Apple Pulls Encrypted Cloud Services and Rejects United Kingdom Request to Create Backdoors to Encrypted Servers

Encryption is at risk in the United Kingdom. On February 7, it was reported that the United Kingdom sent notices to Apple requesting blanket capability to view fully encrypted material across Apple’s customer base, going further than its previous requests for assistance in cracking particular accounts.  On February 13, Senator Wyden and Representative Biggs sent a letter to the U.S. Director of National Intelligence, Tulsi Gabbard, urging the U.S. government to review the UK’s action in light of the U.S.—U.K. cross border data transfer agreement, the Cloud Act. The UK’s action would put the data of millions of Americans at risk, and even Gabbard raised concerns about the security threat to the rights of the American people. EPIC, along with 238 other civil society organizations, cybersecurity experts, and others, urged the U.K. Home Secretary to rescind its demand for this unprecedented back door to the world’s second largest provider of mobile devices.

Following through on a threat echoed by other companies offering encrypted services, Apple pulled its highest-level data security tool from the U.K. market rather than capitulating to the government’s request to build in backdoors to customers’ most sensitive, prized data. Encryption empowers people to have more control over their data in the digital world, ensuring that their personal information stays safe and that their conversations stay private. Encryption is about more than security, it is about trust, freedom, and shaping the future we want.

The consensus among cybersecurity experts could not be clearer: there is no way to provide government access to end-to-end encrypted data without breaking end-to-end encryption, thus putting every user’s security and privacy at risk. In fact, the United States recently learned what occurs when security vulnerabilities are built into major telecommunications infrastructure when the U.S. government’s wiretapping access point caused one of the biggest data breaches in recent history.

EPIC is a long time supporter of end-to-end encrypted messaging and filed amicus briefs in support of strong encryption, testified on the need to defend encryption, drafted letters to lawmakers concerning legal proposals that could limit access to encryption, and joined a Joint Statement opposing the EU’s controversial “chat control” proposal, which could put all encrypted messaging services at risk.