The now publicized British secret order to Apple to hand over encrypted contents of backups from the iCloud and other data of all users worldwide at the request of authorities in the UK has put civil rights organizations on high alert. The British government's "unprecedented attack" on the private data of Apple users around the world "is disproportionate and unnecessary", emphasizes Caroline Wilson Palow, head of the international legal department at Privacy International. "The UK should not have started this fight."

The planned encroachment "sets an extremely damaging precedent and will encourage abusive regimes around the world", Palow worries. London is currently in the process of extending investigative powers behind closed doors on the basis of the Investigatory Powers Act, which has been controversial for years, further weakening the already inadequate protection of fundamental rights. Now the UK government has apparently decided to make full use of its most potentially damaging surveillance powers and undermine end-to-end encryption. This ultimately "threatens the security of the internet as a whole".

James Baker from the Open Rights Group also complains that the government has declared war on encryption. Apple would have to build a backdoor into its systems in order to comply with the order. This would then also be open to cyber criminals, for example. London wants to be able to "access everything anytime, anywhere." The effort to "undermine basic security is frightening, irresponsible and would put everyone's safety at risk".

According to Baker, the iPhone manufacturer is just one of several companies that could be subject to similar orders. The orders are also likely to affect WhatsApp, Signal, Threema and other widely used encrypted messaging services. At the same time, the government has tried to prevent services such as Facebook from encrypting their chat services across the board.

US activists from the Electronic Frontier Foundation (EFF) are calling on Apple to fight back against this attempt to undermine the right to privacy and communication. For a long time, iCloud backups were a loophole for law enforcement agencies to access data that would otherwise not be available to them on iPhones with activated device encryption. This only changed with the Advanced Data Protection (ADP) function, which users had to explicitly activate in order to encrypt backups.

The EFF warns: "There is no technological compromise between strong encryption that protects the data and a mechanism that grants the government special access to this data." Any built-in backdoor increases the risk of cyberattacks, identity theft and fraud for all users. Some of Google's backup options and other messaging apps use similar protection mechanisms to ADP. Once the encrypted data of Apple users is accessed, "every other secure tool for file sharing, communication and backup is at risk".

In the ongoing Crypto Wars , the controversial EU High Level Group on Data Access for Effective Law Enforcement is also calling for the identified "wicked problem" of encryption to be solved. At a meeting, representatives of police and judicial authorities from the USA and the EU called for access to unencrypted communication data to be built directly into the technology using the principle of "lawful access by design". However, a major cyberattack on such surveillance interfaces of US providers recently showed the negative consequences this approach can have.

(mki)