Security News > 2021 > May > How Apple Gave Chinese Government Access to iCloud Data and Censored Apps
In July 2018, when Guizhou-Cloud Big Data agreed to a deal with state-owned telco China Telecom to move iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance.
Apple, in 2018, announced iCloud data of users in mainland China would move to a new data center in Guizhou province as part of a partnership with GCBD. The transition was necessitated to abide by a 2017 regulation that required all "Personal information and important data" collected on Chinese users "Be stored in the territory."
Although iCloud data is end-to-end encrypted, Apple is said to have agreed to move the encryption keys to its Chinese data centers, when before all iCloud encryption keys were stored on U.S. servers, and therefore subject to U.S. laws around requests for government access.
Besides refuting the allegations, Apple told the New York Times that it "Never compromised" the security of users or user data in China "Or anywhere we operate," adding its Chinese data centers "Feature our very latest and most sophisticated protections," that are expected to be rolled out to other countries.
Beyond its handling of Chinese users' data, the report also called out Apple for its removal of tens of thousands of apps from the Chinese App Store over the past several years, including foreign news services, gay dating, and encrypted messaging apps.
"Apple is clearly being forced to give the Chinese government more control over customer data. The current compromise may even be 'ok', in the sense that some end-to-end encryption is allowed. But sooner or later the Chinese government is going to ask Apple for something that it doesn't want to give up, and Apple is going to have to make a choice. Maybe they already have," Hopkins added.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/Wy_T9oeq1Qc/how-apple-gave-chinese-government.html