- Two US legislators warn against security risks for British encryption Backdoor order to Apple
- Such a back door for encryption, they said, could be exploited by cyber criminals and authoritarian regimes
- Apple killed its iCloud’s end-to-end encryption feature in the UK in February and is now challenging the order in court
Two US legislators have slammed the British encryption back door order to Apple and argued that this could lead to potential cyber security risks for all users around the world.
As reported by Pakinomist on May 7, 2025, the US House President Jim Jordan and foreign affairs Brian Mast wrote a joint letter to Britain’s home secretary Yvette Cooper to warn how such a back door would create “systemic vulnerabilities” that cyber criminals and authoritarian regimes would be able to exploit.
Apple killed its iCloud’s end-to-end encryption feature in the UK in February after being hit by a technical capacity message (TCN) under 2016 – Investigation Powers to allow law enforcement to assess users’ data – whether encrypted. The big tech company is now challenging this request in court.
“Systemic vulnerabilities” for all
“Creating a back door in end-to-end encrypted systems that TCN does introduce systemic vulnerabilities that can be utilized by malicious actors, including cyber criminals and authoritarian regimes,” says Jordan and Mast’s letter reported by Pakinomist.
“These vulnerabilities would not only affect British users, but also American citizens and others worldwide considering the global nature of Apple’s services,” Jordan and Mast added.
Recent events such as Salt Typhoon attack on all major US telecommunications have shown the crucial role of reliable encryption and encrypted tools (such as the best VPN services and messaging apps) playing privacy and security for everyone’s data. Even FBI and CISA experts have called on citizens to switch to encrypted services in the wake of this unprecedented cyberattack.
Jordan and Mast also call on the British Home Secretary to reveal the full content of the order to the US Ministry of Justice, so that legislators can check if it complies with current laws. Under the US/UK agreement concluded under the Cloud Act in 2023, law enforcement cannot require companies to decrease data.
“We urge the Home Office to reconsider the issuance of TCNs that require encryption weakening, as such measures are in conflict with international human rights standards, including the European Court of Human Rights’s decision undermining encryption, violates privacy rights,” concludes US lawyer producers.
Apple decided to kill its Advanced Data Protection (ADP) feature in the UK to avoid building a back door in its system.
ADP is an optional feature that provides an additional layer of protection of all iCloud storage data using end-to-end encryption technology. This means that not even Apple can access these files.
Apple’s decision to remove advanced data protection comes after experts warned that an iCloud back door “brings millions and privacy and privacy.”
Apple has nevertheless ensured that all iCloud data categories encrypted by default remain protected. These include users’ health data, passwords, iCloud messages and Apple Pay transactions as well as iMessage and Facetime data. You can see all the others on Apple’s support page.
The big tech company has now sued the British government and the legal battle is currently underway behind closed doors.
