Apple has launched a blistering attack on government proposals that would force tech firms to clear new privacy features with the Home Office.
The iPhone maker said the changes to the Investigatory Powers Act, which are under consultation, would pose a “serious and direct threat” to the security of user data.
In a nine-page submission, Apple said it would rather withdraw critical privacy measures in its services from the UK than adhere to the plans.
But what exactly does this law do, what’s being proposed now, and is Apple right to be so opposed to it?
The Investigatory Powers Act came into law in 2016, and was labelled a “snooper’s charter” by critics.
It included allowing security agencies and police to intercept suspicious communications, and permitting the Home Office to compel communications providers to remove encryption from communications or data.
Encryption is what protects messages from being seen by people outside the conversation. It’s used in popular messaging apps like WhatsApp and Signal.
Advocates say it protects users from surveillance, theft, and fraud; while critics say it helps criminals thrive.
The government argued the bill would keep the UK safe from hostile threats and crack down on illegal activity.
A statement this week said the amendments will help keep the law relevant as technology develops and “protect the public from criminals, child sex abusers and terrorists”.
What are the amendments?
Apple, which opposed the original bill, is particularly unhappy about three proposed changes.
One would force companies to tell the Home Office in advance of new security features they want to add. Those it doesn’t approve of would need to be disabled immediately.
Another would see expanded authority for the Home Office to force non-UK companies to comply with changes it wants them to make to security features.
Apple says this would give the UK an “authority that no other country has” and stifle innovation.
The Home Office insists the act includes “strong independent oversight” to regulate how the surveillance powers it gives public authorities are used. Sky News previously revealed the government has never used the bill to order WhatsApp owner Meta to let authorities access encrypted messages, for example.
Apple says the changes erode some of these protections and afford more direct power to the home secretary.
Dr Nathalie Moreno, data protection partner at Addleshaw Goddard, told Sky News they “don’t seem subject to the clear conditions or guardrails normally in place to make such reform”.
Why is Apple so opposed?
Apple has been a prominent opponent of efforts to have authorities access user data, even in extreme cases.
Following a mass shooting in San Bernardino, California, in 2015, the firm went to court against the FBI to stop it breaking into an iPhone used by the killer.
It has since made privacy a major part of its brand, and even backtracked on its own plan to scan people’s iCloud content for child sexual abuse material after a backlash from customers and security experts.
Robin Wilton, a director at the Internet Society, said Apple’s latest intervention was timed for maximum impact.
It came a day after the Online Safety Bill, the government’s flagship internet safety legislation which could force companies to scan messages for abuse content, made it through the House of Lords.
Mr Wilton told Sky News: “It’s not only driven by the proposed amendments to this act, but their perception of the general policy direction of the UK government.”
Online Safety Bill ‘letting down girls’
Will Apple’s intervention have an impact?
Matthew Hodgson, the boss of UK-based messaging platform Element, which counts Britain’s Ministry of Defence among its clients, hopes the intervention of such a major company will scupper the proposals.
Mr Hodgson said firms were “not bluffing” by threatening to withdraw services from the UK due to the government’s stance on encryption. WhatsApp and Signal have claimed they will pull out if the Online Safety Bill forces them to let messages be scanned.
He told Sky News these “backdoors” could give bad actors the opportunity to break into them too.
“I am glad Apple is taking a strong line – the idea one has to seek permission from the government to add or change encryption on your product is terrifying,” he said.
“This strategy will only undermine our ability to provide secure communications because customers won’t trust us if they believe policy decisions have to be run past the government.”
The consultation is due to last for eight weeks.
A Home Office spokesperson said: “We keep all legislation under review to ensure it is as strong as it can be, and this consultation is part of that process – no decisions have yet been made.”
The Online Safety Bill, meanwhile, is due to be debated by MPs after the summer break. Among its backers are children’s charities that have described private messaging as the “frontline” of child sexual abuse.