When talking about Apple's deep concern for privacy over the San Bernardino iPhone 5c case with the FBI I've made the argument that if Apple hands over information that's in a user's iCloud account upon demand from the government, then the concern over a user's privacy is razor thin. In the comments section of a report on the FBI case in February I wrote: "I'll repeat. Privacy is privacy and if Apple hands over information with a warrant from iCloud, then it should extend to hacking the iPhone with a warrant." I've been strongly criticized over that point for months. To me, Apple handing over a user's information from iCloud to the government with a warrant was a major flaw in Apple's whole privacy argument. Apparently Apple now thinks so too.
In a new Wall Street Journal (WSJ) report they echo what I've been saying for months: "Apple Inc. has refused federal requests to help unlock the phone of San Bernardino gunman Syed Rizwan Farook. But the company turned over data from his phone that Mr. Farook had backed up on its iCloud service.
Soon, that may not be so simple. Apple is working to bolster its encryption so that it won't be able to decode user information stored in iCloud, according to people familiar with the matter.
But Apple executives are wrestling with how to strengthen iCloud encryption without inconveniencing users. Apple prides itself on creating intuitive, easy-to-use software, and some in the company worry about adding complexity.
In court documents, the FBI has said that the iCloud files revealed that Mr. Farook communicated with some people killed in the attack. In a declaration filed in the case, Christopher Pluhar, an FBI supervisory special agent in the San Bernardino investigation, said iCloud backups could provide "valuable evidence," but offered no specifics of what investigators learned from Mr. Farook's data.
The phone could contain information about Mr. Farook's movements and communications after its last backup. For example, the government has said in court papers that phone records show Mr. Farook communicated with wife and fellow attacker Tashfeen Malik after that backup.
ICloud backup data is used 'very significantly and very often' to investigate a technology-facilitated crime, said Edward McAndrew, a partner at law firm Ballard Spahr and a former federal prosecutor in Virginia. Backups can provide information already deleted on the phone, he said. A criminal might, for example, try to remove incriminating evidence from his phone after getting wind of an investigation.
McAndrew added that 'This is another example of Apple taking steps to better secure its products, while contemporaneously'" reducing its role in government investigations. For more on this, read the full WSJ report here.