Last week, Apple announced the closure of privacy gaps in its iPhones. Previously, encryption only protected some data. Now, devices running iOS version 8 encrypts all data on the phone, and access to data is entirely protected from Apple by users' passcodes:
"On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode. Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data."
That is privacy by design. It is important for several reasons, including government surveillance activities:
"Apple has never worked with any government agency from any country to create a “back door” in any of our products or services. We have also never allowed any government access to our servers. And we never will... Apple cannot bypass your passcode and therefore cannot access this data. So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."
"Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime, and with iOS 8 your iMessages are also encrypted on your device in such a way that they can’t be accessed without your passcode. Apple has no way to decrypt iMessage and FaceTime data when it’s in transit between devices. So unlike other companies’ messaging services, Apple doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to... Unlike our competitors, we never scan any of your iCloud data for advertising. All your iCloud content is encrypted in transit and, in most cases, when stored... Some companies mine your email for personal information to serve you targeted ads. We don’t. To protect your privacy even more, all traffic between any email application and our iCloud mail servers is encrypted..."
Google: take note about not scanning all Gmail. All device manufacturers and mobile providers should be doing what Apples is doing.
Of course, the government spy and law enforcement agencies have complained about this. Schneier on Security summarized the complaining:
"To hear US law enforcement respond, you'd think Apple's move heralded an unstoppable crime wave. See, the FBI had been using that vulnerability to get into people's iPhones... FBI Director James Comey claimed that Apple's move allows people to "place themselves beyond the law" and also invoked that now overworked "child kidnapper." John J. Escalante, chief of detectives for the Chicago police department now holds the title of most hysterical: "Apple will become the phone of choice for the pedophile."
The fearmongering doesn't hold up to scrutiny. Shneier summarized federal data about court-approved intercepts of communications:
"Of the 3,576 major offenses for which warrants were granted for communications interception in 2013, exactly one involved kidnapping. And, more importantly, there's no evidence that encryption hampers criminal investigations in any serious way. In 2013, encryption foiled the police nine times, up from four in 2012 -- and the investigations proceeded in some other way."
The other important point is this: when good guys force companies to build back doors, the bad guys use those same back doors:
"... You can't build a backdoor that only the good guys can walk through. Encryption protects against cybercriminals, industrial competitors, the Chinese secret police and the FBI. You're either vulnerable to eavesdropping by any of them, or you're secure from eavesdropping from all of them... In 2010, Chinese hackers subverted an intercept system Google had put into Gmail to comply with US government surveillance requests. Back doors in our cell phone system are currently being exploited by the FBI and unknown others."