> Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
Totally agree. Having this discussion so US centred just makes us miss the forest for the trees. Apart from data owned by US citizens, my impression is that data stored in the US is fair game for three letter agencies, and I really doubt most companies would spend more than five minutes agreeing with law enforcement if asked for full access to their database on non-US nationals.
Also, remember that WhatsApp is the go-to app for communication in most of the world outside the US. And although it's end-to-end encrypted, it's always nudging you to back up your data to Google or Apple storage. I can't think of a better target for US intelligence to get a glimpse of conversations about their targets in real time, without needing to hack each individual phone. If WhatsApp were a Chinese app, this conversation about E2E and backup restrictions would have happened a long time ago. It's the same on how TikTok algorithm suddenly had a strong influence on steering public opinion and instead of fixing the game we banned the player.
International users that have Advanced Protection enabled would in theory be safe from all of the 3-letter agencies (like safe from those agencies getting the data from Apple...not safe generally).
Realistically we are talking about FISA here, so in theory if the FBI gets a FISA court order to gather "All of the Apple account data" for a non-us person, Apple would either hand over the encrypted data OR just omit that....
Based on the stance Apple is taking here, its reasonable to assume they would do the same in the US (disable the feature if USG asked for a backdoor or attempted to compel them to decrypt)
It's worth pointing out that just because the FBI didn't have the access they wanted, it doesn't mean that other agencies don't, or that the FBI couldn't get the data they wanted by other means (which was exactly what they ended up doing in that specific case). It just means that they wanted Apple to make it easier for them to get the data.
It's good that Apple refused them, but I wouldn't count that as evidence that the data is secure from the US government.
It's also worth noting that the US courts have long held that computer code is speech.
Apple's legal argument that the government's demand that they insert a backdoor into iOS was tantamount to compelled speech (in violation of the first amendment) was going over a little too well in court.
The Feds will often find an excuse to drop cases that would set a precedent they want to avoid.
Would your answer be the same if this encrypted data was stored in China instead of US?
I don't think messages should ever leave the device, if you want to migrate to a different device this could be covered by that user flow directly. Maybe you want to sync media like photos or videos shared on a group chat and I'm fine with that compromise but I see more risks than benefits on backing up messages on the cloud, no matter if it's encrypted or not.
I think the average human will disagree with you. They want to preserve their data and aren't technically competent and organized enough to maintain their own backups with locally hosted hardware. Even the technically literate encourage _offsite_ backups of your data.
Know your threat model and what actions your trying to defend against.
Typical humans need trusted vendors that put in actual effort to make themselves blind to your personal data.
This is different IMO. When you buy Apple you buy an American product and you know the company is beholden to US law. Snowden has made perfectly clear how much they can be trusted. When you buy it anyway it's an informed choice.
Here a country that has no ties with most of apple's customers is just butting in and claiming access to all of them.
So what's next. Are we also giving access to everyone's data to Russia? Iran?
Agree in principle, though WhatsApp backups are encrypted with a user provided password, so ostensibly inaccessible to Google or whoever you use as backup
What makes you think WhatsApp backups don’t have a secondary way to unlock the encryption key? Wouldn’t it be more logical to assume the encryption key for whatsapp backups can also be unlocked by an alternate “password”
If the US is willing to build an entire data center in Outback Australia to allow warrantless access to US citizen data, why wouldn’t they be forcing WhatsApp backups to be unlockable?
> Totally agree. Having this discussion so US centred just makes us miss the forest for the trees. Apart from data owned by US citizens, my impression is that data stored in the US is fair game for three letter agencies, and I really doubt most companies would spend more than five minutes agreeing with law enforcement if asked for full access to their database on ̶n̶o̶n̶-̶U̶S̶ ̶n̶a̶t̶i̶o̶n̶a̶l̶s̶ anyone.
Android data isn't encrypted at rest (or at least not in a way Google doesn't have the key). If the uk gov has a warrant, they can ask Google to provide your Google Drive content. The whole point of this issue is Apple specifically designed ADP so they couldn't do that.
So not hugely secure for most people if they use 4-6 decimal digits, but possible to make secure if you set a longer passphrase.
I don't know what Google's going to do about this UK business.
edit: Ah it looks like they have a Titan HSM involved as well. Have to take Google's word for it, but an HSM would let you do rate limits and lockouts. If that's in place, it seems all right to me.
I wonder how hard it would be for the US government to force Google to just get the lockscreen pin off of your device or for them to just infect your device with something to capture it themselves.
Wrong. Google Android user cloud backups are E2EE by default.There is no option to opt out. Use Google's backup service and your data is encrypted at rest, in transit, and on device. aka end-to-end.
It's not just Google saying it. Google Cloud encryption is independently verified
i think people focus on whether backups are encrypted too much. it really doesn't matter when the government has remote access equivalent to your live phone when it's in an unencrypted state, which they almost certainly do.
> Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?
Er, no...? I'm not sure where you get that idea. Access requires a warrant, and companies are not compelled to build systems which enable them to decrypt all data covered by the warrant.
See, for example, the Las Vegas shooter case, where Apple refused to create an iOS build that would bypass iCloud security.
I asked if your Android backup is encrypted. Implies I'm talking about unencrypted data.
> See, for example, the Las Vegas shooter case
I am not in Las Vegas or anywhere else in the US. So as far as i know all the data about me that is stored in the US is easily accessible without a warrant unless it's encrypted with a key that's not available with the storage.
> companies are not compelled to build systems which enable them to decrypt all data covered by the warrant
Again, not what I was talking about.
I'm merely pointing out that your data is not necessarily encrypted, and that the "rest of the world" was already unprotected vs at least one state. The UK joining in would just add another.
This is why Apple, and more recently Google, create systems where they don't have access to your unencrypted data on their servers.
> Google Maps is changing the way it handles your location data. Instead of backing up your data to the cloud, Google will soon store it locally on your device.
Which is why Apple takes the stance that the users device shouldn't be sending data to the mothership at all, if it isn't absolutely necessary.
Compare Apple Maps and Google Maps.
Google initially hoovered up all your location data and kept it forever. They learned from Waze that one use case for location data was keeping your map data updated.
Apple figured out how to accomplish the goal of keeping map data updated without storing private user data that could be subject to a subpoena.
> “We specifically don’t collect data, even from point A to point B,” notes Cue. “We collect data — when we do it — in an anonymous fashion, in subsections of the whole, so we couldn’t even say that there is a person that went from point A to point B.
The segments that he is referring to are sliced out of any given person’s navigation session. Neither the beginning or the end of any trip is ever transmitted to Apple. Rotating identifiers, not personal information, are assigned to any data sent to Apple... Apple is working very hard here to not know anything about its users.
Google or Apple could be forced by authorities to perform correlation on the map tiles being requested by users under investigation. Not as accurate as GPS coordinates but probably useful nonetheless.
One more reason to prefer offline maps for those who value privacy.
Given that you can browse map data for any location, not just where you happen to be, I'm betting that triangulation data from your carrier would be more accurate.
Sure, triangulation of carrier signals could lead to more accurate position estimates, but if the carrier isn't based in the US they are under no obligation to make this data available to US authorities.
Apple and Google are based in the US so are bound by the CLOUD Act to provide any and all data they have upon request, no matter where in the world it is being collected or stored.
Google had "created a system where they don't have access to your data on their servers" a couple of years BEFORE Apple. Android 10 introduced it in 2019.
Google didn't announce plans to stop storing a copy of user location data on their servers until the middle of last year.
See the story linked above.
They didn't announce that they could no longer access user location data on their servers to respond to geofence warrants until the last quarter of 2024.
Were talking about protecting your personal data from government overreach, and Google's entire business model is to collect as much of your personal data as possible and store it on their servers to make ad sales more profitable.
Apple does its best not to collect personal data in the first place.
> all the data about me that is stored in the US is easily accessible without a warrant
No, law enforcement needs a warrant to legally access any data. This is why Prism was illegal, and why companies like Google are pushing back against overly broad geofence search warrants.
But is that backup encrypted? If it's not, all they need is <whatever piece of paper a british security official needs, if any> to access your data.
This is about having access to backups that are theoretically encrypted with a key Apple doesn't have?
> We're talking about the largest back door I've ever heard of.
Doesn't the US have access to all the data of non US citizens whose data is stored in the US without any oversight?