John Gruber, in reference to The New York Times’ piece on Apple, China, and user privacy:
It’s a big report, but the above is fundamentally true and gets to the heart of the conflict: physical access to the hardware in the facility is game over. But what’s missing from the whole piece is any serious discussion of what else Apple could do. Apple has no option other than to comply with Chinese law, or else stop selling products in the country.
Option A: Apple does what it did — store all Chinese users’ iCloud data on servers in China, under the ultimate control of the Chinese government.
Option B: Apple refuses to do so, and the Chinese government shuts down iCloud in China and probably bans the sale of Apple devices.
Is there an Option C? I don’t think there is.
There’s a very clear and obvious Option C — build Apple products that are less reliant on iCloud.
If access to the physical servers is the biggest privacy issue, then give users the tools to effectively opt-out of it entirely and take control of their own data.
Why can’t the iPhone backup to a shared Time Machine drive on the local network? Macs have been able to do this for years. It’s not as if iPhone’s have some sort of hardware limitation — the iPhone of today is significantly more capable than the Macs of 2008, when Time Capsule was first introduced.
Backing up your device to iCloud is actually the biggest point of failure of iMessage’s security. Despite the fact that iMessage is encrypted end-to-end when sending messages, Apple can access and view your messages within iCloud backups. If Apple offered a more convenient way to backup your iPhone locally, it would give users the option of better security if they prefer it.
Reintroducing Time Capsule would be the best way to do this, as it would be an easy, single-purchase solution for users that want to own their data.
But it could go beyond just device backups — Apple could pitch the Time Capsule as “iCloud at Home” and mimic many of the services that iCloud offers on a box that you physically control.
iCloud Photos, iCloud Drive, Notes, and any other service that syncs or stores data in iCloud could be stored locally on a Time Capsule. Apple’s servers would just be there to tell the device I’m using how to connect to the Time Capsule on my home network. In other words, Apple facilitates the connection and then my devices talk directly with the Time Capsule using end-to-end encryption.
This would seemingly eliminate offsite backups, leaving you vulnerable to data loss if there was a fire, flood, or something else that physically damages your Time Capsule. But this could be solved too. Apple could develop a system where you could pair a Time Capsule in your home with a Time Capsule in a friend or family members home giving them the ability to backup data to each other. Synology already offers this, actually.
But of course, there’s always the possibility that China pulls the rug out from these endeavors — enacting policies or practices that hamper these types of services or outlaws the sale of Time Capsules outright. But at least Apple would be making more of an effort. And a rising tide raises all ships — I imagine a lot of iPhone users would jump at the opportunity to buy an “iCloud at Home” Time Capsule to take greater ownership of their data.
And then there’s the issue of censorship in the App Store. This one is simple and I’ve advocated for it a number of times, even outside of the discussion of China — open up the platform to apps from outside the App Store. Make it more difficult to police iOS software by decentralizing.
This would almost certainly introduce the possibility of spyware on the platform, but given China’s relationship with large tech companies, one could argue that this is already happening. The difference is, if there was an app that the Chinese government didn’t want their citizens to have access to, instead of it simply being banned from the App Store, they would be be able to install it. Albeit through underground channels. But even that would be tremendously empowering.