Actually I don't have to find their white paper or audit trail, these are compliance laws put forth by the Government, not abiding by these could put them under. You really should look up HIPAA, FERPA, FIPS, and PCI-DSS before you start asking me for a source. Also there is a federal requirement that all business that make over x number of dollars have to have an audit done yearly, as the profits go up, this may become quarterly. In dealing with customer data, they are also required to have security audits performed (penetration tests) done on a regular schedule to ensure compliance. Such as SOC 2 and SSA compliance.
I don't think you understand the fact that Apple provides encryption to user submitted data based on a law that tells them they have to. They aren't just saying this. It would put them out of business to be hit by a lawsuit that big, and I think the recent case with the locked iPhone states that they go above and beyond with user privacy in mind.
Also to be compliant in most of these compliance laws, the organization MUST have an external auditor. They can perform as many internal audits as they want to be proactive but none of that matters when they are up for review.
Microsoft, Google, Amazon, Apple, and Ebay all have to do this. (just naming a few for example) What services they offer depend on what compliance laws they have to be externally audited for.
And I'm sorry that my post was too long for you, I spent the time to write it, you can read it. Personally I feel as though if you can't take the time to read something that long then you shouldn't have any business posting about how you don't trust a company, because it means you haven't taken the time to actually try to understand how compliance laws protect you.
Last edited:
