Backdoor Access To Apple User Data Condemned

Uploaded on 2025-02-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

US lawmakers and human rights advocates have united in making a strong condemnation what is being called the British government's "dangerous" and "shortsighted" request to be able to access encrypted data stored by Apple users worldwide in its cloud service. 

The order has been served by the Home Office under the Investigatory Powers Act, which compels firms to provide information to law enforcement agencies. Under the law, the demand by the Home Office cannot be made public.

Senator Ron Wyden and Congressman Andy Biggs have written to the  newly appointed US National Intelligence Director, Tulsi Gabbard, saying the demand threatens the privacy and security of the US. They urge her to give the British an ultimatum: "Back down from this dangerous attack on US cybersecurity, or face serious consequences."

International human rights organisations including Human Rights Watch (HRW) have condemned a recent order by the United Kingdom government demanding Apple provide access to encrypted user data.The order, reportedly issued by the UK Home Office in January 2025, targets Apple's Advanced Data Protection feature, which employs end-to-end encryption to secure cloud-stored data. 

"The United Kingdom government's order to Apple to allow access to encrypted cloud data harms the privacy rights of users in the UK and worldwide," Amnesty International and Human Rights Watch have said.

This uses end-to-end encryption, where only the account holder can access the data stored. Apple itself cannot see it. It is an opt-in service, and not all users choose to activate it.Apple said that that it views Privacy as a "Fundamental Human Right”, which is on their Website.

Senator Wyden and Congressman Biggs say agreeing to the request would "undermine Americans' privacy rights and expose them to espionage by China, Russia and other adversaries". They state that Apple does not make different versions of its encryption software for each country it operates in and, therefore, Apple customers in the UK will use the same software as Americans.

The UK government has that it does not want to start combing through everybody's data, but it would want to access it if there were a risk to national security and so it would focus on an individual, rather than using it for mass surveillance. British authorities would still have to follow a legal process, have a good reason and request permission for a specific account in order to access data - just as they do now with unencrypted data.

Apple has previously said it would pull encryption services like ADP from the UK market rather than comply with such government demands, telling Parliament it would "never build a back door" in its products.

WhatsApp, owned by Meta, has also said that  it would choose being blocked over weakening message security.
But even withdrawing the product from the UK might not be enough to ensure compliance, the Investigatory Powers Act applies worldwide to any tech firm with a UK market, even if they are not based there.

This change by the UK government has upset privacy campaigners, with Privacy International calling it an "unprecedented attack" on the private data of individuals. however,  the US government itself has also previously asked Apple to break its encryption as part of criminal investigations.

Washington Post   |   BBC   |   BBC   |   Andrew Biggs   |   Tribune India   

Image:  Şeyma D

You Might Also Read: 

Telegram Disables Features Used For Illegal Activity:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 



 

« Ukraine Warns Of Growing Russian Use Of AI In Cyberwar Operations
TikTok Returns To US App Stores »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Lutech

Lutech

Lutech is an Italian ICT engineering and services company. Business solution areas include cyber security.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

Augusta HiTech

Augusta HiTech

Augusta Hitech is a focused product development, software services and technology consulting company. Our Vision is to become the most socially impactful and innovative technology company in the world

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Nassec

Nassec

Nassec is a Cyber Security firm dedicated to providing the best vulnerability management solutions. We offer tailor-made cyber security solutions based upon your requirements and nature of business.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

Validia

Validia

Validia is a deepfake cybersecurity service that provides proactive and reactive defense to the deepfake threat enterprises increasingly face with the rapid growth of generative AI.