Privacy experts are concerned following the UK government’s demand that Apple give it access to encrypted user data stored on Apple’s cloud. The government’s “technical capability notice” was issued secretly to Apple but later leaked to The Washington Post. The notice relates to the UK’s Investigatory Powers Act, which lets the government demand access to users from tech companies if it relates to national security and crime prevention.
The notice’s demand
The notice focuses on Advanced Data Protection (ADP), a feature that allows iPhone users to implement end-to-end encryption on their cloud so only they can access it. Though the specific wording of the notice is not known, it reportedly demanded blanket access to the cloud rather than particular accounts of concern.
This could mean that if Apple provided a backdoor, the UK would have access to phone backups, which include data like the location and messaging history of Apple users worldwide.
Apple has since withdrawn the ADP function from UK iPhones, apparently after refusing to comply, and US officials are investigating whether the order violates the CLOUD Act. This treaty prevents the US and UK from issuing demands for the data of each other’s citizens.
Widespread concern
Privacy experts worry that this could set a precedent for other governments to demand the same of not just Apple but also other tech companies offering data encryption. Other companies providing encryption in the UK, such as Meta, Telegram, and Signal, have not yet pulled any end-to-end encryption features. They also have not revealed if they have received a similar notice, though they are not legally permitted to.
Amnesty International has pointed out that this demand for a backdoor to customer data weakens data protection and security not just for suspected criminals, but all users. Right now, it’s just UK users, but if the tech giant complies, global users could be at risk of unlawful government surveillance and cybercrime.
Thorin Klosowski, a security and privacy activist at the Electronic Frontier Foundation, told The Verge:
“Even taken at face value, these sorts of backdoors put everyone at risk of hacking, identity theft, and fraud, because there is no way to ensure only the ‘good guys’ would have access. As we’ve seen in the past, bad actors will find a way into these backdoors.”
What now?
In recent days, Apple challenged the backdoor request at a legal tribunal in the UK. However, it was conducted behind closed doors and UK media organizations, including The Guardian, were not permitted to attend. So it remains to be seen whether the company’s challenge will be a success.
Cora is a digital copywriter for SSLs.com. Having eight years of experience in online content creation, she is a versatile writer with an interest in a wide variety of topics, ranging from technology to marketing.