I’m a big fan of Apple. I think the company makes some of the best gadgets on the market, provides some of the best digital services, and has a leadership team that is second to none in the tech industry. The company has, of course, had its missteps, and there is always room for improvement, but overall, Apple is one of the rare bright spots in Big Tech.
The company’s legendary stance on privacy is a big reason it shines. Without a doubt, Apple leads when it comes to giving users control over who has access to their data and how it is used. Of course, it’s economically feasible for Apple to do this because the company’s revenues aren’t reliant on monetizing consumer data. The fact that Apple could monetize consumer data (and make billions more each quarter by doing so), but chooses not to, tells me their privacy stance is more than just good marketing.
Years before Apple started openly advertising its privacy strengths, the company was already leading the way. The company’s messaging platform—formerly known as iMessage, but now called Apple Messages, or, simply, Messages—was one of the first major messaging platforms to offer end-to-end encryption by default.
Of course, end-to-end encryption doesn’t just keep your thoughts out of the hands of nefarious nation-states; it also prevents hackers and other bad actors from compromising your messages should they successfully hack Apple.
But one thing has always bugged me about Apple’s Messages: Apple has the means to read everything you send and receive. That’s because while Apple Messages are end-to-end encrypted in transit and on the sender’s and receiver’s devices, if the user backs up their Apple Messages to iCloud (as nearly all do) their messages are not stored in their iCloud backup in an end-to-end encrypted state. Instead, Apple holds the keys to unlocking your messages. And that has profound privacy implications for the company’s users.
Since Apple Messages users’ messages are not stored in an end-to-end encrypted manner in their iCloud backup, every missive that a user has ever received or sent can be accessed by Apple, along with any government that can give Apple a court order to turn over the user’s iCloud backup, and any hacker that can compromise Apple’s keys. If you store your Messages in your iCloud backup, the end-to-end encryption that Apple’s Messages offers is essentially worthless, giving users a false sense of security.
This brings me to Meta (aka Facebook). I’m not a fan of the company at all. Facebook has been reckless with users’ personal data, and its social media platforms are horrible for its users’ mental health. But a year ago, one of Meta’s main products—WhatsApp—did something that shocked me: It made its messaging platform more private and secure than anything Apple offers.
Not only are personal messages on WhatsApp end-to-end encrypted (though a message to a business could be accessed by various people at the company), but a user’s entire WhatsApp iCloud backup can now also be end-to-end encrypted. That means if a nefarious state gives Apple a court order to turn over a user’s iCloud backup, that state will be able to read the user’s Apple Messages, but not their WhatsApp messages. That means Meta’s WhatsAp—and I can’t believe I’m saying this—is now a more private and secure option for iPhone users than Apple’s own messaging app.
You can bet that Meta would have loved to strike back. But how? Meta and Apple don’t compete on many significant fronts (though AR may be an upcoming exception). Messaging is one of the few arenas where they do overlap.
In the United States, Apple’s Messages is one of the most popular messaging platforms and is a big reason why consumers buy and stick with iPhones. If Meta can get WhatsApp to become more appealing in America (as it is in other places around the world), consumers will have one fewer reason to stick with an iPhone the next time they’re in the market for upgrading their device. Once you switch your messaging app away from Apple’s, switching platforms from iOS to Android isn’t that much of a pain anymore.
Why hasn’t Apple enabled end-to-end encryption when it comes to Messages backed up on iCloud? The company didn’t respond to my request for comment. In the past, Apple execs have told me that the reason Messages are not end-to-end encrypted in iCloud backups is so that Apple can restore a user’s messages if a user forgets their password. That’s definitely a reason—it’s just not a very satisfying one. After all, why can’t Apple give users the option of end-to-end encrypting their Messages backup? Can’t a user choose to risk losing access to their messages if they forget their password?
After Meta introduced end-to-end encrypted iCloud backups for WhatsApp messages last year, I was sure that Apple would do the same by the time iOS 16 came out; that Apple would not be willing to let Meta, of all companies, steal its privacy crown.
I was wrong.
Regardless of Apple’s reasoning, until the company stores a user’s Messages in an end-to-end encrypted form in their iCloud backup, people who care about having the ultimate privacy and security for their messages should probably switch from Apple’s Messages to Meta’s WhatsApp.