Tim Cook Holds Firm On iMessage Security: It’s Encrypted, And We Don’t Have A Key

As Apple continues to come under some attack for how it handles iCloud security, the company’s CEO Tim Cook is holding firm on the company’s priorities when it comes to data protection.

In part 2 of an interview with Charlie Rose, airing on PBS tonight, Cook is adamant that Apple is not in the business of collecting data, but rather selling hardware, and, as such, it puts data privacy as a priority. “We’re not reading your email. We’re not reading your iMessage,” Cook said. “If the government laid a subpoena to get iMessages, we can’t provide it. It’s encrypted and we don’t have a key. And so it’s sort of — the door is closed.”

The comments sit not just as a defense of Apple in the wake of the celebrity iCloud selfie scandal, where racy photographs were obtained by malicious, phishing hackers and then distributed online (Apple plainly denied a security breach); but they are also a reiteration of an argument Apple first brought up a year ago, when the company came out with its original defense of the security of its iMessage messaging platform in the wake of NSA revelations — a position that was questioned and debunked by some security researchers.

Cook’s comments are also something of an indirect snub to Google, the search and Android giant that Cook flat-out called Apple’s biggest competition in the first part of his Rose interview.

Here are Cook’s remarks in full in response to Rose’s comment about how some people feel like “companies like Google” are in possession of too much information, some of it personal.

We take a very different view of this than a lot of other companies have. Our view is, when we design a new service, we try not to collect data. So we’re not reading your email. We’re not reading your iMessage. If the government laid a subpoena to get iMessages, we can’t provide it. It’s encrypted and we don’t have a key. And so it’s sort of, the door is closed. But our business Charlie, is based on selling these [pointing to devices]. Our business is not based on having information about you. You’re not our product. Our product are these, and this watch, and Macs and so forth. And so we run a very different company. I think everyone has to ask, how do companies make their money? Follow the money. And if they’re making money mainly by collecting gobs of personal data, I think you have a right to be worried. And you should really understand what’s happening to that data. And companies I think should be very transparent about it.

He also touched on how this relates to new products that Apple is launching — specifically its e-commerce effort, Apple Pay:

From our point of view, you can see what we’re doing on the credit card thing. We don’t want it. We’re not in that business. I’m offended by lots of it. And so, I think people have a right to privacy.

He also went back to how Apple has handled and would respond to data requests from organizations like the NSA, maintaining that Apple would “never allow” backdoor access to its servers. Cook’s position is that questions of data privacy will be a “key topic over the next year or so.”

And we’ll reach higher and higher levels of urgency as more and more incidents happen. I think that the, for us, in the Snowden thing, just to go along on that for just a moment. What we wanted, was, we wanted instantly to be totally transparent because there were rumors and things being written in the press that people had backdoors to our servers. None of that is true, zero. We would never allow that to happen. They would have to cart us out in a box before we would do that. It’s, if we ever get information, and we finally got an agreement from the administration to release how many times we had national security orders on Apple. And in a six month period, and we had to release a range, because they won’t let us say the exact number, it’s between zero and 250. That’s the lowest number you can quote. Zero to 250.

An excerpt from the interview is below: