Apple has threatened to pull certain services – including FaceTime and iMessage – in the United Kingdom if the government amends surveillance legislation that would require tech firms to make changes in their security and privacy features.
BBC News reports:
The government is seeking to update the Investigatory Powers Act (IPA) 2016.
It wants messaging services to clear security features with the Home Office before releasing them to customers.
The act lets the Home Office demand security features are disabled, without telling the public. Under the update, this would have to be immediate.
Currently, there has to be a review, there can also be an independent oversight process and a technology company can appeal before taking any action.
Because of the secrecy surrounding these demands, little is known about how many have been issued and whether they have been complied with.
But many messaging services currently offer end-to-end encryption – so messages can be unscrambled by only the devices sending and receiving them.
The UK government began an eight-week consultation process on the proposed amendments to the IPA open to professional bodies, interest groups, academia, and the wider public. Apple has submitted a nine-page-long document condemning many of the changes.
Apple opposes being required to run any changes in their security features by the Home Office before they are released. The requirement would require non-UK companies to comply with changes that would affect their products internationally.
The proposals “constitute a serious and direct threat to data security and information privacy” that would affect people outside the UK, Apple says.
The Cupertino firm says that it would not make changes to security features specifically for one country that would weaken a product for all users. This indicates Apple may remove services like FaceTime and iMessage in the UK if the amendments proceed.
Several companies, including Apple, WhatsApp, and Signal also oppose a clause in the UK’s proposed Online Safety Bill that would allow the UK communications regulator to require companies to install technology to scan for CSAM in encrypted messaging apps and other services. Signal has threatened to completely pull out of the UK over the matter.
