Apple Withdraws Encryption Service Amid UK Government Data Access Demands
Apple has reportedly discontinued one of its encryption services for customers in the United Kingdom, a move that follows criticisms of the UK government’s alleged attempts to gain access to encrypted user data. A former cybersecurity leader has described the government as “naive” for purportedly demanding that Apple create a backdoor into its software. This backdoor would potentially allow UK intelligence agencies to monitor customer information, a request deemed unlikely to remain confidential.
Former Cyber Security Chief Criticizes Government Approach
Ciaran Martin, previously the head of cyber security at the UK’s Government Communications Headquarters (GCHQ) and the inaugural chief executive of the National Cyber Security Centre (NCSC), has voiced strong opinions on the matter. Speaking to New Scientist, Martin addressed reports suggesting the UK government has made an unprecedented request for Apple to grant access to customer data, regardless of location and encryption status.
Secrecy Concerns Highlighted
Orders of this nature, authorized under the Investigatory Powers Act 2016, are typically intended to be issued discreetly. However, Martin expressed a lack of surprise at the apparent information leaks. “I just think the idea that this type of order against a company like Apple would work in secret was probably naive,” he stated, underscoring the difficulty of maintaining confidentiality in such high-profile demands.
Apple’s Response and Legal Challenges
Neither the Home Office nor Apple has officially confirmed the existence of the government’s request, as acknowledging it would be unlawful. Both entities have refrained from providing comments on the situation. However, in February, Apple announced the discontinuation of its Advanced Data Protection service for new UK users. This service is specifically designed to enhance the security of cloud data through robust encryption.
“No Backdoors” Policy Reiterated
In its announcement, Apple reiterated its long-standing position: “As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will.” Furthermore, reports indicate that Apple is legally contesting the UK order, with proceedings expected to be held privately.
Government-Industry Security Disagreements
Martin acknowledged that disagreements between governments and technology companies over security matters are not uncommon. However, he maintains that “most major problems, however intractable, are susceptible to some form of compromise.” Drawing on his experience in intelligence, he mentioned instances where he requested technology firms to remove features exploited by malicious actors for national security threats or criminal activities. While declining to provide specific examples, he noted these often involved smaller, specialized technology providers.
Niche Technologies and Criminal Misuse
“They would have a new app or something, and it would become a favorite of criminals because of a particular feature,” Martin explained. He described scenarios where authorities would intervene, stating, “‘look, no, you canβt do this’,” when niche technologies were being misused more frequently than used legitimately.
The Inevitability of Uncrackable Encryption
Ultimately, Martin asserts that governments must accept the reality of uncrackable encryption. “That ship has sailed,” he stated emphatically. “I think, ultimately, governments are gonna have to come to terms with this. And I suspect in the long term that trying to compel the global titans of the [US] West Coast is not going to work,” suggesting a need for a revised approach to security and data access in the age of strong encryption.