The Washington Post reports: Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud.
The British government's undisclosed
order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies. Its application would mark a significant defeat for tech
companies in their decades-long battle to avoid being wielded as government tools against their users.
Rather than break the security promises it made to its users everywhere, Apple is likely to stop offering encrypted storage in the U.K., the
people said. Yet that concession would not fulfill the U.K. demand for backdoor access to the service in other countries, including the United States.
The Home Office has served Apple with a document called a technical capability notice, ordering
it to provide access under the sweeping U.K. Investigatory Powers Act of 2016, which authorizes law enforcement to compel assistance from companies when needed to collect evidence'
Apple can appeal the U.K. capability notice to a secret technical
panel, which would consider arguments about the expense of the requirement, and to a judge who would weigh whether the request was in proportion to the government's needs. But the law does not permit Apple to delay complying during an appeal. Apple would
also be barred from warning its users that its most advanced encryption no longer provided full security.
Meredith Whittaker, president of the nonprofit encrypted messenger Signal, said:
Using Technical
Capability Notices to weaken encryption around the globe is a shocking move that will position the UK as a tech pariah, rather than a tech leader. If implemented, the directive will create a dangerous cybersecurity vulnerability in the nervous system of
our global economy.
An article from computerweekly.com provides
some interesting details about the secret technical panel which hears appeals about unviable technical capability notices. It is called the Technical Advisory Board (TAB) and is charged with reviewing secret legal orders given to internet communications
companies to arrange surveillance of their users, and to copy their emails and files, or to monitor their calls and videos.
Enquiries by Computer Weekly this week revealed, astonishingly, that the Home Office had failed to renew the contracts for
TAB members so maybe there is a little disarray there.