The UK government has reportedly renewed its demand that Apple provide it with backdoor access to encrypted iCloud user data.
Earlier this year, it backed down on the issue after a furious response from Donald Trump. Apple, meanwhile, withdrew its most secure cloud storage service, iCloud Advanced Data Protection, from the UK in response.
Now, though, according to the Financial Times, the government is once again asking for access. This time, however, the technical capability notice (TCN) would apply only to the data of British citizens, rather than worldwide.
Both Apple and the Home Office are restricted by law from discussing the TCNs, which are issued under the UK Investigatory Powers Act.
Trump described the UK's earlier demands as 'something that you hear about with China' – and the Electronic Frontier Foundation (EFF) is inclined to agree, saying that the new TCN is just as dangerous as the first.
"As we've said time and time again, any backdoor built for the government puts everyone at greater risk of hacking, identity theft, and fraud," said EFF security and privacy activist Thorin Klosowski.
"It sets a dangerous precedent to demand similar data from other companies, and provides a runway for other authoritarian governments to issue comparable orders."
According to the FT, the US is no longer pushing the UK government to drop its demands. However, said Matthew Sinclair, UK senior director of the Computer and Communications Industry Association (CCIA), the government's decision to limit its request to UK data doesn't answer concerns.
"It is very concerning that reports again suggest that the Home Office is undermining security for British users of important cloud services," he said.
"Even if some changes have been made to reduce the extra-territorial impact, it is clear that any vulnerability will have implications beyond the UK's borders, creating a weak link in global efforts to improve security online. Changes to this law are urgently needed to stop this fundamental threat to encryption and ensure that the UK is not holding up important security improvements."
And, said Privacy International, end-to-end encryption can't be removed from iCloud services for the UK only when those services are used worldwide.
"Unless Apple plans to build walled-off systems just for UK users, so it can then undermine the security of UK users alone for the UK government, then this new order could have a quite similar impact to the old one," it said.
"This could also put at risk information like user passwords, location, and health data. By using a secret order to undermine the security of Apple products, the UK government is making security harder for us all."
And, it warned, "If this new order isn't stopped, the UK government will likely issue similar orders to other companies, too."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Red Hat reveals unauthorized access to a GitLab instance where internal data was copiedNews Crimson Collective has claimed the attack, saying it has accessed more than 28,000 Red Hat repositories
-
Samsung Galaxy Tab S11 Ultra reviewReviews A wonderful slab of technology, packed with AI features, and the battery life is fantastic – very much a tablet worthy of the name, 'Ultra'
-
Apple just released an emergency patch for a zero-day exploited in the wild – here’s why you need to update nowNews Apple is warning millions of users of iPhones, iPads and Macs to update their software to protect against an out-of-bounds write vulnerability
-
‘Hugely significant’: Experts welcome UK government plans to back down in Apple encryption battle – but it’s not quite over yetNews Tulsi Gabbard, US director of national intelligence, has confirmed the UK plans to back down on plans that would see Apple forced to create a "back door" for authorities.
-
Apple is offering rewards of up to $1 million to find critical flaws in its private AI cloud systemsNews Apple is offering big bug bounty rewards to boost security of its Private Cloud Compute
-
Serious flaws in Microsoft apps on macOS could let hackers spy on usersNews The security firm said attackers could bypass permissions for Microsoft apps on macOS and gain privileges without verification
-
Critical vulnerabilities left millions of Apple devices at the mercy of hackers – and nobody noticed for nearly a decadeNews Apple devices could've been susceptible to supply chain attacks after three critical vulnerabilities went unnoticed for nearly a decade
-
A vulnerability in Apple M-series chips could expose encryption keys and harm performance — and the flaw is ‘unpatchable’News A vulnerability in Apple M-series chips could seriously impact performance and leak encryption keys - and researchers say it can’t be patched
-
GPU memory vulnerability could allow hackers to access LLM responses - and Apple, Qualcomm, and AMD products were all at riskNews The GPU memory vulnerability could've left large language models wide open to exploitation by threat actors
-
Forcing Apple to allow alternative app stores might cause major security risksAnalysis Apple will be forced to allow third-party marketplaces on its devices, but some experts have raised serious security concerns
