I’m no fan of Apple. But I really like their latest move. It’s a dilly.
Apple said Wednesday night that it is making it impossible for the company to turn over data from most iPhones or iPads to police — even when they have a search warrant — taking a hard new line as tech companies attempt to blunt allegations that they have too readily participated in government efforts to collect user information.
The move, announced with the publication of a new privacy policy tied to the release of Apple’s latest mobile operating system, iOS 8, amounts to an engineering solution to a legal quandary: Rather than comply with binding court orders, Apple has reworked its latest encryption in a way that prevents the company — or anyone but the device’s owner — from gaining access to the vast troves of user data typically stored on smartphones or tablet computers.
The key is the encryption that Apple mobile devices automatically put in place when a user selects a passcode, making it difficult for anyone who lacks that passcode to access the information within, including photos, e-mails and recordings. Apple once maintained the ability to unlock some content on devices for legally binding police requests but will no longer do so for iOS 8, it said in the new privacy policy. …WaPo
You still have to be savvy enough to avoid “clouds.”
Apple will still have the ability — and the legal responsibility — to turn over user data stored elsewhere, such as in its iCloud service, which typically includes backups of photos, videos, e-mail communications, music collections and more. Users who want to prevent all forms of police access to their information will have to adjust settings in a way that blocks data from flowing to iCloud. ...WaPo
But it does give a very nice, painful little goose to the Supreme Court.
Apple’s new privacy policy comes less than five months after the Supreme Court ruled that police in most circumstances need a search warrant to collect information stored on phones. Apple’s action makes that distinction largely moot by depriving itself of the power to comply with search warrants for the contents of many of the phones it sells. …WaPo
___
The BBC report suggests more secure “clouds.”
The process works by introducing an extra step after an account holder has typed their username and password into a device they have not used before.
They are also required to enter a four-digit code that is either texted to a trusted mobile phone number or sent via Apple’s Find My iPhone app.
If the person does not enter the code, they are refused access to iCloud and are blocked from making an iTunes, iBooks, or App Store purchase.
They can, however, use a 14-character recovery key to regain access to the account in the event their trusted device is lost or stolen. They are told to keep this in a safe place to avoid being locked out.