Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
China Government Privacy Apple

Apple Begins Storing Chinese User Data On Servers In China 92

An anonymous reader writes Reuters reported on Friday that Apple "has begun keeping the personal data of some Chinese users on servers in mainland China." Apple has claimed that the move is meant "to improve the speed and reliability of its iCloud service", but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics. Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore. Only time will tell if Apple will be able to resist Chinese government requests to access its China-based servers.
This discussion has been archived. No new comments can be posted.

Apple Begins Storing Chinese User Data On Servers In China

Comments Filter:
  • by Rick in China ( 2934527 ) on Saturday August 16, 2014 @04:24AM (#47683689)

    They're storing mainland customer data on mainland servers. I don't see the problem with this - if the Chinese gov't wants data, they have SO many means at their disposal to capture it regardless of whether it's stored on a domestic server, or external. This is a good move, imo, as storing data in any country other than China would mean heavy latency passing through the GFW and having it likely captured elsewhere anyways.

    • But surely the reason is to keep the data out of the hands of the US courts?

    • by satuon ( 1822492 )

      if the Chinese gov't wants data, they have SO many means at their disposal to capture it regardless of whether it's stored on a domestic server, or external

      I assume they're not transmitting it in plain-text?

  • Pure Marketing (Score:2, Insightful)

    by Anonymous Coward

    Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore

    This is pure marketing bullshit. How are they going to make the data available to their users if the keys are stored offshore? What use does encryption have if they have the keys and need to be able to decrypt the data on the fly, i.e. everyone with access to their servers can also decrypt the data?

    The only secure way is to design the system such that the servers just see ciphertext coming in and going out. Everything else is not secure, especially if governments are involved. The Lavabit case should have m

    • It doesn't matter anyway, since China will have hacked the encryption keys within minutes of generating them.

      Or the NSA will have hacked them, passed them them on to Israel (NSA gives Israel raw intelligence access), who will then sell them to China in exchange for whatever weapons they can't get from the US.

  • Not just China (Score:5, Insightful)

    by Rosco P. Coltrane ( 209368 ) on Saturday August 16, 2014 @04:39AM (#47683727)

    [...] but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics.[...]

    Given the United State's track record, I think the skeptics should worry about data collection at home too.

    Why always focus on China when it comes to human rights and privacy issues? Just look at your own navel for a change...

    • Hey quick! Look over there! (Governing 101: utilize distraction/fear-mongering.)

    • It looks to be an obvious move.
      Accept that various agencies in various countries are trawling for data. Storing data locally minimises the number of agencies which have access to that data. Once the Snowden revalations became public, keeping data within national boundaries became a selling point for (not just) ISPs in most countries. I suppose I was ahead of the curve, I avoided Cloud services for just that reason - and then suspicions were confirmed.

      When the Chinese Government request (or demand) that u

    • by Anonymous Coward

      [...] but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics.[...]

      Given the United State's track record, I think the skeptics should worry about data collection at home too.

      Why always focus on China when it comes to human rights and privacy issues? Just look at your own navel for a change...

      Does every slashdot article have to come back to trashing the USA these days?

      • Comment removed based on user account deletion
      • [...] but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics.[...]

        Given the United State's track record, I think the skeptics should worry about data collection at home too.

        Why always focus on China when it comes to human rights and privacy issues? Just look at your own navel for a change...

        Does every slashdot article have to come back to trashing the USA these days?

        Don't ou think it's kindof relevent? Given they're talking about privacy of data, and the other option for storing would be in the States? Mm?

      • Re:Not just China (Score:5, Informative)

        by Clsid ( 564627 ) on Saturday August 16, 2014 @09:21AM (#47684325)

        I have been living in China for quite a bit now, and I actually ask the same thing myself when I read something about China. Even this move by Apple is distorted in the way that the article is presented to always put the Chinese as the evil bad guys. Hell, I don't like the GFW myself, but I have to admit that this move by Apple is something of a trend for every tech company doing business in China. You incur a huge penalty in response times when you have to fetch content from the outside, which is why we go to great lengths in stuff we develop to make sure we are not linking to some google font, some blogspot/facebook link, etc.

        • by poity ( 465672 )

          The people in China who are wary of this are those of the Slashdot mindset -- your spiritual and intellectual compatriots who want the same thing as you do, privacy and to be left alone by government. Instead of standing up for friends and allies, there are those on Slashdot who would stand up for government. I don't get it. Are your minds warped somehow? Are you all so tolerant of others that you forget who you should be tolerant of?

      • by reikae ( 80981 )

        This is a US-centric website, so the answer is yes.

    • It DOESN'T MAKE ANY DIFFERENCE where Apple stores credit card / serial number / address info. Look folks, it's pretty obvious. Any government larger than, say, North Korea, has the contacts, money and power to get any consumer or personal information running across their territory. Britain, France, Germany, hell even Portugal or Texas (well maybe not Texas).

      So, all you can hope for, be you Chinese or American, Swiss or Tongan, is that your friggen Credit Card stays away from some clown in Eastern Europe

  • Trust the USA (Score:4, Insightful)

    by Skylinux ( 942824 ) on Saturday August 16, 2014 @04:53AM (#47683743) Homepage

    Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore.

    So the keys are only stored back at the headquarter in the USA?

    The place where a "judge" can order any company to deliver the customer's data to the state?
    Data of users who may not be citizens of the USA and even data that is stored on foreign soil.

    • Almost forgot. The place where you get punished for not revealing your encryption key(s) to the court.

      "I have something to hide, my privacy."

  • by Anonymous Coward on Saturday August 16, 2014 @05:31AM (#47683809)

    It does not matter if they store the keys up at the Apple CEO's butt...
    If they place the servers on Chinese physical land, then it is under Chinese jurisdiction, and the Chinese government can use their normal legal interception laws to get any data they want.
    If they do not comply they confiscate the servers and start issuing large fines on Apple.

    The only difference between "normal" US/UK/DE or whatever western world is that the Chinese has a much broader idea on what can be illegal.
    So i would not trust that data store for 1second.

    • If the collect payments for the service using the Chinese banking system, then the Chinese government can use their normal legal channels to get the data they want.

  • by Anonymous Coward

    I think its clear Apple is simply looking at their bottom line and maybe also considering storage by region to some extent. I don't think people realize how much this is already being done without much public fanfare. Google certainly has server farms all over the World and Microsoft too. As well as many companies you probably do business with. Given the whole NSA situation in the States. Does finding out that my information is stored possibly in China make me feel any worse? Hardly. My own Country sifts t

    • by tomhath ( 637240 )
      According to TFA your data won't be stored in China unless you live in China. I assume Apple had to choose between playing by the Chinese government's rules or not playing at all; although I assume this is just a delaying tactic by China to maintain control until they can replace Apple with something of their own.
  • by drolli ( 522659 ) on Saturday August 16, 2014 @06:08AM (#47683875) Journal

    Seems reasonable to me. Actually reduced the needed data transport. The great firewall is in place for the data transfers to the outside world. I am sure the cn gvmnt has to possibility to targeted intercept, as has the america, german, russian or british governments.

    Given what we learned in the recent years, placing data and encyption keys in two different legislations (chinese and america) is the most straighforward way to protect against legal interception.

    • by Pikoro ( 844299 )

      But if the keys are stored in the USA, and the data is in China, then the keys will have to traverse the great firewall in order for the user to decrypt their data. That data will be susceptible to interception once it passes into China.

      This is just marketing.

      • by drolli ( 522659 )

        To me there is a significant difference between somthing affecting all stored dasta and only affecting data accessed after a specific date.

  • by penguinoid ( 724646 ) on Saturday August 16, 2014 @10:04AM (#47684459) Homepage Journal

    Option 1: Store the Chinese data in China. The Chinese government owns all their bits.

    Option 2: Store the Chinese data in the US and route it through China. The Chinese government owns all their bits. And so does the US.

    It's pure marketing, of course. If they were really interested in security, they'd store only encrypted data without the key. But then it wouldn't be searchable, and a bunch of idiots would forget their encryption key and be angry because there'd be no magic recovery system.

  • China already builds spyworthy Cisco networking gear, why would they have to ask Apple for access?

  • I am a Chinese who studies China for a living, and it is becoming more and more apparent to many people, that the ruling Chinese Communist Party (CCP) knows it is on its last straw of survival.

    The party is facing severe and increasing systematic stress on all fronts:

    1. Increasing external oppositions from all other countries in the world, forming more and more alliances and becoming more outspoken with rising strengths against China, as well as increasing anti-China sentiment from people in all other countr

Time is the most valuable thing a man can spend. -- Theophrastus

Working...