This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/c20g288yldko
The article has changed 7 times. There is an RSS feed of changes available.
| Version 4 | Version 5 |
|---|---|
| UK government demands access to Apple users' encrypted data | |
| (3 days later) | |
| The UK government has demanded to be able to access encrypted data stored by Apple users worldwide in its cloud service. | The UK government has demanded to be able to access encrypted data stored by Apple users worldwide in its cloud service. |
| Currently only the Apple account holder can access data stored in this way - the tech giant itself cannot view it. | Currently only the Apple account holder can access data stored in this way - the tech giant itself cannot view it. |
| The demand has been served by the Home Office under the Investigatory Powers Act (IPA), which compels firms to provide information to law enforcement agencies. | The demand has been served by the Home Office under the Investigatory Powers Act (IPA), which compels firms to provide information to law enforcement agencies. |
| Apple declined to comment, but says on its website that it views privacy as a "fundamental human right". | |
| Under the law, the demand cannot be made public. | Under the law, the demand cannot be made public. |
| The news was first reported by the Washington Post quoting sources familiar with the matter, and the BBC has spoken to similar contacts. | |
| The Home Office said: "We do not comment on operational matters, including for example confirming or denying the existence of any such notices." | The Home Office said: "We do not comment on operational matters, including for example confirming or denying the existence of any such notices." |
| Privacy International called it an "unprecedented attack" on the private data of individuals. | Privacy International called it an "unprecedented attack" on the private data of individuals. |
| "This is a fight the UK should not have picked," said the charity's legal director Caroline Wilson Palow. | "This is a fight the UK should not have picked," said the charity's legal director Caroline Wilson Palow. |
| "This overreach sets a hugely damaging precedent and will embolden abusive regimes the world over." | "This overreach sets a hugely damaging precedent and will embolden abusive regimes the world over." |
| 'Back doors' | 'Back doors' |
| The demand applies to all content stored using what Apple calls "Advanced Data Protection" (ADP). | The demand applies to all content stored using what Apple calls "Advanced Data Protection" (ADP). |
| This uses something called end-to-end encryption, where only the account holder can access the data stored - even Apple itself cannot see it. | This uses something called end-to-end encryption, where only the account holder can access the data stored - even Apple itself cannot see it. |
| It is an opt-in service, and not all users choose to activate it. | It is an opt-in service, and not all users choose to activate it. |
| This is because, while it makes your data more secure, it comes with a downside - it encrypts your data so heavily that it cannot be recovered if you lose access to your account. | This is because, while it makes your data more secure, it comes with a downside - it encrypts your data so heavily that it cannot be recovered if you lose access to your account. |
| It is unknown how many people choose to use ADP. | It is unknown how many people choose to use ADP. |
| It's also important to note that the government notice does not mean the authorities are suddenly going to start combing through everybody's data. | It's also important to note that the government notice does not mean the authorities are suddenly going to start combing through everybody's data. |
| It is believed that the government would want to access this data if there were a risk to national security - in other words, it would be targeting an individual, rather than using it for mass surveillance. | It is believed that the government would want to access this data if there were a risk to national security - in other words, it would be targeting an individual, rather than using it for mass surveillance. |
| Authorities would still have to follow a legal process, have a good reason and request permission for a specific account in order to access data - just as they do now with unencrypted data. | Authorities would still have to follow a legal process, have a good reason and request permission for a specific account in order to access data - just as they do now with unencrypted data. |
| Apple has previously said it would pull encryption services like ADP from the UK market rather than comply with such government demands - telling Parliament it would "never build a back door" in its products. | Apple has previously said it would pull encryption services like ADP from the UK market rather than comply with such government demands - telling Parliament it would "never build a back door" in its products. |
| Cyber security experts agree that once such an entry point is in place, it is only a matter of time before bad actors also discover it. | Cyber security experts agree that once such an entry point is in place, it is only a matter of time before bad actors also discover it. |
| And withdrawing the product from the UK might not be enough to ensure compliance - the Investigatory Powers Act applies worldwide to any tech firm with a UK market, even if they are not based in Britain. | And withdrawing the product from the UK might not be enough to ensure compliance - the Investigatory Powers Act applies worldwide to any tech firm with a UK market, even if they are not based in Britain. |
| Still, no Western government has yet been successful in attempts to force big tech firms like Apple to break their encryption. | Still, no Western government has yet been successful in attempts to force big tech firms like Apple to break their encryption. |
| The US government has previously asked for this, but Apple has pointedly refused. | The US government has previously asked for this, but Apple has pointedly refused. |
| In 2016, Apple resisted a court order to write software which would allow US officials to access the iPhone of a gunman - though this was resolved after the FBI were able to successfully access the device. | In 2016, Apple resisted a court order to write software which would allow US officials to access the iPhone of a gunman - though this was resolved after the FBI were able to successfully access the device. |
| That same year, the US dropped a similar case after it was able to gain access by discovering the person's passcode. | That same year, the US dropped a similar case after it was able to gain access by discovering the person's passcode. |
| Similar cases have followed, including in 2020, when Apple refused to unlock iPhones of a man who carried out a mass shooting at a US air base. | Similar cases have followed, including in 2020, when Apple refused to unlock iPhones of a man who carried out a mass shooting at a US air base. |
| The FBI later said it had been able to "gain access" to the phones. | The FBI later said it had been able to "gain access" to the phones. |
| 'Stunned' | 'Stunned' |
| The tech giant can appeal against the government's demand but cannot delay implementing the ruling during the process even if it is eventually overturned, according to the legislation. | The tech giant can appeal against the government's demand but cannot delay implementing the ruling during the process even if it is eventually overturned, according to the legislation. |
| The government argues that encryption enables criminals to hide more easily, and the FBI in the US has also been critical of the ADP tool. | The government argues that encryption enables criminals to hide more easily, and the FBI in the US has also been critical of the ADP tool. |
| Professor Alan Woodward, cyber security expert from Surrey University, said he was "stunned" by the news, and privacy campaigners Big Brother Watch described the reports as "troubling". | Professor Alan Woodward, cyber security expert from Surrey University, said he was "stunned" by the news, and privacy campaigners Big Brother Watch described the reports as "troubling". |
| "This misguided attempt at tackling crime and terrorism will not make the UK safer, but it will erode the fundamental rights and civil liberties of the entire population," the group said in a statement. | "This misguided attempt at tackling crime and terrorism will not make the UK safer, but it will erode the fundamental rights and civil liberties of the entire population," the group said in a statement. |
| UK children's charity the NSPCC has previously described encryption as being on the front line of child abuse because it enables abusers to share hidden content. | UK children's charity the NSPCC has previously described encryption as being on the front line of child abuse because it enables abusers to share hidden content. |
| But Apple says that privacy for its customers is at the heart of all its products and services. | But Apple says that privacy for its customers is at the heart of all its products and services. |
| In 2024 the company contested proposed changes to the Investigatory Powers Act, calling it an "unprecedented overreach" of a government. | In 2024 the company contested proposed changes to the Investigatory Powers Act, calling it an "unprecedented overreach" of a government. |
| The changes also included giving the government the power to veto new security measures before they were implemented. They were passed into law. | The changes also included giving the government the power to veto new security measures before they were implemented. They were passed into law. |
| "The main issue that comes from such powers being exercised is that it's unlikely to result in the outcome they want," said Lisa Forte, cyber security expert from Red Goat. | "The main issue that comes from such powers being exercised is that it's unlikely to result in the outcome they want," said Lisa Forte, cyber security expert from Red Goat. |
| "Criminals and terrorists will just pivot to other platforms and techniques to avoid incrimination. So it's the average, law abiding citizen who suffers by losing their privacy." | "Criminals and terrorists will just pivot to other platforms and techniques to avoid incrimination. So it's the average, law abiding citizen who suffers by losing their privacy." |