In response to reports that the UK government has issued a secret order compelling Apple to provide backdoor access to encrypted data of any user around the world, the Information Technology and Innovation Foundation (ITIF) issued the following statement from ITIF Vice President Daniel Castro:
Ordering Apple to weaken its end-to-end encryption is a dangerous and unjustified overreach that threatens the security and privacy of individuals and businesses around the world.
End-to-end encryption is a cornerstone of digital security, providing individuals and organizations with the means to protect the confidentiality of their data from malicious actors. While law enforcement agencies should have the authority to compel access to specific data held by third parties in the course of legitimate investigations, demanding that companies deliberately undermine their own security features crosses a critical red line. This is not about lawful access to data; it is about fundamentally weakening the technology that keeps Internet users safe.
We and other experts have warned for years that the UK was inching toward this perilous territory. It appears that moment has arrived. By ordering Apple to modify its technology so that the company holds the keys to encrypted data rather than the user, the UK is not enhancing security; it is eroding it. This measure will not prevent bad actors from accessing strong encryption. Encryption tools are widely available as open-source software and from providers around the world; they cannot be eradicated by government fiat. So, terrorists, criminals, and hostile foreign entities can and will continue to use them.
What this order will do, however, is make commercial products less secure for ordinary consumers, businesses, and civil society. It exposes sensitive personal and corporate information to greater risk of cybercrime, data breaches, and unauthorized surveillance. Moreover, because the UK’s order applies globally, its harmful effects will extend far beyond its borders, undermining the security of users worldwide.
The UK government should reveal the full details of its order so that there can be an open, public debate about this critical issue. Transparency is essential when decisions of such magnitude affect the privacy and security of millions of people globally.
Additionally, we urge other countries that value privacy and security to push back against the UK’s overreach in international forums. Allowing one nation to set a precedent that compromises global digital security should not go unchallenged.
This precedent is particularly troubling because it provides cover for authoritarian regimes seeking to justify their own efforts to circumvent encryption, often under the guise of national security but with the real aim of suppressing dissent and violating human rights.
We urge the UK government to reconsider this misguided approach. Strong encryption is not a barrier to security; it is a foundation of it. Undermining encryption makes everyone less safe.
The ITIF focuses on a host of critical issues at the intersection of technological innovation and public policy—including economic issues related to innovation, productivity, and competitiveness; technology issues in the areas of information technology and data, broadband telecommunications, advanced manufacturing, life sciences, and clean energy; and overarching policy tools related to public investment, regulation, taxes, and trade.
