Apple Stops Offering Advanced Data Security in UK Amid Government Demand
LONDON (AP) — Apple has announced it will stop offering an advanced data security option for British users after the government reportedly demanded that the company provide backdoor access for any data those users have stored in the cloud.
The iPhone maker said its Advanced Data Protection encryption feature is no longer available for new users in the United Kingdom and will eventually be disabled for existing users. This move comes as a result of British security officials serving Apple with what's known as a “technical capability notice" ordering it to provide access under a sweeping law called the Investigatory Powers Act of 2016.
Background on the Issue
The Investigatory Powers Act, also dubbed the snoopers' charter, gives British spies the ability to hack into devices and harvest vast amounts of bulk online data. The law contains provisions to compel companies to remove encryption to allow for electronic eavesdropping.
This move has raised concerns among experts that other governments may follow suit, effectively outlawing strong encryption and putting users at risk of both government surveillance and cyber attacks from bad actors.
Apple's Response
Apple said it can no longer offer Advanced Data Protection in the U.K. due to "the continuing rise of data breaches and other threats to customer privacy." The company did not reveal how many users have been using this feature, but noted that some types of data will still be end-to-end encrypted by default.
Expert Reaction
Mike Chapple, an IT professor at the University of Notre Dame’s Mendoza College of Business and a former computer scientist at the National Security Agency, said this episode illustrates one of the fundamental flaws in government efforts to undermine encryption. Companies like Apple often choose to remove security features entirely when faced with having to comply with government regulations.
This decision reduces security for everyone involved. Chapple warned that if other governments follow suit, we risk a future where strong encryption is functionally outlawed, putting us all at risk of not just government surveillance but also eavesdropping by other bad actors.
Global Implications
The potential for other governments to demand similar access to encrypted data raises serious concerns about the future of online security and privacy. If companies are forced to choose between security and complying with government regulations, they may opt to remove security features entirely.
This would lead to a reduced level of security not just for British users but also globally, making us all more vulnerable to cyber threats. The episode highlights the need for governments and tech companies to work together in finding solutions that balance national security with individual rights to privacy.