In response to the UK government’s proposals to update the Investigatory Powers Act (IPA) 2016, Apple has taken a firm stance against the potential changes.
According to BBC News, Apple has declared that it will remove essential services like FaceTime and iMessage from the UK rather than compromise user security.
The proposed amendments seek to require messaging services to gain clearance from the Home Office for their security features before offering them to customers.
Additionally, the government wants the ability to demand the disabling of security features without public disclosure, making it an immediate action rather than allowing for review and appeal.
Currently, the number of such demands and their compliance status remain unknown due to the secrecy surrounding the process. However, many messaging services currently utilize end-to-end encryption, ensuring that messages can only be deciphered by the sender and receiver’s devices.
WhatsApp and Signal have already expressed their opposition to a clause in the Online Safety Bill that could require companies to implement technology for scanning encrypted messaging apps for child-abuse material.
Signal even threatened to withdraw its services from the UK over the matter, joining Apple’s opposition to the plan.
The government’s proposal has opened an eight-week consultation period, with the focus on updating the IPA to align with advancements in technology. It aims to be more relevant to current cybersecurity challenges and practices.
Nevertheless, Apple’s nine-page submission to the consultation firmly opposes specific aspects of the plan.
Apple emphasizes its commitment to maintaining a consistent level of security for all users and highlights that certain changes would necessitate public software updates, eliminating the possibility of secrecy.
Cyber-security expert Prof Alan Woodward from Surrey University predicts that the proposed requirements are unlikely to gain acceptance from larger tech companies.
He notes that the government’s expectation of compliance may be met with significant resistance, given the potential implications for data security and privacy, not only within the UK but also impacting people globally.
