Electronic Frontier Foundation 'Fix it Already' program demands fixes to security & privacy problems
The Electronic Frontier Foundation on Thursday launched "Fix It Already," a campaign directed at nine tech companies including Apple, pressuring them to solve privacy and security issues with their platforms.
In the case of Apple, the EFF is arguing that the company should offer people the choice to set tighter encryption on iCloud backups. Such backups are already encrypted, the EFF noted, but can be decrypted on-demand by Apple — and hence handed over in government search requests. The data could also theoretically be raided by hackers.
"The good news," the EFF said, "is that Apple CEO Tim Cook already thinks that encrypting iCloud backups is a good idea and seems to want to implement it in the future."
Apple complies with most government search requests for iCloud data, the only criteria typically being whether due process was followed. That includes not just law enforcement but spy agencies, such as the U.S. National Security Agency.
This can become a serious threat in countries like China and Russia, where autocrats regularly have opposition members imprisoned or killed. Apple has come under fire for obeying laws in those countries requiring local data hosting — stronger iCloud backups could be a way out of the controversy, though it would likely face pressure to weaken security if it wants to keep doing business.
The EFF suggests that heightened encryption should be optional because Apple can help people recover data when they can't remember passwords.
iCloud backups can contain a range of content, from photos, videos, and texts to app data and HomeKit setups. Things like contacts, notes, and email are stored separately.