|
|
|
|
|
|
by lern_too_spel
2444 days ago
|
|
|
From the iCloud user agreement in China: "You understand and agree that Apple and GCBD [emphasis added] will have access to all data that you store on this service." https://www.apple.com/legal/internet-services/icloud/en/gcbd... GCBD, a state-owned company, certainly gives the Chinese government the ability to see all iCloud data. It is technically true that if the Chinese government sends a data request to Apple, Apple can try to push back within the legal system, but why would they send a data request to Apple when they can get unfettered access from GCBD? As far as who controls the keys for decrypting iCloud data at rest, I cannot believe that Chinese iCloud data would be sent encrypted to Apple's servers outside of China to be encrypted for rest with Apple-controlled keys and sent back to GCBD servers for storage and then sent to Apple's servers outside of China for decryption after verifying it is a user authorized request and back encrypted for the user when the user requests the data (and the same for all operations on the data like indexing). The keys absolutely must exist in China under GCBD's control. |
|
|