In response to impending legislative modifications aimed at bolstering state intelligence agencies’ digital surveillance capabilities, Apple has indicated its readiness to discontinue offering iMessage and FaceTime services in the U.K. rather than succumbing to governmental demands.
This revelation, initially made public by BBC News, signifies Apple’s alignment with other parties objecting to proposed amendments to the Investigatory Powers Act (IPA) 2016. These changes could potentially neutralize the protective shield of encryption.
The Online Safety Bill, at the heart of this debate, compels companies to implement technology that scans for child sex exploitation and abuse (CSEA) material and terrorism content across encrypted messaging apps and other services. It further stipulates that prior to releasing any security features, messaging services must obtain approval from the Home Office. If necessary, they should be capable of promptly deactivating these features without public disclosure.
Though the Bill does not specifically demand the elimination of end-to-end encryption, it effectively weakens it. Services must scan all messages to identify and remove flagged content. Critics argue this is an excessive measure enabling the government to conduct widespread interception and surveillance.
Apple communicated to the British broadcaster that such a provision poses a “serious and direct threat to data security and information privacy.”
Earlier in April, several messaging apps currently supporting encrypted chats, including Element, Signal, Threema, Viber, WhatsApp owned by Meta, and Wire, issued an open letter. They implored the U.K. government to revise its strategy and “encourage companies to offer more privacy and security to its residents.”
“The Bill provides no explicit protection for encryption, and if implemented as written, could empower OFCOM to try to force the proactive scanning of private messages on end-to-end encrypted communication services – nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users,” the letter stated.
Apple had previously announced plans to flag potential problematic and abusive content within iCloud Photos. However, in response to resistance from digital rights groups concerned about potential misuse undermining user privacy and security, the tech giant abandoned this plan last year.
This is not the first time this friction between end-to-end encryption and the necessity to combat serious online crimes has emerged.
In May 2021, WhatsApp filed a lawsuit against the Indian government to prevent the enforcement of internet regulations. These would obligate the messaging app to disrupt encryption by introducing a traceability feature to identify the “first originator of information,” or face criminal penalties. The lawsuit is still pending.
Apple’s refusal to capitulate aligns with its public stance on privacy, portraying itself as a “privacy hero” compared to other companies that rely on collecting user data for targeted advertising.
However, this position may seem disingenuous given that every message sent to or received from a non-Apple device is unencrypted – as SMS does not support end-to-end encryption – potentially paving the way for governmental surveillance.