Apple Begins Storing Chinese User Data On Servers In China 92
An anonymous reader writes Reuters reported on Friday that Apple "has begun keeping the personal data of some Chinese users on servers in mainland China." Apple has claimed that the move is meant "to improve the speed and reliability of its iCloud service", but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics. Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore. Only time will tell if Apple will be able to resist Chinese government requests to access its China-based servers.
What's the problem... (Score:5, Insightful)
They're storing mainland customer data on mainland servers. I don't see the problem with this - if the Chinese gov't wants data, they have SO many means at their disposal to capture it regardless of whether it's stored on a domestic server, or external. This is a good move, imo, as storing data in any country other than China would mean heavy latency passing through the GFW and having it likely captured elsewhere anyways.
Pure Marketing (Score:2, Insightful)
Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore
This is pure marketing bullshit. How are they going to make the data available to their users if the keys are stored offshore? What use does encryption have if they have the keys and need to be able to decrypt the data on the fly, i.e. everyone with access to their servers can also decrypt the data?
The only secure way is to design the system such that the servers just see ciphertext coming in and going out. Everything else is not secure, especially if governments are involved. The Lavabit case should have made that clear once and for all even for non-experts.
Not just China (Score:5, Insightful)
[...] but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics.[...]
Given the United State's track record, I think the skeptics should worry about data collection at home too.
Why always focus on China when it comes to human rights and privacy issues? Just look at your own navel for a change...
Trust the USA (Score:4, Insightful)
Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore.
So the keys are only stored back at the headquarter in the USA?
The place where a "judge" can order any company to deliver the customer's data to the state?
Data of users who may not be citizens of the USA and even data that is stored on foreign soil.
lawful interception... (Score:3, Insightful)
It does not matter if they store the keys up at the Apple CEO's butt...
If they place the servers on Chinese physical land, then it is under Chinese jurisdiction, and the Chinese government can use their normal legal interception laws to get any data they want.
If they do not comply they confiscate the servers and start issuing large fines on Apple.
The only difference between "normal" US/UK/DE or whatever western world is that the Chinese has a much broader idea on what can be illegal.
So i would not trust that data store for 1second.