Backdoor Access To Apple User Data Condemned

Uploaded on 2025-02-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

US lawmakers and human rights advocates have united in making a strong condemnation what is being called the British government's "dangerous" and "shortsighted" request to be able to access encrypted data stored by Apple users worldwide in its cloud service. 

The order has been served by the Home Office under the Investigatory Powers Act, which compels firms to provide information to law enforcement agencies. Under the law, the demand by the Home Office cannot be made public.

Senator Ron Wyden and Congressman Andy Biggs have written to the  newly appointed US National Intelligence Director, Tulsi Gabbard, saying the demand threatens the privacy and security of the US. They urge her to give the British an ultimatum: "Back down from this dangerous attack on US cybersecurity, or face serious consequences."

International human rights organisations including Human Rights Watch (HRW) have condemned a recent order by the United Kingdom government demanding Apple provide access to encrypted user data.The order, reportedly issued by the UK Home Office in January 2025, targets Apple's Advanced Data Protection feature, which employs end-to-end encryption to secure cloud-stored data. 

"The United Kingdom government's order to Apple to allow access to encrypted cloud data harms the privacy rights of users in the UK and worldwide," Amnesty International and Human Rights Watch have said.

This uses end-to-end encryption, where only the account holder can access the data stored. Apple itself cannot see it. It is an opt-in service, and not all users choose to activate it.Apple said that that it views Privacy as a "Fundamental Human Right”, which is on their Website.

Senator Wyden and Congressman Biggs say agreeing to the request would "undermine Americans' privacy rights and expose them to espionage by China, Russia and other adversaries". They state that Apple does not make different versions of its encryption software for each country it operates in and, therefore, Apple customers in the UK will use the same software as Americans.

The UK government has that it does not want to start combing through everybody's data, but it would want to access it if there were a risk to national security and so it would focus on an individual, rather than using it for mass surveillance. British authorities would still have to follow a legal process, have a good reason and request permission for a specific account in order to access data - just as they do now with unencrypted data.

Apple has previously said it would pull encryption services like ADP from the UK market rather than comply with such government demands, telling Parliament it would "never build a back door" in its products.

WhatsApp, owned by Meta, has also said that  it would choose being blocked over weakening message security.
But even withdrawing the product from the UK might not be enough to ensure compliance, the Investigatory Powers Act applies worldwide to any tech firm with a UK market, even if they are not based there.

This change by the UK government has upset privacy campaigners, with Privacy International calling it an "unprecedented attack" on the private data of individuals. however,  the US government itself has also previously asked Apple to break its encryption as part of criminal investigations.

Washington Post   |   BBC   |   BBC   |   Andrew Biggs   |   Tribune India   

Image:  Şeyma D

You Might Also Read: 

Telegram Disables Features Used For Illegal Activity:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 



 

« Ukraine Warns Of Growing Russian Use Of AI In Cyberwar Operations
TikTok Returns To US App Stores »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

VaultOne

VaultOne

VaultOne is a next-generation security solution that addresses security issues from different domains (Password Manager, Secure Access, PAM, Identity Management) as a single, integrated solution.

Advisera 27001Academy

Advisera 27001Academy

Advisera is a market leader in providing documentation and online support for the implementation of business standards including ISO 27001, ISO 22301 and EU GDPR.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

WhiteHawk

WhiteHawk

WhiteHawk is the first online Cyber Security Exchange. We help you understand your cyber risk and match you to tailored and affordable solutions.

Kinetic Investments

Kinetic Investments

Kinetic Investments is a venture capital firm dedicated to early-stage companies that are transforming the digital landscape.

Ironhack

Ironhack

Ironhack provide intensive training courses & bootcamps in Web Development, UX/UI Design, Data Analytics & Cybersecurity.

Netpoleon Group

Netpoleon Group

Netpoleon is a leading provider of integrated security, networking solutions and value added services.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.

Borwell

Borwell

Borwell delivers software and IT solutions to the UK MoD and to UK Government departments, which are secure by design.

Cloud Software Group

Cloud Software Group

Cloud Software Group provides mission-critical software to enterprises at scale.