You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

UK Apple backdoor may breach US/UK data agreement

US lawmakers have criticised the UK for ordering Apple to create a backdoor for encrypted user data to allow law enforcement access, warning that threat actors and nation-state actors could exploit it.

UK Apple backdoor may breach US/UK data agreement
expand image

Jim Jordan, US House Judiciary chair, and Brian Mast, Foreign Affairs chair, warned in a joint letter that the backdoor could create security risks.

“Creating a backdoor into end-to-end encrypted systems, as the [UK backdoor order] does, introduces systemic vulnerabilities that can be exploited by malicious actors, including cyber criminals and authoritarian regimes,” the two wrote to UK Home Secretary Yvette Cooper.

“These vulnerabilities would not only affect UK users but also American citizens and others worldwide, given the global nature of Apple’s services.”

Jordan and Mast also requested that the US Department of Justice be made privy to the order so that they can determine whether it breaches a CLOUD Act agreement between the two nations that blocks the two nations from requesting data be decrypted. This would mean that Apple would be committing a criminal offence by following the order.

“We urge the Home Office to reconsider the issuance of TCNs that require the weakening of encryption, as such measures conflict with international human rights standards, including the European Court of Human Rights’ ruling that undermining encryption violates privacy rights,” said Jordan and Mast.

What is the Apple backdoor?

In March, following an order by the UK government demanding the right to access data, Apple removed its Advanced Data Protection (ADP) from its secure cloud storage.

While Apple’s standard level of encryption allows access with a warrant, ADP is its most secure privacy measure and prevents even Apple from accessing using the opt-in security feature for encryption.

The UK demanded access to the data of Apple users for cases of national security threats.

Rather than comply with the order, Apple created a “backdoor” tool to allow the UK to access it. The tech giant said it was disappointed in having to remove ADP for the UK and that it maintains it is against compromising user security.

Apple appealed the order in UK courts in a private trial, despite US requests for it to be public; however, the order remained in place.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.