Apparently, the UK government is even more devious than we thought. It wanted broader access to Apple customers’ iCloud data than anticipated, reports the Financial Times (a subscription is required to read the entire article).
Government officials didn’t just want to break Apple’s Advanced Data Protection feature, but wanted access to standard iCloud services used by millions of folks. New court filings published by the Investigatory Powers Tribunal (IPC) show the Home Office’s technical capability notice (TCN) “is not limited to” Apple’s Advanced Data Protection feature, reports the FT.
The order also included requirements for Apple to “provide and maintain a capability to disclose categories of data stored within a cloud-based backup service” In other words, the UK government snoops wanted access to messages and passwords that had been backed up.
Even more, the court document states that “the obligations included in the TCN are not limited to the UK or users of the service in the UK; they apply globally in respect of the relevant data categories of all iCloud users.” It’s obvious that UK is among the countries where citizens can’t trust their government.
Some background info
In February it was announced that Advanced Data Protection iCloud feature from the United Kingdom after government demands for backdoor access to encrypted user data, In a very stupid (IMHO) move, on February 7, The British government has ordered that Apple give it blanket access to all encrypted user content uploaded to the cloud. The Washington Post (a subscription is required to read the article) said the secret order requires blanket access to protected cloud backups around the world and, if implemented, would undermine Apple’s privacy pledge to users,
Customers who are already using Advanced Data Protection, or ADP, will need to manually disable it during an unspecified grace period to keep their iCloud accounts, according to Bloomberg. Apple said it will issue additional guidance in the future to affected users and that it “does not have the ability to automatically disable it on their behalf.”
From the article: One of the people briefed on the situation, a consultant advising the United States on encryption matters, said Apple would be barred from warning its users that its most advanced encryption no longer provided full security. The person deemed it shocking that the UK government was demanding Apple’s help to spy on non-British users without their governments’ knowledge. A former White House security adviser confirmed the existence of the British order.
In March, abipartisan group of U.S. lawmakers came to Apple’s defense over the UK government’s attempts to get backdoor access to users’ iCloud data, reported AppleInsider.
A bipartisan letter from the U.S. Congress to the President of the Investigatory Powers Tribunal published demanded that the IPT “remove the cloak of secrecy related to notices given to American technology companies by the United Kingdom.
The bipartisan group of members urged the court to “remove the cloak of secrecy” surrounding the order, and to make any further proceedings in the case public.
“Given the significant technical complexity of this issue, as well as the important national security harms that will result from weakening cybersecurity defenses, it is imperative that the U.K.’s technical demands of Apple— and of any other U.S. companies — be subjected to robust, public analysis and debate by cybersecurity experts,” the members wrote. “Secret court hearings featuring intelligence agencies and a handful of individuals approved by them do not enable robust challenges on highly technical matters.”
I hope you’ll help support Apple World Today by becoming a patron. All our income is from Patreon support and sponsored posts. Patreon pricing ranges from $2 to $10 a month. Thanks in advance for your support.
Article provided with permission from AppleWorld.Today