It's encrypted at rest, but Apple has the decryption keys, and will give up your customer data when asked to by the government[1]. Also, iCloud photos are not encrypted[2].

[1] https://www.apple.com/legal/transparency/us.html

[2] https://support.apple.com/en-us/HT202303

> Also, iCloud photos are not encrypted[2].

According to the table on the second link iCloud Photos are encrypted on the server (at rest). Am I missing something?

They are encrypted at rest. This protects from someone hacking in to Apple, getting the data on disk but somehow not getting the keys, which Apple also possesses.

Apple (and thus, LEO) absolutely can look at your photos on iCloud. What you are missing is that "encrypted at rest" is essentially "not encrypted in any meaningful way".

This is more from Schneier's book, but I would say the most import reason E2E encryption should be the default is that in the event of a data breach, nothing would be lost. If a company's servers are hacked, they'd have access to the symmetrical encryption keys, and therefore all of the data. It also ensures that the company can't be selling/sharing your data, as they don't have access to it in the first place.

Edit: I also meant iCloud backups in my original post and how Apple can decrypt your E2E encrypted iMessages with the key the backups contain. But I posted it last night and couldn't edit it once I caught the error. It would be amazing for other iCloud services to have E2E encryption so long as the implications of iCloud backups having your encryption keys is stated front and center when choosing to opt-in.

What are the advantages of having unencrypted cloud backups? The only advantage is that authoritarian governments can better control their citizens. Apple is playing on the side of dictators instead of protecting their users.

> What are the advantages of having unencrypted cloud backups?

Unsophisticated users who have lost or forgotten their passphrase can recover their data.