The Electronic Frontier Foundation (EFF) is a non-profit focused on digital rights of the end user. And today it is calling upon several companies to change their habits.
The EFF is calling their new effort the “Fix It Already” initiative. It is designed to give a clear message to several different companies, letting them know how, exactly, they can change their habits to help better protect their customers. There are nine steps to this initiative, each one outlined for a different company:
- Android should let users deny and revoke apps’ Internet permissions.
- Apple should let users encrypt their iCloud backups.
- Facebook should leave your phone number where you put it.
- Slack should give free workspace administrators control over data retention.
- Twitter should end-to-end encrypt direct messages.
- Venmo should let users hide their friends lists.
- Verizon should stop pre-installing spyware on its users’ phones.
- WhatsApp should get your consent before you’re added to a group.
- Windows 10 should let users keep their disk encryption keys to themselves.
Focusing on Apple, the EFF believes that the company should allow customers encrypt their iCloud backups. The non-profit does point out that while the data is on an Apple-branded device it is encrypted. However, when it is uploaded to iCloud the encryption method means that Apple can access that data, too. The EFF notes that this change makes that information accessible to government requests, along with Apple itself.
What’s more, the EFF admits that Apple’s Chief Executive Officer, Tim Cook, already agrees with this. As noted in the non-profit’s reason why this particular issue is important, it points out an interview that Cook provided to Der Spiegel:
“SPIEGEL ONLINE: Is the data also secure with your online service iCloud as on the devices?
COOK: There our users have a key and we have one. We do this because some users lose or forget their key and then expect help from us to get their data back. It is difficult to estimate when we will change this practice. But I think that will be regulated in the future as with the devices. So we will not have a key for it in the future.”
Whether or not Apple actually deploys this at any point in the future remains to be seen.
You can head through the source link below and see the EFF’s other action elements.
What do you think? Should Apple lose its own key to customer data, all in an effort to keep it even more secure?[via EFF]