The UK government had demanded that Apple create a backdoor in its encrypted cloud service, in a confrontation that challenges the US tech firm’s avowed stance on protecting user privacy, The Guardian reported.
The Washington Post reported on Friday that the Home Office had issued a “technical capability notice” under the Investigatory Powers Act (IPA), which requires companies to assist law enforcement in providing evidence.
The demand, issued last month, relates to Apple’s Advanced Data Protection (ADP) service, which heavily encrypts personal data uploaded and stored remotely in Apple’s cloud servers, according to the Post, which said this was a “blanket” request that applied to any Apple user worldwide.
The ADP service uses end-to-end encryption, a form of security that means only the account holder can decrypt the files and no one else can — including Apple.
Apple declined to comment. However, in a submission to parliament last year, it flagged its concerns about the IPA, saying it provided the government with “authority to issue secret orders requiring providers to break encryption by inserting backdoors into their software products.”
Reuters reported: Britain has ordered Apple to give it unprecedentedly broad access to encrypted user data stored on Apple’s data cloud, the Washington Post newspaper reported on Friday.
The UK government’s “technical capability notice” requires blanket access rather than merely assistance to access a specific account, the paper reported, citing unnamed sources.
Governments routinely ask technology companies for user data to crack criminal cases, but Britain’s’ sweeping demand, issued last month, has no known precedent in major democracies, the Post said.
Britain issues such notices under its Investigatory Powers Act of 2016, which combined with various existing powers on intercepting and obtaining communications.
While security officials say data encryption features make it harder to catch criminals, tech companies have long guarded their users’ right to privacy.
The Verge reported: Apple has been ordered by the UK government to create a backdoor that would give security officials access to users’ encrypted iCloud backups. If implemented, British security services would have access to the backups of any user worldwide, not jut Brits, and Apple would not be permitted to alert users that their inscription was compromised.
Apple’s iCloud backups aren’t encrypted by default, but the Advanced Data Protection option was added in 2022, and must be enabled manually. It uses end-to-end encryption so that not even Apple can access encrypted files.
In response to the order, Apple is expected to comply to stop offering Advanced Data Protection in the UK. This wouldn’t meet the UK’s demand for access to files shared by global users, however.
In my opinion, I don’t see why the UK government wants to gather encrypted data from Apple’s users. What are they hoping to find?