Apple seems to have tougher defenses in mind for its iCloud service, if it can find the right balance between convenience and security.
At issue is the level of encryption that scrambles the documents, photos and other data you have stored on Apple’s servers so that they can’t be seen by prying eyes.
Data stored in iCloud is already encrypted, but according to The Wall Street Journal, which cited unnamed sources, Apple is considering a change that would mean it no longer holds a key that could be used to decode the data. In February, the Financial Times also reported that the company was aiming to strengthen iCloud encryption.
If Apple follows through with that plan, consumers who forget their passcodes might never again be able to view what they’ve tucked away on iCloud. On the other hand, Apple may keep itself more insulated against requests from law enforcement agencies and snoopy governments.
That’s a tricky consideration for the Cupertino, California, tech giant, which is embroiled in a high-stakes legal battle with the US Justice Department over encryption. In that particular case, the FBI is looking for access to an iPhone 5C tied to one of the shooters in the San Bernardino terrorist attack in December. Apple has already provided investigators with access to the iCloud account connected to the phone, but is balking at creating new software that would get the FBI past the passcode barrier.
The two sides have spent the last several weeks staking out their positions in public statements and court filings. On March 22, they’ll meet in a federal courtroom in Riverside, California, for what could be a decisive hearing.
Access to iCloud backups has been a valuable tool for criminal investigations, so anything that makes access more difficult would surely exacerbate tensions between Apple and law enforcement agencies.
Apple already has a feature called iCloud Keychain, for information such as passwords and credit card numbers, that it doesn’t have a key for.
On a separate security front, iCloud suffered a black eye in 2014 when a hacker accessed nude photos of several celebrities from their personal accounts. On Tuesday, the hacker, Ryan Collins, pleaded guilty to the charges. Collins got into the accounts via one of two methods: He tricked the celebs by sending emails that looked as if they came from an Apple or Google representative, or he simply guessed their passwords.
Apple declined to comment on the matter of enhancing security for iCloud data.