Overall Amnesty has made a reasonable assessment of the issue. Apple is clearly in a difficult position and has to make compromises to keep doing business in China.
>> The best way to protect your personal information from being accessed by the Chinese government is to avoid storing it on servers inside China.
Fair enough, but as anyone who has spent a fair amount of time working and living in China knows, access to services hosted outside of the country can be difficult, if not impossible, without a VPN. Beijing's current plan, is to block access to any non-approved VPN services by the end of March 2018. Assuming that ban goes into effect, it will effectively cut users off from services not approved for the China market. Whether or not this will include Apple services hosted abroad remains to be seen.
Sure, many users in China can use other services, but it seems to be a no win situation for most people. Unless you’re technically sophisticated, you’re unlikely to pursue alternatives which provide a greater degree of security and require a bit of technical know how.
At best you can say that Chinese users will likely be no worse off using iCloud than they would using any other China-based service. Unfortunately that is no consolation for anyone who might have sensitive data.
> At best you can say that Chinese users will likely be no worse off using iCloud
You can say better than that. iCloud is more secure than your average service (especially in China). It end to end encrypts the most sensitive data (keychain) for example, and iMessage has managed to stay alive so far.
Yes, perhaps that's true but it doesn't mean that Apple is completely in the clear on this issue. A much more detailed account of iCloud security can be found on this thread: https://news.ycombinator.com/item?id=16449326
Nobody said they were clear of anything, just more secure than your average China-based service. (I have the top comment on that thread btw.)
I should also add that locked notes in iOS are end-to-end encrypted. Those are pretty easy to use for folks who are not "technically sophisticated"; you just unlock them with your face/fingerprint.
When you add that to secure keychain storage, iMessage (broadest end-to-end encrypted messaging system permitted in China), secure Siri data (imagine what a government could monitor if they owned the Alexa cloud)... Apple offers a significantly more secure service that is still easy to use by the general public.
> Unless you’re technically sophisticated, you’re unlikely to pursue alternatives which provide a greater degree of security and require a bit of technical know how.
I'm completely pro-privacy, but I need to ask: why would ordinary people's ordinary data need better security? Even if iCloud might be decrypted by the government. If it's data like bills, government issued photos of ID cards, family photos, it will most likely won't matter at all and the security is good enough, just like anything available.
Once you do have a reason to encrypt something, learning GPG, LUKS, etc. is not that hard or that technical.
Almost everyone does something that can be construed as being illegal. By allowing unfettered access to private information, this makes it much easier for laws to be selectively enforced in ways that benefit the government.
> Almost everyone does something that can be construed as being illegal. By allowing unfettered access to private information, this makes it much easier for laws to be selectively enforced in ways that benefit the government.
Exactly. It could be something as simple as guilt by association. Even though you might not have done anything illegal yourself, you may have the contact information of someone who is on a watchlist or has been convicted of a crime. For example, China is looking into developing a social credit rating system, any association an individual has to persons who the government consider less reputable could have real impacts on their credit rating.
