{"id":1860,"date":"2025-02-09T05:03:26","date_gmt":"2025-02-09T05:03:26","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/02\/09\/uk-is-ordering-apple-to-break-its-own-encryption-html\/"},"modified":"2025-02-09T05:03:26","modified_gmt":"2025-02-09T05:03:26","slug":"uk-is-ordering-apple-to-break-its-own-encryption-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/02\/09\/uk-is-ordering-apple-to-break-its-own-encryption-html\/","title":{"rendered":"UK Is Ordering Apple to Break Its Own Encryption"},"content":{"rendered":"\n<div>UK Is Ordering Apple to Break Its Own Encryption<\/div>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>The <i>Washington Post<\/i> is <a href=\"https:\/\/www.washingtonpost.com\/technology\/2025\/02\/07\/apple-encryption-backdoor-uk\/\">reporting<\/a> that the UK government has served Apple with a \u201ctechnical capability notice\u201d as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement.<\/p>\n<p>This is a big deal, and something we in the security community have worried was coming for a while now.<\/p>\n<blockquote>\n<p>The law, known by critics as the Snoopers\u2019 Charter, makes it a criminal offense to reveal that the government has even made such a demand. An Apple spokesman declined to comment.<\/p>\n<p>Apple can appeal the U.K. capability notice to a secret technical panel, which would consider arguments about the expense of the requirement, and to a judge who would weigh whether the request was in proportion to the government\u2019s needs. But the law does not permit Apple to delay complying during an appeal.<\/p>\n<p>In March, when the company was on notice that such a requirement might be coming, it told Parliament: \u201cThere is no reason why the U.K. [government] should have the authority to decide for citizens of the world whether they can avail themselves of the proven security benefits that flow from end-to-end encryption.\u201d<\/p>\n<\/blockquote>\n<p>Apple is likely to turn the feature off for UK users rather than break it for everyone worldwide. Of course, UK users will be able to spoof their location. But this might not be enough. According to the law, Apple would not be able to offer the feature to anyone who is in the UK at any point: for example, a visitor from the US.<\/p>\n<p>And what happens next? Australia has <a href=\"https:\/\/www.homeaffairs.gov.au\/about-us\/our-portfolios\/national-security\/lawful-access-telecommunications\/assistance-and-access-industry-assistance-framework\">a law<\/a> enabling it to ask for the same thing. Will it? Will even more countries follow?<\/p>\n<p>This is madness.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bruce Schneier<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2025\/02\/uk-is-ordering-apple-to-break-its-own-encryption.html\">Go to bruce schneier<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>UK Is Ordering Apple to Break Its Own Encryption The Washington Post is reporting that the UK government has served Apple with a \u201ctechnical capability notice\u201d as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement. This is a big [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[276,646,57,761,762,412,99,83,763,1],"tags":[87],"class_list":["post-1860","post","type-post","status-publish","format-standard","hentry","category-apple","category-backdoors","category-bruce-schneier","category-cloud-computing","category-data-privacy","category-encryption","category-law-enforcement","category-privacy","category-uk","category-uncategorized","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/1860"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=1860"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/1860\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=1860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=1860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=1860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}