Apple is openly defying US security orders, but in China it takes a very different approach - Quartz

Apple’s response to US and UK government demands for backdoors to user data has been direct, bordering on defiant. Yesterday (Feb. 16), Apple CEO Tim Cook published a letter explaining the company’s refusal to comply with a US federal court order to help the FBI access data on a phone recovered from one of the attackers in the San Bernardino, California shootings.

Apple appears to take a different tack in dealing with data security demands from China, a key growth market for the company.

In January 2015, the state-run newspaper People’s Daily claimed, in a tweet, that Apple had agreed to security checks by the Chinese government. This followed a piece in the Beijing News (link in Chinese) that claimed Apple acceded to audits after a meeting between Cook and China’s top internet official, Lu Wei. China’s State Internet Information Office would reportedly be allowed to perform “security checks” on all Apple products sold on the mainland. According to the report, this was despite Cook’s assurances that the devices didn’t contain backdoors accessible by any government, including the US.

If Apple had indeed agreed to a Beijing security audit, it could have shared vital information with the Chinese government, such as its operating system’s source code, that could indirectly help government agents discover vulnerabilities on their own. It would have been a serious departure from Apple’s public, privacy-centric stance.

Cook has said on earnings calls that he believes the Greater China region, which includes Taiwan and Hong Kong along with the mainland, will eventually become Apple’s biggest market. Some could get the impression that Apple capitulated to Beijing’s security demands because it wanted access to a huge and growing market.

Instead of addressing those rumors head on, Apple didn’t say either way whether it had agreed to a Beijing security audit. Apple didn’t respond immediately to Quartz’s attempts to confirm those reports at the time, and said weeks later it could not comment on them. When contacted today, an Apple spokesperson pointed Quartz to the company’s privacy policy, which states that the company has never worked with any government to create a backdoor to its products. “We have also never allowed any government access to our servers. And we never will,” the policy reads.

That’s in stark contrast to the company’s forthright approach elsewhere in the world. In the US, Apple has made Cook available for interviews, where he has argued strongly against government backdoors. In the UK, Apple has publicly opposed a draft surveillance law that could mandate a backdoor. Cook has also given interviews warning of the “dire consequences” arising from backdoors.

Why the different approach in China? To be clear, Apple hasn’t said that it agreed to special security checks by Beijing. But that’s precisely the problem. Its silence regarding Beijing’s security demands, but its vocal resistance to requests from other governments, contributes to a perception that it has different security standards for different markets–even when that may not be the case.

This article was updated with more information about Apple’s earlier response to claims it was allowing audits in China.

http://qz.com/618371/apple-is-openly-defying-us-security-orders-but-in-china-it-takes-a-very-different-approach/