Data Backup Digest

“At Apple, your trust means everything to us,” writes Tim Cook.

Apple recently announced some changes to their privacy policy. In an open letter from Apple CEO Tim Cook to his customers, Cook claims that Apple has never worked with any government agency to create a backdoor within their systems. He also stressed that they have never allowed access to their servers and they never will.

The timing of the announcement followed the huge celebrity photo leaks that were suspected to originate from Apple’s iCloud. It’s still not certain how these photos were obtained, although Apple claims that there was no security breach in their system.

Passcodes can be set on Apple devices which lock the data inside. Apple state they cannot bypass this code and can’t access your data. This news has caused some authorities to complain that it’ll impact their criminal investigations.

FBI Director James Comey said that he was “very concerned” with the decision, while John Escalante, the chief of detectives at Chicago police department, drastically stated that iPhones will now become the phone of choice for paedophiles.

While it’s true that data on criminal phones could help with an investigation – their contacts, texts and geo data, for example – it is questionable whether the police should be able to access anyone’s phone, regardless of if they’ve committed a crime. How would you feel an authority accessed your data? It’s an interesting question indeed.

Jonathan Zdiarski, a forensic and security researcher, spoke to Mashable and said that the police have been able to carry out their job fine over the past couple of hundred years without accessing iPhones.

While authorities may not be able to get user data through the conventional method, that doesn’t mean there aren’t any other avenues to explore in order to get to that data.

A lot of Apple device users will back up their data to iCloud. In fact, some may be backing up their data to this cloud service without realising it. Although these backups are encrypted, the key to unlock is in Apple’s hands. As such, Apple could be required to hand over that key if legally required to.

iCloud isn’t the only place that holds a backup copy of iOS data. iTunes backups are also at risk and will usually automatically be carried out when the device is connected to a computer. Although iTunes backups can be protected with passwords, but this could be bruteforced if necessary. And again, Apple is required by law to hand over the backups if asked.

However, Apple have said that only a small percentage of requests from authorities are after personal data from accounts and that “less than 0.00385% of customers had data disclosed due to government information requests.”

The introduction of this privacy policy has sparked debates all over. It’s certainly a very interesting area and one that comes with many complications. Should the majority of citizens, who are law, be able to fully protect their data? If so, is it okay that criminals will also benefit from such protection?