Just turned this on because they don’t want me to 
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Pulls Encrypted iCloud Security Feature in UK Amid Government Backdoor Demands
- Thread starter MacRumors
- Start date
- Sort by reaction score
I don’t know which is worse. The act itself or the fact that the Home Office thinks it’s okay to have a policy of not commenting on it. Utterly gross.
How can you argue it’s not a security state when that is the modus operandi.
How can you argue it’s not a security state when that is the modus operandi.
Wish Apple just ignored the government and kept it on. Should have called their bluff.
That's a tremendously bad idea for a corporation and their leadership
Yah, the slipperiness stopped when it became “feature non grata” for the region. Can’t slide down a slippery slope if you’re not on the slope.
Yep. I think a lot of commenters on here will be expecting uproar from general public. But that's not going to happen.
I imagine iCloud would initially stop syncing/backing up and then eventually data would get deleted. The sort of thing that happens if you stop paying a cloud storage provider.
Either they manually un-encrypt. Or it will be erased after the grace period. Period.
If the user doesn't do anything, they'll get locked out and lose their stuff. I assume there will still be a way to turn it off after the grace period, somehow.
Your data is always encrypted whether you use ADP or not. It's just who holds the keys to decrypt the data. With ADP on, you hold the keys; with ADP off, Apple holds the keys. Essentially, the user needs to give their keys back to Apple.
Last edited:
I've said in an earlier post that this will run and run. And your question is one of the reasons why. The IPA requires that any company (not just Apple) must grant access to data requested under the Act if that person is within the jurisdiction of a UK legal framework and investigatory agency.
I'm no lawyer, but I've read around IPA and experienced it in some previous work roles (it's been around for a whole and has been revised several times) and my understanding is that if a US citizen comes over to the UK and finds that they are under investigation, under the IPA, Apple (say) could be compelled to provide access to data. But Apple's initial response is only to deny access to ADP for UK residents. So they would, in that circumstance, presumably still be in violation of the law by having a (US) user able to hide data from the UK authorities whilst under UK jurisdiction.
I can't imagine Apple have made this move without consultation with the UK authorities though, so I guess that there has been some kind of back-room deal done, along the lines of "We can't and won't comply with this globally. We could just kill of ADP use for UK registered uses....deal?" kind of thing.
But maybe not. Maybe the move by Apple is insufficient to fully comply. So then what? Apple revokes ADP globally? Not gonna happen. Apple withdraws from the UK market? Also not gonna happen.
Honestly, I can see the UK government having to back down on this. I think (hope?) Apple are playing a deliberately clever game by "complying in spirit" but deliberately not in the letter of the law to provoke the next step, which is a back down. I'm doing a lot of reaching here, but .... fingers crossed.
Apple refused to help our government in cases where they don’t have access to someone’s phone.
The government in response said it wanted a backdoor, Apple again said no.
The government then made a law that requires access to encrypted data, they did this by starting a media campaign that said that peadophiles were using it to cover up their crimes. This despite the people on high profile cases that they were investigating were not for child sex offences, however this got our gammon infuriated and on the governments sides. Although it started with a right wing government, they and a right wing extremist party made it so volatile for our current government to drop.
I don't think it will work like that. I think Apple will just require users to turn off the feature. They've said they have no way to do it remotely, so they'll likely just sound out a notice to existing UK users explaining the details and the grace period. And if it isn't turned off by the grace period, they will what? Disable iCloud access for that user?
Bit of a PITA for sure. For me though, I don;t believe I use any of those.
But I did see elsewhere that if Android haven't kicked up the same level of stink have they in fact capitulated?
Also looks like it's time maybe for me to use local keys for FileVault.
Apple regularly ignores the law. It's incredibly disappointing that they're willing to do so when it harms consumers (all the non-compliance they've done over the years about in-app purchases and alternative app stores) but that they won't ignore the law when doing so would be beneficial to their customers.
IDK. I guess we should think about what this is physically analogous to. Say I operate an underground vault were I store sensitive documents for customers. Only customers have the keys to open their vault. There's nothing illegal about that, is there? If the government wants in, they can get a warrant and try to break into the vault without the key... can't they? There's no requirements that I intentionally make the vault have insecurities to help the government get in?
So it seems to me that the digital equivalent would be that Apple could receive a warrant forcing them to handover the encrypted data, but they'd be under no obligation to help decrypt it.
IDK. I guess we should think about what this is physically analogous to. Say I operate an underground vault were I store sensitive documents for customers. Only customers have the keys to open their vault. There's nothing illegal about that, is there? If the government wants in, they can get a warrant and try to break into the vault without the key... can't they? There's no requirements that I intentionally make the vault have insecurities to help the government get in?
So it seems to me that the digital equivalent would be that Apple could receive a warrant forcing them to handover the encrypted data, but they'd be under no obligation to help decrypt it.
Pictures of kids, partners, places that were visited, etc. At the very least it should concern you that the UK government is engaging in blanket rather than targeted surveillance. Or does the UK not believe in the right of privacy any more? Remember the UK has no written Constitution protecting citizens' rights.
Seriously! This is the best advertisement of the feature. If a government doesn't like, it must mean its goodJust turned this on because they don’t want me to
It's not a good thing when a government starts censoring and surveilling it's citizens. And jailing them for wrongthink and wrongspeak. Horrible actually.
Could be proactive and set up petition and see if enough sign it for it to be raised in parliament 🤷
You will obviously get a lot of members saying it is because the UK government want to spy on it's people. There maybe some truth to this because lets face it, ALL governments around the world spy on their citizens.
People can chose to believe this or not but you will find over the years there have been a number of incidents that have devastated the country, the London bombings, the Manchester bombings, then there is the usually ongoing incidents, drug trafficking's, people smuggling, child molestation gangs, pedophile gangs, all incidents that have been investigated by the UK police and security services and in every investigation the investigators and the police have found the same thing occurring in each and everyone of them and that is they all used devices that have strong encryption on them, encryption that cannot be cracked. That is how all of them communicate with one another which prevents the police and security services from catching them and stopping them in the act. Thousands of UK lives have been lost over the years due to criminals and bad actors being able to communicate with one another with impunity because the manufacturers of electronic devices have made security encryption so good that it cannot be cracked or bypassed with them saying 'we cannot help you because not even us the manufacturer can crack our own encryption'.
Yes, they don't want free think and they want to prosecute people for not toeing the line. the UK and Europe are becoming a joke.
Heavily disappointed by Apple for not upholding all the importance it states on privacy.
Even meta threatened to pull out of the market if they were forced to weaken their security!
Shame on Apple for not having the balls and lowering their values (which are not in fact privacy values but actually just sales values)
If people want to really go undercover, they won’t even use iCloud encryption so this is a sad move
Even meta threatened to pull out of the market if they were forced to weaken their security!
Shame on Apple for not having the balls and lowering their values (which are not in fact privacy values but actually just sales values)
If people want to really go undercover, they won’t even use iCloud encryption so this is a sad move
You know all the things you don't just post openly and publicly, not because they're nefarious or illegal but simply embarrassing, private, or just plain nobody else's business? Those things.
They don't regularly ignore the law when directives are coming from the government like this
This is not at all analogous to ignoring patents or the like
Apple needs to pull out of the UK market entirely.