Cart ()

Apple Hands Over Chinese iCloud User Data To State-Owned Mobile Company

Apple Hands Over Chinese iCloud User Data To State-Owned Mobile Company

The Chinese government has made yet another move to tighten its grip on the digital sphere.

This time Beijing’s actions hit Apple users.

Apple's Chinese data center partner has transferred iCloud data, belonging to 130 million China-based users, to a cloud storage service managed by a state-owned mobile telecom provider—raising concerns about privacy.

User data - which includes emails and text messages - is now being stored by a division of China Telecom, the state-owned telecommunications company. According to a post by the company’s officials, the operator’s Tianyi business cloud storage unit has taken the reins for iCloud China.

What are the practical ramifications of this massive transfer of data?

Apple’s transition of data from its US-based servers to local servers on Chinese soil has raised significant concerns that the change will grant the Chinese government easier access to sensitive information. Before this move, all encryption keys for Chinese users were stored in the U.S. on Apple’s private systems. That meant any time Chinese authorities wanted access to a China-based user’s “i-data,” they needed to go through the American legal system, present evidence, argue their case, and convince authorities that the peek into private information was warranted. Now that whole process is based on Chinese courts and a gatekeeper that’s owned by the government. While Apple phones themselves will still be close to impossible to access, any information in a user’s iCloud account could be accessible to Chinese authorities who present Apple with a legal order.

Back in February, Apple told international media that it was forced to move cryptographic data to China in order to comply with new government regulations. True, Apple has been adamant that it will only respond to valid legal requests. But China’s domestic legal process is very different than that of Western countries. The system lacks anything like an American “warrant” reviewed by an independent court. In fact, court approval isn’t required at all under Chinese law and police can issue and execute warrants more or less of their own will.

There are more implications of these reports than just potential privacy violations of users.

China has long been the subject of criticism in the U.S. government for dubious operations in the data sphere. Earlier this year, reports revealed how the Chinese government was ramping up domestic surveillance policies affecting digital devices in an effort to spy on citizens. The Chinese private sector hasn’t escaped this suspicion either. Earlier this year, U.S. media reported that the Pentagon had officially prohibited the sale of phones made by Chinese mobile phone companies Huawei Technologies Co. and ZTE Corp in retail outlets on American military bases around the world. The ban was due to concerns that the Chinese government could order the telecom firms to track soldiers' movements or snoop on their communications using their devices.

While both Huawei and ZTE denied that such a scenario is even a possibility, the forcing of  Apple’s hand by Chinese data regulations is just one story in a larger narrative that furthers the idea that anything coming out of the country presents a real threat to data privacy - and potentially national security.