US Politicians React with Anger to UK Request for Encrypted Apple Data

Two US lawmakers have strongly condemned what they call the “dangerous” and “shortsighted” request by the UK government to access encrypted data stored by Apple users around the world on its cloud service.

Senator Ron Wyden, a Democrat from Oregon, and Congressman Andy Biggs, a Republican from Arizona, wrote to national intelligence director Tulsi Gabbard urging her to issue an ultimatum: “Back down from this dangerous attack on US cybersecurity or face serious consequences,” they stated.

“While the UK has been a trusted ally, the US government must not permit what is effectively a foreign cyberattack waged through political means,” the politicians wrote in their letter.

The BBC contacted the UK government for comment but did not receive a response. Apple declined to make any statements on this matter and maintains its stance that privacy is an “fundamental human right”.

According to sources familiar with the issue, reported by both The Washington Post and the BBC, the Home Office served an order under the Investigatory Powers Act compelling firms like Apple to provide information for law enforcement.

The demand applies to all content stored using what Apple calls “Advanced Data Protection” (ADP), which uses end-to-end encryption – a system where only the account holder can access their data, with no way even for Apple itself to view it.

In response, Senator Wyden and Congressman Biggs argue that complying with this demand would not just undermine American privacy rights but also expose them to potential espionage by China, Russia, and other adversaries. They point out that since Apple does not create separate encryption software versions based on the country where its products are sold – meaning UK users share the same security measures as Americans.

The lawmakers suggest that if compelled to build a “backdoor” into their services for one government, it would compromise data security globally, including sensitive information held by federal agencies. They emphasize that Apple does not comply with requests from other countries either, highlighting the potential risks of creating an exception solely for UK authorities.

This move has caused concern among experts and privacy advocates who view it as “an unprecedented attack” on individual private data. The demand is reminiscent of similar cases involving US law enforcement asking tech companies like Apple to bypass encryption in criminal investigations. However, these past incidents usually resulted in the government finding alternative means rather than forcing compliance.

The UK government insists that their request would target only individuals posing a national security threat rather than enabling mass surveillance. Authorities emphasize they still need legal authorization and valid reasons before accessing any specific account, maintaining transparency with existing processes for handling unencrypted data.

In the face of non-compliance from Apple or other tech giants like WhatsApp (owned by Meta), governments might consider withdrawing products entirely from their market to maintain law enforcement access. Yet even this measure may not be foolproof since global laws such as the Investigatory Powers Act apply universally to any company with a presence in UK markets, irrespective of where they are based.

The situation highlights ongoing tensions between national security requirements and personal privacy rights in an increasingly digitized world. It also underscores the complexities involved when different countries seek varying levels of access to encrypted communication tools used by citizens worldwide.