Following the government’s demand for access to user data, Apple is taking the extraordinary step of removing its most advanced data security measure from UK users.
Through a procedure called end-to-end encryption, Advanced Data Protection (ADP) ensures that only account users may read things like documents or images that they have stored online.
However, early this month, the UK government requested access to the data, which is now unavailable to even Apple.
Apple has continuously rejected opening a “backdoor” in its encryption service, claiming that if it did, it would only be a matter of time until malicious actors also managed to get in. The company did not respond at the time.
The digital behemoth has now determined that ADP activation in the UK will no longer be feasible.
It implies that not all UK consumer data kept on Apple’s cloud storage service, iCloud, will eventually be completely protected.
Apple has access to data with standard encryption and can share it with law authorities with a warrant.
The Home Office stated to the BBC: “We do not comment on operational matters, including for example confirming or denying the existence of any such notices.”
Apple stated in a statement that it was “gravely disappointed” that British consumers will no longer be able to use the security feature.
“As we have said many times before, we have never built a backdoor or master key to any of our products, and we never will,” it continued.
The ADP service is opt-in, meaning people have to sign up to get the protection it provides.
From 1500GMT on Friday, any Apple user in the UK attempting to turn it on has been met with an error message.
Access for current users will eventually be terminated.
Since ADP was made available to British Apple customers in December 2022, the number of persons who have joined up is unknown.
Surrey University cyber-security specialist Prof. Alan Woodward called it a “very disappointing development” that amounted to “an act of self harm” on the part of the government.
He told the BBC that the UK was “naïve” to “think they could tell a US technology company what to do globally” and that “all the UK government has achieved is to weaken online security and privacy for UK based users.”
According to online privacy expert Caro Robson, a corporation “simply withdrawing a product rather than cooperating with a government” is “unprecedented.”
“It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments,” she stated to the BBC.
Former senior executive Bruce Daisley of X, formerly known as Twitter, stated on BBC Radio 4’s PM program: “Apple saw this as a point of principle – if they were going to concede this to the UK then every other government around the world would want this.”
What did the UK ask for?
The Home Office made the request in accordance with the Investigatory Powers Act (IPA), which requires businesses to give law enforcement information.
The BBC and the Washington Post spoke to many people with knowledge of the situation, but Apple declined to comment on the warning and the Home Office would neither confirm or deny its existence.
Privacy activists fiercely criticized it, calling it a “unprecedented attack” on people’s private information.
WhatsApp CEO Will Cathcart voiced his reservations about the government’s request in a response to a post on X last week.
He wrote: “If the UK forces a global backdoor into Apple’s security, it will make everyone in every country less safe. One country’s secret order risks putting all of us in danger and it should be stopped.”
Two senior US politicians said it was so serious a threat to American national security that the US government should re-evaluate its intelligence-sharing agreements with the UK unless it was withdrawn.
ICYMT: Ghana Unveils Activities for 68th Independence Day Celebrations
It is not clear that Apple’s actions will fully address those concerns, as the IPA order applies worldwide and ADP will continue to operate in other countries.
According to Senator Ron Wyden, one of those US senators, Apple’s decision to remove end-to-end encrypted backups from the UK “creates a dangerous precedent which authoritarian countries will surely follow,” as reported by BBC News.
According to Senator Wyden, the action would “seriously threaten” the privacy of US users and will “not be enough” to persuade the UK to renounce its demands.
Apple expressed regret for the measures it had taken in its statement.
“Enhancing the security of cloud storage with end-to-end-encryption is more urgent than ever before,” it stated.
“Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in future in the UK.”
The NSPCC wants digital companies like Apple to make sure they are striking a balance between user and kid safety and privacy, according to Rani Govender, policy manager for child safety online.
“As Apple looks to change its approach to encryption, we’re calling on them to make sure that they also implement more child safety measures, so that children are properly protected on their services,” she stated to BBC News.
According to the UK children’s charity, end-to-end encrypted services can make it more difficult to detect the distribution of child sexual abuse material (CSAM) and other child safety and protection initiatives.
“The trouble with this long-running debate, zero-sum debate about encryption and child protection is that the tech companies can come out sounding incredibly callous, but that’s not the point,” Emily Taylor, co-founder of Global Signal Exchange, which offers insights into supply-chain scams, said, adding that encryption is more about protecting consumer privacy and that it is not the same as the dark web, where CSAM is typically distributed. “Encryption is something that we use every day; whether it is communicating with our bank, whether it is on messaging apps that are end-to-end encrypted, encryption is a form of privacy in an otherwise very insecure online world.”
“The Trump administration is troubled by reports that some foreign governments are considering tightening the screws on US tech companies with international footprints,” US Vice President JD Vance stated in a speech at the AI Action Summit in Paris at the beginning of February, referencing the growing pushback in the US against foreign regulation being imposed on its tech sector.
SOURCE: BBC
