Offers end-to-end iCloud encryption, drops controversial child-sexual abuse screening plan.
From Robert McMillan and Joanna Stern's "Apple Plans New Encryption System to Ward Off Hackers and Protect iCloud Data" posted Wednesday by the Wall Street Journal:
Apple is planning to significantly expand its data-encryption practices, a step that is likely to create tensions with law enforcement and governments around the world as the company continues to build new privacy protections for millions of iPhone users.
The expanded end-to-end encryption system, an optional feature called Advanced Data Protection, would keep most of the iCloud’s data secure, even in the event that Apple is hacked. It would also prevent Apple from being able to provide data from iCloud phone backups in response to law-enforcement requests.
While Apple has drawn attention in the past for being unable to help agencies such as the Federal Bureau of Investigation access data on its encrypted iPhones, it has been able to provide much of the data stored in iCloud backups upon a valid legal request. Last year, it responded to thousands of such requests in the U.S., according to the company.
With these new security enhancements, Apple would no longer have the technical ability to comply with certain law-enforcement requests such as for iCloud backups—which could include iMessage chat logs and attachments and have been used in many investigations...
The changes represent a new potential setback for law-enforcement officials. Last year, Apple proposed software for the iPhone that would identify child sexual-abuse material on the iPhone. Apple now says it has stopped development of the system, following criticism from privacy and security researchers who worried that the software could be misused by governments or hackers to gain access to sensitive information on the phone.
My take: This won't win Apple many friends in Washington.