The UK’s Investigatory Powers Tribunal (IPT) has submitted a new legal filing, suggesting that authorities wanted the iCloud backdoor they’re demanding Apple to create to be able to access more data than previously thought. According to the Financial Times, UK’s Home Office has also yet to legally withdraw or change its order for Apple to create backdoor access to its users’ data. If you’ll recall, US Director of National Intelligence Tulsi Gabbard claimed a few days ago that the UK “has agreed to drop its mandate for Apple to provide a ‘back door’ that would have enabled access to the protected encrypted data of American citizens and encroached on [their] civil liberties.” It’s still unclear if the Home Office merely hasn’t started the process of withdrawing the mandate yet.
IPT is an independent judicial body that investigates complaints about alleged unlawful surveillance from UK authorities. The Times reported in March that Apple challenged the UK government at the IPT after receiving a secret order from the Home Office to build a backdoor for iCloud data. Apple is not allowed to publicly discuss the order, but it first acknowledgment that it received a mandate from UK authorities when it disabled iCloud’s Advanced Data Protection (ADP) feature in the UK back February.
“Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom. As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will,” the company said in a statement back then. It’s worth noting that the UK government has yet to confirm or deny the order’s existence, and IPT will be hearing the case based on “assumed facts.”
The order reportedly states the Apple has the obligation to “provide and maintain a capability to disclose categories of data stored within a cloud-based service,” which indicates that the government looked to gain access to people’s passwords and messages. In addition, the Times says the order was “not limited to” data protected by Apple’s ADP, suggesting that authorities wanted broad access to Apple iCloud accounts.
