Apple reportedly filed an appeal in hopes of overturning a secret UK order requiring it to create a backdoor for government security officials to access encrypted data.
“The iPhone maker has made its appeal to the Investigatory Powers Tribunal, an independent judicial body that examines complaints against the UK security services, according to people familiar with the matter,” the Financial Times reported today. The case “is believed to be the first time that provisions in the 2016 Investigatory Powers Act allowing UK authorities to break encryption have been tested before the court,” the article said.
A Washington Post report last month said UK security officials “demanded that Apple create a backdoor allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud,” including “blanket capability to view fully encrypted material.”
Apple has publicly criticized the law, warning last year that the UK government is claiming power to demand access to the data of users in any country, not just the UK.
Apple responded to the recent order by pulling its Advanced Data Protection (ADP) service from the UK. The optional level of encryption for iCloud prevents even Apple from seeing user data. “Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature,” Apple said last month.
“As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will,” Apple also said.
Although it wasn’t previously reported, Apple’s appeal was filed last month at about the time it withdrew ADP from the UK, the Financial Times wrote today.
Snoopers’ Charter
Backdoors demanded by governments have alarmed security and privacy advocates, who say the special access would be exploited by criminal hackers and other governments. Bad actors typically need to rely on vulnerabilities that aren’t intentionally introduced and are patched when discovered. Creating backdoors for government access would necessarily involve tech firms making their products and services less secure.
The order being appealed by Apple is a Technical Capability Notice issued by the UK Home Office under the 2016 law, which is nicknamed the Snoopers’ Charter and forbids unauthorized disclosure of the existence or contents of a warrant issued under the act.
“The Home Office refused to confirm or deny that the notice issued in January exists,” the BBC wrote today. “Legally, this order cannot be made public.”
Apple formally opposed the UK government’s power to issue Technical Capability Notices in testimony submitted in March 2024. The Investigatory Powers Act “purports to apply extraterritorially, permitting the UKG [UK government] to assert that it may impose secret requirements on providers located in other countries and that apply to their users globally,” Apple’s testimony said.
We contacted Apple about its appeal today and will update this article if we get a response. The appeal process may be a secretive one, the FT article said.
“The case could be heard as soon as this month, although it is unclear whether there will be any public disclosure of the hearing,” the FT wrote. “The government is likely to argue the case should be restricted on national security grounds.”
Under the law, Investigatory Powers Tribunal decisions can be challenged in an appellate court.