Apple has reportedly received a request from the UK government to create a backdoor for accessing users’ encrypted iCloud backups, according to The Washington Post. The secret order, issued last month, reportedly seeks a method to access all backups stored in iCloud, including those from users outside the UK.
To ensure iCloud backups are encrypted, users must enable the Advanced Data Protection feature. This option allows users to protect their most sensitive data with end-to-end encryption, ensuring that only their trusted devices can decrypt the information. With this level of protection, not even Apple can access encrypted files. In response to the UK government’s request, Apple may choose to disable Advanced Data Protection in the UK, though this would not fully comply with the UK’s demand for access to files shared by users globally.
Apple reportedly has the right to appeal the technical capability notice on the basis of implementation costs and whether the request is proportional to security concerns. However, any appeal would not delay the original order’s implementation.
The UK government has served Apple with a technical capability notice, which legally prevents the company from disclosing the demand. If Apple were to comply with the request, it would also be prohibited from notifying users that the encrypted service is no longer fully secure.
In a statement to the British Parliament in March 2024, Apple expressed its concerns, saying, “There is no reason why the UK [government] should have the authority to decide for citizens of the world whether they can avail themselves of the proven security benefits that flow from end-to-end encryption.” Apple has previously pushed back against similar attempts by the UK to legislate backdoors into encrypted communications.
