Apple's Transfer of iCloud Security Keys in China Stirs Concern Among Experts
Some experts expressed their concerns on what could possibly happen, now that Apple has transferred a number of iCloud security keys to a China-based facility.
The migration of the iCloud encryption codes only applied to Chinese users since the country's laws require technology companies operating cloud services used by Chinese customers to store their data locally, Apple confirmed to a statement given to Reuters.
"While we advocated against iCloud being subject to these laws, we were ultimately unsuccessful," Apple added. The company also explained it had opted to follow the Chinese laws on cloud services instead of having nothing to offer to its China-based customers since the latter choice could lead to more privacy and security risks.
Before the move, all iCloud security keys for users around the globe had been stored in a facility in the United States. Now, Apple has entered a contractual agreement with the state-run company Guizhou - Cloud Big Data Industry Co Ltd which Reuters noted had "close ties" with the Chinese government.
In the previous years, Apple was known for being stern in making sure that no other entities, not even a government, could get their hands on the private data of its users. The company's widely reported defiance in terms of cracking the iPhone 5c of the San Bernardino mass shooter was an example of that.
However, this was also not the first time that Apple complied to Chinese policies since it took down several legitimate VPN apps from its Chinese App Store last year - a move that was prompted by local laws as well.
Even so, the risk of getting negative feedback from customers in the largest market region around the world appears to be another thing to consider.
As expected, the transfer stirred concerns among experts and privacy advocates, which included the worry that the Chinese government now had easier access to Chinese users' data if it wanted information.
While Apple maintained that it would only give access to user data with a valid court document, Jeremy Daum of Yale Law School's Paul Tsai China Center in Beijing commented that the process of obtaining private data in the United States and China were very different.
In the same Reuters report, Daum shared that in China, law enforcement officials "have broad powers to collect evidence" even when a criminal investigation is still in its very early stages.
"(They are) authorized by internal police procedures rather than independent court review, and the public has an obligation to cooperate," Daum added.