Are the notes encrypted on Agenda servers?

suvidya.daftardar · March 9, 2019, 12:25am

Do Agenda App devs have access to notes/data that users save in the app? If so, are they encrypted or are they saved/logged in plaintext?

mekentosj · March 9, 2019, 12:28am

No, we don’t have access to your notes/data. We currently only allow sync through iCloud, which means your file are stored in your own iCloud container without anyone being able to access them but you. The notes never touch any servers we operate. Apple encrypts iCloud content but obviously has access in case of for example a court order.

We soon hope to add support for Dropbox, also here the files would be stored in your private dropbox that we would not have access to.

For both iCloud and Dropbox support we plan to add encryption of files before uploading so that in the future your notes are end-to-end encrypted.

anon60915393 · March 9, 2019, 9:58am

iCloud secures your information by encrypting it when it’s in transit, storing it in iCloud in an encrypted format, and using secure tokens for authentication. For certain sensitive information, Apple uses end-to-end encryption. This means that only you can access your information, and only on devices where you’re signed into iCloud. No one else, not even Apple, can access end-to-end encrypted information.

maurizio.bortolotti · March 9, 2019, 3:19pm

Is that really true… @anon60915393?

careilly · March 9, 2019, 8:31pm

Yes. They do however have access to iCloud backups.

anon60915393 · March 9, 2019, 9:32pm

Even backups on iCloud are in an encrypted format,
The exception is email.
This information is readily available to check.

careilly · March 9, 2019, 10:30pm

My understanding was that Apple still held keys for the encrypted backups. Weren’t the EFF on about that last week?

markcodedesign · March 12, 2019, 3:30am

I concur! Encrypting the notes before sending them to the iCloud would be a great feature to have.

mekentosj · March 12, 2019, 8:59am

This is correct, while the iCloud content is encrypted in storage, Apple has the keys. It’s indeed why we’d like to add encryption before sending it to iCloud, as @markcodedesign mentions, in a future update.

mikeagarza · April 8, 2019, 5:31pm

Looking forward to end-to-end encryption.

Thanks.

ted.hogan · August 18, 2020, 5:29pm

I look forward to end-to-end encryption being implemented as well.

rward681 · December 4, 2020, 10:59pm

Has there been any progress on this feature? As I’m learning more about privacy and data security, end-to-end encryption is becoming more and more appealing.

mekentosj · December 6, 2020, 11:28pm

No news yet, still on our list of things we’d like to improve. For the avoidance of any doubts, just want to repeat that we don’t store any notes on our own servers.

VincentP · January 19, 2023, 5:01pm

Hi! Are there any new details regarding the encryption before sending it to iCloud?

drewmccormack · January 20, 2023, 9:01am

No news at this point. It is something we would like to do in future. For now, we don’t encrypt the data, though Apple themselves do store it encrypted, and it is encrypted during transport to the cloud.

Apple have also added encryption options themselves which we could possibly take advantage of. Would need more investigation than we have time for right at this moment, but we hope to get to it.