While Apple remains steadfast in its refusal to help the FBI unlock a pair of iPhones belonging to Florida shooter Mohammed Saeed Alshamrani, the company did admit that it handed over to the FBI gigabytes of Alshamrani’s data, a haul that included his iCloud backups. This is possible because although iCloud backups are encrypted, Apple holds the master key.
In light of that, a Reuters report from earlier this week alleges that Apple a few years ago was planning to introduce end-to-end encrypted iCloud backups, but ultimately relented due to immense pressure from the FBI. According to the report, the FBI told Apple that fully encrypting iCloud backups would severely “harm investigations.”
The Reuters report reads in part:
“Legal killed it, for reasons you can imagine,” another former Apple employee said he was told, without any specific mention of why the plan was dropped or if the FBI was a factor in the decision.
Fast forward a few days and there are some folks who are starting to question the veracity of the initial report. John Gruber, for example, astutely points out that Apple would have no reason to stop its plan to fully encrypt iCloud backups by the FBI in the first place.
Encrypting iCloud backups would be perfectly legal. There would be no legal requirement for Apple to brief the FBI ahead of time. Nor would there be any reason to brief the FBI ahead of time just to get the FBI’s opinion on the idea. We all know what the FBI thinks about strong encryption.
There’s also no evidence which suggests that the FBI proactively approached Apple and warned them not to implement their planned encryption scheme. And even if that did indeed happen during the course of security-related correspondence, it’s not as if Apple was obliged to comply.
All in all, it’s hard to make complete sense of what’s at play here. While it’s possible that Apple’s decision to squash end-to-end iCloud encryption was on account of the FBI, it’s equally as plausible that Apple’s decision was rooted in protecting users who genuinely need access to data from their iCloud backups.
Tim Cook said as much in a 2018 interview, adding that Apple may no longer possess the iCloud master key in the future.
“Our users have a key there, and we have one,” Cook explained. “We do this because some users lose or forget their key and then expect help from us to get their data back. It is difficult to estimate when we will change this practice. But I think that in the future it will be regulated like the devices. We will therefore no longer have a key for this in the future.”