UK Retreat on Access to Encrypted Apple User Data Thrills Tech, Privacy Industries
Director of National Intelligence Tulsi Gabbard's announcement Tuesday that the U.K. dropped its demand that Apple provide "backdoor" access to users' encrypted data brought cheers from the tech and privacy sectors.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
Gabbard posted on X that she worked on the issue with partners in the U.K., President Donald Trump and Vice President J.D. Vance to ensure Americans' privacy and their constitutional rights. The result was that the U.K. agreed to drop its mandate that Apple provide access to users' encrypted data, which, Gabbard said, would have "encroached on our civil liberties."
Reportedly, the order was issued under Britain's "controversial Investigatory Powers Act, and was followed by the removal of end-to-end encryption for a range of services, increasing their vulnerability," the Computer and Communications Industry Association UK said in a press release.
The development "comes after pressure from senior U.S. officials, privacy advocates, and industry voices," CCIA added. It's a "significant victory" for user privacy.
While the details remain unknown, "it's right that the UK Government has responded to concerns that a Home Office order was undermining important security features," said CCIA Senior Director Matthew Sinclair.
Privacy and cybersecurity interests prevailed in "one of tech policy's most intractable conundrums," IAPP Director of Research and Insights Joe Jones said in an emailed statement.
The Center for Democracy & Technology "cautiously welcome[s] the news that the UK has apparently dropped its secret demand," said Greg Nojeim, director of CDT's Security and Surveillance Project, in an emailed statement. "Backdoors to encryption don’t fight crime, they invite it," putting "the privacy and security of consumers, businesses, and nations at risk."
However, CDT wants the Trump administration to "be more transparent about any deal it cut with the UK, and Congress should amend the CLOUD Act to prevent other countries from issuing similar orders to U.S. service providers," said Nojeim. "No foreign government should be able to force providers to disable end-to-end encryption, and threaten the privacy and security of Americans and users around the world.”