Apple Compromised User Privacy to Continue Doing Business in China

Complying with local laws

The highlight of the NYT report is a new data center -- expected to be finished next month -- Apple is building in Guiyang, China. Apple's servers there will store Chinese users' data, and although it'll be encrypted, the keys to decrypt such files will also be kept in China, with Chinese government employees physically controlling and operating the data center. The NYT says this will leave them potentially accessible to the Chinese government and make user data easy to access, compromising users' privacy in China.

This is quite different from Apple's well-known conventional strategy, which is to send the data to their main servers in the United States through cloud computing and keep data encrypted in a way that even Apple can not access.

Back in 2018, Apple also moved encryption keys for iCloud users from China to the country itself, a move which was required by recent Chinese legislation.

In a statement to NYT, Apple told that it complies with laws in China and did "everything it could" to not compromise data privacy. "We have never compromised the security of our users or their data in China or anywhere we operate," the company told the NYT, repeating itself when asked for more details.

According to an Apple spokesman who talked with NYT, the company still controls the encryption keys for consumer data and uses more sophisticated encryption technologies there than in other countries.

This isn't the first time something like this has made the news, though. Apple has also censored its App Store on subjects such as the 1989 Tiananmen Square massacre, the spiritual movement Falun Gong, the Dalai Lama, and mention of independence for Tibet or Taiwan to "comply with local laws."

According to NYT's own analysis based on Sensor Tower data, about 55,000 active apps have vanished from Apple's App Store in China since 2017. "More than 35,000 of those apps were games, which in China must get approval from regulators," NYT wrote. "The remaining 20,000 cut across a wide range of categories, including foreign news outlets, gay dating services and encrypted messaging apps. Apple also blocked tools for organizing pro-democracy protests and skirting internet restrictions, as well as apps about the Dalai Lama."

Apple, on the other hand, reportedly denied those numbers, claiming that some developers chose to pull their apps on their own. You can read Apple's full statement on the NYT story down below:

Here is Apple's full statement on our story.

After Apple sent this, I worked with the company to understand what it believed to be wrong in our story and then made changes to correct any outdated information and to include their view when needed. pic.twitter.com/shwaJkWyAi

— Jack Nicas (@jacknicas) May 17, 2021