You didn’t read that correctly. They were ordered to implement global backdoor access (meaning all users worldwide) for the UK government and they can’t and won’t add that.
10 Likes
Realistically, they’d be more likely to flag sketchy accounts based on usage patterns + metadata (which may match up with info in ongoing court cases) and allow this metadata to be used as evidence for the court. For example, suppose 500 GB of illegal content was found on a UK citizen’s website shortly after they downloaded 500GB of encrypted content hosted on iCloud.
It makes sense for Apple to refuse. The UK is just too small a market to take such a huge PR hit for. However, what has me concerned (and a bit confused) is the lack of public comment by Apple. I personally suspect they leaked this issue to bring it to light since UK law prohibits them from talking about it publicly. But the appeal process is also secret, so even if they prevail we may never know without an additional leak.
As an iCloud ADP user this has me pretty uncomfortable. I may be moving away from ADP just due to the uncertainty.
My pixel starting to look more delicious after reading this post. I think I’ll pick it up 
2 Likes
Oh, I see. That’s foolish of the UK government. I’ve now read the article.
I’m sure they can implement global backdoor access. They only need to rollback their E2EE features. Whether they will is another matter altogether. I’m not sure either of us can speak to whether Apple will or will not do that.
This is a bad thing. These companies are so big they can refuse to obey laws. This is one of the rare cases where the law is harmful to citizens of a country.
The rest of the EU was interested in “chat control” for similar reasons, so they might be interested in backing up the UK on this. The UK alone won’t be enough, but the entire European Union is certainly enough to make Apple reconsider.
Complying with the UK’s order would have either caused widespread disruption, as suddenly iCloud backups are no longer available for citizens of any country, or it would have happened silently. They can’t just remove encryption from the iCloud Backups, because that would count as “alerting users that their encryption was compromised.”
And in that case, the UK would have what they wanted anyway, which was being able to read the backups if they had a warrant to acquire them. The only benefit to removing E2EE altogether is that users know it isn’t E2EE.
It’s challenging to imagine how Apple could have complied with this order and not given the UK what they wanted. Perhaps this is just an excuse to extract some money out of Apple with a fine…
Is it? 
Let’s not confuse the law and morality here lol
I don’t think it’s known whether Apple has taken any action at all, but I doubt they have. The order was only issued in January.
To me this seems like another example of a government trying to act tough that will ultimately not really go anywhere and quietly go away. It isn’t a reasonable request to stand by.
Not only PR. Think about it this way, if the UK gets a backdoor into iPhones worldwide, what government agency anywhere else in the world in their right mind won’t immediately ban the use of iPhones? Everyone is paranoid about Chinese spies and Russian spies, but they’ll be just as paranoid about UK spies if they had this power, no doubt about that.
Apple would lose more sales if they stayed in the UK and added this backdoor, than if they dropped the entire UK market. I’d basically guarantee it.
9 Likes
It’s certainly not a public company’s job to decide on ethics and I wouldn’t trust any large public company to do so; the only reason they could be trusted to do so is to operate within the laws (which many of them openly flout in any case).
I would say the laws have a closer connection to ethics than any other apparatus, and as the institution responsible for drafting and enforcing those laws, the government holds a position on ethics.
Morality is a subjective thing. I don’t agree with every law, but many of them enforce a certain view of morality and ethics. And future governments reform laws they think are unethical and replace them with their own laws which they believe are ethical.
I’m certainly not saying I agree with the ethics of all laws. But I certainly believe the job of a government is to decide on what constitutes ethical behavior.
(Strictly speaking, the courts have the strongest connection to deciding on ethical behavior and are a separate arm from the government, but not every country is set up the same way.)
I agree with that.
3 Likes
This order is confidential. The UK said so. You and I are not supposed to know it.
What I meant by Apple refusing to comply is by either stopping the support for ADP in the UK or leaving its market altogether.
Such laws long exist in countries like India (ex / mirror) where Apple has no trouble doing business. Either Apple is complying or the Indian govt is toothless (and whatever we choose to believe is happening behind the scenes exposes our own limited understanding of how it all goes down when the powerful wield their hammer).
The thing is, most states (ex: UK since 2016; Sweden since 2020) already allow law enforcement to “break encryption” by hacking devices, planting bugs, KYC/data requirements, etc. All of that unreasonableness (some of which commenced as “experimental”) has been allowed to stand (in some cases, for more than a decade now). I wonder why that isn’t discussed enough.
This move by the UK (and other States) did not come without precedent. Things will only escalate.
1 Like
Simply stop using iCloud, and block all iCloud domains.
It does not fix the issue, the people in UK should to stand up and defend themselves.
Dun think there will be any protest about this though.
Can you really trust Apple ? No, you don’t make $3 trillion without breaking lots of eggs.
Privacy experts have raised concerns that the cooperation within the Five Eyes enables extensive and potentially invasive monitoring of individuals in member countries, allowing them to gather information on their own people by proxy. For instance, while it may not be legal for the UK to directly surveil its citizens, the UK could request the US, a fellow FVEY member, to conduct the surveillance and share the information.
1 Like
Hope you have GOS or some third part O\S on the pixel, or you’re pickled in other ways, you might not be aware of. I have a Pixel with GOS.
Anyone know Apple’s UK market share vs Android?
We can;t have reliable data but ill try to help out, the closest source we can have is something like statcounter:
Still keep in mind this isnt the most reliable data but this is a good estimate. (and the closest source you can say)
1 Like
https://radar.cloudflare.com/year-in-review/2024/gb#ios-vs-android
iOS vs Android
52.6% of [mobile device] traffic is from iOS devices in United Kingdom
Granted very few of these users will have ADP enabled. Although now that I think about it there is some very sensitive iCloud data like the keychain which is E2EE by default, so I assume this order would cover that too?
1 Like
That’s a good point but would be limited to keychain data stored in iCloud. You can use keychain without iCloud.
Same for iMessage.