In
the wake of a renewed debate over the use of encrypted communications,
Apple is urging the British Parliament to reconsider its new beefed-up
surveillance proposals.
The
company submitted a strongly worded objection to the U.K.’s Scrutiny
Committee today in a response to a law drafted in November. If passed
this spring, the legislation — dubbed the Investigatory Powers Bill —would legally require companies to bypass encryption at the request of the government, among many other provisions.
The
eight-page letter, which was provided to Yahoo News by Apple, argues
that the bill in question “threatens to hurt law-abiding citizens in its
effort to combat the few bad actors who have a variety of ways to carry
out their attacks.” The California-based company, which has included
encrypted privacy measures in its computers and smartphones for over 10
years, argued that forcing backdoors into products “would weaken the
protections built into Apple products and endanger all our customers.”
The move comes amid a heated debate about the use of encryption in consumer technology, spurred by revelations that terrorists may have communicated via encrypted messaging services such as WhatsApp and Telegram prior to the Nov. 13 Paris attacks.
FBI
Director James Comey has argued that terrorists are increasingly using
this technology — which scrambles the content of a message so that only
its sender and receiver can read it — to “go dark.” In a recent Senate
hearing, he called on U.S. tech companies
that offer end-to-end encryption to rethink their business models,
implying they should provide exceptional access to the government when
needed. Cryptographers and cybersecurity activists unanimously agree
that there’s no way to do this without entirely compromising the
security of all encrypted communications. Major tech companies,
including Google, Microsoft and Facebook, have fought law enforcement in
court and at the legislative level over this issue for years.
The
United Kingdom is just one of many countries to propose legislation
aimed at regulating encryption. Soon after the attacks in Paris, the
French newspaper Le Monde published documents
discussing potential legislation to “forbid free and shared Wi-Fi
connections” during emergencies and block the use of the Tor anonymity
network. (Prime Minister Manuel Valls denies
that these proposals ever existed.) In the United States, Sen. Dianne
Feinstein, D-Calif., and Senate Intelligence Chairman Richard Burr,
R-N.C., recently announced they hope to pass a law that would require companies to decrypt data under court order.
“I
think this world is really changing in terms of people wanting the
protection and wanting law enforcement, if there is conspiracy going on
over the Internet, that that encryption ought to be able to be pierced,”
Feinstein said earlier this month.
Apple’s
testimony argued that “increasingly stronger — not weaker — encryption
is the best way to protect against” terrorist threats. It also
recommended that the bill provide more detail on what might be required
of those who are served warrants, and parts of it should not apply to
overseas providers.
“This
would immobilize substantial portions of the tech sector and spark
serious international conflicts,” it reads. “It would also likely be the
catalyst for other countries to enact similar laws, paralyzing
multinational corporations under the weight of what could be dozens or
hundreds of contradictory country-specific laws.”
Though Apple does comply
with law enforcement requests by providing certain types of metadata,
it has also denied court access to encrypted communications that take
place in iMessage and FaceTime. This past summer, for instance, the
Justice Department obtained a court order for a case involving drugs and
guns, demanding Apple turn over real-time text messages between
suspects using iPhones. The company responded by saying it could not technically comply.
In another case this fall, Apple said
it could feasibly recover information on mobile devices running iOS 7,
but because “public sensitivity to issues regarding digital privacy and
security is at an unprecedented level,” doing so “could threaten the
trust between Apple and its customers and substantially tarnish the
Apple brand” and ultimately cause “a longer term economic impact.”
By: Alyssa Bereznak.
Review: Emerging Market Formulations & Research Unit, Flagship Records.
For The #FacebookTeam