China vs. Apple and iCloud

It's Chinese law. But it's also hugely controversial, especially among those who consider it a betrayal of Apple's longstanding devotion to security and privacy. So, what's going on?


Casper: Better sleep, better everything. Go to and use promo code VECTOR at checkout to get $50 off select mattresses. Terms and conditions apply.


Starting next week, Apple's going to begin to move the iCloud accounts of people who own and operate iPhones and iPads and other Apple devices inside China to data centers that are located in China in partnership with a company that is owned and operated in China. Apple's doing this to comply with a Chinese law that says exactly that.

The reaction has been pretty much what you'd expect. "Once the keys are there, they can't necessarily pull out and take those keys because a server could be seized by the Chinese government," said Matthew Green, a professor of cryptography at John Hopkins University. Ultimately, he says, "It means that Apple can't say no."

Jing Jow Tow, a Beijing-based attorney at Dechert LLP, said that, "Chinese iPhone users are disappointed by Apple's changes to iCloud data storage because privacy protection in China is weak. However," he said, "users there still consider that iPhone is better than some other pure Chinese-made phones for privacy, policy, and protection."

"Given that Apple's China operation will be managed by a Chinese company, it seems implausible that the government will not have access to Apple data through the local company," said Ronald Deibert, a political science professor at University of Toronto's Munk School for Global Affairs who has researched Chinese government hacking operations.

Let's break things down. The iPhone that people are going to be buying in China next week is the same iPhone they bought in China last week. It's the same iPhone that anyone can buy in New York City or San Francisco or Montreal or London or Paris or South America or Africa. It's the same iPhone. Apple only sells one phone in the entire world.

It has the same hardware encryption features in every iPhone including the ones they're going to continue to sell in China.

It's also going to have the same end-to-end encryption for everything from iMessage to FaceTime. For example, when you create a message on your iPhone, it is going to be encrypted on your iPhone. It's not going to be decrypted until it reaches the other person's iPhone. Anything that's intercepting in between is still going to be pseudo-random gibberish to anybody who tries to read it.

Apple still doesn't store keys to passcodes. No matter what happens if anybody gets that iPhone, Apple itself has no way to unlock it.

Where Apple does store data on servers, they do so with strong hardware and software protections. As we saw with the San Bernardino case and the FBI a couple years ago in the US, they will fight stringently to keep that data secure. They will not put in backdoors. They will not put in vulnerabilities in their own software.

But Apple has to obey the laws of any country in which they do business. The same is true in the United States where they're subject to national security letters and to FISA court rulings. The same will be true in China where they're subject to warrants and searches by Chinese authorities and Chinese agencies.

Previously Apple and most other companies stored all of this information in US-based servers or in data centers that they set up in regions that they chose around the world. That's slowly been changing. There's been a lot of nationalism around data.

Data is extremely valuable. It is why companies like Google and Facebook spend billions of dollars creating "free" services that they use to harvest our data because that data is worth so much to them that they will go to extraordinary lengths, put in extraordinary amounts of money, to get it.

Countries are realizing this. They're realizing the value of their data. They're also realizing they don't want the value of that data to exist outside their borders. China is one country. We'll probably see a lot more countries start to enact the similar kinds of local data, repatriation of data. It's going to be interesting to see.

The US is a huge market. China is a huge market. There are a few other really huge markets. What happens when small countries, when small markets, start making the same requests, when Apple and Facebook and Google and Microsoft and other companies have to start weighing the cost of storing all this data and managing all this data and harmonizing all this data across a myriad of geographies because those days are increasingly coming?

When faced with those kinds of laws, companies have a choice. They can either obey those laws and start moving data into those countries and into those companies or they can refuse. They can pull out. They can stop offering those services inside the country. That is something Apple absolutely can do.

I understand completely there's a reasonable argument to be made that Apple or any other company that doesn't like the laws of a place, that it's incumbent upon them to stop operating in that place as a former of protest, as a form of saying, "We don't believe these things are OK, and we're not going to be party them."

Apple has a long history, a longstanding policy, of engagement, of believing that the best way to effect change is to remain involved. I think in this case, Apple also believes that if they pull iCloud services out of China, their customers have no good alternatives.

It's important to point out here that this is not just a security and not just a privacy issue. There's also a data safety issue here as well. These are two really radically opposing schools of thought.

If you ask an infosec, an information security specialist, they will tell you that all data has to be encrypted as strongly as possible whenever possible all the time, all of the way.

If you talk to a data protection specialist, someone who works in backups and data recovery, they will tell you that encryption is the worst thing because an encrypted drive cannot be recovered. If you have all your personal data stored in an encrypted drive and something goes wrong, that data is gone, forever lost to you. They advocate that people, rather than worrying about failing secure, worry about failing safe.

These are both absolutely legitimate point of views. You can personally believe more strongly in one or the other.

I personally believe that there is certain kinds of data that I want fail secure and certain kinds of data that I want to fail safe. In this case, with iCloud for example, if you have priceless pictures of your wedding, of your vacations, of your children, of important events in the lives of your children, then that is the stuff that you want to protect.

If your phone is damaged, if your phone is lost, those photos are not something that you want to have lost with it. The same might be true of your documents, of your notes, of the thesis that you're working on for school, of the project that you're working on.

Yes, there will absolutely be some cases where you are engaging in activities that you do not want anybody else to know about, including the government, including anybody who finds your phone.

There will be other situations where the most important thing in the world is that you maintain access to the information that is on that device regardless of what happens to that device. That is just as valid a point of view and just as important a point of view.

I think that's where Apple's thinking is in terms of iCloud. If they pull out, what are people going to do who just have iPhones and want to make sure all their photos are backed up or want to make sure that they maintain access to their documents or to the data that's stored in their apps?

Where are they going to go? To Alibaba, to Tencent, to the China Telecom, to another company owned and operated by the Chinese state? There are no good alternatives for that.

I think understanding the very legitimate security and privacy concerns but also understanding the data retention and data safety concerns, Apple decided to remain in China, to remain offering iCloud services in China. They partner with a company called Guizhou Cloud Big Data, GCBD, to continue operating iCloud in China.

I think it's fair to say regardless of what your personal opinion is about this, whether you think Apple should have pulled out of China entirely or pulled iCloud out of China if they couldn't get the conditions that they wanted to continue operating it in, they have been transparent about this, about the process and about what they're doing from the start.

Here's how that process has been working. Starting January and continuing for about eight weeks, they're sending out emails and push notifications to alert people in China about the change.

People in China can then choose to opt out if they no longer wish to use iCloud, knowing everything they do now. Knowing that it's going to be hosted in China, that it's going to be hosted by a Chinese company in China, they can choose to stop using it entirely if that's what they want which in effect is the same thing as Apple pulling iCloud out of China entirely.

If they believe they've received the message in error, if they're not a Chinese citizen residing in China using and operating an iPhone in China, they can also choose not to have their account migrated.

If they don't do anything, if they don't make a choice either way, Apple will not migrate their account until they accept the new terms and conditions and then are forced to make a decision. There's no way you can be railroaded into one choice or the other.

According to Apple, about 99.9 percent of people who've received these emails and notifications so far have elected to keep using iCloud in China. Again, Apple maintains they have not created any backdoors, they have not been asked to create any backdoors by China and that they will retain control of iCloud encryption keys even while they're in China.

This is equally important, Apple will have to respond to any legal requests from the Chinese government as relates to the data of Chinese citizens stored in China and hosted by companies that are owned and operated in China the same way that right now Apple has to respond to any legal requests including again FISA warrants and national security letters for any data that is held in the US by US courts.

To bring this back to the beginning with what I put up on Twitter, I think it's urgently important for people in the US to understand that for the vast majority of us, we do not live in the country where our data is hosted, where our keys are hosted.

The legal systems that govern whether a country has access to those are not ours, not the systems that we live under. We may or may not be comfortable with the way that the courts in those countries operate. We have no choice in this matter.

This is by no means something new. This is something that's getting a lot of attention because it's China now. Given recent history, given how many countries of all political parties in all regions have handled the fundamental issue of privacy...

Again, I'm in no way drawing an equivalency between all of these countries. I am no more comfortable with the idea of the US holding my data than I am of any other country holding my data.

@KatrinaMDW, "Huge can of worms there. That said, at my organization, we have some clients who don't want any data stored outside the US, and others who don't want any data in the US. We maintain separate servers." That's absolutely true.

US government agencies like the FBI have said that they don't want US telecommunications company to buy infrastructure from Chinese companies. They don't recommend US citizens use phones made by Huawei which they maintain have ties with the Chinese government.

This kind of stuff, this lack of trust, goes both ways. One of the reasons I'm sure that China doesn't want Chinese citizens' data to be stored in the US, that they don't want encryption keys to be stored in the US, is that they don't want the NSA or the FBI or other US agencies to have any access to Chinese data either.

That's sort of why we're getting this nationalism, this feudalism, in data where every country wants to maintain control because they don't want all the other countries snooping on all of that data. They sort of want to maintain right of first snoop themselves.

@CliffMonid, "That's hard to believe, and I am someone outside of America. Apple is still in control with keys data in the US. If you believe your point, then you are questioning your trust in Apple within the US."

This is very important to me. I don't trust Apple. I don't trust any company. I trust technology. If Apple end-to-end encrypts something, I trust end-to-end encryption.

Apple's been very good about putting out white papers explaining which services for example are end-to-end encrypted and Apple even under legal request could not provide any data and which services are not protected in that way for a variety of reasons including data retention reasons or data protection reasons, that they will be forced to hand over.

I think if you have questions about those, the best place to look is there.

@JimboDude, "Absurd. A private company holding your keys, mind you, under a US government reined in by prosecutorial limitations cannot be directly compared to a pseudo Communist state fairly, i.e., China."

In the years since the Snowden debacle, we've seen that that is absolutely not true. There are other countries that are much more transparent. The UK I think for example is much more transparent about the quantity and ways in which they surveil and accumulate data. At this point, I think it's just simply not safe to assume otherwise.

@LongYuHung, "Absolutely the right comparison to make considering the large domestic spying programs the telecos willingly complied with that were of questionable legality."

@JSullivanJr, the person who originally asked me the question, "Nope, that makes sense, just not something I've thought about or seen talked about prior. In a way I guess it makes more sense that they are stored within the physical bounds of one's home country."

This again is an issue where people can have differences of opinions. The Internet and social in particular is really bad at handling the ideas of multiple truths. That's the world we live in.

@JonathonTranter, "It's not exactly the same thing despite having some safeguards against keys. The EU's GDPR and the UK's copy and paste version when we jump off the cliff is very popular here for offering some protection how our data leaves the block."

That's something we're going to have to wrestle with too. We just simply don't have the laws that take into account the cybernetics that we have now.

Make no mistake. Our smartphones are the first form of cybernetic enhancements that we're really experiencing. They're our offline or our near line memory. They store all the stuff that our organic brains can no longer cope with, all of the contacts, the connections, the information that are simply beyond the bounds of our memory or rapid recall ability. They're all now stored in this little crypto bricks.

There's a case to be made that they should be treated with an absolute privilege that far extends spousal, or legal, or medical, or clergyical privilege because of the intimate, personal, connected quasi-cybernetic nature of the data that's stored on there. That's a debate for another show.

@NickHere, "Something I've been wrestling with for years. It's not paranoia. It's just a question of whether jurisdiction ought to be packaged and exported."

Brian9260, "Incredibly relevant today as the US Supreme Court hears a case on whether or not the US government can issue warrants to Microsoft for information on servers outside the US." That might well be part of the reason why countries like China are doing this because they do not want the data of their citizens subject to the court rulings in the United States.

Super serious and super complicated issues that simply can't be summed up in sound bites or sensational headline or rage tweets. They are the questions that are going to dominate the next generation as the Internet and connectivity becomes only greater and the data shrinks even as the world is not always coming together.

@FZWOB, "Rene, I criticize you often and harshly, so I just wanted to let you know that I really like this tweet." [laughs] Thank you.

○ Video: YouTube
○ Podcast: Apple | Overcast | Pocket Casts | RSS
○ Column: iMore | RSS
○ Social: Twitter | Instagram

Rene Ritchie

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.