Day: 1 August 2017

Bloomberg, last month:

Apple Inc. will establish its first data center in China to speed up services such as iCloud for local users and abide by laws that require global companies to store information within the country.

The new facility, which will be entirely driven by renewable energy, will be built and run in partnership with Guizhou on the Cloud Big Data, Apple said in a messaged statement. Apple aims to migrate Chinese users’ information, now stored elsewhere, to the new facility in coming months. The data center is part of a $1 billion investment by the iPhone maker in the province.

The data center was partly driven by new measures that bolster control over the collection and movement of Chinese users’ data, and can also grant the government unprecedented access to foreign companies’ technology. Forcing companies to store information within the country has already led some to tap cloud computing providers with more local server capacity.

Paul Mozur, New York Times:

China appears to have received help on Saturday from an unlikely source in its fight against tools that help users evade its Great Firewall of internet censorship: Apple.

Software made by foreign companies to help users skirt the country’s system of internet filters has vanished from Apple’s app store on the mainland.

For what it’s worth, VPN software assists users in maintaining security and privacy for all kinds of reasons, not just evade the Great Firewall. But, yes, VPNs do that as well and, for the purposes of this article, that’s a fair description.

In a statement, Apple noted that the Chinese government announced this year that all developers offering VPNs needed to obtain a government license. “We have been required to remove some VPN apps in China that do not meet the new regulations,” the company said. “These apps remain available in all other markets where they do business.”

John Gruber:

If Apple tugged on the “We refuse to remove these VPN apps from the App Store” thread, it would inextricably lead to their leaving the entire Chinese market. It’s easy to say “Apple shouldn’t have removed these apps.” It’s not so easy to say “Apple should pull out of China.” This is of course further complicated, politically, by the fact that the vast majority of Apple’s supply chain is in China.

Adam Jourdan and Pei Li, Reuters:

Some said the recent moves jarred with Apple’s stance in the United States last year, when it opposed an FBI court order to break into an iPhone of a gunman who fatally shot 14 people in San Bernardino in December 2015, with Cook saying it would be “bad for America”.

The U.S. firm’s gamble here is clear: making moves to appease Chinese censors may prompt criticism outside China, but the firm will hope that local consumers are rather less fazed.

Again, in the parlance of general news reporting, this is a fair summary. But the actual circumstances of the San Bernardino case were far more complex, with the FBI demanding Apple build and load onto that iPhone a version of iOS that would allow unlimited passcode guesses to facilitate decrypting the device. Doing so would set a precedent that Apple could write software on command to reduce users’ security, and create the possibility that the insecure software could be leaked.

Of course, that’s in the United States. In China, with a far more oppressive government to placate, Apple ought to have the same principled stance. By putting their infrastructure in China for Chinese users and acknowledging local legislation — however antithetical to their values it may be — Apple sets an impression that is positive towards the government there.

But where is Apple’s line? If China were to require all messaging services to be unencrypted,¹ or prevent cloud data services from being encrypted, or implement an even stricter version of their already-aggressive cyber “sovereignty” law — would any of these situations encourage Apple begin to fight back? I would hope so, as all are damaging to users’ privacy, and run afoul of Apple’s principles. At some level of regulatory zeal, the security value of an iOS device must deteriorate to the point for Apple to see that users simply aren’t as protected as they ought to be. I hope that’s something that can be caught before it happens.