The UK Government’s ongoing dispute with Apple over encryption and user privacy has been described as “really strange” by an internet trust expert, who claims the approach “doesn’t make a huge amount of sense”.
At the heart of the controversy lies the Government’s use of the Investigatory Powers Act 2016, under which it reportedly issued a technical capability notice to Apple earlier this year. The notice allegedly asked the tech giant to allow access to encrypted user data – specifically that protected by Apple’s Advanced Data Protection (ADP) tool, part of the iCloud service. The feature, which offers end-to-end encryption, means only the user can access their data, not even Apple itself.
In response, Apple announced it would withdraw the ADP feature from the UK entirely. Those not already using the feature will not be able to opt in, and the company will begin moving existing users away from the tool. Apple has since launched legal action against the Home Office in what has become a landmark privacy case.
Robin Wilton, senior director for internet trust at the Internet Society – an organisation dedicated to advocating for a secure and open internet – expressed bafflement at the Government’s position. Speaking to the PA news agency, he said: “I don’t really see what they’re expecting to achieve by this.”
Mr Wilton questioned the logic behind targeting iCloud backups as a source of criminal evidence, arguing that such data is unlikely to contain useful intelligence. “I know the standard answer is ‘we’ll catch the dumb criminals’, but anyone even remotely savvy would find it remarkably easy to circumvent. And how many people are genuinely – knowingly or otherwise – storing evidence of criminal activity in their iCloud backups?”
Privacy experts and campaigners have widely condemned the Government’s actions, warning of far-reaching consequences not just for encryption, but also for the public’s trust in emerging technologies like artificial intelligence (AI). Mr Wilton noted a contradiction in the Government’s aspirations for AI innovation and its stance on data privacy.
“We’ve heard this Government go on about boosting the economy with AI and machine learning,” he said. “But most powerful AI systems aren’t going to run purely on your device. They’ll require cloud computing, with data sent back and forth. So what’s the status of that data – yours or the company’s?”
He continued: “If the Government’s logic is that your iCloud backup – running on someone else’s server – is fair game, then what’s to stop the same approach being taken with AI data? That creates a huge trust issue.”
The legal battle took a new turn last week when the Home Office lost its bid to keep proceedings private. The Investigatory Powers Tribunal, which had held a closed-door hearing last month, issued a public ruling identifying Apple as the claimant. The case concerns the Government’s authority to issue technical capability notices – compelling companies to make data accessible under certain conditions.
More Read
In a statement following the ruling, the Home Office maintained its priority was to “keep people safe”, clarifying that it was not seeking blanket access to user data. However, it declined to comment further on ongoing legal matters.
Mr Wilton argued that the Government’s approach could ultimately prove counterproductive and legally fraught. “The Prime Minister, as a trained lawyer, must know the EU treats mobile devices as part of the private sphere because of how closely they’re tied to our lives,” he said.
“To then claim that just because I’ve backed up my phone to the cloud, my expectation of privacy is lowered – that’s a very slippery slope. This opens the Government up to serious legal challenges under the Human Rights Act.”
As the case unfolds, privacy advocates warn it could set significant precedents for both corporate data protection policies and citizens’ digital rights in the UK and beyond.
