On February 20th, Fair Vote UK, Big Brother Watch, Reporters Without Borders, Privacy International, and Index on Censorship signed off on a letter to Yvette Cooper, the Home Secretary of the United Kingdom. Recent reports suggest that the UK government has issued a secret 'Technical Capability Notice' to Apple, which would require the company to create a backdoor into its encrypted cloud storage services. This effectively grants UK security officials access to the protected data of Apple users worldwide.

We've collectively written to the Home Secretary to ask six crucial questions given the serious concerns this move raises about privacy, digital security, press freedom and the UK’s global reputation as a defender of civil liberties. These are the questions we've asked:

1. Can you confirm or deny that the Home Office has issued a Technical Capability Notice toApple, requiring backdoor access to encrypted cloud storage?

2. If such a notice has been issued, under what legal and proportionality considerations was it justified? The Investigatory Powers Act, while broad, is bound by principles of necessity and proportionality. How does a blanket decryption demand align with these principles?

3. What safeguards are in place to ensure that this capability is not misused? There is a well-documented risk that once such a backdoor exists, it could be exploited by malicious actors, including hostile foreign governments and cybercriminals. Even one forced breakage of end-to-end encryption risks undermining its entire utility globally, leaving the UK as a cause of a worldwide end to privacy.

4. What assessment has been made of the potential economic and reputational damage this order could cause? If Apple withdraws encrypted storage from the UK market rather than comply, it could leave UK users with weaker security protections than those available in other democracies. Additionally, the UK risks being perceived as an outlier in global privacy and digital rights discussions.

5. Has the UK government consulted with international partners before issuing this demand?How does this align with the UK’s commitments to shared intelligence and cybersecuritypolicies within the Five Eyes alliance?

6. Will UK citizens and affected users be informed if their encrypted data is accessed under this order? The secrecy provisions of the Investigatory Powers Act prevent Apple from notifying users, but should British citizens not be made aware if their personal data is subject to government surveillance?

The gradual erosion of end-to-end encryption in recent years, one of the most important tools we have to protect individuals' data privacy, is deeply concerning. The UK government itself has acknowledged the importance of encryption in keeping UK citizens safe.

The letter was signed by: 

Kyle Taylor, Founder, Fair Vote UK, Rebecca Vincent, Interim Director, Big Brother Watch, Jemimah Steinfeld, CEO, Index on Censorship, Fiona O’Brien, UK Director, Reporters Without Borders, and Ilia Siatitsa, Programme Director, Privacy International