Did the FBI persuade Apple not to encrypt iCloud backups?

Homepage of iCloud website

Two years ago, Apple was working on a highly secret project to enable users to encrypt backups of their iPhone that were stored on the company’s iCloud. Then the project was abruptly dropped.

According to a new report from news agency Reuters, this decision was taken after pressure was exerted on the company by the FBI.

The FBI’s hold over Apple

According to the report, Apple informed the FBI more than two years ago that it was planning to offer end-to-end encryption for phone data that was stored on their iCloud. This claim was verified by no fewer than six independent witnesses from both the Apple and FBI camps.

The reason for this encryption project was simple. Encrypted data is more secure and hackers are unable to access it. So encrypted backups would keep user data more secure.

But it would also mean that Apple would be unable to hand backed-up data over to the FBO or other law enforcement agencies if requested to do so.

This would have created big problems for the FBI and they made representation to Apple along those lines. The crux of their argument was that if Apple went ahead with this plan, their most effective means of securing evidence against suspects who use iPhone’s would be lost.

There is then a gap in details but all six sources confirmed to Reuters that when Apple next spoke to the FBI about the issue of iPhone security, the backup encryption plan had been shelved.

Reuters says it cannot determine exactly why Apple took this decision but one Apple source was clear. “Legal killed it, for reasons you can imagine,” he said. In other words, the objections raised by the FBI had sufficient weight for Apple’s legal department to pressure the company to drop the whole scheme.

Why did Apple cave to FBI pressure?

It is likely that Apple’s legal team feared they would be sued by the US government for moving data that could previously be accessed by law enforcement agencies and making it inaccessible.

The same Apple source suggested that Apple did not want to face more attacks from public figures for protecting terrorists and other criminal suspects. “They decided they weren’t going to poke the bear anymore,” is the phrase the source used.

Apple has recently come under just such attacks once again over the iPhone belonging to the Saudi Air Force officer who shot dead three Americans at a Pensacola, Florida naval base last month.

U.S. Attorney General William Barr made a public appeal for Apple to unlock the two iPhone’s owned by the killer. Barr, of course, has a long track record of attacking tech companies over their use of encryption and is an outspoken advocate of legislation to introduce encryption backdoors.

President Donald Trump also weighed in to the debate in his inimitable style taking to Twitter to accuse Apple of refusing to unlock phones used by “killers, drug dealers and other violent criminal elements.”

Apple has resisted calls to unlock the two iPhone’s on the grounds that they do not have access to the data themselves and to do so would compromise every iPhone users security. However, interestingly, they are believed to have handed over the Pensacola killers iCloud backups.

Reuter’s FBI source was in no doubt that it was agency pressure that persuaded Apple to drop their backup encryption plans and the Pensacola case is a good example of why they fought so hard on the issue.

“It’s because Apple was convinced,” he said. “Outside of that public spat over San Bernardino, Apple gets along with the federal government.”

Other possible reasons for the volte-face

But one Apple source suggested that there could have been other factors involved in the decision too.

Encrypting backups would mean that access to them was controlled solely by the user. If an Apple user lost their logins to iCloud, there would be nothing Apple could do to help them access their stored data.

Having a spike in users who could no longer access their data and the frustrations they would face as a result is another possible factor in Apple’s decision.

But looking at the timeline, it is hard to escape the conclusion that FBI pressure was, at least, a significant factor in the company’s thinking. There is certainly no doubt that the FBI has ultimately been the main beneficiaries of Apple’s decision.

In their most recent bi-annual transparency report, Apple has revealed that U.S. authorities asked for and got full device backups or other iCloud content in 1,568 cases, and for about 6,000 accounts.

They also admitted that they handed over data in response to around 90% of requests for this type of data. It also turned over at least some data in response to secret U.S. intelligence court directives, which affected at least 18,000 accounts.

This is all user data that the FBI would not have been able to access had Apple followed through on its plans to encrypt user backup data. It is easy to see why the FBI was so keen to stop the plans. But less clear why Apple was willing to capitulate so easily.

Author: David Spencer

Cyber-security & Technology Reporter, David, monitors everything going on in the privacy world. Fighting for a less restricted internet as a member of the VPNCompare team for over 7 years.

Away from writing, he enjoys reading and politics. He is currently learning Mandarin too... slowly.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up to our newsletter

Get the latest privacy news, expert VPN guides & TV unblocking how-to’s sent straight to your inbox.