Skip to main content

How Secure Is iCloud?

iCloud's policy

Apple has been implicated in the National Security Agency's (NSA) data-mining PRISM operation, which means its iCloud storage system may be at risk, too. It's hard for Apple users to avoid iCloud entirely, but there are ways to safeguard many iCloud files.

By now, just about everyone is familiar with whistle-blower Edward Snowden and the PRISM NSA data-surveillance program he brought to light. The NSA collaborated with a number of tech companies, including heavy hitters like Google, Facebook and Apple.

Snowden's leaked PRISM documents did not specify which parts of Apple fall under NSA scrutiny, but it's hard to avoid iCloud. Unlike Google Drive or Dropbox, iCloud is not exclusively a file-storage service. Rather, it stores everything from your iTunes library to your calendar to your documents, across all of your Apple products.

If you don't own any Apple products, there's no reason to use iCloud — you can use it, but it's cumbersome and unintuitive for simple file storage. If you have any iDevices or a Mac, however, iCloud is an invaluable tool, and one that you'll use by default.

Apple's privacy policy runs eight pages, and although it collects a great deal of personal information, it cannot do much with said information. "We may collect a variety of information, including your name, mailing address, phone number, email address, contact preferences and credit card information," it states.

The company also collects "nonpersonal information," including "occupation, language, ZIP code, area code, unique device identifier, location and the time zone where an Apple product is used." It is hard to see how "occupation" and "unique device identifier" do not fall under "personal information."

Perhaps more troubling is that when users share content with friends, send gift certificates or invite people to the Apple forums, "Apple may collect the information you provide about those people, such as name, mailing address, email address and phone number." It might be acceptable to employ this policy on users who opt in to Apple's privacy policy, but it could be overarching for Apple to cause users to unwittingly surrender another person's information through a gift card.

MORE: Five Apple Security Myths and the Hard Truths