The UK Home Office is reportedly continuing its pursuit of access to Apple’s iCloud services. The request, as indicated in a legal filing, appears to extend beyond initial reports, encompassing access to a broader range of user data than previously understood.
A legal filing reviewed by the Financial Times reveals that the Home Office seeks backdoor access not only to iCloud data secured with Advanced Data Protection (ADP) but also to standard iCloud services. The implications of this request, initially reported in January 2024, extend globally, potentially affecting all iCloud users, not solely British citizens. The request includes access to all iCloud data, including backups, stored passwords, and messages.
The revelation contradicts a recent announcement made last week by Tulsi Gabbard, former Director of National Intelligence under President Trump. Gabbard stated that the UK and US had reached an agreement, leading to the UK withdrawing its request to Apple. The legal filing, however, suggests that this is not the case and the request remains active. This contradiction adds a layer of complexity to the ongoing situation, raising questions about the accuracy of the reported agreement between the UK and US governments.
Apple and the Home Office have not released any official statements regarding this matter. However, in February 2024, Apple removed its Advanced Data Protection (ADP) security tool for UK iCloud users. Apple stated it was “gravely disappointed” by the circumstances that led to its decision to remove the security feature. Subsequently, in March 2024, Apple initiated a legal challenge in response to the government’s demand.
The US government is reportedly taking a keen interest in the UK’s request. The potential access to all iCloud users globally raises significant implications for data privacy and security worldwide. The UK government’s pursuit of this access is enabled by the Investigatory Powers Act, often referred to as the “Snooper’s Charter.” This act is intended to assist law enforcement agencies in investigating serious crimes, including terrorism and child sexual abuse.
Cybersecurity experts have voiced concerns regarding the potential ramifications of granting the UK government backdoor access to iCloud. Professor Oli Buckley, a cybersecurity expert at the University of Loughborough, warned that creating a backdoor would expose Apple’s entire system to exploitation. “Once you open a backdoor, you don’t really have tight control of who walks through it,” Buckley stated. “The request from the Home Office doesn’t seem to be just asking Apple to leave a spare key out for them. Instead, they are effectively asking them to ensure every house on the street uses the same key.”
Buckley added that such a measure might offer convenience for investigators, but it would simultaneously elevate the risk for all users. Granting backdoor access creates a vulnerability that could be exploited by malicious actors, potentially compromising the security and privacy of a vast number of individuals. Apple filed a legal challenge against the Home Office’s request for iCloud backdoor access.
