Apple today introduced three advanced security features focused
on protecting against threats to user data in the cloud,
representing the next step in its ongoing effort to provide users
with even stronger ways to protect their data. With iMessage
Contact Key Verification, users can verify they are communicating
only with whom they intend. With Security Keys for Apple ID,
users have the choice to require a physical security key to sign
in to their Apple ID account. And with Advanced Data Protection
for iCloud, which uses end-to-end encryption to provide Apple’s
highest level of cloud data security, users have the choice to
further protect important iCloud data, including iCloud Backup,
Photos, Notes, and more.
All three announcements are noteworthy and good news, but to me, Advanced Data Protection for iCloud is the big one. Users who opt in will now get end-to-end encryption for backups, Photos, and Notes — everything in iCloud other than email, contacts, and calendars (the open standards for which preclude end-to-end encryption).
For users who opt in, Advanced Data Protection keeps most iCloud
data protected even in the case of a data breach in the cloud.
Unmentioned is that Advanced Data Protection will also preclude Apple from handing over unencrypted backups to law enforcement. Turn on Advanced Data Protection and Apple will no longer hold keys to that data. It’s off by default, primarily, I believe, for customer support reasons. With standard iCloud data protection, customer data is encrypted in transit and in storage on iCloud’s servers, but Apple holds keys that can be used for recovery in case a customer loses access to their account. Those same keys held by Apple can also be used to comply with search warrants.
This has been a long time coming.