Extremely Serious Question: Can I trust Apple with my personal information?

[BeautifulWoman_1984]

Sorry to be creating a thread, but I'm storing my most personal information like my daily journal in services like iCloud and the iCloud Notes App and I thought this was a serious question that others are faced with.

Is this a reason why we pay extra for Apple products because Apple is more protective of the privacy of Apple customers and the personal information of Apple customers?

How is Apple more trustworthy than other companies who offer similar cloud services for users to store personal information such as Google?

For example, is Apple less likely to hand over my personal journal entries to the government?

Any ideas would be great!

 

[44267547]

Yes, Apple has a secure network and is fairly stringent with security, passwords, ect. No, Apple won't divulge your personal information to the Government.

 

[r3m1]

Easy: No you cannot.

What might be protected today can be changed tomorrow - anyway how many read the EULA anyway, we click it and that is it, Apple can do as it pleases with all info we entrust Apple with.

 

[Gabrielanicolao]

Apple is the only solution i know for the safety of personal information security and privacy.

 

[Kevin.Richards]

I hardly doubt that Apple would jeopardize its whole brand for any type of tracking (except for ad-tracking). Few months ago Apple refused to the government for hacking into the device of San Bernardino shooter's phone saying that Apple is about encryption and data integrity to safeguard its consumers all around the world. So you can put some trust on the company in my view.

 

[Newtons Apple]

Nothing is safe anymore. Even Apple has it's security holes.

The cloud will be a real problem in the future. My advice is unless someone like the government is looking, you need not worry. There is so much data stored that it overwhelms. Your journals are likely more safe in the cloud than sitting around the house.

 

[Phil A.]

Currently, Apple can be compelled to hand over any iCloud backups to law enforcement with a valid warrant (and Apple are also currently able to decrypt that backup data, which is something they're trying find a technical solution around so they can't decrypt them and therefore can't be compelled to divulge that information)

Apple are probably currently the best option for privacy but they are a company governed by laws and if the law was changed to force them to give law enforcement a back door, then they would have no option but to comply or be put out of business

If your journal entries are something that you wouldn't want a government agency to see then I wouldn't recommend any cloud option as they are subject to the whims of the government: locally stored, encrypted data is the only truly secure option that you have control over and even then you can be forced to provide decryption keys in some jurisdictions

 

[BeautifulWoman_1984]

Apple is the only solution i know for the safety of personal information security and privacy.

Thanks for your reply, but I'm not sure what you mean?

 

[deany]

Hi

Apple uses "A minimum of 128-bit AES encryption" for iCloud and iCloud drive.

https://support.apple.com/en-us/HT202303

"At present, there are no known practical attacks that would allow anyone to read correctly implemented AES encrypted data."

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Some may say encrypt your journal with 256-bit AES with say Encrypto before putting it on iCloud drive if you want added security and piece of mind.

My understanding is its how apple are implementing the 128-bit AES encryption - as the largest company in the world you would expect it to be top rate.

Passwords:
I use mSecure as my password manager, I use this app daily, it generates passwords for you.

 

[44267547]

Nothing is safe anymore. Even Apple has it's security holes.

The cloud will be a real problem in the future. My advice is unless someone like the government is looking, you need not worry. There is so much data stored that it overwhelms. Your journals are likely more safe in the cloud than sitting around the house.

But if the cloud is to be a concern for the future, then you wouldn't want to invest in transferring over any personal data into it, which potentially could have a higher probability of being exposed or hacked, than say journals stored safely somewhere in a box in a secure location.

 

[bopajuice]

You have to understand you are asking Apple fans if they trust Apple. Apple followers are a dedicated bunch. Some would trust Apple with their life without question as demonstrated here.

My take on it is, your information is most likely secure, but why take a chance? That fact you posted the question means you are concerned. If I were concerned (As I am) I would not place any sensitive information in a cloud based storage. I am ok with contacts and calendars, maybe some notes. But any journals, tax records, personal documents, transcripts, patent ideas, etc. No way.

As far as Apple security is concerned... I have no idea if their security is better than the next guy or more robust. Not sure what their policy is on releasing information. Might want to get their response directly.

I have to say though they do a pretty good job or keeping the lid on whatever new items they are coming out with.

To answer your question more directly, I feel Apple is perceived as more secure. It is widely believed they are not as susceptible to viruses or hacks because no one has taken the time to write them. The simple explanation widely circulated is that because the MacOS is not as popular as Windows, hackers do not focus on the MacOS as much.

If you were a hacker would you rather spend your time trying to get into a bank vault (Windows), or a safe in someone's bedroom (Apple)?

I would assume the same goes for any cloud based storage. Google, Microsoft and others are mainstream sources used by millions. Apple iCloud is popular with Apple customers, but the rest of the business world using Apple cloud storage? I am not sure about that.

Again attacks and breaches would occur where the hacker would reap the most benefit, no?

 

[Newtons Apple]

But if the cloud is to be a concern for the future, then you wouldn't want to invest in transferring over any personal data into it, which potentially could have a higher probability of being exposed or hacked, than say journals stored safely somewhere in a box in a secure location.

There is no safe and secure location anymore. That includes your house or the cloud. If there is someone who really wants the data . . . . .

Just typing your data into your device can compromise.

Just not worth the worry for the average person.

 

[44267547]

There is no safe and secure location anymore. That includes your house or the cloud. If there is someone who really wants the data . . . . .

Just typing your data into your device can compromise.

Just not worth the worry for the average person.

I understand what you're saying. Technology is the real culprit that has contributed to the growth of fraud with electronic data. In general, prevention is key and some private data or personal information can be secure with the proper measures.

My point is, someone is more likely to steal your data from a cloud based service than your home. The odds of someone wanting your journals in a home are far less over valuable goods or drugs. I'm willing to bet if If someone burglarized my home, my personal information could be left on the counter and be ignored, where the target is cash, jewelry and prescription medications under time constraints. Where online fraud is very difficult to track and takes deep investigations to uncover major fraud.

Let me put it his way, I invest very little of my personal information online. Period. Look at what happened to Yahoo. Prevention and caution is key to battle fraud, but fraud itself cannot be fully beaten. It never will be. That's why security measures have to be dynamic and changed frequently in order to avoid complacency.

 

[Newtons Apple]

I understand what you're saying. Technology is the real culprit that has contributed to the growth of fraud with electronic data. In general, prevention is key and some private data or personal information can be secure with the proper measures.

My point is, someone is more likely to steal your data from a cloud based service than your home. The odds of someone wanting your journals in a home are far less over valuable goods or drugs. I'm willing to bet if If someone burglarized my home, my personal information could be left on the counter and be ignored, where the target is cash, jewelry and prescription medications under time constraints. Where online fraud is very difficult to track and takes deep investigations to uncover major fraud.

Let me put it his way, I invest very little of my personal information online. Period. Look at what happened to Yahoo. Prevention and caution is key to battle fraud, but fraud itself cannot be fully beaten. It never will be. That's why security measures have to be dynamic and changed frequently in order to avoid complacency.

My point is that no where is really safe if someone wants it bad enough.

 

[daflake]

If you don't want others to read it, don't put it on-line. Simple as that....

Yes, Apple will protect your data, but there is nothing to say that it won't be hacked, or that a court order might change things. Apple as a whole seems to take security seriously, so that is a plus but I always recommend keeping private stuff to yourself.

 

[576316]

Microsoft OneNote is SO much better than Apple's Notes app, if you're taking serious notes and also want very good organisation. I use it for all my lecture notes and I couldn't live without it. Apple's Notes is so, so basic compared. But it depends if you can also trust Microsoft with your personal information. You also have the lockable notes on OneNote too, so that's also a bonus.

 

[deany]

With you saying Extremely Serious Question - if your journal is in the cloud control is lost.

I think its important to keep your mind at rest, giving further thought, IMHO I believe this is the best solution to your question-

I would recommend backing up your journal to a USB drive using 256-bit AES with say Encrypto and keep the backup drive "Off site" in a safe place.

"Off site" backups should always be part of a backup strategy, so you may already do this, but maybe not 256-bit AES encrypted.

edit
I note others have pretty much advised this also.

 

[Lennyvalentin]

No, Apple won't divulge your personal information to the Government.

Yes of course they will, if presented with a proper warrant or other writ legal under the jurisdiction in question. There's no way they could refuse such a request, and they wouldn't. Apple execs have no desire to end up in the slammer for contempt of court charges...

At least some of the information Apple stores for their customers will be encrypted and thus difficult to access without the proper crypto key, but I don't know if that is true of everything Apple stores, like peoples' iCloud Drive files, or your iCloud photo roll.

Also, AES256 encryption, which is what I believe Apple uses, can be cracked by a state actor inside a reasonable timespan, and especially if you're using a bad password.

In any case, you really can't trust anyone with anything of yours, because you might always be betrayed, or in this day and age of hacks and exploits, data of yours might leak out of otherwise secure systems and end up in the hands of other people. That's a pretty paranoid view to take though, and it means you basically can't do anything online, as a lot of information about you can be inferred simply from monitoring the stuff you click on in your web browser, including your gender, rough age, where you live, what income bracket you reside in, your religious and political affiliation, sexual preferences and a bunch of other stuff.

So TL: DR answer to the question asked in the OP is both "yes" and "no". Hope that helps!

 

[deany]

Here is a question- if google encrypt user data - as they say they do.
"Does Google encrypt my data?"
https://support.google.com/work/answer/6056693?hl=en
How do they 'data mine' encrypted data.

 

[Newtons Apple]

Here is a question- if google encrypt user data - as they say they do.
How do they 'data mine' encrypted data.

Maybe because they hold the encryption keys.

No matter they have the right to read your emails, it is in their contract with the user.

 

[joeblow7777]

When people ask these sorts of questions, I always wonder what kind of data they are worried about. If we're talking about life-or-death/lives could be ruined/possible blackmail/people could go to jail/fortunes could be lost, type information, then trust no one!

But most people probably have little to worry about. I doubt that Apple cares about our personal data, and they are unlikely to ruin their reputation and consumer trust by simply allowing others to access it. As mentioned above, they wouldn't even help the US government access the phone of a terror suspect.

If by "daily journal" the OP just means her personal diary, I'd say that she has nothing to worry about. To be frank, nobody cares about it. If this journal is a record of something important that you're working on that might be of value to others, or contains information that could get you in serious trouble, then for peace of mind you might want to keep it someplace safe, offline. But the truth is, a weak password is probably a bigger threat than Apple or the government snooping.

 

[44267547]

Yes of course they will, if presented with a proper warrant or other writ legal under the jurisdiction in question. There's no way they could refuse such a request, and they wouldn't. Apple execs have no desire to end up in the slammer for contempt of court charges...

At least some of the information Apple stores for their customers will be encrypted and thus difficult to access without the proper crypto key, but I don't know if that is true of everything Apple stores, like peoples' iCloud Drive files, or your iCloud photo roll.

Also, AES256 encryption, which is what I believe Apple uses, can be cracked by a state actor inside a reasonable timespan, and especially if you're using a bad password.

In any case, you really can't trust anyone with anything of yours, because you might always be betrayed, or in this day and age of hacks and exploits, data of yours might leak out of otherwise secure systems and end up in the hands of other people. That's a pretty paranoid view to take though, and it means you basically can't do anything online, as a lot of information about you can be inferred simply from monitoring the stuff you click on in your web browser, including your gender, rough age, where you live, what income bracket you reside in, your religious and political affiliation, sexual preferences and a bunch of other stuff.

So TL: DR answer to the question asked in the OP is both "yes" and "no". Hope that helps!

I'm not trying to offend you, but A warrant wasn't mentioned, because it goes without saying and Blatantly obvious. No one is above the law and you have no choice but to participate in divulging information when commanded. That's more of a common understanding from my perspective without contesting.

 

[sunking101]

Apple is the only solution i know for the safety of personal information security and privacy.

I'd favour a filofax hidden under a floorboard.
[doublepost=1482421884][/doublepost]I think that Google is perceived to be less secure with your personal information, and maybe it is, but Apple is also perceived to be super-safe....and maybe it isn't. Both are susceptible to hacking and both, I'm sure (despite what's said to the contrary) will assist government departments if demanded. Of course they will.

 

[burgman]

Apple is the only solution i know for the safety of personal information security and privacy.

Meanwhile in a galaxy far far away....
http://www.apple.com/privacy/government-information-requests/

 

[I7guy]

Apple is the only solution i know for the safety of personal information security and privacy.

To the extent allowed by law, I believe they are pro-customer privacy. Obviously some warrants can't be refused to the extent the law allows.