The British government has demanded that Apple weaken security measures that keep people’s data private so that it can more easily access iCloud accounts and other services, according to a report from the Washington Post.
Security officials have asked the company create backdoor access through its security system, which would allow it to access data of users not just in the UK, but around the world, as part of criminal investigations. The request was reportedly made last month by Home Secretary Yvette Cooper in line with the newly expanded Investigatory Powers Act, a controversial piece of legislation informally as the “Snooper’s Charter” that permits surveillance by law enforcement and security and intelligence agencies.
Apple’s end-to-end encryption, which it calls Advanced Data Protection (or ADP), means that only you, the Apple account holder, can see what’s in your iCloud folder. End-to-end encryption is considered the gold standard in user privacy protections and not even Apple can get around ADP. Security experts argue that once backdoor access — of the kind the UK government is now requesting — is created, people’s accounts become vastly more vulnerable to hackers and other security threats.
The Home Office in a statement said it declined to comment on operational matters, including “confirming or denying” that it had issued Apple with a notice under the Investigatory Powers Act. Apple did not respond to a request for comment.
The Investigatory Powers Act is designed to help assist with the detection and prevention of serious crime, including terrorism and the spread child sexual abuse imagery. But it has also been widely criticized by technology companies, privacy campaigners and security experts as an example of government overreach.
Civil liberties group Big Brother Watch issued a statement on Friday urging the government to immediately rescind the “draconian order,” and cease attempts at employing mass surveillance. “We are extremely troubled by reports that the UK government has ordered Apple to create a backdoor that would effectively break encryption for millions of users – an unprecedented attack on privacy rights that has no place in any democracy,” it said.
Apple has previously said it would prefer to withdraw its services from the UK than weaken security. It could appeal the government’s demand, but is not allowed to delay implementing changes.
