Home » Blogs » Why Turn on End-to-End Encryption for iMessage, iCloud, iPhone Backups in iOS 16.2
January 27, 2023

The latest iOS 16.2 included a major security enhancement that brings to life a long-requested feature: full encryption for iMessage in iCloud, iPhone backups, and several other apps and categories. This affords users the opportunity to simplify their current approach to ensuring secure encryption of private data stored in their Apple iCloud account.

Full Encryption, Finally

Apple iMessages, iCloud keychain, health data, and other apps are already protected by end-to-end encryption (E2EE), but the latest update brings full encryption to your iPhone iCloud backup, iCloud drive, Notes, Photos, Reminders, Safari Bookmarks, Siri Shortcuts, Wallet Passes, and Voice Memos. With E2EE enabled, these apps are all protected by end-to-end encryption when they are in transit and at rest. This means that the data is encrypted while it is being transmitted between your device and iCloud and is also encrypted when it is stored on iCloud servers.

Full encryption, on the other hand, refers to the practice of encrypting all data stored on a device and transmitted over a network. This means that all data on the device or network is encrypted and can only be accessed by someone who has the necessary decryption key. With Apple releasing E2EE encryption for iCloud in the iOS 16.2 update, essentially they’re saying that encryption keys will be stored on Apple servers, and only trusted and enrolled devices can access them to decrypt contents from iCloud.

End-to-end encryption helps to protect your data from unauthorized access or tampering. It ensures that only you have access to your data and that it cannot be read or accessed by anyone else, including Apple. This provides consumers with the encryption they’ve long sought after because previously if there was a breach in the cloud, or Apple was given a warrant, they could produce or access data.

The Old Days of iCloud Backups

Prior to iOS 16.2, iCloud Backups could be collected directly from Apple using eDiscovery investigative tools. This is a category of software programs that help organizations and legal professionals search, collect, and analyze electronic data as part of the eDiscovery process. These tools are used in legal proceedings, such as civil litigation, criminal investigations, and regulatory inquiries, to identify and produce relevant electronic information that may be used as evidence.

eDiscovery investigative tools can make or break a case. However, many of these tools require the user to share their iCloud username and password, as well as provide two-factor authentication code pushed to a “trusted” device. There are several benefits to this approach. First, iCloud backups are created automatically each night while the device is locked, charging, and on Wi-Fi, often in advance of a specific collection need. This ensures that data is maintained on a constant basis, and it minimizes risk of loss. Second, no user interaction with the device required, except to authenticate. This helps minimize the risk of human error. Likewise, there is no device/custodian interruption that could compromise the secure encryption

Despite the benefits of using third party tools to collect and secure iCloud data, there are several drawbacks. First, an iCloud backup takes a long time to retrieve from Apple directly. A 100GB iCloud backup can take over 24 hours if it doesn’t fail or authentication times out, and having to backup this amount of data is not uncommon. Second, if your iCloud account runs out of available space, users must purchase additional storage and initiate a fresh backup causing an at least 24-hour delay. Finally, Apple regularly updates iCloud and breaks third-party collection capability. This leaves the door open for exclusion of critical data. Moreover, the output format requires traditional processing of the native SQLite databases and attachments for all text messages and other data types.

Alternatively, iCloud sync data is a section of iCloud storage not related to iCloud backups and contains a mirrored copy of specific apps such as Messages, Photos, Maps, Calendar, Contacts, Health, iBooks, Notes, Safari, Voice Memos, Wallet and Wi-Fi (depending on user device settings). This is the only location additional text messages might exist for some users, and it is very difficult to access, manage, and extract from.

It’s Time for Change

There are several benefits to enabling E2EE encryption for iCloud accounts, but there is one substantial drawback to users who are already using iCloud backup and iCloud sync collections from third party providers like those discussed above: they will break. They may not be disrupted permanently, but it will take several weeks – if not months – for the third-party developers to catch up. So, even though you need to enable E2EE encryption in your Apple iCloud account to capture all of the security benefits of the new iOS features, you may face potential challenges with your third-party security tools – that is, unless, you’re using ModeOne.

ModeOne is a self-service (SaaS) framework that empowers users to easily manage case facts and obtain and analyze vital evidence stored on smartphone and short-message chat applications. Our automated, defensible, secure, and cost-certain workflow is the litigation profession’s first automated, fully remote data acquisition service with global reach.

Data Security is a primary focus at ModeOne, and we’ve already been protecting client data by implementing multiple layers of security, high-level encryption, and consistent updates to our data protection solutions to address constantly emerging attack vectors. Data stored within our environment is secured using industry standard AES-256, FIPS-140-2 compliant encryption. ModeOne has also taken great steps to ensure that data is encrypted both in transit and at rest using AES-256 certificate-based ciphers. All this security – plus it’s compatible with the security upgrades in iOS16.2 – an update that has already been known to complicate e-discovery. Litigation professionals can improve their performance and simplify their e-Discovery needs by using ModeOne to capture relevant data from smartphone and short-message applications.