←back to thread

Learn more about iCloud in China mainland

(support.apple.com)
76 points quantisan | 3 comments | 09 Oct 19 22:36 UTC | HN request time: 0.809s | source
Show context
Despegar ◴[09 Oct 19 23:08 UTC] No.21209190[source]
Not only is this not news there's a lot of FUD about it. https://news.ycombinator.com/item?id=20904857

Reposting my comment:

Apple has already publicly said in court filings, and under threat of perjury, that they don't make any exceptions for China. From Apple's filing [1]:

>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.

and a declaration from Craig Federighi personally [2]:

>Apple uses the same security protocols everywhere in the world.

>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.

>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.

>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.

When China wants something from iCloud they do it the same way that law enforcement does it everywhere in the world, which is through Apple.

[1] https://assets.documentcloud.org/documents/2762131/C-D-Cal-1...

[2] https://www.documentcloud.org/documents/2762118-Federighi-De...

replies(5): >>21209229 #>>21209432 #>>21209442 #>>21209628 #>>21221388 #
1. ksec ◴[09 Oct 19 23:46 UTC] No.21209432[source]
The juicy parts from the Legal Agreement for folks in China using iCloud:

> E. Access to Your Account and Content > We reserve the right to take steps we believe are reasonably necessary or appropriate to enforce and/or verify compliance with any part of this Agreement. You acknowledge and agree that we may, without liability to you, access, use, preserve and/or disclose your Account information and Content to law enforcement authorities, government officials, and/or a third party, as we believe is reasonably necessary or appropriate, if legally required to do so or if we have a good faith belief that such access, use, disclosure, or preservation is reasonably necessary to: (a) comply with legal process or request; (b) enforce this Agreement, including investigation of any potential violation thereof; (c) detect, prevent or otherwise address security, fraud or technical issues; or (d) protect the rights, property or safety of GCBD, its users, Apple, a third party, or the public as required or permitted by applicable law. You understand and agree that Apple and GCBD will have access to all data that you store on this service, including the right to share, exchange and disclose all user data, including Content, to and between each other under applicable law.

The next step is to understand Rule of Law and Rule by Law. Guess which one China is.

I dont see which part of this is FUD.

replies(1): >>21209508 #
2. Despegar ◴[09 Oct 19 23:59 UTC] No.21209508[source]
None of this is inconsistent with what Apple has said about the security of iPhones or iCloud. Anything that's not end-to-end encrypted, as listed here [1], is subject to law enforcement requests, as it is everywhere.

[1] https://support.apple.com/en-us/HT202303

replies(1): >>21221409 #
3. lern_too_spel ◴[11 Oct 19 03:49 UTC] No.21221409[source]
I'll quote the relevant part of the agreement below:

"You understand and agree that Apple and GCBD [emphasis added] will have access to all data that you store on this service."

As a Chinese company, GCBD can and probably does indiscriminately send data to Chinese law enforcement.