iPhone photo security is suddenly in the news—so here’s one change you can make to fully protect all your memories on your device and in the cloud…
How to keep your iPhone photos completely locked
When EU Competition Commissioner Margrethe Vestager hinted that Apple might be forced to give users the option to delete its Photos app, she inadvertently drew attention to the security of the iPhone’s walled garden: “Apple failed to prevent the installation of several apps (one of which would be photos) and prevents end users from changing their default status (for example cloud), as required by DMA.”
Vestager’s remarks were published thanks to John Gruber’s Daring Fireball. “In his remarks, Vestager makes it clear what was not clear in the EC’s announcement about the investigation,” says Gruber, “they have a problem with photographs. If they meet the requirement that photos cannot be installed at all (rather than just hidden from the home screen, as they are now), it would represent another way in which the European Commission stands as the designer of how operating systems should work. “
More like location data or access to a phone’s dialer, microphone, or camera, iPhone photos are considered intrinsically private. Apple has introduced security measure after security measure to make this even better, from masking EXIF location data to selectively sharing images. This is not similar to changing your browser or app store.
Gruber again: “Photos is not just an app on iOS; it’s a system-level interface for camera capture… integrated across the entire iOS system, with per-app permission prompts to grant different levels of access to your photos.” Offering that iPhone real estate to an alternative vendor is fraught with risk. “Honestly, I don’t even know how such a request could be reconciled with system-wide photo access permissions.”
Photo privacy has proven to be a critical topic among iPhone users. Back in 2021, Apple toyed with the idea of device-side scanning of users’ photos to identify and flag child sexual abuse material (CSAM) in a database of known images. Such was the reaction to photo analysis that Apple gave up on the idea altogether.
So how secure are the photos on your iPhone?
As with most basic data stored on your iPhone, the Photos ecosystem is intrinsically tied to iCloud. This allows you to share images across all your trusted devices, create shared albums, even reduce the size of images on your device with the originals stored securely in the cloud. Everything is flawless.
Apple has always relied on the device’s AI to categorize and analyze photos, instead of running this side of the cloud. It was this difference to Android’s access to Google Cloud that was a key part of the backlash in 2021. What happens on your iPhone must stay on your iPhone, even when that involves its iCloud backend.
However, in terms of encryption, it is not waterproof. Protected on your iPhone by device security, then encrypted during upload to iCloud and at rest when stored on iCloud, but—and that’s a big but—with Apple holding the decryption key.
So no in full private and not in full sure.
But that all changed early last year with the launch of iCloud’s Advanced Data Protection (ADP). This was the most significant improvement to phone data security in years—for the first time, full end-to-end encryption extended to photos stored in the cloud, as well as notes, voice recordings, device backups, even iCloud Drive. Apple no longer had access, assuring that ADP “protects the vast majority of your iCloud data, even in the event of a data breach in the cloud.”
Ironically, the US Department of Justice’s lawsuit against Apple focuses on allegedly compromising user security for commercial reasons with iMessage. These latest EU comments would do the opposite, forcing Apple to create users less safe for commercial reasons, introducing competition when it is hard to see why it is necessary and where it is certainly not worth the risk. The comments seem to betray a poor understanding of how iOS works and why it benefits users.
Apple strongly rejected other changes to the European Digital Markets Act (DMA), particularly the opening of third-party app stores. “The DMA,” he warns, “requires changes.” [its] a system that carries greater risks for users and developers. This includes new avenues for malware, scams and fraud, illegal and harmful content, and other threats to privacy and security. These changes also threaten Apple’s ability to detect, prevent, and take action against malicious apps on iOS, and to support users affected by issues with apps downloaded outside the App Store.”
Several analysts expect Photos to be separated from iOS — that would be a nightmare for Apple, and it would be hard to see it working in practice or providing any material benefit. It seems to be change for the sake of change. But it’s good to consider the privacy and security of your data and the choices you’ve made.
And ADP is one such choice you can make. It comes with some trade-offs—primarily that if you lose access to your trusted devices and your security code, Apple can’t get any of your data back. End-to-end encryption is just that, and you run the same risk with any such completely secure messaging or other platform.
I have been using ADP for a year and it is exceptional. It works flawlessly on all devices, providing a new level of security. Then the only risk is endpoint compromise, which can be greatly mitigated with firmware updates and reasonable access to apps, links, installations and attachments.
ADP isn’t for everyone—but if you’ve decided to read this article and pay attention to the level of security on your device, even if it protects against relatively theoretical risks like the FBI’s demand that Apple hand over your data, then it’s probably for you. And it’s been in the wild long enough that it’s well proven.
Photos cannot be exchanged or returned. I feel that if there is additional security and if it is freely available and easy to use, the decision is simple.
You can enable ADP from iCloud settings on your iPhone. All your trusted devices must have up-to-date firmware. When you turn it on, you’ll receive a recovery code that you can record, print, and store in some physical safe place; you can also nominate a trusted friend or family member who can help you recover your account.
And so in the EU. More than app stores and browsers, these latest comments about the core of Apple’s ecosystem go to the heart of why users choose the iPhone in the first place. Security, privacy, insurance. Tear down much of that walled garden and they will be gone. That’s when Apple really starts to feel like Android. And if that happens, isn’t user choice reduced, not strengthened…