Users of Apple devices in the UK are “at the most risk in the world” of being hacked, following a secret government order requiring the tech company to allow ‘backdoor’ access to its users’ encrypted data, the House of Lords heard on Monday 31 March.
Liberal peer Paul Strasburger pressed the government to answer questions about a decision by the home secretary, Yvette Cooper, to issue a secret notice against Apple.
The order, first reported in the Wall Street Journal, extends law enforcement and intelligence services’ access to encrypted data stored on Apple’s iCloud to include users of Apple’s secure Advanced Data Protection (ADP) service.
In questions posed in the House of Lords on Monday, Strasburger said the government had “demonstrated its disdain for the privacy and digital security of British citizens and companies” by issuing the TCN against Apple.
The Liberal peer said the order would introduce weaknesses to encryption on Apple devices that could be exploited by criminals and hostile states.
“Strong encryption is essential to protect our data and our commerce from attack by organised crime and rogue states,” he said. “Any weakness inserted into encryption for the benefit of the authorities is also available to those who would do us harm – yet that is precisely what the government are demanding from Apple.”
Tribunal held closed-door hearing
Apple is challenging the legality of the government’s order in the Investigatory Powers Tribunal (IPT), which discussed arguments in a closed-door hearing on 14 March.
Civil society groups Privacy International and Liberty, along with two individuals whose security has been impacted by the government’s order against Apple, have filed separate legal interventions.
Ten newspapers, publishers and broadcasters – including Computer Weekly – have also filed legal submissions calling for Apple’s appeal against the widely publicised order to be heard in open court on public interest grounds.
Non-affiliated peer Claire Fox said it was not possible for Apple to open doors to its customers’ data in a way that would ensure that only the police and intelligence services would have access to its users’ encrypted data.
“It is obvious that criminals, foreign adversaries and others would exploit that weakness,” she said.
Fox said it was baffling if the Home Office was choosing to “bully tech companies into undermining their users’ privacy, security, civil liberties and free speech” while at the same time seeking to establish the UK as a leading hub for innovation and technology.
Liberal democrat peer Tim Clement Jones told the Lords that the government could be in breach of the European Court of Human Rights following a key judgment by the court last year.
In the case of Podchasov v Russia, the European Court of Human Rights found that weakening end-to-end encryption or creating backdoors could not be justified under human rights law.
Labour peer Toby Harris asked what consideration had been given to the trade-off between the “general weakening of security and confidentiality” compared with the gains made by the security services in being able to decrypt data stored by Apple.
Home Office minister and Labour peer David Hanson repeatedly declined to answer questions from peers, citing national security reasons.
“We have a long-standing position of protecting privacy while ensuring that action can be taken against child sexual abusers and terrorists,” he said.
“I cannot comment on operational matters today, including neither confirming nor denying the existence of any notices. This has been the long-standing position of successive UK governments for reasons of national security.”
Conservative peer Daniel Moylan pressed Hanson to comment on Apple’s decision to publicly withdraw its ADP encryption service from the UK, even if he could not comment on whether a notice had been issued.
He also asked the home office minister whether the US and UK governments had any high-level discussions about the order against Apple.
Bloomberg reported on 13 March that the US and UK governments were holding private talks in an attempt to resolve US concerns that the UK was trying to force Apple to create a backdoor that would allow the UK access to encrypted data belonging to US citizens.
Hanson said he could not comment on the matter.
“Decisions made by Apple are a matter for Apple, and the removal of any features is a matter for Apple. Again, for reasons of national security I cannot confirm or deny any conversations that we have had or any issues that are undertaken,” he said
The Investigatory Powers Act contained “robust safeguards” and “oversight to protect privacy and ensure that data is obtained only on an exceptional basis and only when necessary and proportionate to do so”, he added.
A Home Office spokesperson said: “We do not comment on operational matters, including, for example, confirming or denying the existence of any such notices.”
Media companies have asked the Investigatory Powers Tribunal to hold hearings into Apple’s appeal against the technical capability notice in open court.
Separately, Big Brother Watch, Index on Censorship and the Open Rights Group have written an open letter to the tribunal calling for an open court hearing.
The media companies challenging the secrecy of Apple’s appeal in the Investigatory Powers Tribunal are Associated Newspapers Ltd, the British Broadcasting Corporation, Computer Weekly, Financial Times Group, Guardian News & Media, News Group Newspapers, Reuters News and Media, Sky News, Telegraph Media Group and Times Media.
#Apple #devices #risk #government #backdoor #order