Apple are going to Store Sensitive Encryption Keys in China

Fresh from penning an article yesterday about encryption and the Australian government, I am gobsmacked by this tidbit about Apple and China that is making the media rounds. Apple is going to store sensitive encryption keys on servers located in China.  Until now the keys have always been stored in the US - even keys for Chinese accounts. This meant that all governmental requests for data transfers and iCloud keys fell under US law.  Not anymore.

As a result, the Chinese government will no longer have to rely on the largesse of US courts if it wants information on iCloud users. Instead, its own legal system and protocols will prevail, and it can force Apple to furnish iCloud data for Chinese users, legal and industry experts have said.

The imminent shifting of the iCloud accounts belonging to China-based customers to a local partner’s servers has alarmed privacy activists and observers. This is because Chinese authorities will have far easier access to text messages, emails, and other data stored in the cloud. Protections assured in the US will disappear. It’s no wonder that human rights activists are concerned for the health and well-being of political dissidents, or those who might well be labeled as such in the future.

Such a scenario occurred a decade ago, in which Yahoo! handed over user data that led to arrests and prison sentences for two democracy advocates. Human rights advocates see worse dangers in the case of the surrendering iCloud keys to the Chinese authorities. The communications and personal information of even ordinary citizens will be laid bare for the government to see and act upon.

It raises the question as to why Apple is apparently willing to surrender such surveillance power to Beijing, although a company’s appetite to feed the bottom line especially in such fertile territory financial as the Middle Kingdom is understandable and nothing to sneeze at. But it is nonetheless disconcerting, as it is in direct contrast to Apple’s long-standing consumer privacy policy.

The company weighed, in saying that the stored information would be moved to servers operated by its in-country partner Guizhou-Cloud Big Data Industry Co. Ltd (GCBC), which has close ties to the Chinese government and the Chinese Communist Party.  This option, Apple maintains, is far better than the alternative  - which would be to abandon China completely.  It’s not like Apple didn’t try, according to a company source.

"While we advocated against iCloud being subject to these laws, we were ultimately unsuccessful."

It also maintained that while its policies remain uniform throughout the world, it must abide by the host country's laws. But, in this case, there is the frightening reality that the Chinese idea of law, as it relates to searches, is vastly different than in freer, more open societies. In the US, for example, a search warrant is requested by the police, but is then executed by a supposedly impartial judge. Not so in China, where the police issue and execute the “warrant.”

Apple further points out that Chinese iPhones will still have the security features that make it almost impossible for anyone to get access to a phone - even the company itself. Except that this will not apply to the iCloud accounts in China. Any information in the iCloud account could be accessible to Chinese authorities, who can present Apple with a legal order - an order which is unlikely to be as specific as its US counterpart. A Chinese order from the police has broader evidence-gathering powers, and doesn’t require judicial intervention.

Apple has notified customers of the impending change, which takes place by 1 March, and has advised them that only store dtaa locally on their personal devices. The company further said it will not switch customers' accounts to the Chinese data center until they agree to new terms of service. Apple contends that more than 99.9 percent of current users have already done so.

Bill Gates famously remarked that whatever entity wins the race to Artificial Intelligence, it will be worth 10 Microsofts. Remember, AI is data-driven. Whoever dominates the data accumulation race will arguably reign supreme. With Apple aiding and abetting China’s march to ensnare the data of its 800 million mobile phone users, it may have a leg-up on the competition.

Is anyone else wondering if somehow, in some way, Apple’s capitulation to the Chinese government will one day come back to haunt it - or worse - we at large?

Image credit: By Blablo101/Shutterstock.

Written by: Stan Ward

Stan Ward has enjoyed writing for 50 years. Writing has been a comfortable companion to a successful business and teaching career for him.

1 Comment

Web Dude
on March 9, 2018
After the disappearance of the first 5 iPhone owning dissidents in China, Apple HQ may get confirmation (if they have any influence within GCBC) there may be some soul searching at Cupertino, but then when Wall Street says "another great quarter for Apple stock" they will use the first $500 of their bonus on a bottle or two of their favourite French wine and sleep very well that night, thanking the Chinese people, at least those who can afford an iPhone, for their continued success, whatever the consequences...
Got Something to Say?

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

The fastest VPN we test, unblocks everything, with amazing service all round

Large brand with very good value, and a cheap price

One of the largest VPNs, voted best VPN by Reddit

One of the cheapest VPNs out there, but an incredibly good service