US lawmakers are urging the Trump administration to revisit its data-sharing agreement with the UK. They’ve raised concerns that a secret legal order issued by the UK against Apple could compromise the privacy and security of US citizens.
Politicians from both parties argue that the UK has overstepped by demanding Apple weaken its encryption. This encryption protects global users’ data, including messages and files. On June 5, the House Judiciary Subcommittee on Crime and Government Surveillance discussed how this UK order would let law enforcement use US-UK data-sharing agreements to access Apple data stored in US servers.
Lawmakers want the US Department of Justice to activate a 30-day termination clause in these agreements, pushing the UK to withdraw its demands. They also call for amendments to prevent future similar orders from the UK.
The committee revealed the UK has made over 20,000 demands for data under the Cloud Act, a stark contrast to only 63 US requests to British providers. Andy Biggs, the committee chair and Republican representative, emphasized that the UK’s actions threaten not just UK users but Apple customers worldwide. He warned that allowing such measures could set a worrying precedent for other nations.
The UK Home Office’s secret order, known as a Technical Capability Notice (TCN), requires Apple to extend UK law enforcement access to encrypted data in iCloud. The order surfaced in a February 2025 Wall Street Journal leak, and Apple’s withdrawal of its Advanced Data Protection service in the UK confirmed it. Apple is now challenging the legality of the order in the UK’s Investigatory Powers Tribunal.
Democrat representative Jamie Raskin voiced his concerns, explaining that the TCN could expose the US to risks from cyber criminals and foreign states. He highlighted that creating “backdoors” in encryption doesn’t just let authorized personnel in; it also opens up possibilities for malicious actors to exploit vulnerabilities.
He went further, likening the UK’s demands for access to encrypted communications to a government monitoring all private conversations in public spaces.
Susan Landau, a cyber security expert, reinforced how crucial encryption is for national security, pointing out that safeguarding private data is essential for protecting individuals and the nation alike. She stressed the importance of end-to-end encryption for various groups, from journalists to business travelers, saying it plays a vital role in both security and privacy.
Landau also brought up the alarming example of Chinese hackers exploiting access meant for law enforcement. These hackers leveraged systems installed under US law to breach sensitive data, compromising national security.
Meanwhile, the NSA has advocated for stronger encryption since 2000, highlighting a long-standing recognition of its importance. Other countries, including Australia and New Zealand, support such measures. Yet, the UK has resisted signing agreements endorsing these protections.
Richard Horne from GCHQ’s National Cyber Security Centre claimed there’s no inherent conflict between privacy and security. However, Richard Salgado, a former Google security chief, warned that the UK’s secretive processes could compromise US cybersecurity and competitive standing in the tech sector. He emphasized transparency, stating that crucial decisions shouldn’t be made behind closed doors in foreign nations.
Caroline Wilson Palow from Privacy International cautioned that if the UK succeeds with the Apple order, it might set a dangerous precedent, leading to more similar requests aimed at US companies. She argued that other countries could follow suit, potentially undermining global security.
The committee heard calls for Congress to urge the UK to retract its demands and amend the Cloud Act to ensure cooperating nations respect American privacy and security standards. Biggs insisted the DOJ should act quickly to push back against the UK’s maneuvers.
Raskin echoed these sentiments, arguing that the secret nature of the UK’s order undermines accountability and oversight, leaving vital questions about US privacy and security unaddressed.