API tools faq
paste
Guest User

Untitled

a guest
Jun 20th, 2018
187
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.47 KB | None | 0 0
raw download clone embed print report
  1. Was it a difficult call to comply with the Chinese demand that Chinese customers' iCloud data be stored on servers in China, where it sounds like the Chinese government might have an easier time accessing it sometime?
  2. ===
  3.  
  4. Well that's a faulty assumption that you're making. The same encryption that Apple uses in the United States, and in the United Kingdom, and in France and in the UAE, is the same encryption we use in China. And you know, iMessage is encrypted end-to-end there and encrypted end-to-end here. And they never ask us to break that.
  5.  
  6. What they've asked, and several other countries are ruminating about, is they ask that their citizens' data be stored within the country.
  7. ===
  8. Right.
  9. ===
  10. But I would separate for a minute that that equals access. I don't buy that at all.
  11. ===
  12. Cryptographic keys are also supposed to be kept in the country, is that correct?
  13. ===
  14. Cryptographic keys, it doesn't matter really where they're kept; it matters whether they're safe or not, right? And keep in mind that the only people that have a key for iMessage — or for messages — are the sender and the receiver. That's it. Apple doesn't have access to the data. I mean, that was what the whole — how we got sued in the United States was the U.S. asked us to —
  15. ===
  16. In the famous terrorism case, right?
  17. ===
  18. In that famous case where the U.S. asked us to essentially put a back door in, which would allow for access. And we said no — this is not good for civilization, this is not good for people. If — you can't have a backdoor for good people; you put a back door in, and it's for everybody. And so to everyone else's credit, no one else has asked for a back door. No one in the world at this point. I'm not saying it won't change tomorrow. But not —
  19. ======
  20. But as a layman when I hear that China, this authoritarian state, asked you for Chinese citizens' data to be stored in China, the presumption is that they want it in China so that sooner or later they can get at it if they need to. Is that the wrong presumption? Is that the —
  21. ======
  22. It's not the assumption that I make it all. I think China has identified cloud services as something very strategic, and they want to have Chinese companies involved — or running or so forth —the cloud services in that country. And so you can't, by law, you can't go into China as a foreign company — not just an American company but a foreign company of any country — and operate a cloud service.
  23. ===
  24. Oh, so you view that as just part of China's continuing effort to make sure that there are local partners in whoever's doing business in China.
  25. ===
  26. I view it as an economic and sort of technology and innovation kind of focus, not a focus on unusual access.
  27. ===
  28. And one other question along those lines: When China asks Apple to remove or delete an app from the App Store because it includes a VPN — a virtual private network which allows people to conceal their communications — is it bothersome to you to comply with that?
  29. ===
  30. Yes, it absolutely is. It's something that we didn't want to do. Unfortunately, unlike the U.S. where we felt we had the law on our side in the famous case where the FBI sued us, we did not have the law on our side in China. The law is pretty clear that you have to have a license in China to operate a VPN service. And so there actually are still VPN apps on the store. Less than there were, because there were a set of companies that didn't get a license.
  31. ===
  32. I see. Given the difference in the laws, are there requests from Chinese law enforcement that you would grant, that you would resist if they were made by U.S. law enforcement?
  33. ===
  34. No, and frankly we couldn't.
  35.  
  36. So let's go back to the basics here: The things that law enforcement is generally interested in are messages, right? Messages for us are end-to-end encrypted. Apple doesn't know what you're saying, we don't have a record of it, we don't store it. We don't have a key to it, right? The key is with the sender and the receiver.
  37. ===
  38. And you want to keep saying that to Chinese authorities or anybody in the world.
  39. ===
  40. Yeah!
  41. ===
  42. That you can't actually answer their request.
  43. ===
  44. Yeah. We can't give messages; we don't have it. We don't have it. So — and by the way, we did not do that because of government, or law enforcement. We didn't do that, e did it because we know that if there is a back door, and that nefarious things can happen, and it can be a public safety issue. You know, it's not a matter of Apple is presenting itself as some rebel company against the government; it has nothing to do with that.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!