IMHO this is sending a strong signal to people like myself who mainly use an iPhone for privacy reasons. Regardless of whether or not the data is only stored encrypted at the 3rd party, their willingness to compromise in this regard is a strong indicator for their future actions and their commitment to privacy and security.
While you're not wrong, this strikes me as the cost of doing business in China. For comparison, AWS and Azure both operate under local partners in China.
e: "strikes me as" == "is"; it's not really optional.
Precisely my point, but thanks for clarifying. The subtext I guess is that in my view it's worthwhile for Apple, even if I have personal qualms about the privacy implications. Then again, I would assume this won't affect non-Chinese region Apple/iCloud users.
>> Because the options are either do that or exit the country unfortunately.
> The subtext I guess is that in my view it's worthwhile for Apple
Exiting the country might be the most worthwhile long term choice for a company. China has clearly indicated, through it's actions, that it's mainly interested in technology transfer to shore up it's domestic competitors. It's not really interested in giving foreigners a fair shot at its market.
This might not be very true for Apple (as it's really mostly a luxury smartphone maker), bit it is for a lot of the companies that would like to do business there.
That cost of doing business seems to be getting more expensive all the time. At what point do we have to subsidize that cost with our own privacy and freedom?
Sadly the opposite might occur. Fake news is very useful. For corporations, it acts like PR/marketing channel. For nation-states it's a great propaganda channel.
What if the Communist Party of China was actually visionaries what the Internet could do for oppressive nation-states, if properly harnessed for the good of the party?
This was the hope with the internet here in the US. Hundreds of millions of users later, the average person seems even less informed on the world around them. Access is meaningless if good information is less appealing or is made to seem less credible than propaganda.
I was going to comment that I think the question referred to what course of action /Apple/ should take, but maybe fundamentally changing superstates is not off the table when you have multinational megacorp resources.
China adds so little value there I don’t think it would cause a blip. Then Apple would have decide somewhere else to do that with the right supply chain in place.
Revolutionary one - unlock the iphone bootloader and let users use their devices in the ways they want. Which will make it a lot harder to censor in a central way.
I would much prefer that the license and information from apple explicitly stated that this chinese firm will only be able store and access data from chinese accounts and there is a very secure barrier between the two. However, given this paragraph
They include a clause that both Apple and the Chinese firm will have access to all data stored on iCloud.
It makes me really worried about apples commitment to privacy.
How about a notice on iCloud reading something like "iCloud is not available in your country due to local government regulations that are in conflict with our position on personal privacy. We are sorry for the inconvenience."
Google did that (actually took an even stronger stance). But if competitors don't do the same, then nothing changes and you are just ceding the market to them.
To be clear, I am not advocating that companies should bow down on their principles, just that it needs to be a more coordinated effort across companies, and might need new technical solutions to evade government firewalls etc.
While I am cynical that my wishes would come true, I do respect the companies that take a moral stance against their own business interests, which includes Google in China and Apple in the US.
Many countries have such limitations, not only China requires data to be stored "in the country", but also Russia. I've been in a situation, where an international product got "forked" into a daughter-company-controlled China-only product. Nothing escaped this Chinese sandbox, and nothing got into either.
Apple has always made clear that information stored on their iCloud service were subject accesses by a third party with the proper authority. Whether this third party is US or Chinese does not change anything.
Only the information that is resident on your phone with the Secure Enclave is tamper resistant.
I don't buy into this line of reasoning, because it inverts the relationship. Of course Apple has to hand over access to authorities if there's a lawful reason behind it, just like e.g. a private person has to oblige to a search warrant. But in this case they hand over their infrastructure to an untrusted party in order to conduct business in the first place.
Again, it's not so much about what the firm can actually do with the infrastructure (ideally, it's a black box that only the user can access with the correct key), but what compromise they're willing to make in order to conduct business. Privacy has become a selling point for Apple, and actions like these signal how serious they are about it.
Blackberry went through the same issue with the a similar outcome.
Personally, I see this as a positive development, as it signals that the company is doing what it claims to, promoting the PRC to get the same accommodation that Office 365 delivered versus giving the state the level of access it demands.
If you feel strongly or have a requirement to control your account principal, you should not be using a third party identity store.
No, but who cares? Tencent, Baido, etc are not globally competitive, but they are very fine.
You know what else is not going to make European tech industry globally competitive? The chronic lack of money, because it's all siphoned away by google, amazon, apple, and such. Do we need a global competition? Why?
An internal competition in a huge market is good enough. China encouraged the development of a strong internal market: and they are innovating like crazy. Europe is big enough to do the same.
China is one country where the majority speaks a handful of languages (please don't attack me if this comment is ignorant, be nice)
But is it easy to get the EU countries to even agree on any of this stuff? (Genuinely asking, cuz I imagine it's insanely hard because each country has their own culture and priorities)
It's not a simple manner of translation, it has to be culturally localized. Burger King can't just sell beef burgers in India by translating their menu language.
It's a lot easier for a Western business to translate their UI to German or French, than it is to Chinese or Japanese. Input methods alone are an issue that calls for interaction UX to be designed differently.
I'm talking about the fact that the cultural difference between the US and Europe is smaller, so US services can be easily consumed by Europeans with just language localization.
The same is not true for China. It is easy for US firms to serve Europeans by localizing language, ergo European firms face global competition from US firms with a lower barrier.
It is more difficult for US firms to serve the Chinese market, even if you have perfect language localization. The cultural differences are larger than US<->Europe. Even before the Chinese government got protectionist, US firms had trouble competing in China.
We've seen lots of tech companies launched from the UK, Germany, and Scandinavia, but less so from other regions. Perhaps it would be better to ask what is it about say, Italy, or France's internal markets that makes tech harder to find investment for locally.
Chinese government before being protectionist it was communist and closed: there never was a period without protectionism in China. Chinese economy has always been fully regulated, especially in the 90s. In other words, there is not much sense in your post, and it signals you don't know what you are talking about…
Either-or fallacy. The regulations before proscribed levels of ownership, joint venture requirements, and contraband goods but direct Chinese interference to limit outside interference and benefit local competition have grown a lot worse under Xi compared with Hu and Jiang. Prior to that, China had no choice but to accept FDI join ventures, so for example, that’s why you see lots of Chinese manufactured Fords, Buick’s, Audis, and Volvos driving around. Once they have mastered building quality cars, then they’ll impose quotas and other rules to try and encourage buying local companies over joint ventures.
There was a time when Western companies were flying under the radar during the first half of Hu’s term allowing JV market share to expand significantly.
Maybe we're not so far from an European Great Firewall decades down the line- to stop Five Eyes spying (once the U.K. is no longer an EU member state) or from monopolistic Google privacy infringement or whatever. Economics can be determined by geopolitics.
Seconded. Certain level of protectionism is good for business, Trump has proved that. We need to decentralize/democratize the tech industry across the globe, not concentrated in US.
EU should start providing incentives to local companies to build their own business that serve its own people, other than becoming US's satellite states.
Other countries need to reciprocate this action. If you're a Chinese company and you collect user data, that data will be managed by a third party company that is owned by the host nation and if you don't like it, you have to leave the country. This should be a retaliatory measure. There's no reason Chinese companies should get to gobble up Dutch data or something and then inevitably use that for spam and scam, and then cry foul about some other company gathering user data about Chinese users. I don't have an issue with China, but when they do these types of things, then I believe other countries should reciprocate the action. China can either play fair, or lose access to other international markets and just sell products locally to China.
Don't mention Trump on this forum even if you preface what you say with disdain. You'll never go positive.
I agree that the US/EU needs to be harder on China. Its been very one sided in recent years. The real issue, I think, is their disregard for intellectual property. You bend over backwards to get into their market, then a year later a government backed firm with an identical product puts you out of business. They won't get away with that for long, believe you me.
Money trumps principles plain and simple. My guess is this will continue until the day Apple sales in China decline below a certain level, then they’ll be a ‘brave, principled’ decision announced that they are shutting down iCloud in China or withdrawing from the market altogether.
If I was Apple then,
I’d start investing some of that $200 billion they have in the bank in some advanced nonchinese manufacturing. Get some balls like Elon Musk and take some risks.
I absolutely believe Apple's foray into China is a huge misstep for the Apple brand.
Imagine when all the censorship and surveillance and the actions taking with personal data start surfacing, they're going to very quickly try to get out. Apple pulling VPN apps off the App Store is just the beginning.
It may be a big market, but I think Apple shouldn't be there under the Apple name, because stuff like this shows me that it's literally a different company.
Why do people in USA care about what the Chinese government does? It's not like you are willing to take care of it's citizens, but the Chinese government has a responsibility and they seem to be trading off fairness so fewer people are impoverished.
Shareholders demand growth and Apple entering China is a way for them to grow. If Cook says "fuck it, we pack our shit and leave China", the board will quickly replace him because there's simply too much money to be made in China for Apple.
That might be a mistake. Once Apple makes a deal with China, Russia will ask for the same deal. Russian government want to keep the data in their country too.
There is not a single Apple Store currently in Russia. All apple products are available online only. I think Russia will have 0 leverage to make apple to go thru all the troubles.
The difference is that it’s within Apple’s rights in the US to refuse to cooperate with a warrant in the way that they did. The constitution of the United States has strong protections for individuals’ privacy from the state.
This is not the case in China.
In both cases, they are protecting user privacy to the greatest extent they can by law.
Secondly, Apple is not handing the keys to their system over to China. Instead, they are deploying a separate system for Chinese accounts to preserve the privacy and security of all other accounts. And finally, they are not compromising the Secure Enclave or any device security features.
Who is "They"? If it is "Tim Cook", then Tim Cook has the right to be CEO and do business in China, or get fired. If you mean Apple stock holders, I'm sure they wouldn't be happy about taking a huge hit on their second or (at times) first largest market. Would you be willing to slice your retirement savings in half for this?
Google pulled out of China, so some times companies put principles before short term profit. Something Tim Cook have claimed apple also does, but apparently not in regards to China.
Google wasn't making > 25% of their money in China. I applauded Google's move when they did it back then (and I worked down the street from their Wudaokou office), but it is completely obvious why Apple, as a public company who makes a lot of money in China, can't pull out now.
Your comment just proved his point that Apple puts their Chinese profits over their user's privacy. What percentage of Google's profits would come from China had they stayed there and acquiesced to the government demands? 15%? 20%? I wonder how much profit Google has missed out on by not doing business in China.
It isn't there choice! Apple isn't a person, you have to understand that. Apple is your retirement fund or whatever investment, its a public company. Tim Cook can either say "I want us to be in China" or he can leave, because no sane board is going to let him stay and say otherwise. Blame capitalism, blame human desire for money, whatever, but don't blame the company for choosing the only option it had.
Google didn't miss out on much at all, it was clear way before they pulled out that they wouldn't be allowed to go very far in search. Also, Google only pulled out of search in China, they actually still do plenty of business in China.
I’d agree, but that doesn’t necessarily mean it’s not true. I could see Apple trying to keep certain data encrypted in private in exchange for other less important data being “open“.
This just reminds me of that subthread in yesterday's Facebook home device post where people were ranking tech companies. A lot of people put Apple first on respect for privacy.
It's good to have a reminder of the nature of corporations so soon after that. Tools for users to take privacy and security into their own hands need to be made accessible enough to make it truly matter.
Its like herd immunity with vaccinations: it doesn't matter that you use encryption and block trackers if all the people around you provide enough data to make inferences about the private few.
A counterpoint here: Consider American subpoenas, court order, FISA warrants and the like. Remember that FISA warrants are secret! Having the data managed by a US company has these consequences. Perhaps you trust the US government more than you trust the Chinese government... that is very reasonable, to be sure. But it makes so much more sense that your data is subject to the law in the country you reside in, rather than the laws of a foreign power.
This is not even remotely hypothetical. Making everyone's data accessible to organizations and people subject to US court orders is bad for privacy.
This kind of thing will be happening more and more, and not just China and Russia, but also the EU. So it won't just be that Chinese users can be spied upon by the Chinese government. It will also be true that it will be more difficult for the US to spy on citizens of other countries.
In some respects I'd rather have my data managed by a Chinese company than a British one.
It's exponentially more difficult for the Chinese government to wield data against me than it is for the British government, as I do not live somewhere where the Chinese government has any power over me.
The point was that sometimes it's better to have your data managed by a foreign government. Not that the Chinese government is somehow better than any other arbitrary government. If you live in China, feel free to mentally switch "Chinese" and "British".
It's exponentially more difficult for the Chinese government to wield data against me than it is for the British government, as I do not live somewhere where the Chinese government has any power over me.
It depends mostly on the nature of the data, and how much interest they have in you. If the data is damning enough, and they would find value in using it against you, then the Chinese government is perfectly able to hire someone to do so.
Anyone in China who is significantly wealthy is effectively involved in politics, with potentially life and death consequences. To stay under the radar, you have to stay at the level of inconsequential small fry.
Right, but if you're not in China at all, the Chinese government don't care about you.
So it's (in some respects) safer to have your data managed in a foreign country than in the country you live in, as a counterpoint to the claim that "it makes so much more sense that your data is subject to the law in the country you reside in".
Right, but if you're not in China at all, the Chinese government don't care about you.
In the vast majority of cases, yes. In an absolute sense, no.
So it's (in some respects) safer to have your data managed in a foreign country than in the country you live in, as a counterpoint to the claim that "it makes so much more sense that your data is subject to the law in the country you reside in".
> So it's (in some respects) safer to have your data managed in a foreign country than in the country you live in, as a counterpoint to the claim that "it makes so much more sense that your data is subject to the law in the country you reside in".
To clarify, I'm saying it makes sense from a legal and societal perspective, not from a personal privacy perspective.
Perhaps on an individual level it's true that moving accounts off-shore can be advantageous (although the flip side of ceding your data to a regime that isn't responsible to you in the slightest is that they have even less reason not to misuse it if it ever benefits them). But on a societal level if everyone followed this tactic we would all be worse off, especially if the foreign government is not a liberal democracy or otherwise at odds with your home country.
I'm not sure Apple had any choice here. They can still be good for privacy in your country but they still have to play by the rules of the country they are operating in.
They have the choice to exit the Chinese market rather than comply with these insidious demands. The point OP is making I think is that if Apple valued privacy, then exiting the market rather than comply is the decision they would have made.
I'm interest what is going to happen about that starting from 25 May 2018 when the GDPR from the EU becomes enforceable.
A good thing about these data regulations is that they can not only be brought to court by private individuals, but by also by dedicated officials from the nations.
Another chance for Apple to stand up and do the right thing, and it flinched because it would rather have money than morals.
And don't give me the standard amoral shareholders whine. Apple is already on record as saying it would rather do the right thing than make money, and if investors don't like it they can go pound sand.
Now Apple's sold out a billion people.
How long until the Chinese government requires access to the Secure Enclave chips in iDevices?
I guess I understand. It is either the market or the privacy and security of their Chinese user. They chose the market so all of our retirement funds still hold their face values.
They aren't the first. Microsoft/Skype had to outsource PRC Skype account's to TomTom, Azure has to outsource its PRC cloud operation to a Shanghai utility company, and so on.
Apple's compliance with Beijing is morally weak but financially strong, not just for them but for Apple Developers.
A month ago, Apple noted that it has 1.8 million developers in China (and/or developers publishing to China -- not clear to me). At any rate, the Apple platform has made those developers $17 billion dollars.[1]
So China is big business for Apple developers and I assume many of those developers are US/CA/EU/AU/etc. who benefit from the platform being available in China.
It's possible that someone could view Apple's decision to compromise its customers privacy to remain in the Chinese market as "morally strong". I would like to hear a defense of that position if someone held it.
Apple's decision appears to be legally compliant but morality must transcend legality in my worldview. i.e. the "good men" argument per Emerson or others
> iCloud accounts registered outside of China are not affected.
What exactly does this mean? What makes an online account registered in a geographic location? Is it determined by where the iphone is bought, the IP addresses when the registration is made, the email account used for the registration or something else?
As of early 2018, national boundaries combined with linguistic barriers are still more powerful than the internet. Could this change with low Earth orbit satellite internet? (Given the precedents to date, I'd expect the Chinese government to jam the signals or otherwise intervene.)
Not as long as payments go through the current financial system. If you’re using a US credit card, with a US billing address, to transact with a company, then you are “US registered” regardless of where your packets are routed. Until it’s possible/mainstream to decouple identity from payment, your payment method will always be the weakest link.
Resistance is useless. WeChat, QQ, AliPay and other complied third-party online services are more than enough. As long as you are connected in the Matrix, it has you.
They're "good faith" is asking customers to read the Apple Terms and Conditions...
I hate to reference Orwell, but the fact that Apple convinced us all to lie by saying we'd read the T&C and now are telling us that there's "important" information in this unreadable document seems like classic Orwell.
If you ever needed a sign that Apple cares more about making money than their user's privacy than this is it. If Apple really respected their user's privacy than they should take a stand and lets the chips fall where they may. If this is the cost of doing business in China then perhaps Apple should rethink its strategy.
This just shows to what extent Apple is willing to bend its rules for China. They're just too dependent on China. China has upper hand here. I've a feeling that one day China might ditch Apple.
123 comments
[ 3.1 ms ] story [ 125 ms ] threade: "strikes me as" == "is"; it's not really optional.
> The subtext I guess is that in my view it's worthwhile for Apple
Exiting the country might be the most worthwhile long term choice for a company. China has clearly indicated, through it's actions, that it's mainly interested in technology transfer to shore up it's domestic competitors. It's not really interested in giving foreigners a fair shot at its market.
This might not be very true for Apple (as it's really mostly a luxury smartphone maker), bit it is for a lot of the companies that would like to do business there.
That would seem to limit the scope of what Chinese authorities can access.
What if the Communist Party of China was actually visionaries what the Internet could do for oppressive nation-states, if properly harnessed for the good of the party?
They include a clause that both Apple and the Chinese firm will have access to all data stored on iCloud.
It makes me really worried about apples commitment to privacy.
To be clear, I am not advocating that companies should bow down on their principles, just that it needs to be a more coordinated effort across companies, and might need new technical solutions to evade government firewalls etc.
While I am cynical that my wishes would come true, I do respect the companies that take a moral stance against their own business interests, which includes Google in China and Apple in the US.
Apple has always made clear that information stored on their iCloud service were subject accesses by a third party with the proper authority. Whether this third party is US or Chinese does not change anything.
Only the information that is resident on your phone with the Secure Enclave is tamper resistant.
Again, it's not so much about what the firm can actually do with the infrastructure (ideally, it's a black box that only the user can access with the correct key), but what compromise they're willing to make in order to conduct business. Privacy has become a selling point for Apple, and actions like these signal how serious they are about it.
Personally, I see this as a positive development, as it signals that the company is doing what it claims to, promoting the PRC to get the same accommodation that Office 365 delivered versus giving the state the level of access it demands.
If you feel strongly or have a requirement to control your account principal, you should not be using a third party identity store.
You know what else is not going to make European tech industry globally competitive? The chronic lack of money, because it's all siphoned away by google, amazon, apple, and such. Do we need a global competition? Why?
An internal competition in a huge market is good enough. China encouraged the development of a strong internal market: and they are innovating like crazy. Europe is big enough to do the same.
But is it easy to get the EU countries to even agree on any of this stuff? (Genuinely asking, cuz I imagine it's insanely hard because each country has their own culture and priorities)
Is having a different language a big deal? Also no.
European citizens have better English proficiency and no great firewall, hence the transaction barriers to consuming global services are easier.
I’m afraid you have to be globally competitive unless the EU wants a Great Firewall.
It's just a political choice. It's not a fact of life. Better regulation and better taxation of capitals would "firewall" Europe as well.
As I said below, language has never been an issue. Nobody is using google because is in English. Google is well translated everywhere.
Europe’s problem with tech investment isn’t because of existing big tech players.
"better" yes, but not good enough to make American products successful unless they are translated
It's a lot easier for a Western business to translate their UI to German or French, than it is to Chinese or Japanese. Input methods alone are an issue that calls for interaction UX to be designed differently.
The same is not true for China. It is easy for US firms to serve Europeans by localizing language, ergo European firms face global competition from US firms with a lower barrier.
It is more difficult for US firms to serve the Chinese market, even if you have perfect language localization. The cultural differences are larger than US<->Europe. Even before the Chinese government got protectionist, US firms had trouble competing in China.
We've seen lots of tech companies launched from the UK, Germany, and Scandinavia, but less so from other regions. Perhaps it would be better to ask what is it about say, Italy, or France's internal markets that makes tech harder to find investment for locally.
lol.
There was a time when Western companies were flying under the radar during the first half of Hu’s term allowing JV market share to expand significantly.
China’s economy hasn’t been communist since Mao.
EU should start providing incentives to local companies to build their own business that serve its own people, other than becoming US's satellite states.
Could you link to some articles about this?
PS: don't make this a Trump hate sub thread. Stay on topic if you reply to me
I agree that the US/EU needs to be harder on China. Its been very one sided in recent years. The real issue, I think, is their disregard for intellectual property. You bend over backwards to get into their market, then a year later a government backed firm with an identical product puts you out of business. They won't get away with that for long, believe you me.
What year do you predict they will no longer get away with it?
Imagine when all the censorship and surveillance and the actions taking with personal data start surfacing, they're going to very quickly try to get out. Apple pulling VPN apps off the App Store is just the beginning.
It may be a big market, but I think Apple shouldn't be there under the Apple name, because stuff like this shows me that it's literally a different company.
It's simply not worth the business.
Apple to China: Here are the keys
This is not the case in China.
In both cases, they are protecting user privacy to the greatest extent they can by law.
Secondly, Apple is not handing the keys to their system over to China. Instead, they are deploying a separate system for Chinese accounts to preserve the privacy and security of all other accounts. And finally, they are not compromising the Secure Enclave or any device security features.
Google didn't miss out on much at all, it was clear way before they pulled out that they wouldn't be allowed to go very far in search. Also, Google only pulled out of search in China, they actually still do plenty of business in China.
The data may be stored with a Chinese company but it’s still encrypted isn’t it? They can’t read it can they?
If the Chinese firm couldn't read the data access would be pretty pointless me thinks.
It's good to have a reminder of the nature of corporations so soon after that. Tools for users to take privacy and security into their own hands need to be made accessible enough to make it truly matter.
Its like herd immunity with vaccinations: it doesn't matter that you use encryption and block trackers if all the people around you provide enough data to make inferences about the private few.
This is not even remotely hypothetical. Making everyone's data accessible to organizations and people subject to US court orders is bad for privacy.
This kind of thing will be happening more and more, and not just China and Russia, but also the EU. So it won't just be that Chinese users can be spied upon by the Chinese government. It will also be true that it will be more difficult for the US to spy on citizens of other countries.
It's exponentially more difficult for the Chinese government to wield data against me than it is for the British government, as I do not live somewhere where the Chinese government has any power over me.
It depends mostly on the nature of the data, and how much interest they have in you. If the data is damning enough, and they would find value in using it against you, then the Chinese government is perfectly able to hire someone to do so.
Anyone in China who is significantly wealthy is effectively involved in politics, with potentially life and death consequences. To stay under the radar, you have to stay at the level of inconsequential small fry.
So it's (in some respects) safer to have your data managed in a foreign country than in the country you live in, as a counterpoint to the claim that "it makes so much more sense that your data is subject to the law in the country you reside in".
In the vast majority of cases, yes. In an absolute sense, no.
So it's (in some respects) safer to have your data managed in a foreign country than in the country you live in, as a counterpoint to the claim that "it makes so much more sense that your data is subject to the law in the country you reside in".
There is a point to that.
That’s ,at best, less than clear, considering the actions attributed to PLA Unit 61398.
To clarify, I'm saying it makes sense from a legal and societal perspective, not from a personal privacy perspective.
A good thing about these data regulations is that they can not only be brought to court by private individuals, but by also by dedicated officials from the nations.
ex. Facebook Germany should handle all its specific speech laws rather than trying blanket global speech to Germany or EU specific laws.
Though at that point you start losing advantages at scaling depending on implementation.
And don't give me the standard amoral shareholders whine. Apple is already on record as saying it would rather do the right thing than make money, and if investors don't like it they can go pound sand.
Now Apple's sold out a billion people.
How long until the Chinese government requires access to the Secure Enclave chips in iDevices?
A month ago, Apple noted that it has 1.8 million developers in China (and/or developers publishing to China -- not clear to me). At any rate, the Apple platform has made those developers $17 billion dollars.[1]
So China is big business for Apple developers and I assume many of those developers are US/CA/EU/AU/etc. who benefit from the platform being available in China.
[1] https://www.cnbc.com/2017/12/03/apples-tim-cook-says-develop...
It's possible that someone could view Apple's decision to compromise its customers privacy to remain in the Chinese market as "morally strong". I would like to hear a defense of that position if someone held it.
Apple's decision appears to be legally compliant but morality must transcend legality in my worldview. i.e. the "good men" argument per Emerson or others
What exactly does this mean? What makes an online account registered in a geographic location? Is it determined by where the iphone is bought, the IP addresses when the registration is made, the email account used for the registration or something else?
To answer your question... I hope not. But perhaps we are already there. Boiling frog etc.
Resistance is useless. WeChat, QQ, AliPay and other complied third-party online services are more than enough. As long as you are connected in the Matrix, it has you.
I hate to reference Orwell, but the fact that Apple convinced us all to lie by saying we'd read the T&C and now are telling us that there's "important" information in this unreadable document seems like classic Orwell.
Unless you live in China in which case your fundamental human rights take a back seat.
I did a Google translate on their Chinese web page:
"At Apple, we treat privacy as the fundamental right of everyone."[2]
Perhaps Google translate messed up and missed the "human rights" part from the Chinese translation, but I'm guessing it didn't.
[1]https://www.apple.com/privacy/
[2]https://www.apple.com/cn/privacy/
This link might come handy: https://support.apple.com/en-us/HT201389
All you need is a foreign credit/debit card.