A secret order issued by the United Kingdom's government is sparking global alarm among privacy advocates and cybersecurity experts. According to The Washington Post, the U.K. has directed Apple to create a backdoor into its encrypted iCloud backup service, a move that could have profound implications for digital privacy and security worldwide.
The order, issued under the Investigatory Powers Act 2016 (commonly known as the "Snoopers' Charter"), targets Apple's Advanced Data Protection feature, which offers end-to-end encryption (E2EE) for iCloud backups. This feature ensures that only Apple customers—not even Apple itself—can access their stored data. However, British officials argue that such encryption makes it more difficult to collect evidence for criminal prosecutions and national security investigations.
While Apple has not publicly commented on the report, sources suggest that rather than weakening encryption globally, the tech giant may remove Advanced Data Protection for U.K. users to comply with the order. This would reopen access to iCloud-stored data for law enforcement through legal requests but at the cost of privacy for British customers.
This development follows previous warnings from Apple that the U.K.'s efforts to expand government surveillance powers could also threaten encrypted services like FaceTime and iMessage. Privacy advocates worry this latest move is another step toward weakening digital security under the guise of public safety.
Critics argue that this move would not only erode civil liberties but also create security vulnerabilities that cybercriminals and foreign adversaries could exploit. Professor Nigel Smart, Chief Academic Officer at Zama, a cybersecurity expert, underscored these concerns, saying:
"This is an incredibly worrying development for privacy advocates. Strong encryption enables citizens, companies, and governments to keep their data and conversations secure. It allows whistleblowers to report safely, victims to seek help without fear, and persecuted groups to organize without risk. Backdoors, once created, become prime targets—posing a security risk not just for private individuals, but for governments themselves."
His concerns echo the fears of international privacy organizations, including Big Brother Watch and the Electronic Frontier Foundation (EFF), which warn that the U.K.'s policy could set a dangerous precedent. If Apple complies, other governments, including authoritarian regimes, may demand similar access, further compromising global cybersecurity.
The move comes just weeks after U.S. cybersecurity agencies urged Americans to use encrypted messaging services to protect against espionage from foreign adversaries like China. The advisory followed reports that a China-backed hacking group, known as Salt Typhoon, had compromised major telecommunications companies, including AT&T and Verizon, by exploiting legally mandated security vulnerabilities.
The Computer & Communications Industry Association (CCIA) responded to the U.K.'s decision with a warning from its President and CEO, Matt Schruers:
"As the recent Salt Typhoon breach makes clear, end-to-end encryption may be the only safeguard standing between Americans' sensitive personal and business data and foreign adversaries. Reports that Apple has been secretly ordered by the UK Government to weaken its encryption, including in the United States, are a troubling development, if accurate. Decisions about Americans' privacy and security should be made in America, in an open and transparent fashion, not through secret orders from abroad requiring keys be left under doormats."
With growing backlash from privacy advocates and tech industry leaders, Apple now faces a pivotal decision. If it complies with the U.K. order, it could risk losing credibility as a defender of user privacy and encourage other governments to demand similar backdoors. If it resists, it may face legal and regulatory consequences in the U.K.
Ultimately, the debate over encryption backdoors is not just about one country's law—it's a global issue.
The world is watching closely to see how Apple, privacy organizations, and governments respond to this latest challenge to digital security.
Follow SecureWorld News for more stories related to cybersecurity.