The encryption backdoor debate: Why are we still here?
Earlier this month, reports emerged that the UK government had pressured Apple, under the Investigatory Powers Act 2016, to create a backdoor into encrypted iCloud data. Unlike targeted access requests tied to specific cases, this demand sought a blanket ability to access users’ end-to-end encrypted files.
Apple was forced to reconsider its Advanced Data Protection service in the UK, and this latest development raises a fundamental question: Why does the debate over encryption backdoors persist despite decades of technological progress and repeated warnings from cybersecurity experts?
UK government asks Apple to give it backdoor access to encrypted user data
The UK government has used the Investigatory Powers Act (IPA) to issue Apple with a “technical capability notice” requiring the company to create a backdoor into its encrypted cloud services. The Home Office is specifically interested in bypassing the encryption that secures Apple’s Advanced Data Protection (ADP) service.
This cloud service includes a wealth of user data and, thanks to the use of end-to-end encryption, cannot be accessed by anyone other than the account holder. The UK government demand is part of legislation that forces companies to help law enforcement with investigations, but creating a backdoor would allow a level of access that even Apple does not currently have -- and there are concerns about the potential for abuse.