Some data on Apple users is stored on Russian servers to comply with local laws, iPad maker admits
Apple is reportedly storing data on servers in Russia in order to comply with local counterterrorism laws.
Apple in a filing apparently admitted it was storing the name, address, email and phone numbers of its Apple users in that country.
According to Bloomberg, Apple collects that data in Russia for customer service and to send users information on new products.
Apple is known to do a similar thing in China after that country introduced the Cyber Security Law (CSL) in 2017 which states that all personal information on Chinese citizens must be stored within the country,
Indeed, as far back as 2014 Apple was known to be storing personal data belonging to Chinese users in data centres located in China.
And it should be remembered that Apple does comply with Western national security requests.
The filing doesn’t make clear what other personal data is stored on the Russian servers. This could include more sensitive data such as messages, photos or contacts.
What the filing does apparently reveal is that Apple does store more information about its Russian staff in the country. This extra data is said to be include the Russian passport numbers of its Apple Russian staff, along with place and time of issuance; permanent and temporary addresses; history of work evaluations; and information about income.
Apple stores the data in a data centre in Russia operated by IXcellerate, according to a Russian media report back in 2015.
For its part, Apple has declined to comment on the matter, but CEO Tim Cook has previously admitted that Apple must comply with these types of national laws. However Apple does stress that the data is encrypted.
“We have servers located in many different countries in the world,” Cook told Vice News in an October interview. “They are not easier to get data from being in one country versus the next. The key question is how does the encryption process work and who owns the keys if anyone? In most cases for us, you and the receiver own the keys.”
Russia’s communications watchdog Roskomnadzor has been adamant since the law was introduced in 2015 in trying to get foreign based firms to comply with it, and has even threatened to close down Facebook in Russia.
Roskomnadzor ordered Russian telecom carriers to block access to LinkedIn in 2016, citing non-compliance with the law.
Remember, Google also stores some data in the country when the law kicked in.
Russia’s desire for compliance was demonstrated last year when Roskomnadzor went after messaging app Telegram in Russia, after it refused to give Russian state security services access to its users’ secret messages by handing over encryption keys used to scramble the messages.
Roskomnadzor got a court order to get telecommunications companies to block the Telegram chat app in Russia.
Russian authorities have previously accused Telegram of enabling terrorists to communicate in secret through the encrypted messaging and have blamed the app for concealing the messages of the suicide bomber who killed 15 people in St Petersburg in April 2017.
Do you know all about security? Try our quiz!