Ad
Image: TheClimateGroup/Creative Commons (2014)
Apple is taking legal action against the U.K. government over demands to weaken its strongest cloud security measures, arguing that compliance would jeopardize user privacy and set a dangerous precedence.
The Cupertino giant has taken the case to the Investigatory Powers Tribunal, the U.K.’s judicial body responsible for handling complaints regarding the use of surveillance powers by public authorities. It is challenging the legality of the Home Office’s order under the Investigatory Powers Act of 2016.
The government has neither confirmed nor denied the existence of its order demanding access to any material uploaded to Apple’s iCloud worldwide, as doing so is a criminal offense. However, Apple’s withdrawal of Advanced Data Protection from the U.K. last month suggests the dispute has escalated. iPhone, iPad, and Mac users in the country can no longer sign up for ADP, and existing users must disable it manually to retain iCloud access.
Apple’s stance on encryption and data security
When TechRepublic contacted Apple for comment, it referred us to a statement it made last month saying it is “gravely disappointed” that it can no longer offer Advanced Data Protection in the U.K.
Data stored under Apple’s Advanced Data Protection offers the highest level of protection the company provides, keeping information hidden even from Apple itself. Users have to sign up for Advanced Data Protection as an extra step on top of Apple’s default security measures.
“We have never built a backdoor or master key to any of our products or services and we never will,” an anonymous Apple representative wrote in a statement emailed to TechRepublic last month.
The Financial Times first reported Apple’s legal challenge, noting that the tribunal case could be heard in the coming weeks.
SEE: Apple Removes Thousands of Apps in EU Due to Digital Services Act Requirements
Must-read Apple coverage
US scrutiny, potential CLOUD Act violation, and widespread industry concerns
The U.K. government’s demand for access to encrypted data has drawn scrutiny from the U.S. and it is examining if the U.K.’s demand violates the CLOUD Act, according to 9to5Mac. The act restricts foreign governments from directly accessing encrypted data stored by U.S. companies.
If provided with access, the U.K. government would likely use the data held under Advanced Data Protection to target individuals already linked to crimes like terrorism and child sex abuse instead of wide swaths of the population, according to the BBC. Nevertheless, tech companies like Apple allege a backdoor would be used by criminals or by authoritarian governments against their citizens.
In 2016, Apple refused the U.S. government’s request to unlock the iPhone of a shooter in San Bernardino, California, citing concerns over compromising user privacy and setting a dangerous precedent for government access to encrypted devices.
Ad
