Apple lodges challenge to UK digital surveillance bill, rails against weak encryption
In an "unprecedented" move, Apple on Monday issued a formal challenge to the UK House of Parliament over a proposed Investigatory Powers Bill that would leave services like iMessage open to backdoors and intercept capabilities.
Apple's eight-page submission to a parliamentary committee tasked with investigating the legislation takes issue with software backdoors, forced access to encrypted devices and overseas warrants, reports BBC. Protections against these three potentialities, and others relating to government snooping, are at the bedrock of Apple's stance on data privacy.
"The bill threatens to hurt law-abiding citizens in its effort to combat the few bad actors who have a variety of ways to carry out their attacks," Apple writes, according to reports Independent.ie. "The creation of backdoors and intercept capabilities would weaken the protections built into Apple products and endanger all our customers. A key left under the doormat would not just be there for the good guys. The bad guys would find it too."
Dubbed by some media outlets as the Snooper's Charter, the bill's language suggests a change to existing UK law that Apple argues leaves room for the creation of backdoors into services protected by end-to-end encryption. Backdoor access to personal communications is a contentious topic.
"A key left under the doormat would not just be there for the good guys. The bad guys would find it too," Apple said, echoing CEO Tim Cook's statement on backdoors from February.
Proponents of the UK bill, including Prime Minister David Cameron, say enhancing the government's data collection capabilities is a step toward thwarting terrorist plots. Encrypted digital communications has become a hot button topic after certain discreet messaging apps were connected to the recent attacks on Paris. The claims were unfounded, but fanned debate nonetheless.
"Some have asserted that, given the expertise of technology companies, they should be able to construct a system that keeps the data of nearly all users secure but still allows the data of very few users to be read covertly when a proper warrant is served," Apple's submission reads. "But the Government does not know in advance which individuals will become targets of investigation, so the encryption system necessarily would need to be compromised for everyone."
Apple brings up a separate issue of extra-territoriality, which require companies submit to UK law enforcement warrants for information. Under current law, and rules provided in the proposed bill, Apple would be forced to hand over data stored on offshore servers.
"The bill would attempt to force non-UK companies to take actions that violate the laws of their home countries," Apple said. "This would immobilise substantial portions of the tech sector and spark serious international conflicts. It would also likely be the catalyst for other countries to enact similar laws, paralysing multinational corporations under the weight of what could be dozens or hundreds of contradictory country-specific laws."
Perhaps more importantly, tech companies like Apple fear that adhering to a UK policy on extra-territoriality would open the door for other countries — China and Russia — to demand the same treatment.
Apple also has concerns about hardware hacking, or being forced to surreptitiously unlock and root around in customer devices at the will of UK authorities. This particular issue has raised the ire of U.S. officials, as strong encryption measures built into iOS 8 and iOS 9 make it impossible for even Apple to decrypt newer devices.
The UK parliamentary committee in charge of the Investigatory Powers Bill is expected to tender a final report in February.