encryption

THE US CONGRESS STANDS UP FOR APPLE AND CONSUMER PRIVACY EVERYWHERE

MARCH 13, 2025 | Today a bipartisan group of US lawmakers signed onto a joint letter calling on the UK’s government to immediately bring transparency to their upcoming hearing for Apple on March 14th. The American technology company has found themselves in a standoff with the UK’s Home Office, which demanded backdoor access to encrypted Apple iCloud data under the Investigatory Powers Act. 

Stephen Kent  of the Consumer Choice Center, an international consumer advocacy group based in Washington, D.C., London and Ottawa reacted to the letter from Congress:

“British authorities are actively harming their own people’s privacy and data security by pursuing backdoor access to Apple’s consumer encryption. The United States correctly sees this as a domestic threat, because a backdoor in the UK means a backdoor for access to Apple users’ cloud data everywhere.”

The demand by US Senators Ron Wyden and Alex Padilla, as well as Congressmen Andy Biggs, Warren Davidson and Zoe Lofgren, is that the UK make their March 14th hearing public so that its proceedings can be analyzed by cybersecurity experts and the US Congress. 

“The US government has changed its tune in recent years on the issue of encryption. They went from being outright hostile to encryption like the kind Apple provides, over concerns about countering terrorism, to then realizing it was the only thing keeping consumers safe whatsoever from massive foreign hacks,” Kent continued. 

Mike Salem of the Consumer Choice Center’s UK office told media in February about the clash between British authorities and Apple, saying “This marks a very sad day for the basic principle of consumer privacy in the 21st century, depriving users of the tools that leave UK citizens exposed to governments, criminals and malicious hackers. The fact this has been done without debate, oversight or advance warning to UK Apple users is extremely concerning.”

The Consumer Choice Center applauds Republicans and Democrats of the US Congress, as well as the Trump Administration, in their vocal defense of consumer privacy in the case of Apple vs the UK’s Home Office. We hope the Investigatory Powers Tribunal yields to the request of the US Congress and makes their hearing public, before taking steps to walk back this disastrous attack on encryption which has left UK consumers without the protection of Apple’s Advanced Data Protection tool. 

###

FOR UK or US MEDIA QUERIES and INTERVIEWS PLEASE CONTACT:

Stephen Kent

Consumer Choice Center

stephen@consumerchoicecenter.org

The Consumer Choice Center is an independent, nonpartisan consumer advocacy group championing the benefits of freedom of choice, innovation, and abundance in everyday life for consumers in over 100 countries. We closely monitor regulatory trends in Washington, Brussels, Ottawa, Brasilia, London, and Geneva. Find out more at www.consumerchoicecenter.org.

DNI Director Gabbard Stands Up For Apple & Consumer Privacy 

FEB 27, 2025 | Tulsi Gabbard, now U.S. Director of National Intelligence, has confirmed that U.S. officials and DNI lawyers are now reviewing whether the United Kingdom breached a bilateral treaty known as the CLOUD Act. Under the agreement, the UK is prohibited from demanding access to the data of U.S. citizens or individuals within U.S. borders. 

Stephen Kent, Media Director for the Consumer Choice Center, an international consumer advocacy group based in Washington, D.C., reacted to news of Gabbard’s invoking the CLOUD Act:

“Gabbard is spot on in her defense of American consumers at home and abroad being threatened by the UK’s effort to break Apple’s encryption for users. The nature of consumer encryption tech is that if it’s broken anywhere, it’s broken everywhere. The UK is acting more like China and less like a democratic ally of the US.”

The UK’s Home Office demanded access to encrypted Apple iCloud data under the Investigatory Powers Act (IPA, which would create a “backdoor” for the UK to Apple’s encryption for all its consumers worldwide. As a result, Apple has opted to suspend its Advanced Data Protection encryption feature for UK users. 

“This mode of thinking is why Europe was taken off guard last week by Vice President JD Vance’s speech at the Munich Security Conference. What Gabbard is pointing out in her defense of encryption is that an ally of the United States is trying to violate their citizens’ privacy in a way that compromises consumers in the United States,” Kent continued. 

“The FBI under former Director Christopher Wray used to advocate for the same ‘backdoor’ access to encryption, but they’ve since changed their tune about encryption because of the rising threat of foreign data hacks, which pose huge risks to American consumers and companies.”

Cybersecurity analysts have long warned that any backdoor created for a government could eventually be discovered and misused by cybercriminals and hostile foreign actors. The UK’s push to weaken encryption disregards these risks, potentially exposing sensitive data to hackers and bad actors worldwide.

Kent concluded, “There are few consumer privacy issues as important in the world today as maintaining the integrity of encryption technology and services. The Trump Administration should pull no punches in letting Keir Starmer’s government know that this kind of ‘big brother’ behavior won’t be tolerated and makes our people worse off.” 

FOR MEDIA QUERIES OR INTERVIEWS PLEASE CONTACT:

Stephen Kent

Consumer Choice Center

stephen@consumerchoicecenter.org

###

The Consumer Choice Center is an independent, nonpartisan consumer advocacy group championing the benefits of freedom of choice, innovation, and abundance in everyday life for consumers in over 100 countries. We closely monitor regulatory trends in Washington, Brussels, Ottawa, Brasilia, London, and Geneva. Find out more at www.consumerchoicecenter.org.

The UK Government’s spying requests force Apple to phase out encryption for users

A logo with orange and blue letters Description automatically generated

London, UK – As of this afternoon, new Apple users in the UK can no longer enable Advanced Data Protection (APD) of their data, an end-to-end encrypted backup. In response to the government’s requests to secure a backdoor to Apple’s encrypted ecosystem, the company has decided to abandon this feature, and will still only provide data with law enforcement, if they have a warrant

In a statement, Mike Salem, UK Country Associate for the Consumer Choice Center (CCC), reacted to the news: 

This unfortunate move is a direct result of the government’s own decision to force tech companies to hand over the keys to our data, giving them a blank cheque to access any of our information without due process.”

“Everyone in the UK should be extremely worried about what the government aims to access not just in the UK, but across the world. Over 40 public authorities, including police, intelligence agencies, HMRC, and even local councils can apply for such warrants with broad powers for communication and data surveillance, and with guaranteed approval.”

“The UK government has set a precedent, and cast a new reputation that underscores the erosion of personal liberties and privacy in a digital age where these values are needed more than ever.”

“This marks a very sad day for the basic principle of consumer privacy in the 21st century, depriving users of the tools that leave UK citizens exposed to governments, criminals and malicious hackers. The fact this has been done without debate, oversight or advance warning to UK Apple users is extremely concerning.”

The CCC calls on the government to once again outline its reasons for the necessity and proportionality of such measures as soon as Monday in Parliament, and to urge parliamentarians in opposition to hold the government to account so that consumers can once again elect to encrypt and secure their data.

The Consumer Choice Center is a non-profit organisation dedicated to defending the rights of consumers around the world. Our mission is to promote freedom of choice, healthy competition and evidence-based policies that benefit consumers. We work to ensure that consumers have access to a variety of quality products and services and can make informed decisions about their lifestyle and consumption.

The UK Wants a Backdoor into EVERYONE’S Apple Cloud Data

Hide your group chat history. The UK has demanded Apple build a backdoor to its encryption services, giving the British police full key access to any Apple consumer’s content stored on the cloud.

And yes that means Apple users everywhere. Not just specific British users, but you, me, and every boomer with an iPhone. And if they comply with the British on this, Apple won’t even be permitted to warn consumers that the security of data doesn’t include security from the British government. 

Break Apple’s Encryption For All Its Users

The British government has served Apple with a Technical Capability Notice under the Investigatory Powers Act of 2016, also known as the Snoopers’ Charter—a fitting name, considering its intent. This law gives law enforcement the power to demand access to encrypted communications, overriding any security measures tech companies put in place.

But here’s the kicker: Apple wouldn’t even be allowed to warn its users that this is happening. We only know about this development because of leaks being reported by tech journalists at the Washington Post. This isn’t about targeting specific criminals with a warrant. The UK wants Apple to create a master key, a built-in vulnerability that would let the government unlock any iPhone’s cloud-stored content at will. And if Apple complies? The floodgates open.

Mike Salem of the Consumer Choice Center’s UK team put it well by saying,

“This is far beyond proportional as a response to national security threats, and sets an extremely dangerous precedent. Notices such as these will be served to other companies and other countries will want access to the same data the UK is trying to access. Crucially, it leaves all iCloud users in a vulnerable position, with information such as their personal details and photos exposed and un-encrypted, allowing criminals and foreign adversaries full access.”

Why Encryption Matters

Encryption is the bedrock of digital security.

At its most basic, it’s no different than when you’re in school and passing a note in class but every word is coded to mean something else so that the contents are a secret. See You After Class For Football Practice could be coded 10 thousand different ways and actually mean This Teacher Is Super Weird OMG Cringe. Like with ciphers or coded messages, letters are scrambled, but with digital encryption, the code – or key –for the note passed in class, changes after every single use. In the real world, that is the foundation of encrypted chat like WhatsApp, Signal, or iMessage on an Apple device or even HTTPS on your browser. 

Governments have long been frustrated by this. Former FBI Director Christopher Wray once argued before Congress that they should legislate a ban on commercial and personal encryption to help law enforcement catch criminals. He later reversed his position to encryption being the best consumer bulwark against Chinese hacks. The argument is always the same: they need access to encrypted devices to investigate crimes.

What the UK Is Demanding

Here’s the problem—weakening encryption for one case weakens it for everyone. If Apple builds a backdoor for the UK government, it’s only a matter of time before other governments demand the same access. And once an encryption backdoor exists, it’s a security risk that bad actors could exploit.

Rather than requesting access to specific user data through proper legal channels, the UK government is demanding a built-in backdoor that would allow authorities to unlock and access any Apple user’s stored data at will.

Apple has long resisted such demands, particularly when it comes to iPhone security. The company introduced Advanced Data Protection (ADP) in 2022, allowing users to fully encrypt their iCloud backups—meaning not even Apple could access them. It was a long-awaited move, especially after the FBI pressured Apple to delay rolling it out years earlier during Trump’s presidency.

Most iPhone and Mac users don’t enable ADP, but those who do gain significantly stronger protections against hacking, unauthorized surveillance, and data breaches. If Apple complies with the UK’s order, this level of security could be erased overnight.

What Happens Next?

Right now, Apple is legally forbidden from confirming whether it received the UK’s demand. However, leaks suggest Apple’s likely response will be to end encrypted storage in the UK entirely rather than compromise its security model. That decision would impact millions of UK users, but it’s entirely in the hands of secretive review boards that Apple will be appealing to behind closed doors.

The Bigger Picture

This fight is part of a larger trend—governments worldwide are pushing for more control over encrypted services, whether it’s cloud storage, messaging apps, or even VPNs that let users bypass restrictive online regulations.

But here’s the reality: Apple knows that consumers expect privacy, and it has shown a willingness to fight for encryption when it matters. That’s why it’s crucial to speak up, vote with your wallet, and protect your data.

✔ Enable Advanced Data Protection
✔ Update your passwords regularly
✔ Stay informed on digital privacy laws

Because once encryption is gone, it’s gone for good.

🚩EU Council Members Should Vote Down Chat Control to Protect Encryption

In the wake of last week’s EU parliamentary elections, the European Council is wrapping up negotiations in the final proposals of this mandate. Chief among these is a proposed regulation that would mandate the scanning of digital communications to “prevent and combat child sexual abuse”.

While its name is uncontroversial, the devil is in the details. In short, this proposal would end the wide adoption of end-to-end encrypted services that millions have come to enjoy and rely on, what critics call “chat control”.

In the various debates throughout the last week, EU Council members have discussed and debated the various technical features and applicability of this law. The latest inter-institutional file tracking the progress of the regulation demonstrates that many member states have serious concerns about what this law would usher in.

According to leaked documents, a final vote could happen as soon as this Wednesday. The German Pirate Party has provided additional information about how citizens can weigh in on this proposal.

If this regulation is enacted in its current form, newfound powers would grant police the ability to force encryption messaging providers to scan and moderate content in real-time to avoid liability from prosecution.

This means email services, messaging apps, VPNs, company databases, file uploads on secure servers, and much more will be be required to detect and report any image, link, or material related to sexual exploitation, or general crime.

While this may seem like a reasonable political demand, the wide adoption of encryption protocols and their technical function means there would no longer be any secure communications between European citizens.

In addition, there is no guarantee that this newfound ability would not be abused by certain authorities to punish citizens who are otherwise practicing their free speech or using encrypted services to protect their information.

As has been pointed out by Meredith Whittaker, president of the messaging app Signal, there is no technical nor feasible way to comply with this regulation without breaking encryption altogether, rendering the entire point of encryption moot.

This applies to financial information, company intellectual property, family chat groups, and online browser history. In fact, much of the modern Internet relies on encryption to securely and privately transmit data without getting into the hands of hackers and bad actors.

Rather than tasking police agencies in members states with using lawful court orders and warrants to seek out information on matters related to crime, the European Commission would like to technologically implement backdoor systems for encryption. For European consumers who appreciate and benefit from tech innovation, this should be a non-starter.

As I mentioned in my article on EU Tech Loop, ordinary consumer products have implemented encryption protocols to safeguard their users and their information. This has proven to be a marvel of innovation, and has unlocked new capabilities in digital services.

Encryption is not a tool sought by criminals, abusers, and bad actors, but rather a pinnacle part of the modern digital economy, used by hundreds of millions of customers, citizens, and workers to protect their data and secure their communication.

When the various member state leaders meet at the European Council this week and throughout the summer, we hope they will cast dissenting votes to protest against the proposed Chat Control plans.

European citizens should feel empowered to write their own national members of parliament, as well as Members of European Parliament to voice their opposition.

In seeking to undo this regulation, we should reimagine how democratic societies can effectively prevent and prosecute crime without resorting to mass surveillance.

en_USEN
it_ITIT pt_BRPT fr_FRFR es_ESES de_DEDE en_USEN

Follow us

Facebook-f Twitter Instagram Linkedin Youtube Spotify

WASHINGTON

712 H St NE PMB 94982
Washington, DC 20002

BRUSSELS

Rond Point Schuman 6, Box 5 Brussels, 1040, Belgium

LONDON

Golden Cross House, 8 Duncannon Street
London, WC2N 4JF, UK

KUALA LUMPUR

Block D, Platinum Sentral, Jalan Stesen Sentral 2, Level 3 - 5 Kuala Lumpur, 50470, Malaysia

OTTAWA

718-170 Laurier Ave W Ottawa, ON K1P 5V5

info@consumerchoicecenter.org

© COPYRIGHT 2025, CONSUMER CHOICE CENTER

Also from the Consumer Choice Center: ConsumerChamps.EU | FreeTrade4us.org