In a bid to boost its surveillance efforts, the UK Government's Home Office reportedly requested a ‘backdoor’ be built into Apple’s end-to-end encryption to allow law enforcement agencies access to user data.
Apple refused the request, doubling down on its promise to never build a master key to any service - but didn't stop there, and pulled the service from users altogether, meaning as of February 2025, UK users have lost the company's Advanced Data Protection feature for cloud storage services.
This means millions of British iPhone and Mac users no longer benefit from the extra security layer provided by the encryption. Previously, even Apple was unable to access the files, and without this protection, users are at a higher risk of data theft.
Snooper’s charter
This backdoor would have given businesses another potential vulnerability they would have little control over. Experts recognise the risk, which is why the Global Encryption Coalition, which includes over 100 civil society organizations, tech companies, and cybersecurity experts, are calling the UK to rescind its order to Apple.
“This demand jeopardizes the security and privacy of millions, undermines the UK tech sector, and sets a dangerous precedent for global cybersecurity," the group wrote.
Had Apple complied, this would’ve been a monumental blow for data privacy, and would have, in my opinion, paved the way for over-reaching governments and tech firms across the world to spy on users.
It was reported by the Washington Post the Home Office made the request under the Investigatory Powers Act of 2016, dubbed the ‘snoopers charter’ by many for its ‘extreme’ surveillance measures, and was “the most extreme surveillance in the history of western democracy”, according to privacy whistleblower Edward Snowden.
The law has extraterritorial powers too, meaning British law enforcement could have accessed encrypted data of Apple customers across the world - including EU and US users.
Users lose out
It’s easy to imagine how this access could assist law enforcement, but this would come at the expense of the privacy of all other users, and would give the British Government almost unfettered access to your messages, photos, and even your notes app.
Thankfully, this isn't the case, but now Apple users in the UK are left unprotected. End-to-end encryption is a fantastic tool in the fight for data privacy, as it means no one can access the data, including internet providers, platform providers, and malicious actors.
“The Home Office’s actions have deprived millions of Britons from accessing a security feature,” James Baker, Platform Power Programme Manager at Open Rights Group, told TechRadar Pro.
“As a result, British citizens will be at higher risk of their personal data and family photos falling into the hands of criminals and predators,”
And that’s important, because everyone loses out when end-to-end encryption is taken away. If you use an iPhone or Mac at work, your business is no longer has the option to use Advanced Data Protection. It’s consumers who pay the price.
You can still use encryption software to store your information safely, but businesses can no longer rely on Mac’s ADP software for the most secure level communications.
Weakened security
Apple’s argument against building a backdoor for law enforcement is that the security is weakened the moment a ‘master key’ is developed.
Following a recent cyberattack, the FBI and CISA experts recommended all citizens switch to encrypted services, and businesses with a legal obligation to protect customer data will be significantly more vulnerable without encryption.
To me, it’s obvious. If you build a backdoor to the encryption, it's only a matter of time before it’s exploited. You hear about a new cyberattack or data breach practically every day, so if the key exists, there’s a chance it can be stolen - even if the backdoor is meant to be used exclusively by law enforcement.
This could be devastating for any company that relies on encryption, especially given that data breaches are routinely costing UK companies millions each time.
“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy. Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before,” Apple confirmed.
“As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will.”
Some data, like Health, iCloud messages, Passwords, and Siri information, is always end-to-end encrypted, even for those who don’t choose to add ADP.
Apple is not the first big tech company to come up against the UK government in this regard, with Meta’s introduction of E2EE met by opposition from the British government, citing concerns that encryption would damage its ability to combat abusive material.
The government requested Meta implement a technology that would “safeguard children but also protect user privacy,” most likely a type of scan before images are sent.
Nonetheless, Meta's E2EE was rolled out in late 2023, a move which internet safety expert John Carr labeled '“utterly unconscionable”.
You might also like
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
