It’s being reported that the British government secretly ordered Apple to create a security backdoor into all content uploaded by iCloud users anywhere in the world.
Apple is certain to refuse the demand, leading to the possibility of a similar privacy stand-off to the one seen between the iPhone maker and the FBI back in the San Bernardino shooter case …
British government demands iCloud backdoor
The Washington Post reports that the order was sent to Apple last month.
Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud, people familiar with the matter told The Washington Post.
The British government’s undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies.
Given Apple’s strong privacy stance, there seems absolutely no prospect of the company agreeing to the demand, raising the prospect of a court battle similar to that seen in the 2016 case with the FBI.
In that case, the US government demanded that Apple create an iOS backdoor to help the FBI break into an iPhone belonging to a suspected shooter. Apple refused, and the case went to court. The drama eventually ended when the law enforcement agency managed to gain access via a third-party company without Apple assistance.
9to5Mac’s Take
The British government’s demand is as technically clueless as it is outrageous.
First, much of the data is protected by end-to-end encryption (E2EE). This means that Apple does not hold a copy of the key, and would be unable to decrypt it.
Second, even for the data Apple could supply, there are already legal mechanisms in place for law enforcement agencies to request it. They simply need to go to a judge to apply for a court order. The judge will weigh the interests of justice against those of privacy and make an individual determination based on the specific circumstances in that case. Where a judge agrees to issue a court order, Apple complies with these to the extent that it is able to do so.
There is absolutely no justification whatsoever for any government to have uncontrolled access to the personal data of every iCloud user on the planet.
We know that Apple will refuse, not only because it did so in the San Bernardino and Pensacola cases, but because we’ve been down this road before in the UK.
Back in 2023, the British government demanded access to iMessages and FaceTime calls, both of which are end-to-end encrypted. Apple would have had no way to comply without removing E2EE, and it refused to do so, saying it would withdraw the services from the UK rather than comply.
In the end, the government backed down, issuing an unconvincing statement about “postponing” the measure. Both past and present UK governments have voted in favor of repressive legislation granting widespread powers to spy not just on their own citizens but on tech users worldwide.
Photo by Dima Pechurin on Unsplash
FTC: We use income earning auto affiliate links. More.
