Security is a tough challenge, and it just got tougher. The UK Government has secretly asked Apple to lower the security of its services. That’s why my colleagues and I are taking them to court.
At Privacy International, we constantly face tough decisions about data storage and security, as does any organization. We worry about where our data lives and how well it’s protected, especially when it’s stored on external servers. Our stance is clear: secure the data. We rely on encryption to safeguard that information.
But then there’s my phone. It holds tons of personal and family information alongside work data—emails, chats, contracts, reports, travel details. It all mixes together, making it hard to separate personal from professional. And like millions, my data flows into Apple’s servers.
In August 2024, everything changed for me. After the Russian invasion of Ukraine, the Russian government published a list of people they considered part of a “hostile agenda” against them. I found my name there. While I don’t plan to visit Russia, the fact that I’m labeled as an opponent feels like a looming threat.
That pushed me to strengthen my home network and the devices my family uses. I activated every security feature I could find. It felt like the responsible thing to do.
But now, that layer of security is being threatened by the UK Home Secretary. In February, the Washington Post reported that Apple had received an order from the UK Government to weaken security features on its services. Apple hasn’t commented publicly, but soon after, they announced plans to remove that control in the UK. This means I’ll lose my ability to manage my own security.
I feel exposed and unsafe, especially when it comes to my family’s protection. If this path doesn’t change, we’ll lose security over the private details of our lives—the recipes saved for family dinners, photos from school plays, videos from past Christmases. It’s not just our family life; it’s also the vital work I do with lawyers and rights defenders globally.
We’re pursuing this case because everyone deserves privacy and security.
We believe that the UK’s move to undermine encryption could ripple across the globe, creating vulnerabilities that hackers and oppressive regimes can exploit. No government should have the power to compromise security for everyone, yet that ability lies within the Investigatory Powers Act. This secretive action threatens everyone.
That’s why we’ve taken our case to the Investigatory Powers Tribunal. Right now, this order affects millions in the UK. If we don’t stand up, it could have global repercussions. The Home Secretary shouldn’t hold the power to dictate the security of our lives without transparency.
Dr. Gus Hosein is the executive director of Privacy International.