Good news for Apple users and bad news for investigative agencies: You see, Apple is soon going to make iCloud a lot more secure by adding end-to-end encryption for backups and photos. Read more about what exactly this means soon!
Security of Apple products
Fortunately, Apple consumers' data is already virtually impossible to steal as long as this information resides on the iPhone or iPad itself. Only the user has access to it via a code or password. However, iCloud was still the weak link in terms of security, as photos, notes and backups are not yet stored end-to-end encrypted. Someone who would hack Apple servers could then access that data that way. So this is about to change, thankfully, as end-to-end encryption is going to be added to iCloud as well, according to Apple. That way, only the person with the correct key can access the data in question. And only the user will have that key: a combination of, say, an iPhone and a PIN. If hackers or, for example, a government gets hold of the iCloud data then they can't actually do anything with it. It also makes it impossible for Apple itself to access user data.
Available in the Netherlands from next year
Starting this month, this feature will be available in America and starting next year in the rest of the world, including the Netherlands. The only things not yet encrypted after this are emails, contacts and the calendar. Apple calls the new iCloud encryption "Advanced Data Protection." Those who enable it in iCloud settings will then protect 23 data groups with end-to-end encryption at once. Apple is also expanding the security of iMessage, WhatsApp's counterpart. Namely, it will get the "Contact Key Verification" feature where users will be notified as soon as iMessage thinks a contact's account has been broken into. In addition, users can verify from each other that they are who they say they are by using a special code that you can compare in real life.
Bad news for governments
These new features are not good news for governments, security services and investigative agencies, who would like just the opposite. According to them, these actually need more access to users' data; in the Netherlands, for example, several justice ministers have already called for a "back door" in encryption on devices. This would allow, for example, the police to access data from criminals' phones. However, in practice a so-called "backdoor" is practically impossible, because it means that somewhere in the security a hole is deliberately left behind that will be discovered by criminals sooner or later anyway. This is why companies like Apple are very much against such a method, because it could actually cooperate in deliberately endangering their consumers.