Apple introduces new tools to better protect customer data

Data breaches tripled between 2013 and 2021, according to a statement from Apple citing the study. The discovery prompted the Apple brand to unveil new tools on Wednesday to better protect its users’ personal and professional information from both hackers and authorities.

An announcement that could irritate governments concerned that law enforcement might gain access to this data. Customers of its iCloud storage service will soon be able to choose an “advanced data protection” mode that encrypts 9 additional types of content, including photos. The iPhone maker recalled that 14 categories, such as passwords and health information, have already been coded.

iCloud users will be able to “secure the vast majority of their most important data with end-to-end encryption so that it can only be decrypted on their trusted devices,” Ivan Krstic, head of Apple’s security systems, said in a press release.

“Backdoors” demand power

Only your iCloud mailbox, contacts, and calendar will be excluded from this comprehensive protection technology to ensure compatibility with other systems.

The California tech giant is already using end-to-end encryption in its iMessage, as well as WhatsApp (Meta) and other communications apps. This system allows messages to be encrypted, and only the sender and recipient have the “keys” to read them. In the cloud, this means that only the owner of the information will have access to it.

“Even if the company holding the data gets hacked, you have extra assurance that you won’t become a secondary victim,” says Melissa Bishoping, director of research at Tanium, a cybersecurity firm. “However,” she emphasizes, “it’s important to understand that with this extra layer of protection, it’s harder, if not impossible, to recover your data if you don’t follow the instructions.”

However, many governments, even democratic ones, are vague about the democratization of these sophisticated methods. In the US and Europe, half-deadly they call for “backdoors”, that is, shortcomings in this software, in particular, in the name of combating terrorism or child crime. But Apple has built its reputation partly on respect for its customers’ privacy.

Opportunities for journalists and human rights defenders

“Our commitment to providing the world’s best data security is unwavering,” said Craig Federighi, group vice president. Apple has been repeatedly criticized by privacy advocates. The firm’s decisions, in particular, were seen as a compromise with censorship in China. And she once wanted to introduce controversial tools to combat child pornography.

The new algorithms were supposed to better identify sexual images of children in iCloud and iMessage, but faced with protests in the summer of 2021, Apple delayed their rollout. Since then, the company has remained silent on the matter and has not responded to an AFP inquiry.

In addition to cloud-based protection, the Apple brand also promised on Wednesday two other new features for people who are at particular risk of being monitored – journalists, human rights activists, elected officials, etc. In early 2023, iMessage will have additional guarantees from the risk of communicating with identity thieves. And their authentication system for unlocking devices will be strengthened.

In September 2021, the company had to urgently patch a computer vulnerability that Israeli firm NSO Group’s Pegasus software could use to infect iPhones. This computer program at the center of the scandal is being used by governments for espionage purposes.

“A fundamental problem with internet security is verifying that someone sending you a message is who they say they are. And many of the vulnerabilities exploited by the NSA and other organizations are based on falsified messages,” says John Bambenek, a specialist at Netenrich, a California-based cybersecurity firm. “This new feature helps combat both of these issues.”