
Learn more about iCloud in China mainland - quantisan
https://support.apple.com/en-us/HT208351
======
GeekyBear
This is required to operate under Chinese law.

For instance, here is Microsoft's description of their own compliance.

>Keep your data within datacenters located in China with an Azure China
account and stay compliant with international and industry-specific compliance
standards. Access to your customer data is controlled by an independent
company in China, 21Vianet. Not even Microsoft can access your data without
approval and oversight by 21Vianet.

[https://azure.microsoft.com/en-us/global-
infrastructure/chin...](https://azure.microsoft.com/en-us/global-
infrastructure/china/)

------
Despegar
Not only is this not news there's a lot of FUD about it.
[https://news.ycombinator.com/item?id=20904857](https://news.ycombinator.com/item?id=20904857)

Reposting my comment:

Apple has already publicly said in court filings, and under threat of perjury,
that they don't make any exceptions for China. From Apple's filing [1]:

>Finally, the government attempts to disclaim the obvious international
implications of its demand, asserting that any pressure to hand over the same
software to foreign agents “flows from [Apple’s] decision to do business in
foreign countries . . . .” Opp. 26. Contrary to the government’s misleading
statistics (Opp. 26), which had to do with lawful process and did not compel
the creation of software that undermines the security of its users, Apple has
never built a back door of any kind into iOS, or otherwise made data stored on
the iPhone or in iCloud more technically accessible to any country’s
government. See Dkt. 16-28 [Apple Inc., Privacy, Gov’t Info. Requests];
Federighi Decl. ¶¶ 6–7. The government is wrong in asserting that Apple made
“special accommodations” for China (Opp. 26), as Apple uses the same security
protocols everywhere in the world and follows the same standards for
responding to law enforcement requests. See Federighi Decl. ¶ 5.

and a declaration from Craig Federighi personally [2]:

>Apple uses the same security protocols everywhere in the world.

>Apple has never made user data, whether stored on the iPhone or in iCloud,
more technologically accessible to any country's government. We believe any
such access is too dangerous to allow. Apple has also not provided any
government with its proprietary iOS source code. While governmental agencies
in various countries, including the United States, perform regulatory reviews
of new iPhone releases, all that Apple provides in those circumstances is an
unmodified iPhone device.

>It is my understanding that Apple has never worked with any government agency
from any country to create a "backdoor" in any of our products and services.

>I declare under penalty of perjury under the laws of the United States of
America that the foregoing is true and correct.

When China wants something from iCloud they do it the same way that law
enforcement does it everywhere in the world, which is through Apple.

[1] [https://assets.documentcloud.org/documents/2762131/C-D-
Cal-1...](https://assets.documentcloud.org/documents/2762131/C-D-
Cal-16-Cm-00010-Dckt-000177-000-Filed-2016.pdf)

[2] [https://www.documentcloud.org/documents/2762118-Federighi-
De...](https://www.documentcloud.org/documents/2762118-Federighi-Decl-
Executed.html#document/p1)

~~~
tptacek
Rather than reposting the same comment, the better thing to do here is flag
the story.

~~~
colorincorrect
there's nothing wrong about OP: he/she is just sharing a statement released by
Apple.

it's only "wrong" or misleading in light of current events, but i don't think
it is sufficient reason to delete it.

------
olliej
I feel this should have a very basic statement:

"Apple does/does not store or provide access to encryption keys or plaintext
of content uploaded to iCloud services"

This "support" page says nothing at all about what is actually encrypted vs.
faux-encrypted.

~~~
HHad3
Apple maintains a separate document on how individual content is encrypted
[1].

Note that it is not apparent whether some of data listed under "end-to-end
encrypted" is also included with iCloud Backups.

[1] [https://support.apple.com/en-us/HT202303](https://support.apple.com/en-
us/HT202303)

~~~
maximente
suppose i have an iphone 7 and a macbook air. i would like to know (to the
extent possible) if it is possible to keep encrypted messages in iMessage
accessible only on the iPhone while keeping photos available in iCloud/cross
device.

after reading the link, it seems that as long as i do not have iCloud enabled
for messages, no matter what other services i have enabled iCloud enabled for,
i'm OK - for example, i do have photo iCloud backup enabled.

can anyone confirm that's what happens?

~~~
Despegar
You can have iCloud enabled for Messages, but if you have iCloud Backup on
then the keys are stored in the backup.

>Messages in iCloud also uses end-to-end encryption. If you have iCloud Backup
turned on, your backup includes a copy of the key protecting your Messages.
This ensures you can recover your Messages if you lose access to iCloud
Keychain and your trusted devices. When you turn off iCloud Backup, a new key
is generated on your device to protect future messages and isn't stored by
Apple.

------
quantisan
Learned this from one of the Blizzard threads [1]. I'm surprised this move by
Apple went unnoticed on HN.

[1]
[https://news.ycombinator.com/item?id=21207949](https://news.ycombinator.com/item?id=21207949)

~~~
tptacek
It's been covered previously on HN, extensively, for a long time.

[https://hn.algolia.com/?q=icloud+china](https://hn.algolia.com/?q=icloud+china)

~~~
quantisan
Indeed. The linked Apple Support page marked the page as published on Oct 1,
2019 so I assumed it's new.

