Home Office issues new ‘backdoor’ order over Apple encryption
A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service
The government has reignited a row with Apple by issuing an order requiring the technology company to provide warranted access to encrypted data stored by British users on the supplier’s iCloud service.
In a previous order, the Home Office sought access to data and messages stored by Apple users from any country, including the US, in a move that sparked a diplomatic row with the Trump administration.
The Financial Times reported that the Home Office issued a second order in September, requiring Apple to provide the UK with access to encrypted cloud backups, but only for British citizens.
The Home Office issued a technical capability notice (TCN) against Apple in January, requiring the company to provide the technical capability for the UK to access encrypted data on Apple’s iCloud backup service worldwide.
“As we have said many times before, we have never built a backdoor or master key to any of our products or services, and we never will,” the company said in a statement.
“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK, given the continuing rise of data breaches and other threats to customer privacy,” it added.
Apple has filed a legal challenge against the Home Office to the Investigatory Powers Tribunal, along with Privacy International and Liberty, in a case that is due to be heard in January 2026.
It is not clear whether or how Apple will be able to distinguish between users who are British citizens, US citizens based in the UK, or British citizens in the US, raising questions over how Apple will comply with the latest Home Office order.
While this seems like progress ... the new order may be just as big a threat to worldwide security and privacy as the old one
Caroline Wilson Palow, Privacy International
Caroline Wilson Palow, legal director at Privacy International, said the latest order issued by the government could still impact the security and privacy of users of Apple devices.
“While this seems like progress – and it is in the sense that the UK is clearly reacting to the global concern and US government pressure generated by its original directive to Apple – the new order may be just as big a threat to worldwide security and privacy as the old one,” she said.
“In the name of protecting the UK people, the UK government is instead undermining a crucial security protection, which seems ill-advised in a world where security risks are mounting every day,” she added.
The Home Office issues TCNs under the Investigatory Powers Act 2016 to require technology companies to introduce technical capabilities to conduct surveillance.
The TCN issued against Apple was approved by the investigatory powers commissioner, Brian Leveson.
Law enforcement and intelligence agencies are required to obtain warrants, signed by a judicial commissioner, to access data from Apple.
Timeline of UK government’s order for backdoor access into Apple’s encrypted iCloud service
29 August: Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm – A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world.
19 August: US says UK has agreed to drop encryption ‘backdoor’ demands against Apple – US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users.
23 July: WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’ – Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud.
14 March: The Investigatory Powers Tribunal holds a day-long secret hearing into an appeal brought by Apple against a government notice requiring it to provide law enforcement access to data encrypted by its Advanced Data Protection service on the iCloud, despite calls for the hearing to be opened to the public.