The UK Home Office has re-instigated its battle with Apple to allow the government access to encrypted messages on iCloud. 

The Financial Times reported that in early September, the UK government demanded Apple create a backdoor into British users' cloud storage service, according to people close to the matter. 

The order differs from the initial technical capability notice (TCN) the Home Office issued to Apple in January, as it is requesting access only to UK citizens' encrypted data, not global access to all user messages and data.

The earlier request caused tensions between the US and UK governments, and Apple stopped offering its most secure opt-in data storage plan to UK users in February (Apple’s Advanced Data Protection allows users end-to-end encryption on their backed-up iCloud files with keys even Apple can’t access). 

Not very pro-digital democracy

Robin Wilton, the senior director of internet trust at The Internet Society told The Stack, if Apple were ever to concede and create a backdoor, it would make the UK a "weak link in otherwise supposedly confidential conversations."

"We've got Jaguar Land Rover, the NHS, Harrods, government departments, all suffering cyber attacks, against which this would do absolutely nothing. I think that is almost criminal, that they are devoting so much time and effort to pushing for this form of access, when actually the real threat is over here."

Wilton said he also struggled to see the reasoning behind the data the Home Office was after, "Why are they so intent on asking for something which not only damages trust in Apple, undermines the trust in any communication that someone else has with UK citizens, but also is of such limited utility." Adding the national security argument was, "deeply shaky".

On the business side, Wilton said, “If global firms see the UK as a market where they must weaken security, they may leave rather than forfeit the trust of their customers."

CEO of Element, an encryption firm used by NATO, the UN and US Navy, Matthew Hodgson said the move was surprising considering the spate of cyberattacks in the UK and NATO pressing for wartime-ready infrastructure.

"It is impossible to create a “safe” backdoor in an encrypted system. History has shown us that a backdoor for the government is a backdoor for criminals to exploit," Hodgson said.

Sweet to sour

The UK government dropped its request for a global backdoor in August announced via a post on X from the US Director of National Intelligence Tulsi Gabbard: “The UK has agreed to drop its mandate for Apple to provide a ‘back door’ that would have enabled access to the protected encrypted data of American citizens and encroached on our civil liberties.” 

Wilton said he didn't think narrowing the order to only UK citizens' Apple data would make a material difference to US officials who felt the initial order violated US rights. He told The Stack,"I think that argument still exists because some of the data that is hoovered up in this will undoubtedly be data that relates to US citizens. There's no way of avoiding that." "

"But we can't expect the same immediate response this time, because the government shutdown," Wilton added.

Apple said on Wednesday, “We are gravely disappointed that the protections provided by ADP are not available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy.” 

Adding, “As we have said many times before, we have never built a back door or master key to any of our products or services and we never will.”

“We do not comment on operational matters, including for example confirming or denying the existence of any such notices," said the Home Office.

The link has been copied!