The U.K. Home Secretary’s office has reportedly asked Apple for access to user data stored in iCloud worldwide, according to a February 7 article in The Washington Post. Sources familiar with the matter expressed worries about tech companies being used for government surveillance. Apple hasn’t responded yet. However, back in March, the company told Parliament that the U.K. shouldn’t have the power to dictate how people around the globe use end-to-end encryption, which offers proven security benefits.
The U.K. made this request under the Investigatory Powers Act of 2016. This law gives law enforcement the ability to enforce compliance from companies when they seek evidence. In this case, the Home Secretary’s office issued a technical capability notice to Apple.
Meredith Whittaker, a consultant on encryption for the U.S. government and president of Signal, called the request “shocking.” She warned that if the U.K. goes ahead, it could create significant cybersecurity vulnerabilities that affect the global economy.
The proposed backdoor means the U.K. could access information uploaded by both personal and business users of Apple products, even if Apple itself can’t see that data because of its encryption. This would specifically open the door to information protected under Apple’s Advanced Data Protection, a feature introduced in 2022.
If the U.K. gets this backdoor, Apple may have to disable the Advanced Data Protection service. The FBI had previously criticized this feature for its inaccessibility during Donald Trump’s first term. Apple argues that any backdoor could be exploited by criminals or authoritarian regimes against their own citizens. Currently, Advanced Data Protection is available to Apple users for free, but The Washington Post notes that “most” users don’t activate it.
