Apple is threatening to remove iMessage and FaceTime in the UK because of proposed changes to surveillance laws.
The iPhone maker opposes Government plans to give the Home Office powers to issue injunctions to intercept encrypted messages and quietly disable security features. Critics have labelled the changes a “snooper’s charter”.
End-to-end encryption scrambles messages into a code that can only be deciphered by the devices sending and receiving them. Tech companies claim the feature is a bedrock of private communications, a view that has pitted them against the UK government.
Apple’s latest concerns relate to a planned update to the Investigatory Powers Act (IPA) 2016, which allows the Home Office to issue a technology capability notice (TCN) to firms demanding they disable security features. The legal mechanism can force messaging apps to remove or weaken protections applied to communications or data.
Under the update, companies served a TCN would have to obey it immediately and without alerting the public.
Currently, there has to be a review, or an independent oversight process, with tech firms given the right to appeal before taking action.
Apple wrote to the government that the changes to surveillance laws would give the Home Office oversight of security changes to its products, including regular iOS updates.
The proposals would effectively grant the home secretary control over security and encryption updates globally, Apple said, and would “make the Home Office the de facto global arbiter of what level of data security and encryption are permissible”.
Echoing statements made by fellow messaging providers WhatsApp and Signal, Apple said that it would never build a “backdoor” into its products for a government to use, and that it would withdraw security features in the UK market instead.
Apple noted that the proposed changes would “result in an impossible choice between complying with a Home Office mandate to secretly install vulnerabilities into new security technologies (which Apple would never do), or to forgo development of those technologies altogether and sit on the sidelines as threats to users’ data security continue to grow.”
The Home Office says the IPA was designed to protect the public from criminals, child sex abusers and terrorists. It adds that all legislation is kept under review and the IPA consultation is part of the process, and that no decisions have yet been made.