The UK government has recently ordered Apple Inc. to create a backdoor that would allow officials to access global user data stored in its cloud services.
Notably, the undisclosed order, issued in January under the UK’s Investigatory Powers Act, mandates that Apple circumvent its encryption protections. The law, which grants officials the authority to demand the removal of encryption through a “technical capability notice,” also prevents companies from disclosing such requests.
To recall, the UK’s demand centers around Apple’s Advanced Data Protection feature, which significantly enhances security by applying end-to-end encryption to most data stored in iCloud. This includes backups, photos, notes, reminders, files, and even text messages, making it much harder for governments or hackers to gain unauthorised access. Apple first introduced the feature in late 2022, and while it has remained relatively low-profile, it offers users an additional layer of security that has now become a flashpoint in the broader encryption debate.
Apple has so far resisted efforts from governments to weaken encryption, arguing that such actions would compromise user privacy and security. UK authorities, however, maintain that they need access to encrypted data for national security and criminal investigations. Privacy advocates warn that complying with the order could set a dangerous precedent, potentially encouraging repressive regimes to demand similar access.
For users who want to ensure their data remains as secure as possible, enabling Advanced Data Protection on an iPhone, Mac, or iPad is a straightforward process. To activate the feature:
Apple provides detailed documentation on its website explaining the differences between standard encryption and end-to-end encryption, as well as instructions for users who wish to enable the added protection.
As the situation unfolds, Apple has declined to comment on the order, but it has previously expressed strong opposition to such demands. In March 2024, the company reaffirmed its commitment to user privacy, stating, “Protecting our users’ privacy and the security of their data is at the very heart of everything we do.”
Privacy advocates, including legal director Caroline Wilson Palow from the London-based group Privacy International, have criticised the UK’s move as an alarming overreach. “This overreach sets a hugely damaging precedent and may embolden abusive regimes the world over,” Wilson Palow said.
(With inputs from Bloomberg)
