Apple Opens Fire In Encryption Battle

Please log in to browse. Login now

So far, the debate over encryption has been vague and broadly drawn. On one side, Silicon Valley, arguing that weakening encryption puts normal people's privacy and security at risk (and threatens their relationships with customers). On the other, the security services, police and governments, arguing (sometimes without much firm proof) that encryption helps terrorists and makes the loss of life more likely.

The problem has been so far that much of this talk has been hypothetical. Governments haven't actually detailed how they would like to see encryption changed to help them. So technology companies' responses have been equally hazy. This is why Apple's intervention is important. It is a specific response to a specific piece of legislation. Granted, that legislation - the Government's Investigatory Powers Bill or so-called "Snoopers' Charter" - is still vague.

The Government has publicly said that it doesn't want to weaken encryption - the Home Secretary even repeated this when she introduced the bill in Parliament. But the bill could force companies to hand over data 'in the clear' - a pre-existing power which has, as far as we know, never been demanded and certainly never tested in court.

Apple gives that notion both barrels writing that, "this bill will put law abiding citizens at risk, not the criminals, hackers and terrorists.
"The fact is to comply with the Government's proposal, the personal data of millions of law abiding citizens would be less secure."

That's not too different from the broad-stroke objections we've heard so far. But in the rest of its submission, Apple goes through specific clauses of the bill, explaining why it objects to them and, crucially, suggesting how they could be improved.

This is a new stage of the debate. So much depends on the nitty-gritty of how laws are written. After much high-minded rhetoric from both sides, Apple is actually getting stuck in.
Sky: http://bit.ly/1Z1U2jg

 

« NSA Helped UK Spies Find Juniper's Security Holes
Islamic State Aims to Launch Cyberattacks on US »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Netrix

Netrix

Netrix is a Mexican company specialized in IT Security, with more than 18 years of experience in Managed Services, Professional Services and Turnkey Solutions related to Security.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

Metallic.io

Metallic.io

Metallic (formerly TrapX) is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and other threats.

ArmorPoint

ArmorPoint

ArmorPoint redefines the traditional approach to cybersecurity by combining network operations, security operations, and SIEM technology in one platform.

Vercara

Vercara

Vercara offers a purpose-built, global cloud security platform that provides layers of protection to safeguard businesses’ online presence, no matter where an attack comes from or where it is aimed.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.

Alcatel-Lucent Enterprise (ALE)

Alcatel-Lucent Enterprise (ALE)

We are Alcatel-Lucent Enterprise. Our mission is to make everything connect with digital age networking, communications and cloud solutions.

Barquin Solutions

Barquin Solutions

Barquin Solutions is a full-service information technology consulting firm focused on supporting U.S. federal government agencies and their partners.

Strategic Security Solutions (S3)

Strategic Security Solutions (S3)

S3 is a leading provider of Cybersecurity consulting services for Identity and Access Governance (IAG), Zero Trust, and Enterprise Risk and Compliance.