It was first suggested back in 2016 that Apple would be bringing Google into the mix, but this update – spotted by CNBC – is the first official confirmation.
Data stored on Google may include contacts, calendars, photos, videos, documents and more, but Apple is keen to stress that Google has no means of accessing that data.
All Google would see is meaningless encrypted data, with no way to tie even that to any particular individual. Apple doesn’t go into specifics about its use of third-party servers, so it’s possible that the same user data is spread across more than one platform.
Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk’s contents that utilizes SHA-256. The keys and the file’s metadata are stored by Apple in the user’s iCloud account. The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as S3 and Google Cloud Platform.
The iOS Security Guide is a document Apple uses to explain the measure it takes to ensure the security of iOS and the privacy of its customers.