News: 1738947834

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

UK Home Office silent on alleged Apple backdoor order

(2025/02/07)


The UK's Home Office refuses to either confirm or deny reports that it recently ordered Apple to create a backdoor allowing the government to access any user's cloud data.

Such a mechanism would enable the government to independently access and read encrypted data, both within the UK and potentially for users worldwide.

The Home Office told The Register : "We do not comment on operational matters, including for example confirming or denying the existence of any such notices."

[1]

Apple did not immediately reply to our request for input and the UK's NCSC deferred the matter to the Home Office.

[2]

[3]

Sources speaking to the Washington Post, which first reported the [4]story , said the order cited the Investigatory Powers Act 2016, often referred to as the Snooper's Charter.

The law was expanded in April last year with the passing of the [5]Investigatory Powers Bill , which further increased the UK's digital surveillance capability with a range of new powers.

[6]

These include allowing intelligence agencies and law enforcement to gather Brits' internet connection records, revealing the services they connected to and when. The bill also made provisions for authorities to gather data en masse from sources with little to no expectation of privacy. Such examples include footage from CCTV cameras and images posted to social media.

The IPA also outlaws the disclosure of the government making a request using the law's powers.

Insiders spoke on condition of anonymity, adding that Apple would likely cease offering encrypted backups in the UK, but that alone wouldn't satisfy the secret order issued in January, according to reports.

[7]

Rumors of such an order began circulating in March 2024, prior to the Investigatory Powers Bill passing in the House of Lords. But the UK's ambition to find ways of defeating encryption technologies, especially in communication platforms, has predated for many years. The prevailing arguments the UK government has made to support its desired encryption backdoor relate to child safety and anti-terror.

The Online Safety Act became law in 2023 and retained a controversial [8]encryption-breaking clause , although it could only be invoked where technically feasible. With end-to-end encryption still a feature of most popular messaging platforms, that feasibility does not yet exist.

The legislation faced substantial backlash. Big tech and privacy advocates again [9]condemned the UK's approach to encryption , with Signal threatening to pull out of the country, refusing to compromise the security of its platform for the region.

[10]Apple solves broken news alerts by turning off the AI

[11]Apple auto-opts everyone into having their photos analyzed by AI for landmarks

[12]Apple plugs security hole in its iThings that's already been exploited in iOS

[13]Kremlin claims Apple helped NSA spy on diplomats via iPhone backdoor

Under the IPA, Apple can appeal the order, arguing against it in terms of how much it would cost to implement. This would be made to a secret technical committee and a judge would ultimately decide whether the order was proportionate to the government's needs. However, Apple wouldn't have legal grounds to delay the delivery of the government's cloud-spying capability while the appeal is considered.

Should Apple be compelled to implement that capability, legal experts suggested the consequences could see major digital service providers pull out of the UK.

"Ultimately, regulators in countries will decide whether Apple or any company offering these services in the UK can continue to do so, and if so, on what terms, said Jonathan Compton, partner at DMH Stallard, to The Register .

"It will then be for the service provider and those in the position of Apple to decide whether they can continue to offer services, or adapt their services, or withdraw their services from UK consumers. The same is true for US and EU jurisdictions.

"There is a constant tension between those who hold information, such as Apple, and those who want to get at it, such as investigatory arms of the state." ®

Get our [14]Tech Resources



[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z6aQlNPrkc4cCAWWXcy83AAAAZY&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z6aQlNPrkc4cCAWWXcy83AAAAZY&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z6aQlNPrkc4cCAWWXcy83AAAAZY&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[4] https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/

[5] https://www.theregister.com/2024/04/26/investigatory_powers_bill/

[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z6aQlNPrkc4cCAWWXcy83AAAAZY&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z6aQlNPrkc4cCAWWXcy83AAAAZY&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[8] https://www.theregister.com/2023/09/20/uk_online_safety_bill_passes/

[9] https://www.theregister.com/2023/04/18/wrong_time_to_weaken_encryption/

[10] https://www.theregister.com/2025/01/17/apple_intelligence_summaries_disabled/

[11] https://www.theregister.com/2025/01/03/apple_enhanced_visual_search/

[12] https://www.theregister.com/2025/01/28/apple_cve_2025_24085/

[13] https://www.theregister.com/2023/06/01/fsb_apple_nsa_spyware_kaspersky/

[14] https://whitepapers.theregister.com/



beast666

I hope Emperor Trump and Professor Musk do something about the fascist two-tier Starmer and his corrupt and incompetent cronies before they do any more damage to Blighty.

NoneSuch

So you're asking for napalm to put out a fire?

Good luck with that.

ChodeMonkey

"two-tier Starmer"

Incompetent troll is incompetent.

Yet Another Anonymous coward

Now I'm confused.

If Kremlin bots are attacking Starmer - does that mean he is a socialist?

JLV

Good job tovarich. Gotta work in "fascist" as much as you can, that's Kremlin 101.

Not sure you should be using "Emperor" for Trump tho. That doesn't make him look very democratic. But good calling out UK being a bit nosy here, gotta normalize Kremlin snoops.

Yet Another Anonymous coward

Drawing from traditional texts (the Beano and Dandy), then based on his screaming hysterics and total ineffectiveness I propose "Parkkeep Trump"

Anonymous Coward

Obvious troll is obvious.

Human Right

elsergiovolador

Funny that Labour seemingly infested with people making a show of deeply caring about human rights, are very selective about what counts as human right.

I guess there is no money to be made from defending your right to keep photos of your privates, private.

Re: Human Right

Irongut

Have you ever considered not taking photos of your privates?

I mean, I've lived for half a century without ever taking a photo of my privates so how hard can it be?

Re: Human Right

abend0c4

how hard can it be?

Without a picture, we'll never know.

Re: Human Right

JamesTGrant

You win today’s Internet. Very good!!

Re: Human Right

David 132

A [1]double-Polaroid ?

[1] https://youtu.be/0ofl_UP3apM?si=NF8M-ELLNYg2dD3X

Re: Human Right

Anonymous Coward

3D ????

Re: Human Right

LucreLout

I've lived for over half a century without ever being vegan. It doesn't mean some people don't choose to be vegan.

If some lass wants to send her fella pictures of her tits, its really not Mrs Balls business to let everyone in her department see them.

Re: Human Right

Anonymous Coward

It's 2025 and apparently, "if you've got nothing to hide, you've got nothing to fear" is still a thing.

Astonishing.

Re: Human Right

Like a badger

"I mean, I've lived for half a century without ever taking a photo of my privates so how hard can it be?"

And I've lived even longer without doing so. But you're missing the point. For half a century or more we could have taken photos of our privates with the reasonable expectation that the British bunglement wouldn't be able to grab the pics without a warrant granted on reasonable suspicion and with due process. This is the ineffectual bastards of government granting themselves an in-perpetuity right to check everything we do. Obviously Yvette Cooper wishes she'd been born in East Germany in the days when the Stasi offered good career prospects.

Re: Human Right

rgjnk

Human rights law as a specialism generally doesn't seem to attract anyone who actually cares in any meaningful way about human rights as others understand it.

Mostly it seems to attract personality-free narcissists who love endless argument over the minutiae and lack the talent for anything genuinely challenging in the field of law, with the 'human rights' label providing a convenient fig leaf to hid their utter disinterest in anything except the technical challenge of the argument.

There are some truly talented, passionate advocates for rights out there, but I've yet to find anyone like that working a full time professional 'human rights' lawyer.

You won't hear much from either the lawyers or the politicians because for all their strident claims about 'rights' they have a very narrow idea of what those are and who deserves them and it certainly doesn't include *you*.

Doctor Syntax

It's not supposed to be implemented if it's not feasible so why would they demand it now.

If they think it is feasible to implement a secure back door all they have to do is commission a proof of concept to be picked over by industry-recognised experts. If they can do that and get approval of the experts then they've proved it is feasible. Until they've demonstrated that it is so it remains infeasible.

Yet Another Anonymous coward

Now that we are in a post-expert society , government is no longer bound by the mundane laws of mathematics

LucreLout

Clearly Apple could copy your key at the time of its creation and storage on your device. You only have to break maths if you don't go to the source of the key generation.

Not a secure back door

Falmari

So end-to-end encryption with a copy of the key at both ends. Sending the Apple the encrypted data along with the key means Apple and some employees can access and read the encrypted data.

That is not a secure back door.

Which is exactly....

Joe Gurman

.... what Apple punters voted for by buying kit and services that guaranteed their privacy.

This is just madness. How would folks in the UK react to Trump's minions' "secretly" declaring they had a right to examine the encrypted data of anyone in the UK?

Re: Which is exactly....

Spanners

" How would folks in the UK react... "

Would now be a good time to get a idiot politician proof VPN?

elsergiovolador

Nobody voted for these laws anyway...

may_i

In which country do people have a vote about laws?

Dinanziame

Switzerland!

may_i

I believe the Aussie government has already asserted that the laws of Australia have priority over the laws of mathematics. Plenty of precedent there!

The cost is infinite

Richard 12

Apple will of course ask one of their engineers to start decrypting while the court case is ongoing.

They expect to complete Rishi Sunak's iCloud account in approximately five million years, then they'll start on Kier Starmer's if the law still exists then.

Re: The cost is infinite

Yet Another Anonymous coward

>They expect to complete Rishi Sunak's iCloud account in approximately five million years, then they'll start on Kier Starmer's if the law still exists then.

Remember when Trump's twitter password was "Maga2020"?

Rishi's is probably "I-heart emoji-Thatcher" and ironically so is Starmer's

Dan 55

It's perfectly feasible, [1]they've done it in China . The only difference is the UK won't pay up for datacentre for UK iCloud accounts.

[1] https://archive.ph/5LmoT

Same old labour...

LucreLout

Taxes up, growth down, criminals free, privacy invaded.

No you cannot have access to all my data because I very clearly cannot trust you with it. Apple may hand over the keys to the kingdom but much of what I store in their cloud is encrypted elsewhere first. All this will do is see some very dodgy people sideload 3rd party messaging apps that neither Apple nor your Telecoms provider can see, while the rest of us enjoy a fappening moment courtesy of Mrs Balls.

Re: Same old labour...

heyrick

" Taxes up, growth down, criminals free, privacy invaded "

Sounds a lot like the Tory playbook. But, then, I feel like this current Labour government is basically a reddish shade of blue, so I guess none of this should be a surprise.

Re: Same old labour...

BartyFartsLast

Pretty sure all this bollocks about backdoors in encryption, In the UK at least, started with Blair's lot and every government since has picked it up

Re: Same old labour...

Richard 12

This is a Tory law. They wrote it - look at the dates, for God's sake!

The last Conservative government did attempt to "repeal everything done by the previously one", but as they failed it's a bad idea for Labour to set the precedent instead.

Re: Same old labour...

Yet Another Anonymous coward

The USA has a procedure where anything ordered in the last 100 (?) days of the outgoing president can be overturned by the new guy

Perhaps a policy where all laws in the last 'n' days before an election is inverted and then automatically becomes law if they lose .

It will certainly add an element of strategy to politics.

but why now...

deaglecat

so this tells me...either that they cannot decrypt currently or that they cannot decrypt at the scale they now require.

I always assumed they could gain access to specific target devices....even by attacking the end device (attacking the device is easier than breaking the maths). iykyk.

or...just maybe, they now want to go trawling with a much wider net...rather than targetting just those individuals that they have reason to be interested in.

and ofc, anything the UK can do, it can also do as a favour to our allies.

we live in quite disturbing times.

Re: but why now...

Blazde

More that it'll be easier this way. Going after devices is less covert and requires much more resources. Of course easier access very inevitably leads to more scale but that doesn't make it the motive.

Again?

spold

Headslapping dumbfuckery at its finest. Let's explain encryption and why its is a great idea...you obviously didn't pay attention the first time (oh you mean that isn't a required skill for a politician?).

mark l 2

Of course the 'won't anyone thing of the children' brigade will say anyone who doesn't support backdoors in encryption is just supporting child abusers and terrorists. As they don't seem to understand that even if the government wanted to they can't stop bad actors using encryption, and this will just mean the crims won't rely on the big tech encryption to protect their message and use PGP or similar instead.

The crims

Steve Davies 3

are using things like Telegtam and for the really serious ones, the Dark Web. Double or even Triple encryption is probably standard these days.

If I encrypt what I hold in iCloud then good luck to them finding filth amongst all the cat pictures that I'll upload to put you off the scent. There is nothing nasty, in my iCloud, it is not my thing.

ChoHag

They will be able to take SSH off me on the day the global economy collapses because international (and indeed intra-national) commerce no longer works.

This is the Home Office, not the government

JimmyPage

The Home Office is a mini state within the UK. Along with the DWP. court orders are advisory and even when they say they will comply, a check a year later finds they haven't.

Who remembers all that data they illegally collected for years and were told to destroy only to come up with the wonderful excuse "But that's too hard" ?

Re: This is the Home Office, not the government

Anonymous Coward

You can change the person in the driving seat, but until the civil service / deep state / blob is flushed away, nothing changes.

That seems to be what's happening across the pond and I hope, for the rest of us, it's successful.

Re: This is the Home Office, not the government

Anon

But on the left side of the pond, the backside of the person in the driving seat is being used for the source of the refill. Why do some people think that is not bad?

Re: This is the Home Office, not the government

Adair

If you really think that's what's happening over the pond, then I have a lovely conceptual bridge you'll fall over yourself to buy.

Re: This is the Home Office, not the government

Anonymous Coward

"You can change the person in the driving seat, but until the civil service / deep state / blob is flushed away, nothing changes."

Well, in my day job I'm part of that group. It may surprise you to learn that regardless of my personal views, I (and colleagues) work to deliver the will of the secretary of state, no matter how misguided, malformed, or simply stupid their wishes are. If they come up with an idea that's bad and simply won't work, our job is to propose options that will work (even if we still think the outcome is bad). There certainly is inertia in government (as Labour using a Conservative law they voted against shows) but that's not about the establishment, it's because it is what the Labour politicians now want to do.

A sceptic might argue that this shows how there isn't actually much difference between Lab/Lib/Con, and that's pretty true. But there is your "establishment". Not the blob of the civil service, but in the lightweight, think-a-likes of parliament, where the public are easily distracted by the theatre of differentiation.

iCloud Lock

Conundrum1885

Seems that even Apple can't fix this if you lose the email or access to it eg for the heinous 'crime' of whatever mail provider inactivating the account after a year.

I have yet to see any workaround to this, despite certain companies (Cellebritie) claiming to have a fix it seems that this rarely works.

People have expressed concern that there should really be two *independent* addresses or some other method tied to the original bank account used for the purchase

so that someone has to prove access on at least two of the three for an unlock.

Amusing

Like a badger

That the UK government's attempt to make this power grab secretly has been blown by the US press. Does of course show that the Home Office and government ministers are quite simply idiots to think that they could do this quietly. But that's government for you.

I'm sure it's a breach of the Official Secrets Act, but I'll let you in on the recipe for government in the UK: Take a stupid idea, try and hide it. When it doesn't work, double down on it, because it wasn't the idea was shit, all that's needed is more bureaucracy and more government interference to make things good. When that still doesn't work, don't admit it, don't repeal the crap legislation, just look round for another stupid idea, because all that's important is to offer the appearance of doing something about the issue du jour .

Re: Amusing

Yet Another Anonymous coward

I think the secret policy was leaked by the BBC in the 1970s

Sir Humphrey: Well, Minister, in practical terms we have the usual six options. One, do nothing. Two, issue a statement deploring the speech. Three, lodge an official protest. Four, cut off aid. Five, break off diplomatic relations; and six, declare war.

My CODE of ETHICS is vacationing at famed SCHROON LAKE in upstate New York!!