UK Investigatory Powers Tribunal Suggests iCloud Backdoor Demand Was More Extensive Than Initially Revealed
The UKs Investigatory Powers Tribunal, an independent judicial body that handles complaints about unlawful surveillance, has made a new legal filing indicating that the authorities sought a far more extensive backdoor into iCloud than previously understood. This development contradicts a recent claim from US Director of National Intelligence Tulsi Gabbard, who stated the UK had agreed to drop its mandate for Apple to create such a backdoor.
According to the filing, the UK Home Office has not yet legally withdrawn or altered its original order for Apple to create backdoor access to user data. The order reportedly compels Apple to provide and maintain a capability to disclose broad categories of data stored within its cloud services. This suggests the governments aim was to gain access to a wide array of information, including user passwords and messages.
The scope of the demand appears to extend beyond data protected by Apples Advanced Data Protection feature, indicating authorities wanted broad access to Apple iCloud accounts in general. Apple first publicly acknowledged a UK government mandate in February when it disabled the Advanced Data Protection feature for UK users. This feature provides end-to-end encryption for most iCloud data, and its removal was seen as a direct response to government pressure.
While Apple is legally barred from publicly discussing the specific order, it challenged the UK government at the IPT in March. The company stated it remains committed to offering users the highest level of security for their personal data and expressed hope it could do so again in the UK in the future. Apple has consistently maintained it has never built a backdoor or master key into any of its products or services and never will.
The UK government has a policy of neither confirming nor denying the existence of such secret orders. Consequently, the IPT will be hearing Apples case based on assumed facts rather than a publicly confirmed legal document. The situation creates a significant conflict between national security interests and the privacy rights of citizens, with a major tech company caught in the middle. The outcome of the tribunal could set a crucial precedent for how encryption and user privacy are handled in the UK and potentially influence similar debates globally.
