Cyber Week in Review: December 16, 2022

Apple expands end to end encryption on its devices 

Apple announced that it was expanding end to end encryption on its iCloud service for most users. The change will add encryption to most items stored on iCloud, including photos, notes, and message history. Apple said the move was in response to increased threats to its cloud storage services, both from state-backed and criminal hackers. The move to end to end encryption means that only those with decryption keys for the data will be able to view the stored data, effectively isolating any data from everyone but the owner of the iCloud account. U.S. law enforcement agencies expressed disapproval with the move, with the FBI saying they were “deeply concerned by the threat end to end and user only access encryption pose.” The FBI and other agencies have long opposed the use of end to end encryption because they say it makes collecting evidence of potential crimes more difficult. Civil liberties organizations and others have backed end to end encryption for years, saying that it helps secure a universal right to privacy. 

Japan joins effort to tighten chip controls 

Japan is likely to align its policy with recently imposed U.S. microchip controls on Chinese firms within the next month. The news follows reports last week that the Netherlands will also follow the United States’ lead on the issue. Japan and the Netherlands' decisions mean that equipment manufacturers like ASML and Tokyo Electron will no longer be able to sell to firms in China, effectively depriving the Chinese market of the machines needed to build any kind of advanced microchip. The details of Japan’s new policy are still unclear, but the U.S. controls are such that companies and individuals will be prohibited from selling equipment or providing expertise needed to manufacture under fourteen nanometers to firms in China. The Chinese government has attacked the moves, filing a formal complaint this week with the World Trade Organization, although experts said that the controls could be justified to the WTO as necessary to support U.S. national security.  

The United States adds thirty six Chinese companies to Entity List  

The U.S. government announced it was adding more than thirty six companies to its Entity List earlier this week, including Yangtze Memory Technologies (YMTC), one of China’s largest semiconductor manufacturers. Twenty one other companies on the list are involved in the production of microchips used for artificial intelligence. The move blocks the affected companies’ access to technology made with American equipment or expertise without a special waiver, and has previously been used against Chinese firms like Huawei. The addition marks an escalation in the ongoing U.S. campaign to curtail the Chinese semiconductor industry, including the imposition of widespread export controls in October 2022. China has responded in several ways, including by filing a dispute with the WTO. However, the government is also expected to announce a new $143 billion package to bolster the domestic semiconductor industry and counter the effects of the American sanctions. 

Chinese operators delete zero-COVID travel data 

China is following the relaxation of its controversial zero-COVID policy by decommissioning its “communication itinerary card” software, which has for the past thirty four months tracked users’ movement via a digital travel code. On Tuesday, the China Academy of Information and Communications Technology (CAICT) and three major telecommunications operators announced they would delete user data collected by zero-COVID tracking apps in order to “ensure the security of personal information.” A statement from Baidu—which operated the service—added that inquiry channels storing this information including text messages, web pages, WeChat applets, Alipay applets, and apps would be deleted in accordance with China’s sudden change in COVID policy. 

Meta releases report on influence operations 

Meta, the owner of several large social media platforms, including Facebook, WhatsApp, and Instagram, released a report on influence operations removed from the platforms. The report provides an overview of where the operations originated from, with Russia, Iran, and Mexico the most frequent sources. Notably, over 90 percent of the detected influence operations are directed against the same country they originate from. Meta has also been taking down an increasing number of influence operations every year. Despite the number of domestic-focused operations detected, Meta has still taken down high-profile foreign-focused operations recently, including earlier this year, when Meta announced the takedown of the first Chinese operation designed to influence U.S. domestic politics.