Apple is under fire in Europe again, this time in Italy. And Italian regulator that has taken issue with apples business behaviors in the past has recently issued a new report on cloud services offered by Apple, Google, and Dropbox. The conclusion of the report is that some of Apple’s iCloud terms and conditions are illegal.
The Elements Under Scrutiny
Italy’s L’Autorit Garante della Concorrenza e del Mercato (AGCM) began investigating the cloud services in 2020. Its investigation is complete, and the regulator criticizes Apple for its self-assumed rights to change the iCloud conditions at any time, the efforts Cupertino takes to avoid liability, and the lack of transparency over data security.
The AGCM report brings to light an aspect of iCloud data security you may not be aware of. If you don’t use your iCloud account at all for six months, Apple maintains the right to delete it all.
Furthermore, the AGCM argues Apple gives users no information about how the company secures and backs up iCloud data. Instead, Cupertino encourages subscribers to make their own backups. AGCM contends most users won’t even know that because it’s not widely publicized.
Apple’s Response to Scrutiny Over Its iCloud Terms and Conditions
Cupertino contributed to the investigation, and commented on the points raised. However, it’s legal team claims that the iCloud terms and conditions cannot be in breach of Italian law. Specifications within the terms and conditions stipulate they are only applicable to the extent allowed by those laws.
Even so, the report concludes that Apple and others have unfair terms which may be illegal. The report does not specify any remedies, and it does not give any indication of what the Italian authorities intend to do about it.
In the past, AGCM has ruled against Apple over the company intentionally slowing down iPhones using chemically depleted and worn batteries.
Jeff:
To be sure, most of us do not know the terms of our use of cloud and other services (or for that matter, even the terms of home repair services, but I digress). There is a serious issue regarding terms and contracts for cloud, software and other digital-related products and services that, simply by their complexity, violate the legal definition of informed consent.
Legislators, if they wish to be of service in dealing with tech, big and small, will address this with a requirement by companies to provide a short-form consent process that tracks to the more complex one, but that the average user, with no more than a secondary/high school education can read (in about 60 – 120 seconds) understand and come away informed. We should revisit this topic, although it might be wasted on legislators who seem solely preoccupied with their own re-elections and privileged parking permits.
As for Apple’s, or anyone else’s cloud storage services, it is standard practice to have redundancy/backups (see Brad Smith’s Tools and Weapons). That a company does not state so in their terms of use likely has more to do with who drafted these (lawyers, not IT) than it is of SOP.
Not having backups in the cloud, or a way to recover data, would be scandalous and should be prosecutable negligence.