Apple’s ‘advanced data protection’ will no longer be available to its UK users. The feature encrypted backed-up data on iPhones to its cloud platform, protecting older, sensitive messages. Will Apple’s decision weaken privacy policies across tech platforms globally? Mint explains:
Why did Apple end encrypted backup?
Apple didn’t disclose the reason while announcing the decision last Friday, but reports underlined that the move was in response to the UK government imposing a ‘technical capability notice’ under the Investigatory Powers Act, 2016. Citing national security, the law allows a coercive order against a company to reveal requisite data, while asking it to not divulge the same data to the users who are compromised. Since Apple would have had to withdraw operations from the UK to avoid sharing the data, the only viable option for the iPhone-maker was to suspend the encrypted backup feature in the country.
Read more: With AI in Indian iPhones, can Apple rival Google’s appeal for coders?
Does this leave all iPhone data at risk?
Not all data. Live messages on Apple’s iMessages platform are still encrypted, as are passwords on Apple’s ‘Keychain’ application. However, once messages are backed up, the information would no longer be encrypted in the UK. End-to-end encryption, to be sure, refers to information on two ends being jumbled up so that it cannot be read by anyone intercepting the data. Still, Apple’s suspension of encryption of backups in the UK will not break every such security feature for iPhone users. However, the government will be able to demand specific data and access that without needing the company’s help.
Had Apple not denied the FBI something similar?
In 2015, Apple had a standoff with the US’s Federal Bureau of Investigation (FBI)—it refused to build a ‘backdoor’ for the government agencies to break into a convicted mass shooter’s iPhone. CEO Tim Cook even wrote an open letter, saying that if encryption was broken for one, it would be misused by many. That standoff covered iPhone and iOS—and not just backups.
Can this play out in India, too?
Apple withdrawing encryption for backups in the UK will provide some precedent to other nations. It’s also a landmark decision for Apple, which has always boasted of its privacy features. In India, like the UK, the incoming Digital Personal Data Protection (DPDP) Act allows the government to ask a tech company to furbish user data without notifying the user itself in the name of national security—and a feature like Advanced Data Protection may face the axe if it comes in the way of the soon-to-be-enforced law.
Read more: Mint Explainer: The great significance of Apple’s first-ever custom modem chip
Could apps like Signal, WhatsApp be at risk?
Privacy experts say the biggest risk from Apple’s move could be a precedent for pulling back on end-to-end encryption across platforms. Meta, which operates WhatsApp, is the world’s largest encrypted messaging platform—and founder Mark Zuckerberg has vouched to “always” keep it secure. Experts say breaking encryption would only compromise general users, while malicious actors can resort to software like The Onion Router (Tor). Moves to end encryption, they say, are akin to acts of mass surveillance.
