In the last few days, Apple began releasing end-to-end encryption (E2EE) for several iCloud services that didn't previously support it. The new E2EE support is available as soon as iOS 16.2 beta, and as late as Q1/Q2 2023 for the rest of the world.
Update: end-to-end encryption (E2EE), they're calling it client-side encryption, is included in iOS and iPadOS 16.3
- Apple continues to roll out products which, by their nature, capture more and more information. Take, for example, Augmented Reality (AR) products. Apple has been preparing in many ways for it's push into AR and the rest of Extended Reality (XR). XR needs to capture lots of information from the user's environment, to deliver the experience. E2EE allows Apple to reduce the risk connected with capturing and storing such extensive information.
- I suspect Apple's risk projection for a data breach of iCloud has risen significantly－enough to threaten its marketing position as champion of privacy amongst The Four. The new E2EE features are Apple's public image and legal argument insurance policy for when a breach eventually happens. In other words, offering more E2EE coverage allows Apple to take the following stance in the event of a data breach:
"No security is perfect. Recognizing this, we rolled out more E2EE so y'all can opt-in and limit the actual damage of a data breach."
Before the announcement, the following iCloud services offered end-to-end encryption:
- Apple Card transactions
- Health data
- Home data
- QuickType Keyboard learned vocabulary
...and some more. E2EE for these specific services were enabled by default.
The announcement of, what Apple is calling, Advanced Data Protection for iCloud extends E2EE as an opt-in feature to most remaining iCloud services. The group not previously end-to-end encrypted, but now supporting E2EE, includes Photos, iCloud Backup, and iCloud Drive.
The imminent Advanced Data Protection for iCloud is opt-in. This lets Apple allow security-conscious customers to get benefits of E2EE, without forcing general users to use E2EE without realizing the impact on account recovery. That being said, I believe that Advanced Data Protection for iCloud will eventually become the default, once general knowledge expands to include E2EE.
Notably not supported by Advanced Data Protection for iCloud are:
What can one do about Calendar, Contacts, and Email?
You can use local sync between iOS, iPadOS, and MacOS for Calendar and Contacts. Props to Sun Knudsen for sharing this knowledge with me.
As for improving email, here's a cheatsheet for Tutanota or ProtonMail.
- (archived snapshot of above page, from 2022.11.28, before the annoucement) https://web.archive.org/web/20221128235718/https://support.apple.com/en-us/HT202303