cross-posted from: https://infosec.pub/post/23398982
Apple has reportedly been ordered by the UK government to create a backdoor that would give security officials access to users’ encrypted iCloud backups. If implemented, British security services would have access to the backups of any user worldwide, not just Brits, and Apple would not be permitted to alert users that their encryption was […]
Reminder for anyone using iCloud— enable advanced data protection. This will encrypt almost all your data on iCloud in a way that Apple cannot simply access because they don’t have the key you setup during the enable process. This includes encrypting messages, photos, phone backups, and more which are usually not e2e encrypted. Only some data such as health, passwords, and maps are e2e by default on iCloud.
I cannot see how they could comply with both that and the GDPR, so the UK is asking Apple to choose between operating in the UK and operating in the 27 countries of the EU. Tough call.
I was just thinking that this would have to interfere with the laws of other countries.
That’s pretty wild to ask that of Apple. I could see the law being able to apply to their own citizens and residents, but not the whole world.
