"If true, this new order is not 'less worse' than the first. That's because, as we have been saying all along, Apple cannot undermine end-to-end encryption of iCloud services only for the UK when those services are used worldwide. If Apple breaks end-to-end encryption for the UK, it breaks it for everyone. The resulting vulnerability can be exploited by hostile states, criminals and other bad actors the world over."
"The impact of the UK's new order may be limited if it only targets Apple's Advanced Data Protection (ADP), which it withdrew from the UK in February 2025. But we learned last month that the original order may extend to other information which is end-to-end encrypted on iCloud, not just that protected by ADP. Unless Apple is willing to turn off all iCloud end-to-end encryption for its UK users, then this order's negative impact will spread."
The UK issued a secret order requiring Apple to undermine iCloud advanced encryption for UK users while the status of an earlier order remains unclear. Apple cannot limit weakening of end-to-end protections to the UK when iCloud services are used globally, so breaking encryption for UK users would create vulnerabilities for everyone. The order may target Advanced Data Protection (ADP), withdrawn in the UK in February 2025, but it could extend to other end-to-end encrypted iCloud data. The measure risks exposing passwords, location, and health data and could prompt similar secret orders against other companies.
Read at Privacy International
Unable to calculate read time
Collection
[
|
...
]