In mid-March 2025, Apple began a legal challenge to an order from the Home Secretary before the Investigatory Powers Tribunal (IPT) in London. According to information leaked to the Washington Post in February, a Technical Capability Notice (TCN) was issued to Apple by home secretary Yvette Cooper sometime in late 2024. It allegedly requires the company to remove Advanced Data Protection (ADP) from iCloud users targeted for investigation by UK police, intelligence and security services.
In effect, Apple has apparently been ordered to build an encryption “backdoor” for ADP. In its response, Apple has announced that ADP is currently unavailable for UK users of iCloud. ADP is optional for Apple customers, and a relatively recent development. By default, iCloud users are protected by Apple’s Standard Data Protection protocol, which encrypts user data in transmission and in storage via encryption keys stored on the user’s Apple devices, like an iPhone or Macbook.
However, with Standard Data Protection, Apple also stores its own set of encryption keys for each user’s account. This means that customers can easily retrieve data from Apple if, for example, a device is lost or stolen – but it also means that Apple can decrypt any user’s data unilaterally in response to lawful requests from law enforcement or intelligence services. With ADP activated, by contrast, Apple retains no such key. Only the user (or a nominated recovery contact) can decrypt their data. If the authorities serve Apple with a warrant targeting an ADP user’s account, Apple can honestly respond that it lacks the technical capability to execute the warrant.
How to make, and appeal, a Technical Capability Notice
This is where the TCN comes in. Technical Capability Notices are provided for by section 253 of the Investigatory Powers Act 2016. A TCN does not in itself authorise surveillance, rather it places obligations on a communications operator to provide the capability to provide any assistance required to facilitate the interception of communications, interference with communication devices to obtain communications or data, or the acquisition of communications data, all in either targeted or bulk forms. A TCN can require “the removal by a relevant operator of electronic protection applied by or on behalf of that operator to any communications or data”.
In order to issue a TCN, the secretary of state must be satisfied that it is necessary and proportionate to require the operator to take the prescribed measures, having consulted the operator and taken into account the scope and impact of the obligations proposed. Their assessment must in turn be approved by a Judicial Commissioner. An operator that receives a TCN can ask that the secretary of state review it. The review must include consultation with a Judicial Commission and with the Technical Advisory Board, a body that includes representatives from the communications industry and from the intelligence and police services, and must be approved by the Investigatory Powers Commissioner, currently Sir Brian Leveson.
Assuming that all these steps have been taken and the TCN has been confirmed, Apple’s final recourse is an appeal to the Investigatory Powers Tribunal (IPT).
The procedure and substance of the appeal
There are two key issues: the substance of the question that the IPT must answer, and the procedure by which it answers. How this will be done is currently unknown. There has never been a public appeal against a TCN – though in theory, there may have been secret appeals.
Let’s start with the procedure. The key question is whether the appeal will be heard in open court, in partly-open court, or completely behind closed doors. On 10 March 2025, notice of “an application in private” to be held on 14 March was listed on the IPT’s website. Unusually, no parties were named. Why would a private hearing be publicly listed, if the public were to be excluded from attending? By inference, the press and civil liberties campaigners guessed that it was the Apple case, and that the listing was effectively an oblique invitation to the media to make representations as to why the appeal should be dealt with in public. Representations were made and are under consideration by the IPT at time of writing. So far, no determination on whether the case will proceed in public or private has been communicated.
What will the government argue ?
Playing devil’s advocate, I expect the government is arguing against public hearings, on the basis that the IPT must not hold public hearings where doing so would compromise the secrecy of sensitive national security matters. In such cases, the tribunal can only hold public hearings insofar as there is an abstract legal question to clarify. The government will argue that the facts in the Apple case are highly sensitive, involving not just secret investigatory powers but diplomatic relations with the United States. They may also argue that the power to make a TCN is clearly set out in the legislation and accompanying Code of Practice. The details of such a proportionality assessment are highly fact-dependent and, therefore, are a matter of national security to be argued in closed hearings only. The reason the media are interested is that the facts are dramatic and were subject to an unauthorised leak to the press.
Important reasons to hear the case in public
There are overwhelmingly important reasons that hearings on the law should be held in public. According to information leaked to the Washington Post, the TCN requires Apple to, in some shape or form, selectively remove encryption. From a technical perspective, it is impossible to understand how such a move does not render the entire ADP system vulnerable to malicious actors. Creating a facility for the UK’s authorities to access some encrypted data renders everyone’s encrypted data unsafe, and sets a dangerous precedent. The UK may have a human rights-compliant legal system – but do other states, who will now ask for the same level of access? And why does the law matter when the technical weaknesses inserted into the system will apply equally in every jurisdiction? These questions go to the heart of how proportionality should be assessed in the case. Therefore, the law should be clarified before it is applied.
Is the Home Office order against Apple proportionate?
Moving on to substance, the question turns on whether ordering Apple to compromise the integrity of the ADP system is proportionate to meeting the needs of national security and the prevention or detection of serious crime. The government will likely argue that the TCN merely requires Apple to facilitate the execution of lawful warrants which are in themselves subjected to careful necessity and proportionality checks. In theory this ensures such powers can only be used judiciously in a limited and targeted fashion.
Government lawyers may also point out that Standard Data Protection still applies, and that is sufficient to protect the vast majority of users’ data. In effect, the government’s position is that commercial service providers do not have a right to unilaterally provide customers with perfect encryption that cannot be disabled where absolutely necessary. If the TCN is overturned, legitimate targets of state surveillance, including terrorists and child abusers, will “go dark”.
Balance between privacy and national security
Governments always argue that they must have access to communications. Yet while there is no doubt that malicious actors and foreign agents rely on encryption, so do millions of innocent people, including lawyers, journalists, businesses, and anyone who has a duty to take care of other people’s secrets. How should that balance be assessed? It is not just Apple that need to know the answer. As I noted in an article from 2019, a TCN could theoretically order communication providers to grant UK authorities the means secretly to disable or modify the operation of encryption protocols applied on behalf of users.
That was not idle speculation – in 2018, two GCHQ directors openly discussed an approach that would see encrypted platforms like WhatsApp modify the notifications function on a target’s device so that a law enforcement participant could be secretly added to an apparently secure chat without the target realising. All transmissions via the app would remain encrypted, but the content would be intercepted. Whether such a capability was actually developed is unknown, but it seemed unlikely to me, given the disproportionate risks to all users that such software modifications would create.
But is that correct? We do not know what the measure of proportionality is in such a profoundly important matter. The tribunal should clarify these vitally important questions in public.
What are the IPT’s options?
I expect the IPT will shortly determine whether it shall sit in public or not to consider the substantive question of proportionality in relation to the Apple TCN. Assuming the government maintains a posture of strict Neither Conform Nor Deny (NCND), there are at least four broad possible outcomes:
1. Apple wins – the IPT agrees to hear arguments in open court on a hypothetical basis, and determines, as a matter of law, that the removal of encryption via backdoors like the one reported in this case is inherently disproportionate. The public would have confidence that any hypothetical order that weakens encryption systems generally would be unlawful and that ADP, if reactivated in the UK, is secure. Strong encryption is effectively protected by law.
2. The government wins – the IPT hears arguments in open court and determines that requiring service providers to facilitate the removal of encryption in response to targeted warrants is in principle always proportionate. This would imply that Apple’s appeal would then fail in private. UK customers – and others around the world – would lose confidence in cloud-based encryption systems, because TCNs could be secretly issued to other platforms, requiring their encryption to be selectively removed on demand.
3. An ambiguous outcome- the IPT hears arguments in open and publicly determines how the proportionality of a hypothetical TCN should be assessed, but does so in an open-ended way. It is not possible to infer how the factual assessment will be decided in private, with only Apple and the government present for the factual arguments and determination.
4. A fully secret outcome – the IPT decides that no open hearings should take place because there are no points of law to determine and the case cannot be argued in public without harming national security. It carries out the appeal entirely in private. We remain in the dark as to how proportionality is reviewed and how the matter is ultimately resolved.
In the long run, option one is the safest and best outcome. Anything else would mean a kind of structural paranoia would follow. Even if ADP were reactivated for UK users, we would not know with certainty whether it has integrity because Apple won in private, or whether the TCN was implemented via a secret backdoor as intended and an unreliable version of ADP is now in place.
Over time, the erosion of trust in encrypted services and the potential risk of systemic vulnerabilities would be corrosive to public trust and in the UK as a free and open society, particularly as politics takes an increasingly authoritarian and anti-democratic turn. The eyes of the world are on what this secretive and unique judicial body does next.
Bernard Keenan is a lecturer in law at UCL. His research focuses on surveillance, human rights, and state power alongside the development of digital technology
#Apples #appeal #Investigatory #Powers #Tribunal #UKs #encryption #door #explained