Apple's Craig Federighi Discusses Expanded iCloud End-to-End Encryption
Apple today announced the launch of an Advanced Data Protection feature that expands end-to-end encryption to additional data stored in iCloud, including iCloud Backup, iCloud Drive, Reminders, Notes, and more. With the launch of the feature, Apple's Craig Federighi did a quick interview with The Wall Street Journal's Joanna Stern to discuss the change, and other new security features that are coming in the future.
Federighi said that expanding iCloud end-to-end encryption took a long time to implement because Apple needed to "build toward the moment" and prove the technology.
Some of the steps we took over a decade ago designing iCloud and the way we encrypted were necessary precursors to build toward this moment, and using end-to-end encryption for the other types of data like passwords and browser history helped prove out that technology.
With end-to-end encryption expanding to most iCloud services, should an attacker get access to iCloud data, there would be no way to decrypt it. As a downside, it will prevent information from being accessible on iCloud.com, which is why it is an opt-in feature that can be enabled or disabled dependent on the level of security and convenience each iPhone user desires.
As for data recovery, Federighi explains that a person who has Advanced Data Protection enabled that loses access to their device and forgets their iCloud password would need to have established a recovery key or a Data Recovery Contact to get access to their content.
A user activating this feature is taking on an additional responsibility. They're taking on responsibility for their data recovery, from setting up a Data Recovery Contact or securing a recovery key. All users might not be ready or willing to do that.
Advanced Data Protection will not allow law enforcement officials to access data like iCloud backups or photos, something that is possible now with unencrypted iCloud backups. When asked if Apple considered this when implementing Advanced Data Protection, Federighi basically said that the benefits outweigh the negatives as it provides protection to government officials who might be targeted by foreign adversaries.
We deeply appreciate the work of law enforcement and support the work of law enforcement. We view that we really have the same mission at heart, which is to keep people safe. Ultimately keeping customers' data safe has big implications on our safety more broadly. There's sensitive information that were an ill-intentioned attacker, whether that be a foreign adversary or organized crime, to get access to information of our political leaders or others who have particular secrets, or access to systems, would be a disaster for us all.
We see this as important to accomplishing the mission we share, which is to keep users safe.
Federighi said that rumors that iCloud backups were once scrapped because it would harm law enforcement investigations were untrue, and that the impact on law enforcement was not a consideration when implementing Advanced Data Protection. Federighi said the only way to keep customer data safe is to stay "one step ahead" of the attackers with features like Advanced Data Protection.
Federighi's full interview can be watched up above, and more information on Advanced Data Protection can be found in our dedicated article on the feature. Apple today also announced new iMessage and Apple ID security enhancements, and said that it had scrapped plans to detect known Child Sexual Abuse Material stored in iCloud Photos.