Good work, Britain. Owners of Apple devices in the United Kingdom will be a little less safe moving forward as the company pulls its most secure end-to-end (E2E) encryption from the country. The move is in response to government demands there that Apple build a backdoor into its iCloud encryption feature that would allow law enforcement to access the cloud data of any iPhone user around the world.
Apple has for many years marketed its products as being the most safe and secure personal electronics available on the market. Being a key pillar of the brand, Apple has consistently pushed back against government orders around the world to decrypt confiscated devices or build similar backdoors into its products. The most famous instance was when, under President Trump’s first administration, Apple refused Department of Justice demands to unlock an iPhone used by the attacker in a mass shooting in San Bernardino, California. The FBI eventually paid a third-party Australian firm a reported $900,000 to identify an “exploit chain” and crack open the device.
Following its decision to pull E2E cloud encryption from the UK, Apple on Friday told Bloomberg that “enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before” and that it “remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom.” The UK order asked Apple for access to global user data under the country’s Investigatory Powers Act, a law that grants officials the authority to compel companies to remove encryption under a “technical capability notice.”
Building a backdoor into any encryption product defeats the purpose, essentially rendering the security moot. If there is a backdoor, Apple and privacy advocates have long argued, then bad actors and authoritarian states will be able to find and exploit those backdoors or demand Apple provide access. The entire purpose of end-to-end encryption is that nobody, not even Apple, can access a user’s sensitive data. Backdoors are an inherent vulnerability.
End-to-end encryption of iCloud, formally called Advanced Device Protection, covers data storage, device backups, web bookmarks, voice memos, notes, photos, reminders, and text message backups. The way ADP works, data is stored in the cloud but can only be decrypted locally on a user’s device, using a key stored in the Secure Enclave security component built physically into Apple devices. Bloomberg reports that Apple will not remove end-to-end encryption for other features including iMessage, FaceTime, password management, and health data. So all of that is safe for now.
With today’s move, Apple is essentially saying that it would rather pull the E2E encryption altogether and inform customers they will be less safe, rather than build an open door for the UK government. It is a shrewd move by Apple even though consumers there will no longer have the same amount of security as others around the globe.
Of course, because no security is entirely bulletproof, hackers and law enforcement groups still manage to find ways to penetrate iPhones, and doing so is a billion-dollar business for companies like Israel’s NSO Group, which supplies iPhone cracking software to governments around the world. It is essentially playing a cat-and-mouse game with Apple—each time hackers find an exploit, they are able to take advantage of it for a limited time before Apple plugs the hole. ADP was intended as a way to make it tougher for nefarious actors to access certain data, though it makes it more difficult for users to recover their content if they lose their devices.
NSO Group and other firms claim they only sell their exploits to governments and law enforcement and prohibit the software from being used to spy on dissidents or journalists. But reporting over the years has put those claims in significant doubt, as NSO’s software has been linked to hacks of journalists around the globe, including Jamal Khashoggi, whose devices were monitored leading up to his brutal assassination by Saudi intelligence agents.
If you live in the UK, you will need to manually disable ADP during an unspecified grace period to keep your iCloud account. Bloomberg says that Apple will release feature guidance on this process sometime soon.