Business

UK government seeks back door to Apple data

Investigatory Powers Act can compel companies to remove encryption

The British government issued a secret order last month demanding that Apple create a "back door" to let it access iCloud user data. Photograph: Getty
The British government issued a secret order last month demanding that Apple create a "back door" to let it access iCloud user data. Photograph: Getty
Fri Feb 07 2025 - 19:58

The UK government has ordered Apple Inc to build a backdoor to give it access to global user data, in a move that could spark one of the biggest privacy fights in the iPhone maker’s history.

British authorities in an undisclosed order in January asked Apple to circumvent encryption that the company uses to secure user data stored in its cloud services, according to a person familiar with the matter.

The mandate orders Apple to provide access under the UK’s Investigatory Powers Act, a law that granted officials the authority to compel companies to remove encryption under what’s known as a “technical capability notice.” The law also makes it illegal for companies to reveal when the government has made such an order.

Apple declined to comment on the matter. In March 2024, it said “protecting our users’ privacy and the security of their data is at the very heart of everything we do” and said that it’s “deeply concerned the proposed amendments.”

READ MORE

“It’s an unprecedented overreach by the government and, if enacted, the UK could attempt to secretly veto new user protections globally preventing us from ever offering them to customers,” the company said at the time.

“We do not comment on operational matters, including for example confirming or denying the existence of any such notices,” said a spokesperson for the UK’s Home Office.

It appears the situation relates to the 2022 rollout of iCloud Advanced Data Protection, an optional feature that encrypts most data within a user’s iCloud account, including their text messages and device backups. One solution could be Apple disabling the mechanism for British users.

The development, reported earlier on Friday by the Washington Post, marks a significant escalation in a yearslong dispute over encryption and access to users’ private data between Western governments and technology companies.

Apple has previously resisted government pressure to weaken or circumvent encryption on the grounds that such a move would undermine privacy and cybersecurity. Authorities argue that they need to access user data to pursue national security and criminal investigations.

Caroline Wilson Palow, legal director at London-based rights group Privacy International, said that the UK was attempting to force Apple’s hand, and had “pulled the trigger” on one of its “most intrusive and potentially damaging” surveillance powers.

“As it has long threatened, the UK has finally moved against Apple in an attempt to undermine end-to-end encryption,” Wilson Palow said. “This overreach sets a hugely damaging precedent and may embolden abusive regimes the world over.”

Leading technology companies including Apple, Alphabet Inc.’s Google, and Microsoft Corp have raised concerns that UK authorities could force them to install a “backdoor” to circumvent their encryption.

Apple has defended using encryption in its products, saying that it was “critical to shielding everyday citizens from unlawful surveillance, identity theft, fraud and data breaches, and it serves as an invaluable protection for journalists, human rights activists and diplomats who may be targeted by malicious actors.” – Bloomberg

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning