Apple is opposing provisions in a draft UK law that would weaken online encryption by requiring built-in cyber “backdoors” for government spies. The US e-gadgets company says backdoors harm rather than help security.
Apple submitted a written opinion to a British parliamentary committee that criticised the draft Investigatory Powers Bill (IPB) now before Parliament. IBP would give British police and spies sweeping powers, greater than those of governments in other Western countries – including the power to comprehensively track which websites people visit and to crack all electronic communications.
IPB proposes to achieve this by requiring Internet companies to build “backdoors” into their software which would enable government agencies to open or track any and all electronic communications – in essence making all electronic communications and Web behaviors transparent to the government.
IPB would allow government security agencies to monitor the online behaviors and communications of individuals they deem worthy of investigation without, as at present, first obtaining a warrant from a judge.
In the aftermath of American cyber-security contractor Edward Snowden’s leaks revealing massive illegal surveillance by US and British spy agencies, Western governments, corporations and civil society have grappled with the contradictions between cyber-privacy and cyber-surveillance, with terrorist acts by Islamist jihadists adding urgency to the debate.
Cyber insecurity
California-based Apple, which uses end-to-end encryption on its FaceTime and iMessage communications platforms, said IPB’s proposal for Internet corporations to add backdoors to their encryption software was a mistake. Apple’s view was that the best way to protect against increasingly sophisticated cyber-hacking by criminals was to put into place stronger, not weaker, encryption.
Any cyber-backdoor, experts have said, would be crackable by cyber-criminals.
“A key left under the doormat would not just be there for the good guys,” Apple wrote in its submission to the parliamentary committee. “The bad guys would find it too…. We believe it is wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat.”
In addition to enabling bulk interception of communications data, the bill would also allow government security agencies to perform “equipment interference,” in which spies take over computers or smartphones to access their data.
Apple also said the IPB’s proposed requirements demanding companies to technologically assist agencies in breaching clients’ privacy would amount to requiring non-UK companies to take actions that violate privacy laws of their home countries. Moreover, the UK law would probably inspire other countries to enact similar legislation.
European Union authorities are also developing new regulations governing cyber security.
A report published Tuesday by the Financial Times has said that several other Internet companies, including Google, Facebook, Twitter, Yahoo and Microsoft, are expected to send position statements about IPB to the relevant UK parliamentary committee with a similar stance to Apple’s.
nz/hg (dpa, Reuters)