>Apple says the joint venture does not mean that China has any kind of “backdoor” into user data and that Apple alone – not its Chinese partner – will control the encryption keys.
China goes so far as to require Android users to install a surveillance app in some provinces (https://en.wikipedia.org/wiki/Jingwang_Weishi) so you think the Chinese government would really allow the sale of unbreakable end to end encryption domestically just because it's Apple?
What would be the point then, as anyone wanting to avoid Chinese surveillance could just buy an iPhone. They wouldn't go through huge, immense trouble rolling out a massive surveillance apparatus on this domestic internet only to allow the world's most popular phone to be sold domestically as a simple circumvention.
No, Apple obviously made a deal as they are totally dependent on China for manufacturing their phone as well, they have no leverage. The difference is, Apple's culture of secrecy seems to prevent their employees from leaking dissent externally, so whatever they did, the details aren't public.
>so you think the Chinese government would really allow the sale of unbreakable end to end encryption domestically just because it's Apple?
Yes. Apple has even said this in court filings during the FBI legal fight [1]:
>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.
and Craig Federighi's declaration [2]:
>5. Apple uses the same security protocols everywhere in the world.
>6. Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.
>7. It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.
>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.
Apple has leverage in China because they indirectly employ millions of people.
>No, Apple obviously made a deal as they are totally dependent on China for manufacturing their phone as well, they have no leverage. The difference is, Apple's culture of secrecy seems to prevent their employees from leaking dissent externally, so whatever they did, the details aren't public.
Lol. I'm sure Federighi perjured himself because the Apple Cult is just that strong.
And even then, the declaration you quote (made in a US Court case referring to the FBI) was made two years before Apple gave the keys over to China.
Apple has deleted VPN apps from the Chinese store at the request of the Chinese government. They also added a clause to their TOS that allows the state-owned data company to access all user data. When they rolled this out and gave the keys to China, they only gave their users the option to delete their account, not opt out.
I'm sorry to be the one to have to break this to you but Apple is acquiescing with the Chinese government surveillance demands.
Yes, so much leverage that China regularly forces them to censor the App Store, and forced them to give up control of iCloud in China.
Quite different than say, how Apple handled the FBI demands or AT&T?
What concessions did Apple extract from China with respect to freedom or privacy for the Chinese people that you can point to?
Have they ever gotten VPN reinstated? Can you point to a single instance of Apple even petitioning against the government in Chinese courts?
I’ll go one better: can you find an instance on record of Apple executives like Tim Cook criticizing Chinese government policies like they do the US government? Any instance of push back at all?
Apple definitely has leverage because we now know they have not made any "special accommodations" for China in their products and services. And as far as I know, iMessage remains unblocked unlike other encrypted services like WhatsApp.
That doesn't mean that Apple can do whatever they want. They've had to shut down iBooks and iTunes Movies within months of turning it on. They've had to remove VPN apps and the NYT's app from the App Store.
But they haven't had to fundamentally cripple the security of their products and services. And that's a meaningful concession they've obtained, because they're Apple.
>I’ll go one better: can you find an instance on record of Apple executives like Tim Cook criticizing Chinese government policies like they do the US government? Any instance of push back at all?
We know they pushed back on the data localization regulation because they said so in a statement to Reuters.
That was back in February. Since then there's been some shuffling of the companies who own the servers with the keys so that China now has access.
From July 2018:
>Fast forward to today: China Telecom, a government owned telco, is taking over the iCloud data from Guizhou-Cloud Big Data. This essentially means that a state-owned firm now has access to all the iCloud data China-based users store, such as photos, notes, emails, and text messages.
Nobody said that Apple no longer retains control of the keys. The point is that the Chinese government has access to Apple user data and Apple is complicit.
>Nobody said that Apple no longer retains control of the keys. The point is that the Chinese government has access to Apple user data and Apple is complicit.
The Chinese government has the exact same access to Apple user data as before, which is through Apple. Who controls the keys is what matters.
>The Chinese government has the exact same access to Apple user data as before, which is through Apple.
No, the Chinese government now owns the servers with the key storage. They now have access to all the keys and user data at rest.
If the Chinese government is accessing all the user data because they requested Apple to put the user keys on their now-state-owned servers, then why does it matter if Apple controls the keys? You're still splitting hairs.
>No, the Chinese government now owns the servers with the key storage. They now have access to all the keys and user data.
>If the Chinese government is accessing all the user data because they requested Apple to put the user keys on their now-state-owned servers, then why does it matter if Apple controls the keys? You're still splitting hairs.
Apple said literally the opposite of this to Reuters and in this statement to 9to5Mac [1]:
>Last year, we announced that Guizhou on the Cloud Big Data (GCBD) would become the operator of iCloud in China. As we said at the time, we’re committed to continuously improving the user experience, and our partnership with GCBD will allow us improve the speed and reliability of our iCloud services products while also complying with newly passed regulations that cloud services be operated by Chinese companies. Because of our commitment to transparency, there will be a series of customer communications over the course of the next seven weeks to make sure customers are well informed of the coming changes. Apple has strong data privacy and security protections in place and no backdoors will be created into any of our systems.
You seem to think there's some material difference by storing the keys or data in China. There isn't. China's power over Apple comes from the fact that they can block their access to operate in China. It's not technical or legal. Chinese iCloud data was just as vulnerable to requests from the Chinese government when it was stored in the US.
> That report doesn't say that Apple no longer retains control of the keys.
Even if it does (which is unclear), do you think Apple will be able to refuse if the Chinese government asks for them? I wouldn't be surprised of "the laws and regulations of China" say that Apple is required to turn them over.
>Even if it does (which is unclear), do you think Apple will be able to refuse if the Chinese government asks for them? I wouldn't be surprised of "the laws and regulations of China" say that Apple is required to turn them over.
Apple says that they respond to valid legal requests, but that isn't any different than when iCloud data was stored in the US. If you thought that Apple would cave to any request for data from the Chinese before, then there's no material difference by storing Chinese iCloud data in China.
What would be the point then, as anyone wanting to avoid Chinese surveillance could just buy an iPhone. They wouldn't go through huge, immense trouble rolling out a massive surveillance apparatus on this domestic internet only to allow the world's most popular phone to be sold domestically as a simple circumvention.
No, Apple obviously made a deal as they are totally dependent on China for manufacturing their phone as well, they have no leverage. The difference is, Apple's culture of secrecy seems to prevent their employees from leaking dissent externally, so whatever they did, the details aren't public.