iCloud Photo Library and security: What you need to know!

Update May 2017: Updated text to a new FAQ style, added a basic explanation for how end-to-end encryption keeps your photo uploads and downloads secure.

Our photos can be as personal and private as our messages, financial information, and identities. iCloud Photo Library wants to make sure all our pictures and videos are backed up online and available on all our devices. To do that, it moves the bits that make up those pictures and videos from our iPhones, iPads, and Macs up to servers on the internet and then back down to our other iPhones, iPads, and Macs. That means both the transport and the storage needs to be secure so that our content is only ever available to us and us alone.

How does Apple keep my photos secure?

Apple uses end-to-end encryption to keep your photos safe as they move between your devices and iCloud. As Apple notes on its support site, your photos are transmitted under a "minimum of 128-bit AES encryption". This means that your photos are given the same treatment as your iPhone backups, iCloud Drive, and your other iCloud-stored content.

How does end-to-end encryption keep my photos safe?

On a very basic level, it means that when one of your images is being transmitted (uploaded or downloaded), that photo is protected while it's in transit. This means that if someone were to get ahold of the data for a photo that you were uploading from your iPhone to iCloud while it was being uploaded, they shouldn't be able to see the actual image.

What else does Apple do to keep my photos secure?

Apple employs AES and SHA, industry standards for securely encrypting and hashing data. The company goes further in its iOS security paper, which offers greater detail on how the company keeps your photos (and all of your data in iCloud) safe:

Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk's contents that utilizes SHA-256. The keys, and the file's metadata, are stored by Apple in the user's iCloud account. The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as Amazon S3 and Windows Azure.

At a basic level, these standards are very good ways to protect photos and other data while they're being uploaded, downloaded, or stored.

What about privacy?

Apple takes privacy very seriously and, as noted above, stores your data chunks without user-identifying information. The company also gives you options for controlling your own privacy. First, on your iPhone or iPad themselves, it's easy to grant or revoke permission for third-party apps to access your photos.

However, if you've decided that there are images that you don't want to keep around, it's easy to delete them from your iCloud Photo Library. What's really great is that if you want to delete something, you only have to do so on once device. So if you delete an image on your iPhone, it will appear in Recently Deleted not only on that device, but any iPad or Mac connected to that iCloud account.

From there, your photo will remain in Recently Deleted for the next 30 days if you change your mind, or you can choose to completely delete it right away.

Questions?

If you have any questions about the security of your iCloud Photo Library, be sure to let us know in the comments.