Apple Drops iCloud Encryption Plan Based on FBI Concerns

According to six sources, in response to FBI concerns, Apple dropped the plan to allow iPhone users to encrypt backups in its iCloud service. Although this took place two years ago, it is just now being reported. Stress between Apple’s stance on privacy and law enforcement’s push to have access to its phones re-emerged a few weeks ago when a Saudi Air Force officer killed three Americans at Naval Air Station Pensacola. U.S. attorney general William Barr and President Donald Trump urged Apple to unlock the killer’s two iPhones.

VentureBeat reports that, “Apple did in fact did turn over the shooter’s iCloud backups in the [recent] case and … behind the scenes … has provided the U.S. Federal Bureau of Investigation with more sweeping help, not related to any specific probe.”

Current and former FBI and Apple sources reported that, “Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud … [and that] under that plan, primarily designed to thwart hackers, Apple would no longer have a key to unlock the encrypted data, meaning it would not be able to turn material over to authorities in a readable form, even under court order.”

FBI cybercrime agents and its operational technology division held private talks with Apple to oppose the idea and “the following year, the end-to-end encryption plan had been dropped, according to the six sources.”

One former Apple employee told Reuters that, “the company did not want to risk being attacked by public officials for protecting criminals, sued for moving previously accessible data out of reach of government agencies, or used as an excuse for new legislation against encryption.” Two former FBI investigators said that Apple was convinced by the evidence that “backups provided vital evidence in thousands of cases.”

One source, however, “said it was possible the encryption project was dropped for other reasons, such as concern that more customers would find themselves locked out of their data more often.” Following the decision, “the 10 or so experts on the Apple encryption project — variously code-named Plesio and KeyDrop — were told to stop working on the effort.”

VB reports that, “in the first half of last year … U.S. authorities armed with regular court papers asked for and obtained full device backups or other iCloud content in 1,568 cases, covering about 6,000 accounts” turning over “at least some data for 90 percent of the requests it received.”

Apple has since “shifted to focus on protecting some of the most sensitive user information, such as saved passwords and health data … [while] backed-up contact information and texts from iMessage, WhatsApp, and other encrypted services remain available to Apple employees and authorities.”

Bloomberg reports that the FBI relied on Cellebrite software to unlock the Apple iPhone 11 belonging to Lev Parnas, “the indicted associate of Rudy Giuliani,” who would not provide his password. It notes that, “the fact that the FBI was able to unlock the current model iPhone from Parnas may raise questions about claims by the Justice Department that the government needs Apple’s help to unlock two older model iPhones that belonged to the terrorist who killed three sailors at a U.S. naval base in Florida last month.”