Doubt has been cast on the story that Apple gave in to FBI pressure on iCloud backups, and abandoned plans to switch to end-to-end encryption for these.

In particular, it appears that the timing behind the claim may not be right…

Background

Current iCloud backups are encrypted, but Apple holds the key, so can access the data. When law enforcement agencies want to access a locked iPhone, Apple cannot help them directly, but it can provide them with a copy of any iCloud backup of the device. This will include almost all of the data stored on the phone.

Apple receives government requests relating to hundreds of thousands of devices. In the first half of last year, for example, the company revealed that it received requests for over 195,000 devices, and provided data for 82% of them — or around 160,000 devices.

Apple uses far stronger end-to-end encryption for its two messaging services, iMessage and FaceTime. Here, Apple does not hold the key, and cannot read intercepted messages. (Although iCloud backups may contain stored copies of messages, which can be read.) We’ve long expected Apple to eventually adopt end-to-end encryption for iCloud backups too, meaning that Apple would be unable to decrypt any of the data.

However, it was yesterday claimed that Apple abandoned this plan following pressure from the FBI. I expressed the view then that this was the wrong decision on Apple’s part, though it would be an understandable one. In our poll, 37% agreed with me, though 55% said it was wrong, period. Fewer than 6% felt it was the right thing to do.

Doubt cast on ‘FBI pressure on iCloud backups’ story

Admittedly pro-Apple pundit John Gruber had already questioned the story.

If Apple has indeed abandoned its plans, argued Gruber, that would be because it would then be unable to help customers who lost or broke their iPhone and couldn’t remember their iCloud password.

It simply is not in Apple’s nature to tell anyone outside the company about any of its future product plans. I’m not sure how I could make that more clear. It is not in Apple’s DNA to ask permission for anything. (Cf. the theory that a company’s culture is permanently shaped by the personality of its founders.)

Encrypting iCloud backups would be perfectly legal. There would be no legal requirement for Apple to brief the FBI ahead of time. Nor would there be any reason to brief the FBI ahead of time just to get the FBI’s opinion on the idea. We all know what the FBI thinks about strong encryption.

But he later noted that there seems to be some hard evidence that the report is inaccurate. Namely, the timing doesn’t seem to add up. The story claimed that Apple made the decision “about two years ago,” while CEO Tim Cook indicated in an interview with the German press a year later that these plans were still likely to come to fruition.

A native German speaker said that the word “regulated” was a poor Google translation, and that a better translation would be “handled” like the devices — that is, end-to-end encryption would be used.

Image: Shutterstock