Apple's iCloud is a service that encapsulates everything related to internet-centric data storage and cross-device sync for its platforms. It is available across every Apple device, with some Windows compatibility, and performs most tasks in the background.
● Encrypted storage and backup
● End-to-end encrypted communication with iMessage and FaceTime
● Storage plans up to 4TB
● Collaboration and sync tools for apps
● Hide My Email
● Private Relay
● Family Sharing for purchases and storage
Get Apple News Directly in Your Inbox
Apple continues to branch out parts of iCloud into other services and product ecosystems over time. There's even an iCloud app on Windows, and soon, iCloud Photos integrations.
What started as a simple app data and settings sync has evolved into a full-fledged document storage solution. Also, Apple utilizes iCloud for many services like HomeKit Secure Video and email.
In general, the term refers to anything that syncs across Apple's ecosystem of products. It is the backbone of Apple services and the location of all user-generated data.
Advanced Data Protection
Users can now activate end-to-end encryption for more iCloud content than ever. In addition to the 14 data and services Apple uses end-to-end encryption on, Advanced Data Protection adds it to nine more categories.
Additional end-to-end encryption categories:
- Device backups
- Messages backups
- iCloud Drive
- Safari Bookmarks
- Voice Memos
- Wallet passes
This feature is not turned on by default and has strict requirements to enable. Users must have every device on their iCloud account updated to the latest version of their respective operating system. Products unable to update to iOS 16.2 or their respective update must be removed from the user's iCloud account.
After everything is updated, the user must add an Account Recovery Assistant contact or generate a Recovery Key. The contact will help the user recover their iCloud account in the event of a forgotten password or locked out account. The 28-character recovery key is also used in the event of losing access to an account.
If the user is unable to recover their account using one of the two methods above, the account is lost and all end-to-end encrypted data cannot be recovered. Users must understand the risk and take every precaution to prevent account loss.
iCloud Shared Photo Library
Apple introduced a new photo library syncing and sharing system called iCloud Shared Photo Library in iOS 16. It allows users to invite five other people to join a single library.
The person who creates the shared library is the one responsible for managing the data, which means all photos and videos in the shared library count against their iCloud storage. Invited participants can be anyone and are not limited to Apple Family members.
All participants can edit, share, tag, or delete photos within the shared library. However, only photos added by an individual can be permanently deleted by that individual. If a person is removed from the shared library, they get to keep all of their contributions in their own personal library without any data loss.
Users can toggle on automatic uploads based on location or face data. There's also a toggle in the Camera app for sending every new photo captured directly to the shared library.
Apple introduced iCloud+ as a feature of iOS 15 during the 2021 WWDC. It brings several features to anyone paying for iCloud storage or Apple One, like unlimited HomeKit Secure Video cameras at some storage tiers.
iCloud Private Relay
Private Relay is an internet privacy service that uses two relays to hide your local IP address. This feature keeps websites and your ISP from tracking users based on IP address.
Neither relay can ascertain who you are and what website you visit. Users can customize how localized their IP location by toggling a more broad exit location.
This isn't a VPN or VPN alternative. Users cannot select specific nodes to exit from, and they will always exit somewhere localized to their region. For instance, a user in the United States won't exit a node in Canada no matter how close they are to the region.
Some networks are not compatible with Private Relay and will automatically toggle the feature off. Users will be alerted to this incompatibility via a notification in Settings.
Hide My Email
When a user creates a new account on a website or service, they are prompted to enter an email address. This is necessary for any account creation, but not all websites treat your private information equally. When an account is created, some websites and services will sell an email address to ad agencies or spam distributors.
To prevent inadvertent tracking through account sign-ups or inundation of spam, iCloud+ users can now use a randomized email address that redirects all mail to their iCloud inbox. These generated addresses can be managed via the Settings app, and if spam or unwanted mail comes from a specific address, it can be deleted.
Custom Email Domain
Customers who own an email domain can add it to iCloud and share it with family members. In addition, existing emails at a custom address can also be imported from the domain for use. Each person in a family can have up to three email addresses per domain.
Apple notes that any mail sent or received using iCloud Mail uses storage. If a user runs out of storage, mail won't be sent or received at the custom domain until space is made.
Base iCloud Features
Beyond cloud-based storage, iCloud provides several other services to users. Its infrastructure is used for everything from photo syncing to collaborative working environments in iWork.
Apple also uses iCloud servers for processing requests, like Siri or language translation. More and more functions are moving offline, but Apple still reserves its more intensive tasks for the servers.
iCloud Photo Library
Users can back up their photographs to iCloud Photos, a feature where all of a user's images and videos are stored online and synchronized across all devices signed in to the same account. Images are stored in iCloud at their original resolution, complete with metadata and any edits within the Photos app, and kept completely intact without any additional compression applied to the files.
Photographs can also be viewed through a web browser and shared with other people with a link.
Apple’s iCloud allows users to store images in the cloud. This enables devices with low storage capacity to store high-resolution photos on a server rather than on-device. Users have the option to download the stored pictures to their devices on-demand.
If users store many high-resolution photos and videos in iCloud, they will likely fill their iCloud account to capacity. Users can buy additional storage from Apple as needed.
With support for JPEG, MP4, and Apple's high-efficiency HEIF and HEVC codecs, the iCloud Photo Library can handle other types of files, including PNG images, GIF, TIF, and unprocessed RAW photos generated by dedicated cameras and iPhone apps.
While iCloud Photos usually deals with all of a user's images, using My Photo Stream is also an option. This feature uploads the last 30 days of photographs taken on account-linked devices, up to a maximum of 1,000 images. Images are shared across devices but are downloaded at a lower resolution on iPhone, iPad, and iPod touch, while full-resolution images are available on Mac and PC.
Unlike iCloud Photos, My Photo Stream doesn't count against the iCloud data allowance. However, users still have to save images to their main library to keep them within 30 days or risk losing the photos after the time expires. My Photo Stream also does not retain any edits made to an image.
A core function of iCloud, iCloud Drive is an online storage area for files and documents. Once uploaded to iCloud Drive, users can view and download files to any device they've signed into. This feature allows users to start working on one device and finish on another.
The iCloud Drive acts like a regular folder on a Mac or PC, storing and moving files freely. Files and folders stored in the drive can be shared with other people, accessed from a web browser, and used with Apple's collaborative tools.
For iOS and iPadOS, the addition of the Files app gave iPhone and iPad users a way to see locally-stored and iCloud Drive files directly and interact with the folder structure. Files can be downloaded and be opened locally in the relevant app, with saved changes uploaded to iCloud Drive.
The Files app can also be a central access point for other cloud storage services, including Box, Dropbox, and OneDrive. Once authenticated in an app, users can see each service's file container from the app and interact with files stored on each.
On iPadOS, the Files app can access external storage, with connected USB flash drives, SD cards, and hard drives viewable in the app.
As well as sharing files and documents online, iCloud adds in several elements that let people work collaboratively. Multiple people can work on pages, Numbers, and Keynote documents simultaneously, with up to 100 people able to view and edit a document simultaneously.
The files can be worked on using a Mac, iPhone, or iPad using the relevant Pages, Numbers, or Keynote apps. Users of other platforms, including Windows, can access the file within a browser on iCloud.com.
Users can invite others to collaborate by sharing an iCloud link of either the file or the iCloud Drive folder. Once shared, documents show how many people have the document open, with edits automatically synchronized and applied to all available instances.
For offline users, edits to a document while disconnected are saved for at least 30 days and are automatically uploaded when a connection is reestablished.
Apple also includes an option to communicate with others within a document by using comments. Applying a comment to a document allows for discussing details with others without directly affecting the document.
The document owner can stop sharing a document within the collaboration menu. Once sharing stops, it is removed from the iCloud Drive of all participants.
Formerly under the name of "Find My Friends" and "Find My iPhone," and later collected together in iOS 13, Find My is an app and service that combines some of the frequently-used location-based services offered through the power of iCloud. Fundamentally, the app allows users to find their friends and other Apple devices on a map.
The app functions chiefly under three areas: People, Devices, and Items. People keeps track of anyone currently sharing their location with you. Locations can be shared voluntarily by family and friends in iMessage.
Devices is used to locate most Apple products attached to your iCloud account available on the Find My network. This can be anything from a MacBook to an Apple Watch or iPhone. Family members' devices also show up here.
Items show connected AirTags and non-Apple devices using the Find My network. Third-party devices like the Chipolo tracker show up here.
For some devices like an iPhone, users can make it play a sound to help find a lost device and get directions to where it was last seen.
Users can mark a device as lost, which will lock down the iPhone or iPad, displaying a phone number and a message of the user's choosing to encourage any finders to return it. A more extreme option of erasing the device remotely is also available, for instances where it is believed someone may try to gain access to onboard data.
The feature is also usable on iCloud.com.
It is possible to keep more than files and documents in sync across your Apple devices, as there are options to do the same with iCloud Contacts, Calendars, Notes, and Reminders. Syncing enables the same details to be mirrored across all of a user's devices, preventing users from searching multiple areas to find contact details by managing them all in one place: iCloud.
Enabling synchronization using iCloud allows for contacts, calendars, notes, and any reminders stored in their respective apps to be copied to iCloud, then shared with other devices signed in to the same Apple ID. Changes made to the items are similarly saved to the iCloud version and synchronized.
The iCloud Keychain also syncs passwords. Account credentials are shared with all devices on the same Apple ID. This saves users from manually typing in their passwords on a new iPad when setting it up or logging in on a second device that they don't usually use to access a service.
Messages In iCloud can be set up to synchronize conversations between multiple devices. The same message threads and attachments are available throughout a group of devices on the same Apple ID. New messages appear on all devices while attachment deletions simultaneously take place across all hardware.
For iPhone, iPad, and iPod touch owners who don't want to use a Mac or PC to back up their data, there is the option of using iCloud Backup. As the name suggests, iCloud Backup provides an online backup of a user's critical data. The backed-up data is available to download to a device in an emergency, like if a device is lost or damaged.
The backup can automatically take place each day once set up, but only when the device is connected to power, locked, and connected to Wi-Fi.
Rather than backing up all of the data on a device, as possible with a conventional Mac or PC-based backup, iCloud Backup stores a subset of data.
The data iCloud Backup stores include:
- App data
- Apple Watch backups
- Device settings
- Home screen and app organization
- iMessage, text, and MMS messages
- Photos and videos
- Apple service purchase history
- Visual Voicemail password
To avoid duplicated data, iCloud doesn't back up items already stored in iCloud. This includes synchronized contacts, Messages in iCloud, iCloud Photos, calendar appointments, and Voice Memos. Other things like Health data, call history, and iCloud Drive files are also not included.
Apple allows up to 6 people to belong to a group called a "family." When you add people to your family, a person must be the family organizer with other accounts added in.
This system allows everyone to share their purchases across all accounts, including iTunes and App Store purchases. All accounts sync data over iCloud and gain some additional features.
The most direct connection to iCloud is shared storage. If you subscribe to a 200GB or 2TB plan, you share this data with your family in a pool.
Other services attached to Family Sharing use iCloud to sync data, like location sharing and Screen Time. All data shared across family sharing is encrypted and only accessible by the family organizer and the individuals producing the data.
When a family uses shared iCloud storage, they get their own siloed storage area. No one, not even the organizer, can see what is stored in iCloud, only the person storing those files. The same goes for iCloud Photos stored while in a family.
Apple has long provided users with 5GB of storage for free, but that small amount of free storage has been heavily criticized. Many people quickly run out of the 5GB, increasing photo and video quality is the most significant contributor.
When iCloud first introduced its 5GB tier, libraries were smaller, and users were not shooting video in 4K. Even Apple’s website acknowledges that the lowest tier of iCloud is best used for syncing contacts and notes, not photos.
Any user who does not rely on other photo management services like Google Photos will likely want to upgrade to the second tier. For $1 a month, you get 50GB of storage, which is much more useful for backups and small photo libraries.
Apple offers two more tiers above that, both are included in family sharing. The $2.99 plan with 200GB is great for individuals with a more extensive photo library, multiple device backups, and several gigabytes of files in iCloud Drive.
For those who have multiple family members or large photos and file libraries, there is a 2TB option. At $9.99 a month, it is the most expensive storage tier.
Apple One subscribers can expand storage past the 2TB limit, reaching as high as 4TB. As Apple notes in the updated iCloud Settings text, "you can purchase iCloud storage in addition to your 2TB Apple One plan." Apple maintains its standard prices for this additional iCloud storage space. That means paying for an additional 2TB of space will cost users $9.99. With an Apple One Premier plan, that's a total of $39.94 a month for 4TB of storage and the other services included in Apple One's highest tier.
iCloud Safety and Security
Mistrust of the cloud and all it offers is quite common, as major corporations have often proven that they cannot be trusted with our data. Even the most technologically savvy users sometimes struggle with the idea of storing their data on a company’s server rather than their own.
The more convenience a service offers, the less security it can provide to data. At least this is a common understanding, but Apple tries to be both convenient and secure.
All data stored on Apple servers are encrypted, and most private data is further protected by end-to-end encryption. This means that your data, even if it is exposed, is utterly useless and unreadable without a key.
In general, Apple holds the key to encrypted data in a separate storage location and will only provide the key to those who authenticate as you with a user name, password, and two-factor authentication key. Authorities can request access to encrypted data with a very specific warrant, but even then, Apple will evaluate what should be shared and doesn’t hand everything they have over.
End-to-end encrypted data isn't accessible by Apple or anyone but the user. With Advanced Data Protection enabled, the nubmer of end-to-end encrypted data types increases from 14 categories to 23, including iCloud Backup, Notes, and Photos.
End-to-end encryption has led to major conflicts between the United States Government and Apple.
Apple implemented two-factor authentication after dealing with several high-profile password phishing events in 2014. The system uses two pieces of information to let a user sign into a trusted device or browser— a password and a 6-digit code.
The 6-digit code is sent to either a trusted device or the user’s phone number. This is a big step up from other systems that rely on SMS and can be subject to man-in-the-middle attacks.
End-to-end encrypted data
The best way to remember what data is end-to-end encrypted on iCloud is by considering what information could do the most damage in the hands of a bad actor. Private conversations, health, access to your home, and credit cards are all easily used against you.
Apple has never had user data breached or stolen as a result of inherent security flaws. The "celebgate" attacks were a result of re-used passwords and other social engineering issues.
Multiple countries, namely the United States and Australia, have attempted to pass legislation to cripple end-to-end encryption. Thus far, they have failed, as any changes to allow “the good guys” access would create vulnerabilities across the board.
Apple has considered end-to-end encrypting other services like iCloud backups but has decided that users who lose their passwords would be unable to recover data without an alternative.
iMessage and FaceTime
Messaging and video calls are some of our most private and intimate moments. For years, Apple had led the industry with the only widespread consumer-focused encrypted messaging platform. Other encrypted chat apps have gained prevalence in non-US markets like China and Europe.
Apple never stores anything about FaceTime calls, and they occur over an end-to-end encrypted channel. Apple has no way to snoop into your calls and can’t share any information with authorities as no data exists.
iMessage is a little more complicated. Like FaceTime, iMessage is encrypted end-to-end when in transit. At rest, iMessage stores the history of a conversation locally on device, fully encrypted.
If you use iCloud backup, then your iMessage conversations stored on-device will be included in the backup. Apple stores backups with encryption in their servers and have access to the key.
This means that while your conversations cannot be snooped in transit, Apple can provide authorities with your iMessage history if it is within the stored backup. You can set up messages to delete after 30 days or a year to keep this a bit more protected.
To prevent Apple from having access to your conversations at any point, you can always perform a local encrypted backup instead of using iCloud backup, or activate Advanced Data Protection.
However, no matter what protections you take, other users you communicate with may not have the same level of security, leaving your side of the conversation in that chat more vulnerable.
Health and Home Data
The health app can store all kinds of data, including medical records and medication doses. Such sensitive information can be used negatively and therefore is heavily protected and given maximum user control.
As long as two-factor authentication is used, Apple will not be able to read health data in any circumstance. Apps that link with the Health app on iOS must receive explicit permission to access the data.
HomeKit interactions are secured with encryption, and every device authorized to be used with HomeKit must also have local encryption enabled. HomeKit Secure Video uses iCloud to store recorded video from security cameras and stores this with end-to-end encryption.
The Keychain is a password manager that exists across all of your Apple devices. This service stores everything from WiFi passwords to credit card numbers.
You can use Keychain with other password services or use it exclusively. Website and app passwords, contact information, and additional sensitive information are kept here and are end-to-end encrypted.
The user-facing portion of Keychain is primarily Passwords. Users can interact with their saved passwords and 2FA authentication codes in the Settings app on iOS or the System preferences app on Mac.
If users want to see everything available in the Keychain, they will have to use the Keychain Access app on Mac. This shows every certificate, password, and note saved in the system in a not-so-friendly UI.
Your location data contains everywhere you go and how long you spend there. While other services profit off of selling that data, Apple does not.
Apple Maps keeps track of your significant locations for use with machine learning on the device, and this information is stored with end-to-end encryption. To take this one step further, Apple provides directions using differential privacy, which doesn’t record your requests or location when processing directions for Apple Maps.
If authorities request location information from Apple, they cannot provide it, as it doesn’t exist outside the device.
The encryption here is the same, but how the data is controlled changes. When data is end-to-end encrypted, only the user has the key to unlock and view data. In all other cases, the key is in the user’s hands, as well as Apple’s.
iCloud data that is stored on Apple’s servers with a key owned by Apple can be subpoenaed. With probable cause and a warrant, authorities can request specific data from Apple.
Some of this data may not be end-to-end encrypted, but Apple has taken extra precautions to ensure complex and specific warrants are needed to access such data. However, if Advanced Data Protection is enabled, this data will be end-to-end encrypted as well.
Photos are encrypted on-device and in the cloud. Your iCloud Photo Library itself is end-to-end encrypted, much like iMessage. Taking a picture and storing it in the cloud is entirely invisible to Apple. However, there is an exception.
Like iMessage, your photos are stored in the automatic backups you perform. Apple has access to these backups and can provide content to authorities with a proper warrant. To ensure no photos are ever accessible on Apple servers, you can use iCloud Photo Library and perform local encrypted backups.
Apple uses encryption across many of its apps and services but doesn’t deem them all necessary for end-to-end encryption. Everything synced between devices or an Apple server is encrypted on-device or in transit.
Third-party apps that store data using Apple’s CloudKit API and apps like Reminders, Calendar, and Contacts all store data encrypted on Apple’s servers. Data that needs to be synced regularly but doesn’t need strong protection is stored this way by default. Advanced Data Protection won't end-to-end encrypt mail, contacts, or calendar events due to the open nature of those data types.
Apple doesn’t fully end-to-end encrypt everything by default because users who lose their passwords would lose access to all of their data. That's why Advanced Data Protection has such strict requirements for being turned on by the user.
iCloud is a replacement for the preceding service MobileMe, a subscription service that offered many of the same features as the modern-day iCloud.
Known initially as iTools in 2000, it was rebranded as .Mac in 2002 before becoming MobileMe in 2008. Along with the name changes, Apple also altered the service from its Mac-focused offering to one that was multi-platform by the end of its life, with it compatible with iOS devices and Windows platforms.
Just like iCloud, MobileMe provided cloud storage and iDisk alongside address book and calendar synchronization, the MobileMe Gallery for sharing images and video, and iWeb Publish website creation, among other elements.
Apple discontinued selling subscriptions for MobileMe in February 2011, over half a year before the launch of its iCloud replacement. Apple encouraged users to migrate from MobileMe to iCloud gradually and ceased access to the service on June 30, 2012.
Apple has slowly built onto iCloud since its release. The initial reception was good, as it corrected many of the issues found with MobileMe and strengthened the "magical" nature of being in the Apple ecosystem. Files, mail, calendars, and apps are synced across devices with little issue.
This service was necessary as Apple pushed for a multi-device lifestyle across Mac, MacBook, iPad, and iPhone.
Other than service outages and syncing issues, the first couple of years of iCloud went without a hitch. The first major scandal to hit was in 2014 with a huge phishing scheme. The two years of phishing accounts led to a huge dump of celebrities' private photos online, which everyone pointed to Apple as the fault in security.
In June of 2014, Apple rolled out two-step verification as an optional security feature for users. This system requires a password and a trusted device to access an account. Apple has since built out this feature to be more robust across its platforms.
Apple continued to improve iCloud through the years by adding small quality of life changes. One feature called handoff landed in 2015, which would pass app data between Apple devices. Handoff displays an active app icon in the dock of an iPad or Mac if the app is being used on any other device.
Other uses for handoff are starting an email draft on one computer and finishing it on another with zero user input. Clipboard sharing across the cloud is another useful feature resulting from handoff.
Collaboration tools were announced and released in 2016, allowing users to share iWork documents and work together on them in real-time using the new iCloud feature.
Also, in 2016, AirPods were released with a new W1 chipset. This chip, along with the later released H1 chip, allows the earbuds to be added to a user's iCloud account for faster connection and device switching.
2018 introduced Messages in the cloud, allowing iMessages to be stored in iCloud and shared between devices. Previously messages could become out of sync, or attachments would easily fill up on-device storage. The feature was first announced as a tent pole feature of macOS High Sierra but was delayed multiple times due to issues with the feature's stability.
In fall 2020, Apple One launched, bundling various Apple services and iCloud storage. In addition to the increasing storage bundled with each plan, Apple lets Apple One subscribers add extra iCloud storage at their standard prices, maxing out at a total of 4TB.
Apple introduced iCloud+ in 2021, a new version of the service included with any paid storage tier or Apple One subscription. It ads iCloud Private Relay, Hide My Email, unlimited HomeKit Secure Video cameras, and custom email domains.
2022 brought about iCloud Shared Photo Library, new collaboration tools, and a new app called Freeform. Apple also introduced a redesigned iCloud.com website and added Advanced Data Protection.