A secret order issued by the UK government has caused Apple to remove its “Advanced Data Protection” end-to-end encryption option in the country, in response to a demand for a global backdoor that could have potentially compromised the cloud storage of iPhone and iPad users across the world.
The move does not compromise the basic security of devices or functions such as iMessage, but UK users can no longer automatically encrypt the data they store with iCloud. When enabled, the Advanced Data Protection feature automatically encrypts all user cloud storage in such a way that Apple employees are not able to access it. The move comes as the UK government continues to push for universal end-to-end encryption backdoors, which it claims are necessary to combat terrorist groups and child abuse materials.
End-to-end encryption in UK terminated by legal order
As of February 21, Apple device users in the UK began seeing a notice that the iCloud end-to-end encryption feature is no longer available in their region. That stems from a secret order recently issued by the Home Office, only made known to the public due to inside sources leaking it to the media, requiring Apple to start implementing backdoor access to encrypted cloud data and to begin complying immediately.
Apple has signaled that it would not comply with such an order since the idea was first publicly floated by the UK government roughly a year ago, and the move was widely expected as a legal compromise to avoid having to implement a potentially ruinous backdoor. The Home Office reportedly was not content with backdoor access just within the UK, but wanted the ability to get into the cloud storage of Apple users throughout the world. Apple is able to appeal the order on the basis of it being not feasible and an overreach by the government, but the proceedings are held in secret and the law requires it to continue complying while that process unfolds.
The iCloud end-to-end encryption feature was introduced in late 2022 and is not on by default. Unencrypted iCloud storage has been used by law enforcement throughout the world as an alternate means of investigating locked devices, which Apple has otherwise generally resisted unlocking. UK users who already had the feature enabled prior to February 21 can keep using it for the time being, but Apple has said that sometime in the coming weeks these users will have to either disable it or give up access to their iCloud accounts.
End-to-end encryption demands clash with UK’s intent to become a global AI hub
The UK government campaign against end-to-end encryption has already raised hackles and threatened the country’s growing tech sector. Other privacy-focused services, such as Signal, have raised the possibility of simply abandoning the country entirely if the government pushes too hard. Acquiescence would be a major blow to Apple, which derives about half of its revenue from hardware sales and positions itself as a premium brand in no small part due to its focus on privacy and security features.
The “Snoopers’ Charter” crusade against end-to-end encryption would also seem to run counter to the UK government’s ambitious plans to make London the central AI hub of the world, a strategy that was bolstered by the recent unveiling of the AI Opportunities Action Plan and an announcement of tens of billions of pounds in total planned investment in the country’s AI infrastructure. Tech firms are looking to integrate AI with nearly every facet of user experience, to include things like real-time scam and hacking protection that would necessitate access to user calls and messages, and an insecure government-mandated backdoor in those systems could pose an existential threat.
Aside from the issue of government overreach and privacy invasion, security and privacy experts broadly agree that any backdoor that is mandated will eventually be exploited by criminal hackers or state-sponsored threats. That could then render devices and operating systems useless. The threat could be as simple as insider access, if a privileged member of law enforcement were to go rogue and begin providing access to unauthorized parties in return for a bribe.
Apple has long been battling with governments that demand unfettered access to devices and storage, though most of the prior conflicts have taken place in the United States. The company had reportedly planned to roll out its iCloud end-to-end encryption feature in the late 2010s, but it was delayed for several years due to pressure from the FBI. The company may now get some support from the US as lawmakers have responded to the story with demands that the UK government back down, threatening the possibility of ending intelligence sharing agreements if it does not.
