With iMessage Contact Key Verification, users can verify they are communicating only with whom they intend. With Security Keys for Apple ID, users have the choice to require a physical security key to sign in to their Apple ID account. And with Advanced Data Protection for iCloud, which uses end-to-end encryption to provide Apple’s highest level of cloud data security, users have the choice to further protect important iCloud data, including iCloud Backup, Photos, Notes, and more.
Even prior to Apple’s announcement, iCloud already protected 14 sensitive data categories using end-to-end encryption by default, including passwords in iCloud Keychain and Health data. For users who enable Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises to 23, including iCloud Backup, Notes, and Photos. The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar because of the need to interoperate with the global email, contacts, and calendar systems. “For years we’ve had to deal with the fact that an entire copy of our phone lives on a server that’s outside of our control. Now the data on that server is under our control. That’s really all that’s changed here,” Matthew Green, associate professor at Johns Hopkins University, told Motherboard in an online chat. “I think it’s an extremely important development.” “The ability to have end-to-end encryption for cloud storage such that it is a personal vault to which only you hold the keys is a big step for Apple,” Alan Woodward, a cybersecurity professor at the University of Surrey, told Motherboard in an online chat. “It has been a bit of an alternate route for law enforcement in the past to obtain data that was stored on devices when users hadn’t quite realised it was being synchronised to iCloud. Closing the ‘loophole’ is doubtless going to bring some push back from law enforcement but clearly Apple believe it is something the customers want.”