Apple’s New Encryption Policy Will Complicate E-Discovery Efforts

Apple will be expanding its security policy to allow end-to-end encryption of iCloud backups, taking away an important channel for data collection and processing from e-discovery professionals and law enforcement.

[Editor’s Note: EDRM is grateful to of Isha Maranthe of Legaltech News for covering the new Apple encryption and quoting Mary Mack and EDRM friends Greg Bufithis and Marcin Kreiger, Reed Smith. An excerpt follows.]

Apples New Encryption Policy Will Complicate E-Discovery Efforts-Isha Marathe

Apple has seldom shied away from spearheading consumer privacy, often butting heads with law enforcement and federal officials in the process.

As the year comes to a close, the tech giant is forging on. The company announced last week that it would be rolling out end-to-end encryption for all opted-in iCloud backups as a part of its Advanced Data Protection terms. Only Apple’s Mail, Contacts and Calendar systems will be excluded from the new policy.

What’s more, Apple will not hold the encryption keys to this data. The policy goes as far as to state: “If you lose access to your account, only you can recover this data, using your device passcode or password, recovery contact, or recovery key.”

I think discovery vendors are going to be in the hot seat because I think corporations and law firms are going to say, all right, how do we crack this? Can we crack this….Apple walks the thin line that technology companies must walk between aiding public safety and ensuring customer privacy.

Gregory Bufithis, Luminative Media

At a time with nary a shortage of data breaches, cyberthreats and inadvertent data disclosures, Apple’s latest news may evoke a sigh of relief in many privacy, e-discovery and forensics professionals.

At the same time, it is also poised to make their jobs more difficult, effectively nixing a valuable tool in the pockets of forensic examiners—the encryption key. And while legal professionals say the trouble is worth it, it’s likely to spell a different story for law enforcement, possibly leading to an overdue battle in court.

Mary Mack, CEO of Electronic Discovery Reference Model (EDRM), said the news is a repose in light of the leaks of highly sensitive communications. Still, she added that the challenge for those collecting and processing evidence in discovery cannot be ignored.

“From an evidence perspective, this is really going to challenge the professionals that collect the phones,” Mack said. “Anyone who has lost their Apple ID will appreciate that it’s hard to get one back. So it’s very important that the custodians cooperate and that the e-discovery professionals create conditions where it’s easy for the custodians to comply probably sooner rather than later after a legal hold has been issued.”

Essentially, law enforcement will no longer be able to subpoena user data from Apple, so long as the user has chosen to opt-in to this encryption service.  Similarly, Apple will not have the capability to provide user data in response to third party requests.

Marcin Kreiger, e-discovery counsel at Reed Smith

It is difficult to discuss e-discovery’s views on end-to-end encryption of iCloud without mentioning the drawn-out legal battle between the Federal Bureau of Investigations and Apple back in 2016. The company, under CEO Tim Cook, famously refused to break the encryption on an iPhone that belonged to a gunman involved in the San Bernardino mass shooting in 2015.

Read the entire article here.


  • Mary Mack

    Mary Mack is the CEO and Chief Legal Technologist for EDRM. Mary was the co-editor of the Thomson Reuters West Treatise, eDiscovery for Corporate Counsel for 10 years and the co-author of A Process of Illumination: the Practical Guide to Electronic Discovery. She holds the CISSP among her certifications.

    View all posts