Apple Is Storing More Than 8 Million Terabytes of Our iCloud Data on Google’s Servers

From Reno, Nevada to Prineville, Oregon and even across the pond to Denmark and Ireland, Apple has invested billions of dollars in building its own data centres. Even so, however, it seems the company can’t build them fast enough to keep up with the demands of its users.

A new report shows that much of the storage space used for iCloud is actually being rented from none other than Apple’s favourite frenemy, Google.

In fact, according to a new report from The Information, Apple is now Google’s largest customer, paying them around $300 million per year for 8 exabytes — that’s 8 million terabytes — of storage for its iCloud services — a 50 percent increase from last year.

To put that in perspective, Google’s second-largest single customer, ByteDance — the company behind TikTok — only stores around 500 petabytes, or 500,000 terabytes, of data.

In fact, The Information says that Apple is such a huge customer that it’s now known internally by Google Cloud employees as “Bigfoot.”

Of course, this $300 million annual storage payment pales in comparison to the $10 billion or so that flows in the other direction — the amount of money that Google pays Apple each year for the privilege of being the default search engine on the iPhone and iPad.

Doing the math, this works out to around $1/month for 29GB, or 3.5 cents per GB. To be fair, enterprise cloud storage pricing is complicated, with fees charged not only for the raw storage, but also for all the costs of moving data in and out — and it’s likely that Apple is moving a lot of data back and forth, since this is live iCloud storage.

What’s interesting, however, is that if these numbers are accurate, it means Apple is actually paying Google more to store this data than it’s making on its higher-tier iCloud storage plans.

For instance, at $9.99/month, 2TB of iCloud storage works out to $0.0005 per GB. Of course, it’s also fair to say that storage in Apple’s own data centres costs significantly less than it costs to rent that same storage from Google, so Apple is almost certainly still coming out ahead overall.

What Does All of This Mean for You?

Apple has never made it a secret that it relies on external cloud storage providers for at least some of our iCloud data. In its Platform Security Guide (PDF version), it reveals that it uses “both Apple and third-party storage services” such as Amazon Web Services and Google Cloud Platform.

However, the iCloud Security Overview also goes on to note that everything stored on these services is fully encrypted and that its partners “don’t have the keys to decrypt the user’s data stored on their servers.”

Each file is broken into chunks and encrypted by iCloud using AES128 and a key derived from each chunk’s contents, with the keys using SHA256. The keys and the file’s metadata are stored by Apple in the user’s iCloud account. The encrypted chunks of the file are stored, without any user-identifying information or the keys, using both Apple and third- party storage services—such as Amazon Web Services or Google Cloud Platform—but these partners don’t have the keys to decrypt the user’s data stored on their servers.

Apple Platform Security, May 2021

In fact, this isn’t all that different from what the vast majority of software developers do when it comes to enterprise cloud storage services. Amazon, Google, and Microsoft all provide raw buckets for data as part of their business, and they don’t particularly care what you store there.

Lots of other big companies also use these cloud storage providers, from Netflix, Epic Games, and Twitter to PayPal, Equifax, and Capital One. However, no developer in their right mind is going to be storing data on Amazon Web Services or Google Cloud “in the clear,” and Apple is certainly no exception.

In other words, what Apple is storing on Google’s cloud services are big chunks of data that are completely unintelligible to anybody but Apple. Even data for which Apple holds the encryption keys is encrypted in Apple’s own data centres, so naturally it’s also encrypted before it’s sent to Amazon or Google.

Further, a great deal of the information you store in iCloud is also end-to-end encrypted, which means it’s protected in such a way that even Apple can’t access your iCloud data — and if Apple can’t access it, then there’s no way that Amazon or Google can.

This includes obviously sensitive data such as Apple Card transactions, payment information, saved accounts and passwords, and HomeKit and Health data. However, it also encompasses things you might not expect to be end-to-end encrypted, such as your favourites and collections in Apple Maps, your Safari History, and even your Memoji.

Further, the learned vocabulary from the QuickType Keyboard is also end-to-end encrypted, so Apple has no way of knowing how often you type the word “duck.”

Your Messages conversations are also encrypted, although these come with an important caveat. Since the key that protects your Messages is stored in your iCloud Backup, and your iCloud Backup is not end-to-end encrypted, then technically somebody could recover your Messages key from your iCloud Backup. The only way to avoid this and guarantee that your Messages conversations are truly secure is to either avoid storing Messages in iCloud or avoid using an iCloud Backup and backup your device locally to your Mac or PC.

To be clear, however, your iCloud Backups are still encrypted on Apple’s servers, and by extension on any third-party cloud services used by Apple. It’s just that Apple does hold the key to decrypt your iCloud Backups should it ever become necessary.

On the one hand, this ensures that users don’t lose years worth of important data because they forget their iCloud password, but of course, it also means that Apple can provide this information to law enforcement — when it’s legally required to do so.

Either way, however, it’s only Apple that can do this. Even though Amazon and Google provide some of the storage capacity for iCloud, Apple is just renting the raw storage space, and it has complete control over what it stores there and how securely it’s able to store it.