UK FORCES APPLE TO GRANT GLOBAL ACCESS TO ENCRYPTED USER ACCOUNTS

The UK government has reportedly ordered Apple to create a backdoor that would allow security officials to access users’ encrypted iCloud backups. If Apple complies, British authorities could access backups from any user worldwide, not just UK residents. Additionally, Apple would be prohibited from informing users that their encryption had been compromised.

According to The Washington Post, this secret order was issued under the UK’s Investigatory Powers Act of 2016, often referred to as the Snoopers’ Charter. Instead of requesting access to specific user accounts, the UK government is demanding sweeping access to all end-to-end encrypted backups stored in iCloud.

By default, iCloud backups are not encrypted, but Apple introduced Advanced Data Protection in 2022, which allows users to enable end-to-end encryption, ensuring that even Apple cannot access their data. In response to the UK’s order, Apple is expected to remove this feature for UK users, but this move would not satisfy the government’s demand for global access.

Apple has the right to challenge the order based on its cost and proportionality, but the appeal process cannot delay its implementation. The UK has reportedly issued Apple a technical capability notice, which makes it illegal to disclose that such a request was made. If Apple complies, it will also be forbidden from warning users that their encryption has been weakened.

In March 2024, Apple strongly opposed UK efforts to undermine encryption, telling the British Parliament,

“There is no reason why the UK should have the authority to decide for citizens of the world whether they can avail themselves of the proven security benefits that flow from end-to-end encryption.”

UK security officials and lawmakers argue that end-to-end encryption helps criminals evade law enforcement, including terrorists and child abusers. A UK government spokesperson previously stated,

“End-to-end encryption cannot be allowed to hamper efforts to catch perpetrators of the most serious crimes.”

However, intelligence agencies in other countries have taken a different stance. In December 2024, the NSA and FBI, along with cyber security agencies in Canada, Australia, and New Zealand, recommended maximum use of end-to-end encryption to protect against cyber threats, particularly those from China. Notably, the UK did not join this recommendation.

If Apple grants the UK government access, it could set a dangerous precedent for other nations, including the U.S. and China, to demand similar access. Apple would then have to choose between compliance or removing encrypted backups entirely. This decision would likely impact other tech giants as well.

Google has provided default end-to-end encrypted backups for Android since 2018, while Meta offers encrypted backups for WhatsApp users. Both companies declined to comment on whether they had received similar government demands, but Google reaffirmed that it “cannot access Android encrypted backup data, even with a legal order.” Meanwhile, Meta has previously stated it would never implement backdoors for encrypted communications.

Apple now faces a critical decision—either defend user privacy or comply with government demands that could reshape digital security worldwide.

COMMENTARY:

If I were Apple, there is absolutely no way I would comply with the UK government’s demand to create a backdoor into encrypted iCloud backups. In fact, I would go a step further—I would publicly reject their order and tell them, in no uncertain terms, to go to hell. This is not just about one company or one country; this is about setting a dangerous precedent that could compromise the security and privacy of billions of people worldwide.

The idea that a government can force a private company to violate its own security measures and betray its users’ trust is outrageous. Apple built its reputation on privacy and security. Giving in to this demand would mean that every assurance we’ve ever given our users was a lie. There would be no reason for anyone to trust Apple again, and frankly, we wouldn’t deserve their trust if we caved to this nonsense.

Furthermore, allowing the UK government to dictate encryption policies for the entire world is beyond absurd. What gives them the right to decide what level of security people in the U.S., Canada, Japan, or anywhere else are allowed to have? The UK government has no jurisdiction over a global service like iCloud, and the fact that they are even attempting this level of control is a perfect example of government overreach at its worst.

Let’s be clear—once a backdoor exists, it will never remain limited to just one government. If Apple builds it for the UK, other countries will demand the same access. China, Russia, and every other authoritarian regime on the planet will see this as an opportunity to force Apple to grant them access as well. And if Apple says no? Then those countries will claim discrimination or hypocrisy, and the pressure will only escalate.

Even if we set aside concerns about authoritarian regimes, do we really trust that any government can handle this kind of power responsibly? The UK has already demonstrated a willingness to abuse its surveillance authority. If they get access to encrypted backups, what’s stopping them from expanding their reach further? History has shown us time and again that when governments gain power over private data, they will always try to expand that power.

Another major issue is that this move would completely undermine end-to-end encryption as a concept. Encryption is either secure or it isn’t—there is no middle ground. If you build a backdoor for “authorized access,” that means hackers, rogue employees, and other malicious actors will eventually find a way in. The entire point of encryption is that not even Apple should be able to access user data. If we break that, we may as well not have encryption at all.

And let’s not forget what this means for the everyday user. Millions of people rely on encrypted backups to protect sensitive information—medical records, personal conversations, financial data, and more. If Apple betrays its users by giving in to the UK’s demand, what happens when that data is leaked or abused? Who will be held accountable when private citizen data is exposed to bad actors?

Apple has fought hard to be a leader in privacy, and this is a defining moment. If we comply, we prove that our commitment to security was just a marketing gimmick. If we resist, we send a message that privacy is non-negotiable. This is not just about Apple—it’s about the entire tech industry. If we cave, other companies will follow, and soon, end-to-end encryption will be nothing more than a joke.

The UK government argues that encryption helps criminals hide, but that argument is weak. Yes, criminals use encryption, but so does everyone else—journalists, activists, lawyers, doctors, and ordinary citizens who just want to keep their private data private. The real criminals will always find ways to hide their activities, whether encryption exists or not. Destroying privacy for billions of innocent people just to catch a handful of criminals is reckless and unacceptable.

And let’s not pretend that this is just about security. This is about control. Governments do not like encryption because it limits their ability to spy on people. This demand is not about protecting the public—it’s about expanding government surveillance power under the guise of fighting crime. But mass surveillance has never made people safer; it has only made governments more powerful and less accountable.

If I were Apple, I would take this fight public. I would call out the UK government for its blatant overreach and make it clear to users worldwide that their privacy is under attack. Transparency is key—if governments try to silence us with secrecy laws, we should challenge them in court. There is no justification for keeping users in the dark about threats to their privacy.

Additionally, Apple has the resources to fight this. We could take legal action, lobby against these laws, and even consider shutting down services in the UK if necessary. If the UK wants to force tech companies to compromise security, let’s see how their citizens react when they suddenly lose access to encrypted services. Let the people decide if they want a government that forces companies to spy on them.

Tech companies need to take a stand now before it’s too late. If Apple complies, other governments will pile on with their own demands. Soon, no one will have secure digital privacy. We would be opening the floodgates to an era where personal data is no longer ours—it belongs to whatever government claims to need it.

I would rather Apple pull out of the UK entirely than bow to this demand. Yes, it would be a drastic move, but it would send a clear message: Apple does not negotiate on privacy. If governments don’t like that, too bad. Privacy is a fundamental right, and no amount of political pressure or legal threats will change that.

So, if the UK government came knocking on my door with this order, I’d tell them exactly where they can shove it. Apple should never compromise encryption, and any government that tries to force us to do so deserves nothing but outright defiance. Privacy is worth fighting for, and if I were running Apple, I would make damn sure we never back down.

ARTICLE:

https://www.theverge.com/news/608145/apple-uk-icloud-encrypted-backups-spying-snoopers-charter