Apple says it will remove FaceTime and iMessage from the UK if surveillance laws are changed
Apple has said that it would rather remove FaceTime and iMessage from the UK, rather than comply with the new surveillance laws that have been proposed in the Parliament. The changes could affect end-to-end encryption in social messaging apps.
The law in question would be added under the Investigatory Powers Act (IPA) 2016. The act will require messaging services to inform the UK Home Office about new security features, before they are released. To make things worse, the UK's Home Office can demand security features to be disabled without informing users about it.
Normally, this would be considered highly illegal and intrusive. But if the law is passed, it could put the security and privacy of users in jeopardy. One of the new clauses in the Online Safety Bill could allow communications regulators to install some technology (sort of like a backdoor), to scan for child-abuse material in messaging apps. This controversial move would defeat the privacy and security offered by end-to-end encryption in popular apps.
According to a report published by the BBC, the Home Office said that the Investigatory Powers Act was designed to "protect the public from criminals, child sex abusers and terrorists". The bill is currently being reviewed, nothing has been finalized yet. There could be an independent oversight process, and technology companies will be allowed to appeal the decision.
WhatsApp and Signal have opposed the changes in the surveillance laws, with Signal having threatened to walk away from the UK. It is worth noting that Apple itself came under fire a year ago for its CSAM scanner that would have allowed it to scan users' iCloud library for abusive media. It only backed out of the plans after significant negative feedback from users and security experts.
However, the company seems to have learned its lesson. Apple has joined its iMessage rivals by criticizing the surveillance laws proposed by the UK Government, with strong objections in a nine-page report, although the dossier isn't available for public scrutiny.
Apple also does not like the idea of receiving a notice from the Home Office to disable or block a feature, and would prefer having it reviewed or appeal against such requests. The Cupertino company is not happy about consulting the Home Office regarding security features. Apple's argument pointed out that making changes may not be possible without a software update, i.e. it cannot be done secretly like the Government wants to.
The California-based company also questioned the need for non-UK-based companies to comply with the changes that have been proposed could affect its global user base, and has indicated that it would not accept the law by weakening the security for all users. It is not really surprising that Apple has threatened to walk away from the UK instead of submitting to the unreasonable demands.
Prof Alan Woodward, a Cyber-security expert from Surrey University, called out the Government for being arrogant and ignorant if they believed tech companies will blindly comply with new laws without putting up a fight. He's right on the money. When it comes to technology, high-ranking officials either don't have enough knowledge about them, or simply don't care whether it affects the common man. Besides, a lot of Governments have been found guilty of misusing surveillance laws to spy upon activists, rival politicians, etc., under the false pretext of protecting the Country from criminals, terrorists.
Think about it, such changes could be an absolute disaster for your privacy. Would you be okay if someone was analyzing your browsing history, shopping preferences, snooping on your chats, viewing your family photos, and is aware of their location? What if this data falls into the wrong hands?
It is good to see Apple take a stand against this sort of privacy abuse.
“Prof Alan Woodward, a Cyber-security expert from Surrey University, called out the Government for being arrogant and ignorant if they believed tech companies will blindly comply with new laws without putting up a fight. He’s right on the money. When it comes to technology, high-ranking officials either don’t have enough knowledge about them, or simply don’t care whether it affects the common man.”
No government forced Apple (and Google, and all the family…) to make their devices ultra invasive spying tools sending every intimate piece of user data in clear to their company servers, using opaque code that could actually be doing even more than what it’s already known to do (like negating end-to-end encryption for instance, when they finally agree to allow it to be used for some features). It was their greed that did that. It’s the same information technology giants who lobby against privacy laws. It’s also them (including Apple) who have been publicly exposed already lots of time ago as silently complying with illegal mass surveillance from their state, and that’s only the parts that were heard about. Apple, one of the worst enemies of privacy has rebranded itself as a privacy company years ago and is pushing this fiction of being a brake against surveillance, even sometimes as a victim of surveillance (!). The reality is that the hunger for power of companies like Apple and their state just feed each other.
“It is good to see Apple take a stand against this sort of privacy abuse.”
You go as far as mentioning the recent Apple CSAM debacle and yet applaud Apple for “resisting” even that very specific type of surveillance. You have to be kidding.
“Think about it, such changes could be an absolute disaster for your privacy. Would you be okay if someone was analyzing your browsing history, shopping preferences, snooping on your chats, viewing your family photos, and is aware of their location? What if this data falls into the wrong hands?”
Wait, you’re not aware that this is the norm with today’s software ? Even self proclaimed privacy oriented businesses do that (*). You have to be kidding. All that data has been in the worst hands for a long time already.
(*)
“analyzing your browsing history”
https://www.mozilla.org/en-US/privacy/firefox/
“Recommend relevant content -> Pocket recommendations”
“We recommend content to you based on your browsing history”
(“content” includes fetid propaganda, as well as sponsored “news”)
“shopping preferences”
https://blog.mozilla.org/en/mozilla/fakespot-joins-mozilla-firefox-shopping-announcement/
“Fakespot becomes part of Mozilla, bringing trustworthy shopping tools to Firefox”
“With Fakespot, he developed a way to help consumers sort real reviews from fake ones, helping to dramatically increase trust and confidence among those making online purchases.”
“There will also be future Fakespot integrations that are unique to Firefox. The addition of Fakespot’s capabilities will make Firefox customers the best equipped to cut through deceptive reviews and shop with the confidence of knowing what they’re buying is high-quality and authentic. This is a great proof point of the work we’re doing to make Firefox the browser that truly puts the customer experience first.”
https://www.fakespot.com/privacy-policy
“Personal Information Collected Automatically”
“Your purchase history or purchase tendencies which we may use to recommend better products and sellers.”
“viewing your family photos”
https://github.com/mozilla-services/screenshots/issues/3503
something close enough, the built-in Firefox screenshot tool used deceptive wording so that trying to save the screenshots actually uploaded them to a Mozilla server, and I think that this was stored unencrypted.
“is aware of their location”
https://www.mozilla.org/en-US/privacy/firefox/
“Firefox Suggest and Top Pick”
“Firefox temporarily sends Mozilla your IP address which we use to suggest content based on your country, state, and city. Mozilla may share location information with our partners” (“content” includes ads, of course)
There’s probably even something to dig out about snooping on chats by Mozilla, but I’m getting bored with that exercise for now.
If it’s in the governments hands it’s already in the wrong hands.
“The UK’s Home Office can demand security features to be disabled without informing users about it in order to protect the public from criminals, child sex abusers and terrorists.” Well, that’s one of the defining characteristics of fascism, according to Dr. Lawrence Britt.
“Normally, this would be considered highly illegal and intrusive. But if the law is passed, it could put the security and privacy of users in jeopardy.”
Wouldn’t users stop using the app? If I know a call is being recorded, I don’t say much–yes and no.
“Besides, a lot of Governments have been found guilty of misusing surveillance laws to spy upon activists, rival politicians, etc., under the false pretext of protecting the Country from criminals, terrorists.”
It’s a lame claim–“a lot of governments”? What is a lot? Which ones? In what way? North Korea? In the US, the “USA/Patriot Act” and, most recently, “Section 702 of the Foreign Intelligence Surveillance Act.” provided and still provides the opportunity fo widespread surveillance abuse.
https://www.npr.org/2023/03/23/1164724089/in-fight-over-key-surveillance-law-officials-look-to-sway-congressional-skeptics
and
https://www.eff.org/deeplinks/2022/05/new-surveillance-transparency-report-documents-urgent-need-change
The most surveilled countries:
https://www.statista.com/statistics/1290708/top-surveilled-countries-worldwide/
Tik-Tok Bans:
https://apnews.com/article/tiktok-ban-privacy-cybersecurity-bytedance-china-2dce297f0aed056efe53309bbcd44a04
Thanks, Ashwin. Good to know news.
It’s funny. I know as soon as I walk through an airport with my passport, I am being surveilled for the rest of my trip.
“…designed to “protect the public from criminals, child sex abusers and terrorists””
Do people still fall for this bullshit?
Agree, total BS!!
Government in general hates it when they cannot access information from their citizens. Although I highly doubt Apple will just pull the iMessage and FaceTime apps from the UK and basically loose a lot of business selling iPhones. Given the forced USB C mandate I think Apple has much less influence then they think. From a legal standpoint, I think search warrants should have the same power over data as say any physical property given proper arguments for the search. The ideal of data being different in terms of personal property is a weak argument.
Don’t confuse Europe with the UK. Europe has a lot of bargaining power, it has 740 million people and is an economic superpower. The UK – not so much.
Europe is a continent, do continents have bargaining power? I’ve never heard of such a notion.
The EU has 448 million people. That is a lot of people.
Good by Apple, for the most part at least. And the ending of the article is more or less spot on. Having watched a few countries and several US States and how they push forward and handle this kind of laws shows that it doesn’t matter whether it is a left or right majority political wise, they are both equally as ignorant or simply not interested in these topics and think they do “the good thing” and way too easily manipulated by all sorts of lobbying groups.
Apple already in CSAM like feature build-in iOS ; ‘communication safety’.
https://support.apple.com/en-us/HT212850
@ilev
whats wrong with that. you hate features that protect children or something?
@penny – here, you dropped your /s