Slashdot Mirror
Apple Will Store Russian User Data Locally, Possibly Decrypt on Request: Report (venturebeat.com)
After resisting local government's mandates for years, Apple appears to have agreed to store Russian citizens' data within the country, a report says. From a report: According to a Foreign Policy report, Russia's telecommunications and media agency Roskomnadzor has confirmed that Apple will comply with the local data storage law, which appears to have major implications for the company's privacy initiatives. Apple's obligations in Russia would at least parallel ones in China, which required it turn over Chinese citizens' iCloud data to a partially government-operated data center last year. In addition to processing and storing Russian citizens' data on servers physically within Russia, Apple will apparently need to decrypt and produce user data for the country's security services as requested.
So they're perfectly happy to protect your privacy as long as it doesn't affect their market share. Gotcha.
It exists in all their products.
After all that crap projecting that sign about *what goes in an iPhone stays in an iPhone*....
SNAFU
So, please tell us what the OTHER, equivalent-scope companies, (Google, Microsoft, et al.) do in this regard?
I'm genuinely curious.
CAPTCH: Liberty
"The Fappening" was a clear indication that Apple stores all data unencrypted, or, which could be either worse or better depending on how you see it, that people at iCloud and/or NSA etc. have unrestricted access to all the unencrypted data.
Go ahead with the usual evil Russia accusations, but know that Apple and the U.S. gov are since long all up in your iPhone pictures and movies, whether they admit to it or not.
Wrong.
The "Fappening" was a result of a list of leaked Passwords of Celebrities that used extremely-guessable Passwords.
https://techcrunch.com/2016/03/15/prosecutors-find-that-fappening-celebrity-nudes-leak-was-not-apples-fault/
But still, the meme lives on, because... Apple.
As to the other stuff, give me some proof (other than that likely-faked "PRISM" PPT slide), or STFU.
You can't blame Apple for this, that would be like saying that IBM shouldn't have helped the Germans in the 1930s. /s
Apple is obligated to obey the law in every country where they operate.
It is not the job of American corporations to "fix" Russia. That is up to the Russian people.
Re AC and "in this regard?" ;)
A domestic version of PRISM for any government that asked.
It is a legal request by a nation gov to get approval to be a connected part of the nations telco network.
Every nations sets up their own version of a "Section 702 of the Foreign Intelligence Surveillance Act" with FISA for all its citizens just like the USA did.
ie telco laws authorized by a gov. Any gov can do the statutorily authorized collection on anything it wants.
Lawful and conducted under authorities granted.
The obligation is keeping citizens in a "nation" safe. (add any nations name as needed and the big brand hands over the all the crpyo keys
Any nation can create its own legally binding order or subpoena.
Its only under applicable laws, and to provide information when required by law in that nation.
The gov got a court order to see the customer data.
Domestic spying is now "Benign Information Gathering"
Microsoft got in a snarl for keeping US accounts on UK servers or vica versa then refusing to comply with data requests.
Then there's the issue of are you allowed to encrypt communications at all as a means to evade warranted surveilance? For example, in the 70s some folks marketed an encrypted CB radio. If you recall CB radios, one of their uses was for drug running speed boats to arrange a meeting at sea. And for smuggling and illicit transport of goods in the US.
The FCC ended that one by saying CB band could not use encryption.
SO there's strong precedents that say the governement may access your encrypted communications. A lot of people chafe at this. But the point is not what is should be but what is the law and precedent. And if that precedent exists in the laws of a country then the companies need to follow it.
Where it gets tricky is when the company that is providing the offshoring doesn't exactly reside in the US
Off-shoring is a tricky bussiness. This happens in banking a lot. People hide money in offshore accounts. Now what authority does the US or any country have to interogte those accounts? If the banks are solely in another country and don't rely on US systems to do bussiness the US govt doesn't have a lot of leverage.
So why can't I offshore my e-mail. And for that matter VPN my Voip off shore so that it prohibits eaves dropping by the govt.
If my service provider is say, Yandex or Baidu, it may not have any bussiness ops in that part of it's bussiness in the US. So how does the US make them comply?
For that matter Microsoft itslef is an Irish/Dutch company so why should theyhave to comply with US data laws?
THe answer is indirect. Apple and microsoft have bussiness ops in the US and Russia that requires good relations. They can't be scofflaws on e-mail if they want to sell iphones or MS Word.
SO it's totally reasonable that if you are going to comply with a country's data and privacy laws you do it as they prescribe. It's not a moral decision.
Some drink at the fountain of knowledge. Others just gargle.
Apple will comply with the local data storage law, ... Apple will apparently need to decrypt and produce user data for the country's security services as requested.
So they'll stand up to OUR government in 2016 (Apple won't decrypt a phone for the FBI Info link) but they'll lower their standards for foreign governments?
No matter which way you fall on this issue -- SHOULD have or should NOT have -- this is wrong.
If Apple is "The Angel of Privacy everywhere" then they should stand up for no decryption. If they take the stance "the local government makes the choice and we'll follow", then they should have decrypted the phone.
"But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone." Link
So if other governments ask for it, it's OK? Expect weasel words soon: it's not OK, but they made us do it against our will. We couldn't sell there if we didn't do it. There's a chance it might be accessed, but think of all the good information they now have access to they didn't before.
I'm not a particular fan or enemy of Apple (they produce good products that don't meet my Bang for the Buck requirements) but you're actively doing things for our frenemies that you wouldn't do for our country?? And don't give me that "we're standing up for what's right" bit, you're certainly not standing up Over There.
"Oh, but politics isn't our job." Just TRY that one.
If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
They make a big noise about privacy, but actions like this, speak louder than their words.
That's a load of crap. We have no obligation to bow down to tyranny. If we can tear down the borders with technology, all the better! THAT would be our obligation! Liberation is everybody's obligation.
If we can tear down the borders with technology, all the better!
There are no border restrictions. Russians are free to travel. The Soviet Union ended 30 years ago.
Many countries require access to data. If American tech companies pull out of all those countries, they would be abandoning half the world to companies with even less scruples. No country is 100% pure, and in many ways America is more repressive than Russia. The FSB has a tenth of the NSA's budget, and we certainly arrest / incarcerate / execute far more people.
AC the trick is not to use a smartphone in any interesting way.
To LOL at the big brands to offer "security and "crypto" after the PRISM news.
Nation are getting the crypto keys as that is the telco law in each nation.
Domestic spying is now "Benign Information Gathering"
Apple controls all the software which runs on an iPhone, they let you keep your keys private as a privilege granted by a limited contract (not even an explicit contract, but advertising statements). It's not guaranteed by technology, it can not be. Anything you can do on your phone they can do, simply by pushing an update.
They use end to end encryption with the keys private on your device, but they have remote root on your device ...
If we don't sell Zyklon B to the Nazis, some other chemical company will, or maybe something even worse! So it's actually the morally right thing to do.
Can't you make an argument that by depriving repressive country consumers desirable products because of their governments policies that it will actually motivate their citizens to demand change?
A lot of the policies of both Russia and China seem to be driven around the idea that if the can buy off their citizens with access to high-quality and usually Western consumer goods, they won't complain about political repression.
Obviously this isn't the "job" of Apple or any other specific corporation, but ironically it seems to be the exact strategy used when economic sanctions are applied to a country. The goal with Iran seems to be to make life hard for their consumers who will then demand their government change. I can't say it's been a wholly successful policy, although there are arguments that the nuclear deal wouldn't have happened without it and its leaders are genuinely concerned with a populace increasingly believing that its pursuit of unpopular policies is directly connected to their suffering.
Well, regardless of all the legal babble, I'm just saying Apple shouldn't make "privacy" promises they can't/won't keep. The safest assumption for any user to work with is that everything is collected and sorted for fun and profit.
“He’s not deformed, he’s just drunk!”