Apple Stores Customer Data In China

Apple has said that it has been storing Chinese customers' data inside data centres based in China in compliance with  the orders of Chinese authorities to keep the personal data of its Chinese customers within the country’s borders. 

The iPhone maker is building two new data centres in China to house the data, as the company seems to have reportedly ceded to the country’s law that requires all personal information and data collected in China, to not leave its borders.

Apple does claim that it has "never compromised the security" of either its customers or their data and is merely complying with Chinese law about the data storage of its nationals, as with the laws of all the countries in which it has a presence. However, China has long been accused of using technology to monitor its population and there are concerns that Apple user data may be easily accessible by the Chinese government.

"We retain control of the encryption keys for our users' data, and every new data centre we build affords us the opportunity to use Apple's most cutting-edge hardware and security technologies to protect those keys," Apple said in a statement. "In addition, we handle law enforcement requests in China through the appropriate legal process, just like we do everywhere else, and we regularly and transparently report the instances when we are compelled to provide user information."

In December 2020 Apple removed 46k apps from its China App Store, following a deadline set by the state.The majority were games, which require an official lisence to be available in the country and Apple employees were instructed to flag those apps that company management perceived would anger the Chinese government. 

 Topics on those apps that would get flagged under this policy would certainly include the exiled Tibetan Dalai Lama and exponents of  independence for Taiwan, which China argues is a province of the nation. Some of the apps removed from the Chinese store related to gay dating services and foreign news organisations.

Washington Post:      BBC:       Techradar:        Fortune:      New York Times:         Business Insider:     Image: Unsplash

You Might Also Read:

Russia To Block LinkedIn:

 

« Will Governments Ban Ransom Payments To Hackers?
The History Of The Internet And Its Future »

Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Mandalorian Security Services

Mandalorian Security Services

Mandalorian Security Services specialise in technical Information Assurance services, such as penetration testing and in Incident Response to malware and high-end targeted attacks.

GovInfoSecurity.com

GovInfoSecurity.com

GovInfoSecurity.com is an educational portal published by Information Security Media Group, a media company specializing entirely on information technology risk management.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

Cyber-Physical Systems Security Institute (CPSSI)

Cyber-Physical Systems Security Institute (CPSSI)

CPSSI is a non-profit, by-invitation-only research and educational organization focused on practical and theoretical solutions to the cybersecurity challenges facing Cyber-Physical Systems.

Netragard

Netragard

Netragard has an established reputation for providing high-quality offensive and defensive security services.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

DAtAnchor

DAtAnchor

Anchor is simply a better way to protect and control sensitive data. Zero-trust, data-centric security. Simplified.