Backdoor Access To Apple User Data Condemned

Uploaded on 2025-02-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

US lawmakers and human rights advocates have united in making a strong condemnation what is being called the British government's "dangerous" and "shortsighted" request to be able to access encrypted data stored by Apple users worldwide in its cloud service. 

The order has been served by the Home Office under the Investigatory Powers Act, which compels firms to provide information to law enforcement agencies. Under the law, the demand by the Home Office cannot be made public.

Senator Ron Wyden and Congressman Andy Biggs have written to the  newly appointed US National Intelligence Director, Tulsi Gabbard, saying the demand threatens the privacy and security of the US. They urge her to give the British an ultimatum: "Back down from this dangerous attack on US cybersecurity, or face serious consequences."

International human rights organisations including Human Rights Watch (HRW) have condemned a recent order by the United Kingdom government demanding Apple provide access to encrypted user data.The order, reportedly issued by the UK Home Office in January 2025, targets Apple's Advanced Data Protection feature, which employs end-to-end encryption to secure cloud-stored data. 

"The United Kingdom government's order to Apple to allow access to encrypted cloud data harms the privacy rights of users in the UK and worldwide," Amnesty International and Human Rights Watch have said.

This uses end-to-end encryption, where only the account holder can access the data stored. Apple itself cannot see it. It is an opt-in service, and not all users choose to activate it.Apple said that that it views Privacy as a "Fundamental Human Right”, which is on their Website.

Senator Wyden and Congressman Biggs say agreeing to the request would "undermine Americans' privacy rights and expose them to espionage by China, Russia and other adversaries". They state that Apple does not make different versions of its encryption software for each country it operates in and, therefore, Apple customers in the UK will use the same software as Americans.

The UK government has that it does not want to start combing through everybody's data, but it would want to access it if there were a risk to national security and so it would focus on an individual, rather than using it for mass surveillance. British authorities would still have to follow a legal process, have a good reason and request permission for a specific account in order to access data - just as they do now with unencrypted data.

Apple has previously said it would pull encryption services like ADP from the UK market rather than comply with such government demands, telling Parliament it would "never build a back door" in its products.

WhatsApp, owned by Meta, has also said that  it would choose being blocked over weakening message security.
But even withdrawing the product from the UK might not be enough to ensure compliance, the Investigatory Powers Act applies worldwide to any tech firm with a UK market, even if they are not based there.

This change by the UK government has upset privacy campaigners, with Privacy International calling it an "unprecedented attack" on the private data of individuals. however,  the US government itself has also previously asked Apple to break its encryption as part of criminal investigations.

Washington Post   |   BBC   |   BBC   |   Andrew Biggs   |   Tribune India   

Image:  Şeyma D

You Might Also Read: 

Telegram Disables Features Used For Illegal Activity:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 



 

« Ukraine Warns Of Growing Russian Use Of AI In Cyberwar Operations
TikTok Returns To US App Stores »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

KvantPhone

KvantPhone

KvantPhone (formerly CryptTalk) is an easy-to-use, quantum resistant secure communication service designed for businesses and large organizations.

Dualog

Dualog

Dualog provides a maritime digital platform which ensures that services work reliably and securely onboard.

Lumu Technologies

Lumu Technologies

Lumu is a cybersecurity company that illuminates threats and attacks affecting enterprises worldwide.

Cyber Security Advisor

Cyber Security Advisor

Notice how sophisticated the cybersecurity market is. Think how would you pick the security provider, assess your company, and be sure of your security decisions? Cyber Security Advisor is the answer!

Viettel Cyber Security

Viettel Cyber Security

Viettel Cyber Security is an organization under the Military Telecommunication Industry Group, conducting research and developing information security solutions for domestic and foreign customers.

Jisc

Jisc

Jisc is a membership organisation working in partnership with the UK’s research and education communities to develop the digital technologies they need to teach, discover and thrive.

Symbol Security

Symbol Security

Through situational learning, simulations, and a gamified user experience, Symbol strengthens the cyber awareness of employees and helps companies lower cyber risk.

Phronesis Security

Phronesis Security

Phronesis Security is committed to delivering world-class cyber security consulting with a tangible social and environmental impact.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

Smarsh

Smarsh

Smarsh products are designed for user-friendly, efficient compliance. From archiving, supervision, and discovery to cybersecurity – Smarsh has you covered.

Trustack

Trustack

Trustack services cover connectivity, infrastructure services, security, unified comms, agile working and more. Our team of consultants deliver customised solutions tailored to your needs.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Kaine Mathrick Tech (KMT)

Kaine Mathrick Tech (KMT)

KMT deliver comprehensive cyber-first outsourced technology support and solutions that scale with your business.