This is required to operate under Chinese law.<p>For instance, here is Microsoft's description of their own compliance.<p>>Keep your data within datacenters located in China with an Azure China account and stay compliant with international and industry-specific compliance standards. Access to your customer data is controlled by an independent company in China, 21Vianet. Not even Microsoft can access your data without approval and oversight by 21Vianet.<p><a href="https://azure.microsoft.com/en-us/global-infrastructure/china/" rel="nofollow">https://azure.microsoft.com/en-us/global-infrastructure/chin...</a>
Not only is this not news there's a lot of FUD about it. <a href="https://news.ycombinator.com/item?id=20904857" rel="nofollow">https://news.ycombinator.com/item?id=20904857</a><p>Reposting my comment:<p>Apple has already publicly said in court filings, and under threat of perjury, that they don't make any exceptions for China.
From Apple's filing [1]:<p>>Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .” Opp. 26. Contrary to the government’s misleading statistics (Opp. 26), which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests]; Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made “special accommodations” for China (Opp. 26), as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests. See Federighi Decl. ¶ 5.<p>and a declaration from Craig Federighi personally [2]:<p>>Apple uses the same security protocols everywhere in the world.<p>>Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country's government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.<p>>It is my understanding that Apple has never worked with any government agency from any country to create a "backdoor" in any of our products and services.<p>>I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct.<p>When China wants something from iCloud they do it the same way that law enforcement does it everywhere in the world, which is through Apple.<p>[1] <a href="https://assets.documentcloud.org/documents/2762131/C-D-Cal-16-Cm-00010-Dckt-000177-000-Filed-2016.pdf" rel="nofollow">https://assets.documentcloud.org/documents/2762131/C-D-Cal-1...</a><p>[2] <a href="https://www.documentcloud.org/documents/2762118-Federighi-Decl-Executed.html#document/p1" rel="nofollow">https://www.documentcloud.org/documents/2762118-Federighi-De...</a>
I feel this should have a very basic statement:<p>"Apple does/does not store or provide access to encryption keys or plaintext of content uploaded to iCloud services"<p>This "support" page says nothing at all about what is actually encrypted vs. faux-encrypted.
Learned this from one of the Blizzard threads [1]. I'm surprised this move by Apple went unnoticed on HN.<p>[1] <a href="https://news.ycombinator.com/item?id=21207949" rel="nofollow">https://news.ycombinator.com/item?id=21207949</a>