Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Could Apple Pull iCloud Services From the UK Market?
- Thread starter MacRumors
- Start date
- Sort by reaction score
He won’t have to. The threat of Apple pulling out will be enough. And if google joins in. Threaten to disable all app stores on current phones. There would be a revolution in the UK
The UK has grand delusions of becoming the Silicon Valley of Europe. Ideas like this will definitely help. Who wouldn’t want to setup a tech company in a country where backdoors are mandated?
Thanks for the explanation. In your last paragraph did you miss out ADP in the first sentence ?
Guys, remember china shut down Tik tok when the app ban didn’t require it to piss off American citizens until the us government agreed to negotiate. Apple cares more about money unfortunately rather than standing up to foreign governments who don’t care. And no I’m not saying china good but at least they have a spine
War is peace.
Freedom is slavery.
Ignorance is strength.
It took a while, but we're here.
Let‘s wait and see.
That’d basically put them on a collision course.
And the first to swerve loses.
Wouldn't matter in the UK. They'd force Apple to dumb down its encryption on all Apple devices used in the UK whether or not they ever connect to iCloud, so when they come to your home or workplace and seize your devices, it would be easy for them to see everything on them. As it would be for any enterprising hacker who steals any of your devices.Apple needs to make your computer the digital hub again for all of your Apple devices to sync with each other locally.
Last edited:
Except the law did require TikTok be shut off from the U.S. on January 19 if it did not divest. TikTok shut down hours before the deadline as mandated. They resumed services when Trump announced he’d grant a reprieve. The 75-day reprieve is for time to line up a controlling stake for U.S. operations.
More overreach by a government that has their heads firmly shoved up their own rearends. I look forward to the UK “demand” being ignored.
Given today's bombshell report revealing the UK government's unprecedented demand for backdoor access to encrypted iCloud data, it's clear that Apple now faces a massive challenge. How it responds could have major implications for not only the company's privacy stance, but also its global operations as well as its reputation.
According to The Washington Post, the British government has secretly demanded that Apple give it blanket access to all encrypted user content uploaded to iCloud. The spying order reportedly came by way of a "technical capability notice," a document sent to Apple ordering it to provide access under the sweeping UK Investigatory Powers Act (IPA) of 2016.
According to sources that spoke to the publication, Apple is likely to stop offering encrypted storage in the UK as a result of the demand. Specifically, Apple could withdraw Advanced Data Protection, an opt-in feature that provides end-to-end encryption (E2EE) for iCloud backups, such as Photos, Notes, Voice Memos, Messages backups, and device backups.
In this scenario, UK users would still have access to basic iCloud services, but their data would lack the additional layer of security that prevents even Apple from accessing it. In other words, UK users' iCloud data would revert to standard encryption, allowing Apple to potentially access the contents of said data if it is compelled to do so by UK authorities when a warrant is issued. Although no specific instance has been publicly confirmed, the IPA grants UK security agencies the legal framework to request data from companies when it is accessible.
Apple could always pursue legal challenges. However, according to the IPA, while the company can appeal the "technical capability notice," it must comply with the order during the appeals process. Apple would be forced to temporarily implement the backdoor while arguing against its legality. Not only that, the IPA makes it a criminal offense to reveal that the government even made the demand.
Needless to say, such a gag order would prevent Apple from being up front with its customers about the security changes. When a backdoor is introduced — even if its purpose is to grant law enforcement access — it creates an alternative route into a secure channel. This not only increases the risk that bad actors might discover and exploit the vulnerability, but it also breaks the promise of complete confidentiality. Apple would essentially be lying to its customers about the watertightness of its E2EE security.
The Nuclear Option
A more dramatic response from Apple would involve completely removing iCloud services from the UK. While this would protect Apple's encryption standards, it would severely disrupt millions of UK users who rely on iCloud for photo storage, device backups, and document syncing. Users would need to find alternative cloud storage solutions and potentially lose access to years of accumulated data.
Theoretically, Apple could attempt a technical workaround by restructuring iCloud to isolate UK user data. However, the IPA allows British authorities to compel tech companies to assist with data access regardless of where that company is based, so this solution might not satisfy the government's demand for worldwide access. It would also require costly engineering resources to implement, not to mention set a concerning precedent for other countries seeking similar arrangements.
"I don't see how this is to be resolved, as Apple has made such a big point of privacy for users," said Alan Woodward, a professor of cybersecurity at Surrey University, speaking to BBC News. "If they accede to this technical notice their reputation will be in tatters. They're bound to challenge it."
Global Implications
The UK's demand could also put the government's data-sharing agreement with the European Union at risk. The two regions currently have an agreement allowing the free flow of personal data between the EU and UK, but the arrangement faces review this year. The creation of an encryption backdoor could be viewed as violating the EU's strict data protection standards.
The spy order has already raised concerns in Washington, placing Apple in a potential diplomatic crossfire. According to The Post, the Biden administration first began tracking this issue since the UK first indicated it might demand backdoor access.
The timing is particularly awkward, given that US security agencies have recently been advocating for increased use of encryption to combat Chinese cyber threats. In December, the FBI, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency jointly recommended that companies "ensure that traffic is end-to-end encrypted to the maximum extent possible" to protect against state-sponsored hacking. Creating a backdoor for UK authorities would directly contradict this guidance and could weaken US cyber defenses, potentially forcing Apple to choose between complying with UK law or protecting US national security interests.
It's worth noting that Apple has repeatedly and forcefully opposed creating backdoors in its products. In its March 2023 submission to UK Parliament, the company stated plainly: "We would never create a backdoor in our products." This echoes CEO Tim Cook's firm stance during the 2016 San Bernardino case, where he declared, "Apple has never built a backdoor into any of our products and never will."
The company doubled down on this position in its 2024 submission to the UK Parliament regarding changes to the IPA, warning that the provisions "could be used to force a company like Apple, that would never build a back door into its products, to publicly withdraw critical security features from the UK market."
Apple's core principle that "privacy is a fundamental human right" is a position it has consistently maintained through the years in the face of government demands for weakened encryption. Confronted by the UK government's latest encryption demands, the company must now prove whether its commitment to user privacy is truly unbreakable, or just a corporate slogan that crumbles under regulatory pressure.
Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Article Link: Could Apple Pull iCloud Services From the UK Market?
Nope, it will not. The UK does not have the authority to access everyone’s data.
Also side note, there is nothing in the law that allows for this reprieve, so TikTok and Oracle are technically still breaking the law and racking up billions of dollars of potential liability. That’s why Apple and Google haven’t put it back in their stores (the fine is $5,000 per user).
From that article:
"Apple has previously said it would pull encryption services like ADP from the UK market rather than comply with such government demands - telling Parliament it would "never build a back door" in its products."
But removing the Advanced Data Protection option could be comparable to building a back door into Apple products and customer data formerly protected by ADP. It would leave a lower level of encryption in place, but one that's not nearly as hard to crack (by its nature, Apple can crack this lower level), and subject to current legislation that allows data protected by that lower level of encryption to be demanded by governments.
Unfortunately, any possible limitations are likely gone now that the UK left the EU.
The law does allow for a one-time 90-day extension if significant progress toward divestiture is being made, but it’s questionable whether progress is indeed happening. But you are correct that it does not shield third parties.
HR 8038 Division D, Section 2(a)(3):
And people were arguing against the iCloud monopoly lawsuit EU was taking out on Apple.
Imagine if you could simply select a separate cloud service to back your stuff up to when your country inevitably asks for this very same access.
Because too many Americans view politics like Sports, and think whatever their "side" does is ok no matter what as long as it hurts the other "side".
Imagine if you could simply select a separate cloud service to back your stuff up to when your country inevitably asks for this very same access.
Lots of disagreement reactions to your comment, yet the EU have showed great interest in some of the more privacy invasive laws the UK has toyed with, like the whole porn age verification systems.
Because too many Americans view politics like Sports, and think whatever their "side" does is ok no matter what as long as it hurts the other "side".
Last edited:
I was literally just thinking how outraged Republicans would be if this were happening under a Democratic administration.
Fair point. Obviously, the UK isn’t in the EU.
But I’d ask you to take pity on me keeping up with the news lately. My american news is frying my brain lately.
It was supposed to be a warning. Unfortunately some people and/or governments use it as an instruction manual.