Enlarge image
iCloud: 23 categories of data can be encrypted end-to-end
Photo: Armin Weigel/ DPA
By early December 2022, Apple had once again made itself extremely unpopular with the FBI.
The mere announcement of expanded end-to-end encryption for files in iCloud had angered the US federal police.
One is "deeply concerned", the "Washington Post" quoted from a statement by the authority, "with the threat of end-to-end encryption and exclusive access for users".
This limits the FBI's ability to "protect the American people from criminal acts such as cyberattacks, violence against children and drug trafficking, organized crime and terrorism".
Apple's customers have to activate the so-called extended data protection themselves.
It still doesn't apply to all categories of data in iCloud, and Apple has a key that could be of great help to investigators.
But the level of protection is higher with the extended data protection than without, and from next week the option will be available to iCloud users worldwide and thus also in Germany, as Apple announced on Wednesday.
E-mails, contacts and calendar entries are left out
This requires an iPhone or iPad with the current operating system iOS 16.2 or iPadOS 16.2 or a Mac with macOS 13.1.
The encryption is activated in the settings menu of the mobile devices under your own name and there in the iCloud area.
On the Mac, you have to navigate to the iCloud section in the System Preferences.
In order to be able to use the extended data protection, it is necessary to select at least one of the two recovery options offered in the event that your own Apple device is broken or lost.
Either you send a trusted person (who also owns an Apple device) a link with a key that helps access iCloud (but doesn't give that person access alone).
Or you create a 28-digit recovery key, which you should then keep safe.
The protection is still not complete: e-mails, contacts and calendar entries in iCloud are still not end-to-end encrypted.
However, 23 instead of the previous 14 data categories are protected in Apple's cloud service.
New additions include photos, notes and entire backups of devices.
It can then only be decrypted with the trusted devices of the user from whom the data was originally uploaded to iCloud.
Even if Apple's servers were hacked, they would be useless to the perpetrators.
Back-ups were previously the easiest way for law enforcement to get data from a suspect when they used the cloud service: because Apple itself had the keys, the company could and did release user data from the back-up at the request of the police that too .
This also included iMessages that could be read in plain text, which were end-to-end encrypted during transmission and therefore could not be easily intercepted and read.
If iCloud encryption is activated, this path will be blocked in the future.
But Apple can give investigators something else: metadata.
Because a whole range of information is only secured with Apple's standard data encryption.
The essence of this is that Apple manages the key, i.e. it can access the data itself and hand it over to law enforcement officers.
This affects, among other things, the name, model, color and serial number of the devices that are backed up, as well as a list of the installed apps.
File names, the checksum of a file – which is a kind of digital fingerprint of its content –, the file size and the file type are also not encrypted end-to-end.
Additional metadata pertains to photos, videos, and notes.
A list of what Apple calls "representative examples" can be found here.
Much of this metadata can provide information about the content of files, the checksums say whether a known (to the police) file or a known photo is stored in a person's iCloud.
Storage management currently has priority
Apple justifies this technically: Because millions of people around the world save the same files - such as well-known photos or videos - Apple either has to keep millions of duplicates or optimize its memory management and simply keep millions of references to the same file over and over again.
This is a common practice, but security experts still consider Apple's decision to be questionable: It represents "a clear security risk, particularly, but not only, in repressive states," says Helene Hahn, spokesman for Internet freedom at Reporters Without Borders.
»As a general rule, sensitive information should not be stored in the cloud unless it is completely end-to-end encrypted, including the metadata.«
Hahn also gives an example of what she believes to be a security risk: »If Apple passes this metadata on to government agencies such as secret services, they could unmask journalists and their work or reveal research processes.
For example, a large collection of saved images with a specific date indicates that a person took part in a demonstration or other local event.«
After all, the company has the prospect of also securing the metadata with end-to-end encryption in the future.
As usual, access by the authorities via Apple can be avoided by exclusively storing backups locally on the company's own hardware.
