iCloud Photo Library makes it easy to move your photos and videos between your devices, but how is our data kept safe? Here's what you need to know.
Update May 2017: Updated text to a new FAQ style, added a basic explanation for how end-to-end encryption keeps your photo uploads and downloads secure.
Our photos can be as personal and private as our messages, financial information, and identities. iCloud Photo Library wants to make sure all our pictures and videos are backed up online and available on all our devices. To do that, it moves the bits that make up those pictures and videos from our iPhones, iPads, and Macs up to servers on the internet and then back down to our other iPhones, iPads, and Macs. That means both the transport and the storage needs to be secure so that our content is only ever available to us and us alone.
How does Apple keep my photos secure?
Apple uses end-to-end encryption to keep your photos safe as they move between your devices and iCloud. As Apple notes on its support site, your photos are transmitted under a "minimum of 128-bit AES encryption". This means that your photos are given the same treatment as your iPhone backups, iCloud Drive, and your other iCloud-stored content.
How does end-to-end encryption keep my photos safe?
On a very basic level, it means that when one of your images is being transmitted (uploaded or downloaded), that photo is protected while it's in transit. This means that if someone were to get ahold of the data for a photo that you were uploading from your iPhone to iCloud while it was being uploaded, they shouldn't be able to see the actual image.
What else does Apple do to keep my photos secure?
Apple employs AES and SHA, industry standards for securely encrypting and hashing data. The company goes further in its iOS security paper, which offers greater detail on how the company keeps your photos (and all of your data in iCloud) safe:
Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk's contents that utilizes SHA-256. The keys, and the file's metadata, are stored by Apple in the user's iCloud account. The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as Amazon S3 and Windows Azure.
At a basic level, these standards are very good ways to protect photos and other data while they're being uploaded, downloaded, or stored.
What about privacy?
Apple takes privacy very seriously and, as noted above, stores your data chunks without user-identifying information. The company also gives you options for controlling your own privacy. First, on your iPhone or iPad themselves, it's easy to grant or revoke permission for third-party apps to access your photos.
However, if you've decided that there are images that you don't want to keep around, it's easy to delete them from your iCloud Photo Library. What's really great is that if you want to delete something, you only have to do so on once device. So if you delete an image on your iPhone, it will appear in Recently Deleted not only on that device, but any iPad or Mac connected to that iCloud account.
From there, your photo will remain in Recently Deleted for the next 30 days if you change your mind, or you can choose to completely delete it right away.
Questions?
If you have any questions about the security of your iCloud Photo Library, be sure to let us know in the comments.
Reader comments
iCloud Photo Library and security: What you need to know!
Soooo, if everything is fine security wise, how did the celeb nude pics leak out of iCloud a few months ago, then ?
Because those celebs used passwords like "password" or "1234" and the "hackers" could simply log in with a tiny little bit of social engineering. No amount of encryption can secure against stupidity.
Oh nevermind : must be samsung's fault !!
Sent from the iMore App
How big your warty nose is Mr. Troll! To better smell a snarky, empty, comment you say?
Ridiculous comment when there really IS an answer to your question.
I'm confused. End to end meaning "my device" to Apple, or "my device 1" to "my device 2"? I read "end to end" as my devices, and Apple can't see the pictures, but this seems to be calling the cloud an "end". Which it can be, just unusual to think of iCloud as an endpoint for anything other than backups.
This article suggests that iCloud Photo Library is protected by end-to-end encryption. However I can find nothing anywhere in Apple's documentation to confirm this. The only services that Apple states feature this level of security are iMessage and FaceTime.
I don't believe that "encrypting during both transit and storage" is the same thing as "end-to-end encryption". The former cannot be decrypted even by Apple, while the latter can be.
Rereading the article, I think I'm going to have to agree. It sounds like Apple has the keys.
> The **keys**, and the file's metadata, are stored by Apple in the user's iCloud account.
It sounds like Apple can, at will (defined by its policy), decrypt the photos. That is *not* end-to-end encryption.
It can be done. SpyderOak does it. I've stated in the past that I want Apple to just by them.
Now, this is better than DropBox, which will save space by not duplicating files… between users. That's obviously going to be weaker encryption.
Why can't iCloud allow users to delete local files from their device, but still keep them available in the cloud? Google Photo handles this excellently - which is why I refuse to use iCloud Photo Library.