchbands that are vital for virtue signalling slactivists don't have the same profit margin if they were made in those terrible racist Western democracies (what's left of them). Gotta appease China /s

(multicultural family with an aunt that came out as gay long before it was fashionable - I despise the cynical commercialisation based on intersectional theory that TC has brought to APPL)
Score: 25 Votes (Like | Disagree)
Deliro Avatar
23 weeks ago

Apple just can’t bend over far enough to keep China happy.
Neither can entities like the NBA and elected officials of the US (cough).

Since Apple is so about social justice, they showed little compassion or regard for the Hong Kong protests.

I really wonder how Jobs would have handled this. Kinda think the opposite of Cook.
Score: 20 Votes (Like | Disagree)

Related Stories

maxresdefault

Apple Shares Video Explaining How App Tracking Transparency Works

Monday April 26, 2021 11:22 am PDT by
Now that iOS 14.5 is available to the public, App Tracking Transparency is being enforced by Apple. Developers are no longer able to access the advertising identifier of your iPhone, iPad, or Apple TV without your express permission, which will prevent developers from tracking you across apps and websites for ad targeting preferences. If that sounds confusing, Apple has created an App...
fake airpods cpb

Shipment of Fake AirPods Worth More Than $7 Million Seized By U.S. Authorities

Monday May 17, 2021 4:56 am PDT by
A shipment of more than 36,000 fake AirPods from China to Cincinnati has been seized by Customs and Border Protection after the fake earbuds were found to violate Apple's copyright infringement rules, according to a press release from the agency. The shipment of earbuds were declared seized on May 11 and May 13 after they were found to include not only Apple's logo but also the shape and...
f1623088657

Apple Announces iCloud+, Combines Paid Storage With Privacy Features Like Hide My Email

Monday June 7, 2021 11:00 am PDT by
At WWDC, Apple announced that iCloud is getting a premium subscription tier called "iCloud+," which includes "Private Relay" that allows users to browse the web through Safari with all information leaving their device remaining encrypted and access to "Hide My Email." One of the headlining features for iCloud+ is Private Relay, which, similarly to a VPN, ensures that all traffic leaving a...
generic tracking prompt blue

Apps Continuing to Track Users Despite Apple's Privacy Prompt

Monday June 7, 2021 8:04 am PDT by
Apple is facing increasing pressure to tighten its App Tracking Transparency rules after it was found that third parties are using workarounds to identify users who do not consent to be tracked, according to the Financial Times. Apple rules around App Tracking Transparency, which came into effect as part of iOS 14.5 and iPadOS 14.5, require apps to ask for consent to track users across...
nba tracking prompt

Apple Warns Chinese Tech Companies Not to Circumvent App Tracking Transparency Rules

Thursday March 18, 2021 1:35 pm PDT by
Apple is cracking down on Chinese tech companies that are working on ways to get around upcoming App Tracking Transparency rules, reports Financial Times. Starting in iOS 14.5, Apple plans to begin requiring app developers to obtain express user permission before accessing an iPhone's advertising identifier or IDFA, and earlier this week, news suggested that the state-backed China...
appstoreprivacy feature

App Privacy Study Looks at Most 'Invasive' Apps Collecting User Data

Tuesday March 16, 2021 11:02 am PDT by
With App Privacy labels now available for many of the top apps in the App Store, pCloud earlier this month took a look at the most "invasive" apps that collect the most data from users. It will come as no surprise to many that Instagram and Facebook share the most data with third-party advertisers, collecting info on purchases, location, contact details, user content, search history,...
appstore

Australian Watchdog Wants iOS Users to Have More Control Over Preinstalled Apps

Wednesday April 28, 2021 2:04 am PDT by
In an report related to its ongoing investigation into Apple and Google app marketplace dominance, Australia's consumer watchdog has warned both companies that it wants consumers to have more choice when it comes to preinstalled apps on Apple and Android devices (via ZDNet). Specifically, the Australian Competition and Consumer Commission (ACCC) wants Apple and Google to give users more...
oppo watch

OPPO Watch and Band Now Support iPhone and Apple Health Syncing

Friday April 16, 2021 12:49 am PDT by
Owners of OPPO's Watch and Band wearables can now use their devices with iPhone, thanks to OPPO's HeyTap Health companion app making it onto the App Store. Spotted by XDA Developers, the HeyTap app lets OPPO users collect and analyze fitness tracking data collected by the wearables. Users can personalize watch faces, customize workout and health settings, and sync tracking data with Apple...
apple findmy network feature

Find My Network Exploited to Send Messages

Wednesday May 12, 2021 8:11 am PDT by
An exploit allows messages and additional data to be sent across Apple's Find My network, according to the findings of a security researcher. Security researcher Fabian Bräunlein has found a way to leverage Apple's Find My network to function as a generic data transfer mechanism, allowing non-internet-connected devices to upload arbitrary data by using nearby Apple devices to upload the...
nba tracking prompt green

P&G Wanted to Skirt App Tracking Transparency Rules With China Data Collection Tech [Updated]

Thursday April 8, 2021 11:39 am PDT by
Procter & Gamble Co. was one of the companies that worked with the China Advertising Association to test a new data collection tool designed to get around Apple's App Tracking Transparency rules, reports The Wall Street Journal. The state-backed China Advertising Agency developed a new method of tracking users called CAID to replace access to the IDFA or advertising identifier of an iPhone...