Apple to store some user data in China: Weighing the pros and cons

Apple to store some user data in China: Weighing the pros and cons

Summary: Apple's move to store some of its Chinese users' data in the country has benefits — and drawbacks — for its customers.

SHARE:
apple-store
(Image: Apple, via CNET)

Apple has started to store some of its Chinese users' data on servers in mainland China, becoming one of the very few technology giants to store information on Chinese soil.

It's a step away from its rivals, like Google and Microsoft, which tend to shy away from storing data in the country due to its policies on censorship and past accusations of state-sponsored hacking and spying.

Apple said it made the move in order to speed up its iCloud service to users in the country, and increase reliability across the board, according to the Reuters news agency.

China remains increasingly important to the company's bottom line, as it continues to drive the company's strong quarterly revenue. The iPhone and iPad maker's fiscal third-quarter results showed China accounted for about 16 percent of the company's global revenue, thanks to a bump in iPhone sales — its predominant profit driver — in the country.

But skeptics are already questioning whether or not the data-storing approach may harm its business, in light of the nation state's past (and ongoing) practices.

Here's what you need to know:

  • The data will be held by China Telecom, the country's third-largest wireless carrier — though, the data will be encrypted. The carrier will not have access to the data, Apple said.

  • Encryption keys for iCloud, which lets users store their music, photos, documents, and other data from their iPhone, iPad, or Mac, will be stored offshore by Apple.

  • China Telecom is state-owned, but remains a strong partner for Apple. It was a key partner in getting the iPhone to market in the country, which at the time was stalling its iPhone profit growth.

  • Apple will remain the custodian of the encryption keys. But because Apple conducts business in China, it still has to abide by data requests by law enforcement and intelligence agencies. 

Reports suggest that the move was twofold: to make iCloud faster and more reliable for its users, but also because the company was facing a crackdown by the Chinese authorities that may have seen it penalized for failing to store data within grabbing-reach of the state.

It follows Russia's recent steps to force companies to store Russian data on its soil, which would make it significantly easier for Moscow to conduct surveillance on its citizens. 

Russia and China, two of the last remaining communist states, remain at arms length from the rest of the G7 and the United Nations due to these practices.

But it may not alleviate concerns that China may be able to grab data when it wants, for any given reason.

China's policies and practices on state surveillance, government censorship, and extraterritorial hacking have been widely criticized by Western nations. Google refuses to store data in China after it was hacked by Beijing in 2011, leading to the search giant pulling out of the country altogether.

Apple has in recent months become one of the pinnacles of user privacy, particularly in the wake of the Edward Snowden disclosures. Although Apple denied any knowledge of the PRISM surveillance system during a time in which its transparency levels were at an all-time low, many remain skeptical of how much access the US government has to Apple's networks.

In the wake of the disclosures, Apple issued its first transparency report with a "warrant canary," to show before-the-fact if a wide-ranging warrant for its customers' data had been received.

Apple also devises its messaging systems to be encrypted to the point where, according to reports, even the company cannot access the data — making it impossible to hand over that data to the US government and other nation states. Search warrants can still be served on the company. It's not clear if there are master encryption keys to allow Apple's general counsel or custodian of the records to hand over data in a law enforcement or national security emergency.

That said, trust in the wider Silicon Valley technology scene has been shaken by the scope of state surveillance.

For now, it seems like the fairest compromise. Though the data may be stored in China, it's said to be unreadable by its carrier partner — and therefore also unreadable by Beijing. With Apple storing the encryption keys, it may be the best-case scenario for everyone.

Topics: Apple, Data Centers, iOS, iPhone, iPad, Privacy, Security, China

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • All Major Governments Will Spy...

    Rule #1 - Don't store anything in the cloud that you absolutely don't want anyone to access.

    Failing Rule #1...

    1. Choose a Chinese or European cloud provider if you live in the US. Avoid the Five Eyes.
    2. Choose a European cloud provider if you live in China.
    3. Choose a Chinese cloud provider if you live in Europe.

    Any government can snoop if it wants to. But Chinese/European governments have little to no power outside their respective jurisdictions. America has the strongest reach of all -- to prosecute, etc..
    ReadandShare
    • Do I read this correctly ReadandShare

      Your argument is all about crime? So you can commit crime on a computer are you ignorant? People may use cell phones and computers in crime but the state has the ultimate right to look at what is being done. The is no security or secrecy in foolishness. All of these jurisdictions can prosecute and share information on crime. There are issues of privacy and security but your not addressing those.
      Altotus
      • Strange...

        I said nothing about crime. My focus is on privacy. Are you assuming that people who value their privacy are "all about crime"? Who indoctrinated you?
        ReadandShare
        • Strange..

          Criminals!.
          delgen
        • You are using the net and speak about privacy?

          The issue of privacy is about criminal activity. In which case there is no right of privacy. The nature of the net is not private. That is fundamentally engineering not law. Routers are private property and everything is reveled at every single node like a post card in the mail as if the post office were the hands of you classmates. It possible for many many hops through the net so that data is exposed at every node in many jurisdictions. Perhaps you were indoctrinated by ignorance of the realty. Value something that does not exist? Emperors new cloths. Perhaps you have an expectation that post cards are private however no one else shares that opinion. If your concerned about prosecution its all about crime. Having an opinion is a crime in some places. Those who value something that does not exist are not living in this reality.
          Altotus