RIPA Request to Apple by UK

NickK · 2025-02-07T18:21:28+0000

Richie said:
I was going to put this in the mobile phones forum but thought the extra exposure in here would be better.

Various sources saying that the UK Govt has demanded to be allowed access to the public's private encrypted data held in Apple's iCloud: https://www.bbc.co.uk/news/articles/c20g288yldko

When you read further is appears that they are requesting back doors into their encryption.... Won;t take long for others to find and exploit said back doors for their own use.

No it’s more basic than that - for a long time the law states, if asked for passcode/password to decrypt data you *personally* are liable and must provide it. If you cannot then you are immediately breaking the law.

It’s funny as, in india, the data remains the property of the indian government. So Apple would be guilty of breaking the law - in short they would have to agree to this or not be compliant with indian’s privacy laws.

silvagti · 2025-02-07T18:37:57+0000

Will this also apply to other companies like Google and Microsoft who hold private data?

Why does it specifically mention Apple but not others? Do the others already provide access?

Haggisman · 2025-02-07T18:44:30+0000

Didn't the US govt. ask Apple for the same thing a few years back, and Apple basically stuck 2 fingers at them, and that was the end of it?

Murphy · 2025-02-07T18:47:18+0000

Calls to break/backdoor encryption always makes me roll my eyes as they're basically admitting to anyone with even basic knowledge of encryption that they don't know what they're talking about, and by extension of being totally ignorant that they'd be a danger to everyone.

We've been using encryption for almost 4000 years, all computers have done is make it quicker/easier to use.

j.col · 2025-02-07T18:51:35+0000

silvagti said:
Will this also apply to other companies like Google and Microsoft who hold private data?

Why does it specifically mention Apple but not others? Do the others already provide access?

Someone mentioned this on page 1

Hades said:
EDIT: Also, you can almost guarantee that same UK demand has probably gone to the other major cloud storage providers such as Microsoft, Dropbox, Amazon, etc, etc, at the same time. Apple won't have been singled out. Apple are simply the company that has been leaked. In fact it's not legal to tell people that a request has been made. If you use any of these then expect your privacy to be compromised. It's shameful that this (or any) government are doing this. I'll stop at that comment because I appreciate political comment isn't allowed outside of the closed Speakers Corner.

Scarfacé · 2025-02-07T19:09:03+0000

I think there's a bit of misunderstanding in this thread. From the news reports I gather this is targetting Apple's 'Advanced Data Protection' functionality (which is disabled by default). Out of the big cloud providers (for personal/general users at least), I believe Apple is the only one that uses E2E encryption for data at rest (where ADP is enabled). For example, Microsoft OneDrive's 'Personal Vault' is not E2E encrypted when the data is at rest. That suggests that Microsoft, Google, Apple (where ADP isn't enabled) are already able to access personal cloud data if they wish (or are legally obligated) to.

jpaul · 2025-02-07T21:12:48+0000

Murphy said:
Calls to break/backdoor encryption always makes me roll my eyes as they're basically admitting to anyone with even basic knowledge of encryption that they don't know what they're talking about, and by extension of being totally ignorant that they'd be a danger to everyone.

everyone is hot on AI, but quantum computing is the backdoor with potential to break encryption(banks et al) - wonder what the real investment ratio is between the two for the USA government.

does seem if the leak was exclusively (& illegally) from apple then this itself kind of questions the integrity of Apple employees not to be bought to introduce real backdoors 'Applegate'
like the people Israel bought to hide the explosives in pagers plot.

BUDFORCE · 2025-02-07T21:19:48+0000

ubersonic · 2025-02-07T21:54:23+0000

I see no issues here.

For centuries the police have been able to get a warrant to intercept our mail if they have supporting evidence to justify it.

For over a century the police have been able to get a warrant to listen in on our phone calls if they have supporting evidence to justify it.

Now the police are (finally) going to be getting proper powers to search our online storage if they have supporting evidence to justify it.

The only people who need to be worried about this are criminals, and the paranoid.

silvagti · 2025-02-07T22:05:21+0000

ubersonic said:
I see no issues here.

Now the police are (finally) going to be getting proper powers to search our online storage if they have supporting evidence to justify it.

I would agree that you could argue for the UK government to be given access to individual accounts/ec providing they have a warrant and justification. However, they appear to be esking for more than purely that?

Reports seem somewhat conflicted as to exactly what the UK government has requested?

UK demands Apple break encryption to allow gov’t spying worldwide, reports say

Apple last year opposed UK’s secret notices demanding encryption backdoors.

arstechnica.com

"UK security officials "demanded that Apple create a backdoor allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud," the report said. "The British government's undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies.""

hurfdurf · 2025-02-07T22:06:36+0000

ubersonic said:
I see no issues here.

For centuries the police have been able to get a warrant to intercept our mail if they have supporting evidence to justify it.

For over a century the police have been able to get a warrant to listen in on our phone calls if they have supporting evidence to justify it.

Now the police are (finally) going to be getting proper powers to search our online storage if they have supporting evidence to justify it.

The only people who need to be worried about this are criminals, and the paranoid.

Criminals and enemy states cannot easily intercept mail or phone calls. To do so would require a manual in person to attack the system. Significant effort.

If a back door is allowed for phone calls, criminals could very easily do so. There is a massive difference.

Modern security issues are completely different to historic ones.

Murphy · 2025-02-07T22:59:35+0000

ubersonic said:
For centuries the police have been able to get a warrant to intercept our mail if they have supporting evidence to justify it.

For over a century the police have been able to get a warrant to listen in on our phone calls if they have supporting evidence to justify it.

No they haven’t, they've been able to get warrant to listen/intercept an individuals mail/calls if they can prove to a court that there's reasonable suspicion. They do not get a warrant to intercept/listen to 'our' as in all of our mail/calls in the hope they catch someone doing/saying something they shouldn't.

ubersonic said:
Now the police are (finally) going to be getting proper powers to search our online storage if they have supporting evidence to justify it.

The only people who need to be worried about this are criminals, and the paranoid.

If it was to search an individuals online storage then sure, but it's not an individual because that's not how encryption works. And that's ignoring the fact that evidence to support a claim that the online storage of account XYZ is storing illegal data could only be proven if you already had evidence of illegal activity.

No the only people who need to be worried are not criminals and the paranoid...

Responding to “Nothing to hide, Nothing to fear”

This powerful sentence does many things: It encourages a complete trust in state powers – that you will never face wrongful suspicion or misuse of powers, for only the guilty are affected by mass surveillance.

www.openrightsgroup.org

Victims of police misconduct. For example, Doreen Lawrence and her family were surveilled in attempts to smear them and undermine their fight for justice.

MPs need privacy in particular for their constituency work, which involves meeting with people who share very personal stories and situations, and challenging the actions of the government. For example, recently MPs confidential calls with prison staff were recorded and monitored.

Disabled people are often scared of speaking out about mistreatment because they are can be put under direct surveillance by both government bodies, and neighbours, to try and ‘catch them out’ as ‘not really disabled’.

Environmental campaigners have for many years been under direct surveillance, particularly women who were deceived into having relationships with police officers.

Journalists are frequently at risk of big business and government surveillance tracking their leaks, their stories, their whistleblowers, and their criticism of the government and the police.

Whistle-blowers cannot expose wrong-doing, whether by the state or powerful businesses, in a world that always watches, but are meant to have special protections.

Lawyers rely on client confidentiality, a principle which is key for a fair trial, and for a working justice system.

People of minority sexualities and identities can lose their families or jobs or security when robbed of the control over who they share their identity with.

Doctors, hospital workers and their patients expect to have confidentiality when discussing personal health.

Encryption advocates and researchers are monitored for what they know in case they discover existing secrets, or new knowledge of security and software, which the government can use.

Muslim community face racial profiling and Islamophobia.

Women being harassed need the safety of anonymity and privacy, to defend against abuse in their online spaces and aggression like swatting in their homes.

Women stalked or tracked by abusive partners, which has become a problem so common that Women’s Aid has a clear and prominent guide to hiding your tracks online on its website.

Haggisman · 2025-02-07T23:22:23+0000

ubersonic said:
I see no issues here.

For centuries the police have been able to get a warrant to intercept our mail if they have supporting evidence to justify it.

For over a century the police have been able to get a warrant to listen in on our phone calls if they have supporting evidence to justify it.

Now the police are (finally) going to be getting proper powers to search our online storage if they have supporting evidence to justify it.

The only people who need to be worried about this are criminals, and the paranoid.

Tell me you don't understand encryption (and the risks of creating a "backdoor" in it) without telling me you don't understand encryption...

darael · 2025-02-08T00:07:26+0000

Not that I have anything to hide, but it makes me glad I wasn't sucked into the cloud trend. I keep my data on either local storage on my machine, or on external drives. It's served me well so far.

Fubsy · 2025-02-08T00:33:20+0000

darael said:
Not that I have anything to hide, but it makes me glad I wasn't sucked into the cloud trend. I keep my data on either local storage on my machine, or on external drives. It's served me well so far.

So you don't chat online at all?

Email. Instant messaging. Photo sharing/backups. Location settings all turned off? How about sat nav?

This stuff is insidious beyond belief. It's Stasi level of intrusion into people's communication/thoughts/beliefs. This will end trust, or whatever is left of the state.

Quartz · 2025-02-08T00:38:55+0000

ubersonic said:
For centuries the police have been able to get a warrant to intercept our mail if they have supporting evidence to justify it.

Yes, but this appears to be a blanket power, not targetted.

darael · 2025-02-08T00:40:42+0000

Fubsy said:
So you don't chat online at all?

Email. Instant messaging. Photo sharing/backups. Location settings all turned off? How about sat nav?

This stuff is insidious beyond belief. It's Stasi level of intrusion into people's communication/thoughts/beliefs. This will end trust, or whatever is left of the state.

I use WhatsApp, but I don't backup my chats to the cloud. I was referring to the storage and backup of files and photos to the cloud - I simply don't use OneDrive, Google Drive, Dropbox, etc, not even their free basic tiers. If the apps are on my phone, they are uninstalled or disabled. If the likes of WhatsApp and Google Photos have the option to automatically backup to the cloud, I turn it off.

Emlyn_Dewar · 2025-02-08T01:51:37+0000

It's pretty wild how far Britain is falling.
I hate the push to store anything in the cloud but I do let photos go on to it. Not sure my photos would be too interesting for the gov, my cat, beers and computer components

, but that's not the point.

Felon · 2025-02-08T09:25:49+0000

The thing that really makes me angry about this sort of thing, is how the government keep asking for more and more and more intrusion and reach into peoples personal lives, blame all the tech companies, blame the internet, blame the cloud, blame everybody else.

Yet when someone like the Southport killer is known to every half-arsed cretin-ridden government department, and his own parents are calling the police on their own child - they still **** up and enable him to commit mass murder of kids.

jpaul · 2025-02-08T10:08:08+0000

Southport - failures of the prevent system like Westminster killlings - inadequate/ineffective IT investment to join the dots ...

maybe they should just contract Apple(&Musk) to provide the profiling of the source data