There would be two major downsides if Apple made iCloud literally impossible to hack


eddie cue iCloud

Getty Images/Kevork Djansezian

Apple has signaled that it plans to upgrade the security on its iCloud cloud service so that even Apple can't access the data it's storing. 

From the Financial Times

Apple is working on new ways to strengthen the encryption of customers' iCloud backups in a way that would make it impossible for the company to comply with valid requests for data from law enforcement, according to people familiar with its plans.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

What Apple is expected to do is to move to a "zero-knowledge" cloud system. Its iMessage is one example of such a system. Apple never sees the content of your blue bubbles - the data Apple transfers is always encrypted in transit, and only decrypted on the user's device. 

Ostensibly, the move to make iCloud's encryption stronger is a response to the recent battle between Apple and the FBI. A zero-knowledge system means that Apple knows nothing about the data stored on its servers, and therefore, wouldn't be able to help out law enforcement, even for valid requests.


(Apple has received and filled hundreds of valid iCloud requests from law enforcement.)

The downsides

There are two major downsides to a fully encrypted iCloud from a user's perspective. 

First, true zero-knowledge iCloud would likely mean that Apple could not reset users' passwords. So if somebody loses his or her password, it's possible that important data such as documents, photos, and messages would be lost forever.

For example, aside from unlocking orders from law enforcement, Apple often fields requests from angry relatives who want to get into deceased relatives' iPhones and iPads.

For example, earlier this year, a Canadian woman called it "ridiculous nonsense" that Apple wouldn't give her late husband's Apple ID password to her without a court order.


If Apple said that it couldn't fill that request at all, that could seriously ding the company's reputation for being user-friendly. 

Another major downside is that a zero-knowledge system would mean that Apple wouldn't be able to use the data included in iCloud to provide better services through artificial intelligence techniques.

Google, for example, scours photos uploaded to the its servers for data to feed its machine-learning technology. This allows users to search for concepts like "cat" or "beach" and Google Photos can return images that depict those things.

Because a zero-knowledge infrastructure would prevent Apple from analyzing uploaded photos, a feature like that wouldn't be possible - or would be significantly harder - with a fully encrypted iCloud. 

Apple's machine-learning abilities are behind Google and Microsoft for now, but software that learns will only become more important going forward.


That, of course, assumes Apple even wants to do that. CEO Tim Cook has signaled that Apple considers its stance on privacy to be a feature, not a bug. 

Advantages, advantages


Pablo Blazquez Dominguez/Getty Images


A zero-knowledge iCloud could still be great for iPhone users even if they're not worried about federal criminal investigations. 

A more secure encrypted system would make it significantly less likely for hackers to be able to talk their way into Apple performing password resets to download backed-up photos and texts - a hacking method commonly called social engineering. This is what happened in 2014 when a slew of leaked celebrity photos were exfiltrated from iCloud and posted on the internet. 

For Apple, it's a move that could make iCloud a more attractive service to privacy-minded consumers, and will help Apple take on Google, Microsoft, Amazon, and the other technology giants who currently dominate online services. 

If iCloud were fully encrypted, the service would have a clear identity that it previously lacked. Cloud services like Google Drive, Dropbox, and Microsoft's OneDrive are not encrypted and probably will never be, given the way those firms monetize their cloud storage. 


Apple could finally point to a reason to use iCloud over its competitors: privacy and security. 

While online services may not be Apple's strong suit, in recent years, designing systems with maximum security has become a strength. iMessage, for example, reliably delivers as many as 200,000 messages per second, and it's seriously secure, too. 

Ultimately, one outcome might be that Apple could decide not to port its services to competing platforms, as has been suggested. The company's approach to digital security involves cryptographic keys built into the physical devices that Apple designs, so, say, moving iMessage to Android or the web while keeping cryptographic standards may be a significant challenge. 

Apple's security engineers are a "tight-knit tribe of hackers" with "almost unparalleled power around the company's Cupertino campus," according to the Guardian. Now they've been empowered to revamp Apple's iCloud around security  - and that's good news for privacy-minded Apple users.  

NOW WATCH: Columbia law professor argues that 'privacy has been privatized'