Apple Inc. is reportedly ready to halt its iMessage and FaceTime services in the United Kingdom as a defiant response to the governmental push to increase the powers of state intelligence agencies in digital surveillance. The proposed expansion is part of the updates to the Investigatory Powers Act (IPA) of 2016.
First brought to light by BBC News, Apple has become the latest significant voice in the mounting opposition against these proposed legislative changes. Detractors argue that the alterations would effectively neutralize the protective capabilities of encryption.
The debated Online Safety Bill necessitates the installation of technology to scan encrypted messaging apps and other platforms for exploitative child sex and terrorism-related content. Furthermore, the bill demands that messaging services get clearance for any new security features from the Home Office before they are launched. These services must also be prepared to disable these features promptly if mandated, without public disclosure.
Although the bill does not overtly demand the removal of end-to-end encryption, it would inherently weaken such protective measures. Service providers would have to scrutinize every message to identify and eliminate flagged content. Critics perceive this as an excessive move that allows the government to enforce extensive interception and surveillance.
Apple communicated to the BBC that such a provision could pose a “serious and direct threat to data security and information privacy.”
Several encrypted chat services, including Element, Signal, Threema, Viber, Meta-owned WhatsApp, and Wire, published an open letter earlier in April. They implored the U.K. government to reconsider its approach, advocating for companies to deliver greater privacy and security to U.K. residents.
The open letter states, “The Bill provides no explicit protection for encryption, and if implemented as written, could empower OFCOM to try to force the proactive scanning of private messages on end-to-end encrypted communication services, thereby rendering end-to-end encryption useless and infringing upon the privacy of all users.”
Last year, Apple scrapped its plan to flag potentially problematic and abusive content in iCloud Photos, following objections from digital rights groups concerned about potential misuse that could jeopardize user privacy and security.
The controversy surrounding end-to-end encryption and the necessity to tackle serious online crimes is not new. WhatsApp took legal action against the Indian government in May 2021, trying to block internet regulations that would force the messaging app to shatter encryption by incorporating a traceability feature to identify the “first originator of information.” The case is still pending.
Apple’s firm stance aligns with its public commitment to privacy, which has allowed it to be perceived as a “privacy hero” amongst other data-collecting, ad-serving companies.
However, the company’s position appears contradictory, given that every message sent to or received from a non-Apple device lacks encryption – as SMS does not support end-to-end encryption – potentially leaving a backdoor open for government surveillance.