The UK government is seeking to utilize its investigatory authority to pressure Apple into granting global access to user data. This move poses a significant risk not only to Apple device users but also to the broader integrity of internet security.
UK authorities have requested that Apple develop a backdoor to access encrypted iCloud user data worldwide. This demand is formalized through a Technical Capability Notice under the 2016 Investigatory Powers Act, which empowers law enforcement to request assistance from legal entities in gathering evidence.
The aim is to obtain unrestricted access to encrypted content, including backups, photos, and notes, without targeting individual accounts. This demand extends beyond UK nationals to include global users, making it unprecedented. Should Apple acquiesce, it could face similar demands from the US, China, and other nations, forcing the company to choose between mass disabling of encryption or creating backdoors.
The introduction of a backdoor risks eroding public confidence in encryption technologies. Meanwhile, the legal prohibition on disclosing such demands restricts Apple’s capacity to publicly address the issue.
US Senator Ron Wyden has characterized the demands as a “privacy catastrophe,” while Signal CEO Meredith Whittaker has cautioned that the UK may isolate itself as a technological outcast.
UK authorities have historically opposed Apple’s deployment of Advanced Data Protection, arguing that encryption obstructs the investigation of severe criminal activities. A government representative asserted that technology must not impede the pursuit of justice.
In January 2025, the UK’s Competition and Markets Authority (CMA) launched an inquiry into the mobile operating systems, app stores, and browsers of Apple and Google to assess the necessity of further regulatory oversight.
Caroline Wilson Palow, legal director at Privacy International, said that the UK had “pulled the trigger” on one of its most intrusive and potentially damaging surveillance powers. “This overreach sets a hugely damaging precedent and may embolden abusive regimes the world over,” she remarked.
Previously, authorities had pressured Meta* (designated as extremist in the Russian Federation) to weaken encryption within its messaging services, but the company declined to comply.