Over a hundred cybersecurity experts, companies, and civil society groups have urged Home Secretary Yvette Cooper to abandon demands for Apple to create a backdoor. This backdoor would grant the UK government access to encrypted communications and data on Apple’s iCloud service.
This letter comes after revelations that the Home Office issued a covert order to Apple, mandating access to all encrypted data of Apple users globally. The intervention has alarmed U.S. lawmakers who worry this move could undermine the privacy and security of everyday Americans and government officials using Apple devices.
In December 2022, Apple rolled out Advanced Data Protection for iCloud, enhancing end-to-end encryption for messages and personal data like photos and notes. This measure is meant to safeguard users’ private information against security threats. However, the Home Office’s request poses a risk to the UK’s data protection status with the EU, potentially jeopardizing data exchange between UK and EU businesses. Robin Wilton, a director at the Internet Society and one of the letter’s signatories, highlighted concerns about the impact on GDPR adequacy, noting that the government’s pursuit of access—even after data reaches the U.S.—raises serious questions.
Experts voiced grave concerns about the implications of the UK’s push for a backdoor into personal data, warning it could compromise millions’ security and privacy and damage the tech sector’s reputation. Among the prominent signatories are renowned figures like cryptographer Phil Zimmerman and cybersecurity author Bruce Schneier. The letter remains open for more signatures until February 20.
The signatories cautioned that if implemented, this secretive move might drive Apple and other tech firms to withdraw from the UK market. As the government touts the importance of tech companies for economic growth, the potential for reputational damage looms large. Foreign investors may hesitate to engage with UK firms perceived as vulnerable to government surveillance.
The letter also points out that leaked information revealed the Home Office issued a Technical Capability Notice (TCN) mandating Apple to allow access to user data worldwide. Should this succeed, it could create a vulnerable security structure, jeopardizing user privacy not just in the UK but globally.
Further, the authors emphasized national security risks associated with undermining encryption. Access to end-to-end encrypted services helps protect personal lives for government personnel, essential for preventing extortion and coercion that could harm national security. Experts argue it’s impossible to give the government access to encrypted data without compromising the integrity of that encryption. Ciaran Martin, former director of the National Cyber Security Centre, advocated for unrestrained end-to-end encryption for strengthening digital security.
The implications are particularly severe for those most vulnerable, including domestic violence survivors and LGBTQ+ individuals, for whom the confidentiality of encrypted communication is crucial. International human rights organizations stress the significance of encryption for safe communication. The European Court of Human Rights has underscored the need for anonymity to safeguard individuals from repercussions for voicing their opinions.
In a landmark ruling in February 2024, the ECHR found that Russia’s demand for technical disclosures from Telegram violated human rights law. To maintain both national and economic security, the letter urges the Home Office to rescind its request compelling Apple to compromise end-to-end encryption. Among the supporters are human rights organizations like Article 19 and prominent academics from British institutions such as the University of Cambridge.