Apple is fulfilling a long-time privacy request by expanding the end-to-end encryption found in iMessage to a variety of other data types, including iCloud backups, Photos, and Notes.
The end-to-end encryption is arriving through an opt-in feature called “Advanced Data Protection,” which is available to US users today through Apple’s Beta(Opens in a new window) software program.
Once enabled, the end-to-end encryption means not even Apple can access most of your iCloud content. Instead, only your enrolled devices—which contain the required encryption keys—will be able to access the information. Hence, hackers and even law enforcement will be prevented from reading the data unless they can physically steal your smartphone or laptop.
“For users who opt in, Advanced Data Protection keeps most iCloud data protected even in the case of a data breach in the cloud,” Apple adds.
New Advanced Data Protection Types
According to a support document(Opens in a new window), new data types that can be protected with the feature include:
-
iCloud Backup
-
iCloud Drive
-
Photos
-
Notes
-
Reminders
-
Safari Bookmarks
-
Siri Shortcuts
-
Voice Memos
-
Wallet Passes
On iCloud, the end-to-end encryption was previously(Opens in a new window) only available to data types pertaining to your health information, credit card payments, Safari browser history, and passwords, among others. However, Apple had refrained from bringing the encryption to iCloud, Photos and Notes, which can contain plenty of other personal information on a user.
The reason is likely because the FBI in 2018 complained that doing so risked undermining its investigation into suspected criminals, according to Reuters. Through subpoenas, US law enforcement agencies can compel tech companies to hand over a user’s personal data, such as emails and search histories.
Apple says it’s now decided to expand the end-to-end encryption from 14 data categories to 23, if a user opts into the Advanced Data Protection. “The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar because of the need to interoperate with the global email, contacts, and calendar systems,” the company said.
(Credit: Apple)
The company’s decision to expand the end-to-end encryption is bound to face criticism from the FBI. But in today’s announcement, Cupertino cited the growing threat from data breaches as a driver for needing the encryption.
“Apple makes the most secure mobile devices on the market. And now, we are building on that powerful foundation,” says Ivan Krstić, Apple’s head of Security Engineering and Architecture.
That said, even with the Advanced Protection Feature activated, Apple notes it can still store some metadata on a user’s iCloud activity, such as the “name, model, color, and serial number of the device associated with each backup.” The company’s support document(Opens in a new window) has more details.
Apple plans on rolling out the Advanced Data Protection feature to all US users by the end of the year. It’ll then launch the system for customers globally in early 2023. To opt in, you have to go to the settings panel for iCloud.
There are some drawbacks with the end-to-end encryption. As Apple points out: “If you enable Advanced Data Protection and then lose access to your account, Apple will not have the encryption keys to help you recover it — you’ll need to use your device passcode or password, a recovery contact(Opens in a new window), or a personal recovery key(Opens in a new window).”
Recommended by Our Editors
That said, users can always turn off the end-to-end encryption.
As part of today’s announcement, the company is also adding support for hardware-based security keys for Apple ID accounts early next year.
(Credit: Apple)
“This feature is designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and members of government,” the company says. “For users who opt in, Security Keys strengthens Apple’s two-factor authentication by requiring a hardware security key as one of the two factors.”
In addition, the company created an “iMessage Contact Key Verification,” which is designed to prevent elite hackers and spies from infiltrating your iMessage sessions. It works by warning you if an “unrecognized device” has been added to a contact’s iCloud account during a chat.
(Apple)
“Conversations between users who have enabled iMessage Contact Key Verification receive automatic alerts if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications,” Apple says. Expect the feature to also arrive next year.
Like What You’re Reading?
Sign up for Fully Mobilized newsletter to get our top mobile tech stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Hits: 0