RIPA Request to Apple by UK

[NickK]

I was going to put this in the mobile phones forum but thought the extra exposure in here would be better.

Various sources saying that the UK Govt has demanded to be allowed access to the public's private encrypted data held in Apple's iCloud: https://www.bbc.co.uk/news/articles/c20g288yldko



When you read further is appears that they are requesting back doors into their encryption.... Won;t take long for others to find and exploit said back doors for their own use.

No it’s more basic than that - for a long time the law states, if asked for passcode/password to decrypt data you *personally* are liable and must provide it. If you cannot then you are immediately breaking the law.

It’s funny as, in india, the data remains the property of the indian government. So Apple would be guilty of breaking the law - in short they would have to agree to this or not be compliant with indian’s privacy laws.

 

[silvagti]

Will this also apply to other companies like Google and Microsoft who hold private data?

Why does it specifically mention Apple but not others? Do the others already provide access?

 

[Haggisman]

Didn't the US govt. ask Apple for the same thing a few years back, and Apple basically stuck 2 fingers at them, and that was the end of it?

 

[Murphy]

Calls to break/backdoor encryption always makes me roll my eyes as they're basically admitting to anyone with even basic knowledge of encryption that they don't know what they're talking about, and by extension of being totally ignorant that they'd be a danger to everyone.

We've been using encryption for almost 4000 years, all computers have done is make it quicker/easier to use.

 

[j.col]

Will this also apply to other companies like Google and Microsoft who hold private data?

Why does it specifically mention Apple but not others? Do the others already provide access?

Someone mentioned this on page 1

EDIT: Also, you can almost guarantee that same UK demand has probably gone to the other major cloud storage providers such as Microsoft, Dropbox, Amazon, etc, etc, at the same time. Apple won't have been singled out. Apple are simply the company that has been leaked. In fact it's not legal to tell people that a request has been made. If you use any of these then expect your privacy to be compromised. It's shameful that this (or any) government are doing this. I'll stop at that comment because I appreciate political comment isn't allowed outside of the closed Speakers Corner.

 

[Scarfacé]

I think there's a bit of misunderstanding in this thread. From the news reports I gather this is targetting Apple's 'Advanced Data Protection' functionality (which is disabled by default). Out of the big cloud providers (for personal/general users at least), I believe Apple is the only one that uses E2E encryption for data at rest (where ADP is enabled). For example, Microsoft OneDrive's 'Personal Vault' is not E2E encrypted when the data is at rest. That suggests that Microsoft, Google, Apple (where ADP isn't enabled) are already able to access personal cloud data if they wish (or are legally obligated) to.

 

[jpaul]

Calls to break/backdoor encryption always makes me roll my eyes as they're basically admitting to anyone with even basic knowledge of encryption that they don't know what they're talking about, and by extension of being totally ignorant that they'd be a danger to everyone.

everyone is hot on AI, but quantum computing is the backdoor with potential to break encryption(banks et al) - wonder what the real investment ratio is between the two for the USA government.

does seem if the leak was exclusively (& illegally) from apple then this itself kind of questions the integrity of Apple employees not to be bought to introduce real backdoors 'Applegate'
like the people Israel bought to hide the explosives in pagers plot.