[ad_1]
Apple is on a collision course with the UK government over an online safety bill, after the company announced new privacy changes that would limit law enforcement agencies’ ability to access user data.
The new privacy feature, called “Advanced Data Protection for iCloud,” lets users apply end-to-end encryption to all their data stored in the cloud, including device backups, message history, and photos. It’s already available in the US to users who have signed up to the company’s beta program, and will ship worldwide in early 2023, Apple says.
End-to-end encryption is a form of security that means no one but the intended recipient has the ability to decrypt the files—not even the service provider itself, even if they are asked or forced to by law enforcement.
Apple’s iMessage service has been end-to-end encrypted since 2014, a fact that has caused some concern for police and spy agencies around the world. But until now, they had another way to access the targets’ communications: demanding that Apple hand over unencrypted user backups. That option may also disappear now.
That could put Apple at odds with the government. The upcoming online safety bill requires companies to take steps to limit the spread of child sexual exploitation content and content promoting terrorism in messaging apps, and gives Ofcom the power to issue technical notices to change products if they don’t comply.
“We support strong encryption but it cannot come at the expense of protecting the public. End-to-end encryption cannot be allowed to hinder efforts to catch perpetrators of the most serious crimes,” a government spokesperson said.
“The Online Safety Bill will require firms to comply with stronger child protection duties, and we are committed to continuing to work with the tech industry to develop innovative solutions that protect public safety and privacy.”
But the change has been welcomed by civil liberties groups. “The Home Office should stop companies from putting their customers at risk and supporting encrypted technologies, rather than trying to undermine them,” said Jim Killock, director of the Open Rights Group.
“Collective insecurity is a boon for criminals who want our personal information for malware and fraud. The Home Office and DCMS must abandon their efforts to regulate, limit and compromise encryption through the Online Safety Bill or through threats to use other secret powers such as technology capability notices.”
Along with the move to encrypt backups, Apple quietly dropped another proposal: to scan photos shared on devices for known instances of child sexual abuse content. Child protection groups have called for that decision to be reversed, arguing that the introduction of encryption for backups makes such “on-device scanning” more valuable.
“Apple developed a world-leading, privacy-preserving, non-intrusive way to detect criminal content where scanning will only occur when the software is convinced that the image contains child sexual abuse,” said Dan Sexton, CTO of the Internet Watch Foundation. which coordinates the removal of such images from the web.
“The introduction of end-to-end encryption is an opportunity for them to revisit this solution. If companies want to introduce more encryption into their services, they need to ensure that children get at least the same protection.”
Instead, Apple said, it will focus on a separate child safety feature, “Communication Safety,” which works to intervene when a child tries to send or receive an explicit message. “We have … decided not to move forward with our previously proposed CSAM search tool for iCloud Photos,” the company said in a statement.
“Children can be protected without companies attaching personal data, and we will continue to work with governments, child advocates and other companies to keep young people safe, preserve their right to privacy and make the internet a safer place for children and us. All.”
[ad_2]
Source link