Craig Federighi from Apple Talks About iCloud’s Expanded End-To-End Encryption

Recent articles

Apple today announced the launch of an Advanced Data Protection feature that expands end-to-end encryption to additional data stored in iCloud, including ‌iCloud‌ Backup, iCloud Drive, Reminders, Notes, and more. With the launch of the feature, Apple’s Craig Federighi did a quick interview with The Wall Street Journal’s Joanna Stern to discuss the change and other new security features that are coming in the future.

Federighi said that expanding ‌iCloud‌ end-to-end encryption took a long time to implement because Apple needed to “build toward the moment” and prove the technology.

Some of the steps we took over a decade ago designing iCloud and how we encrypted were necessary precursors to build toward this moment. Using end-to-end encryption for other data types like passwords and browser history helped prove that technology.

iCloud's Expanded End-To-End Encryption _

With end-to-end encryption expanding to most ‌iCloud‌ services, should an attacker get access to ‌iCloud‌ data, there would be no way to decrypt it. As a downside, it will prevent information from being accessible on iCloud.com, which is why it is an opt-in feature that can be enabled or disabled depending on the level of security and convenience each iPhone user desires.

As for data recovery, Federighi explains that a person who has Advanced Data Protection enabled that loses access to their device and forgets their ‌iCloud‌ password would need to have established a recovery key or a Data Recovery Contact to get access to their content.

A user activating this feature is taking on an additional responsibility. They’re taking on responsibility for their data recovery, from setting up a Data Recovery Contact or securing a recovery key. All users might need more time to be ready or willing to do that.

iCloud's Expanded End-To-End Encryption _

Advanced-Data Protection will not allow law enforcement officials to access data like ‌iCloud‌ backups or photos, which is possible now with unencrypted ‌iCloud‌ backups. When asked if Apple considered this when implementing Advanced Data Protection, Federighi said that the benefits outweigh the negatives as it protects government officials who foreign adversaries might target.

We deeply appreciate the work of law enforcement and support the work of law enforcement. We have the same mission at heart: to keep people safe. Ultimately keeping customers’ data safe has big implications for our safety more broadly. There’s sensitive information that an ill-intentioned attacker, whether a foreign adversary or organized crime, to get access to information about our political leaders or others who have particular secrets, or access to systems, would be a disaster for us all.

This is important to accomplishing our shared mission: to keep users safe.

iCloud's Expanded End-To-End Encryption _

Federighi said rumors that ‌iCloud‌ backups were once scrapped because they would harm law enforcement investigations were untrue and that the impact on law enforcement was not a consideration when implementing Advanced Data Protection. Federighi said the only way to keep customer data safe is to stay “one step ahead” of the attackers with features like Advanced Data Protection.

Leave a Reply