While Apple says it can't read or share your on-device data with agencies such as the US Federal Bureau of Investigation, it can with data backed up to iCloud. It even scrapped plans to fully secure backups with end-to-end encryption in order to appease the FBI, according to Reuters.
What is end-to-end encryption?
When a product is end-to-end encrypted, it means all your data stored in that product - such as your messages, photos, videos, voice messages, documents, status updates, and calls - is fully secured. For instance, Signal, a messaging app, is end-to-end encrypted. And, with Signal, only you and the person you're communicating with can see your messages and media.
Nobody in between, not even Signal, can see it.
Your data is actually secured with locks, and ideally, only you and your recipient holds keys required to unlock and read your data.
Are Apple devices and iCloud backups encrypted?
Apple offers on-device data protection, but not for iCloud backups. While your personal data backups in iCloud are secured enough to prevent malicious actors from accessing them, Apple holds the special keys to decrypt your backups. And, when legally compelled, it shares these keys with police and governments - much to the chagrin of the Electronic Frontier Foundation and other privacy advocates.
Why won't Apple fully secure iCloud backups?
CEO Tim Cook said Apple holds on to the special keys required to decrypt users' iCloud backups in case its users get locked out of their accounts and want help getting their data back. However, law enforcement agencies, including the FBI, often ask Apple to decrypt iCloud backups. Last year, they requested access to thousands of accounts, and Apple complied with most of the requests.
Although Apple began exploring ways to apply the same end-to-end encryption it uses on Apple devices to iCloud backups, it dropped the effort after the FBI complained, Reuters reported. A former Apple employee told the publication: “Legal killed it, for reasons you can imagine.”
The unnamed source essentially said Apple didn't want to annoy the FBI: “They decided they weren’t going to poke the bear anymore."
Keep in mind Apple and the FBI went to court in 2016, when the US agency demanded that Apple add a backdoor to its devices so that it could access an iPhone that belonged to one of the San Bernardino shooters. The FBI ended up accessing that specific device on its own. But, in meetings with Apple, FBI officials reportedly told Apple that any plan to fully secure iCloud backups would hinder its investigations.
One former FBI official told Reuters that Apple "was convinced,” and that "Apple gets along with the federal government" now.
Why is this a big deal?
Reuters' report comes at a time when the FBI is requesting access to a phone connected to a shooting at a Pensacola base in December. And earlier this month, President Donald J Trump attacked Apple on Twitter over the issue:
We are helping Apple all of the time on TRADE and so many other issues, and yet they refuse to unlock phones used by killers, drug dealers and other violent criminal elements. They will have to step up to the plate and help our great Country, NOW! MAKE AMERICA GREAT AGAIN.— Donald J. Trump (@realDonaldTrump) January 14, 2020
Attorney General William Barr also said Apple has provided no “substantive assistance” to the FBI. Apple denied these accusations, and Reuters’ new report about Apple choosing to not fully encrypt iCloud backups suggests the company is, in fact, helping the FBI when asked.