hanohiki - stock.adobe.com
US says UK has agreed to drop encryption ‘back door’ demands against Apple
US and UK end diplomatic row over UK encryption ‘back door’ order against Apple, but it remains unclear whether Apple will restore advance encryption services to UK users
The US director of national intelligence has said that the UK has agreed to drop demands for Apple to create a “back door” that would have enabled the UK to gain access to the data of US citizens.
Tulsi Gabbard said the announcement followed discussions over the past few months with the UK, US president Donald Trump and vice-president JD Vance over the UK’s decision to issue an order against Apple requiring back-door access to encrypted data stored on Apple’s iCloud that could affect US citizens.
The announcement brings an end to a simmering political row between the US and the UK, following home secretary Yvette Cooper’s decision to issue a secret order under the Investigatory Powers Act 2016 against Apple in January.
The decision led Apple to withdraw its Advanced Data Protection (ADP) service, which offers encrypted cloud storage services, from UK customers, stating: “We have never built a back door or master key to any of our products or services and we never will.”
The Home Office has not stated whether it would continue to require Apple to provide access to encrypted data stored by UK users if Apple were to reinstate its ADP Service to Apple customers in the UK.
The Home Office said in a statement that it had longstanding arrangements with the US to tackle threats such as terrorism and child abuse, which included safeguards for privacy and state sovereignty.
Risk to US civil liberties
Gabbard wrote in a statement on X: “Over the past few months, I’ve been working closely with our partners in the UK, alongside @POTUS and @VP to ensure Americans’ private data remains private and our Constitutional rights and civil liberties are protected.
“As a result, the UK has agreed to drop its mandate for Apple to provide a ‘back door’ that would have enabled access to the protected encrypted data of American citizens and encroached on our civil liberties,” she said.
According to a report by the Financial Times, Vance – who has previously attacked Europe and the UK for limiting free speech – intervened to ensure the UK government withdrew “the current back-door order” to Apple.
Gabbard publicly raised concerns in a letter to US lawmakers that the UK’s order against Apple could “undermine Americans’ privacy and civil liberties”. President Trump has also criticised the order as something that would be expected in China.
Apple has made a formal complaint to the Investigatory Powers Tribunal over the UK order, known as a Technical Capability Notice, which is due to be heard in early 2026.
The Investigatory Powers Act 2016, also known as the “Snoopers’ Charter”, allows the UK to impose orders on companies requiring them to make technical changes to their systems and allow access to data by UK law enforcement and intelligence services, and applies both in the UK and extraterritorially.
UK users may still face encryption ban
Commenting on the US announcement, Jim Killock, Executive Director of Open Rights Group, a campaign organisation, said that although the UK may have dropped its demands for Apple to backdoor all of its users across the globe, UK users may still be banned from using Apple's ADP encryption service.
"If Apple does restore ADP to UK users, there will be serious questions of trust,” he added. "The UK's powers to attack encryption are still on the law books, and pose a serious risk to user security and protection against criminal abuse of our data."
Christopher Weatherhead, technology lead at civil society group, Privacy International has filed a legal challenge against the Home Office with Liberty at the Investigatory Powers Tribunal, said there fundamental issues with Technical Capability Notices.
“While Tulsi Gabbard's statement appears to be a positive step for American citizens, it neither changes the secret regime that exists with Technical Capability Notices, nor stops the UK Government from issuing other such notices in the future," he added.
Call to amend US Cloud Act
In the US , Greg Nojeim, of the non-profit Centre for Democracy and Technology, said the organisation cautiously welcomed the UK’s apparent decision to drop its demand for a back door, adding that back doors “put the privacy and security of consumers, businesses and nationals at risk.”
“The Administration should be more transparent about any deal it cut with the UK, and Congress should amend the CLOUD Act to prevent other countries from issuing similar orders to U.S. service providers. No foreign government should be able to force providers to disable end-to-end encryption, and threaten the privacy and security of Americans and users around the world,” he said.
Critical safeguards
The Home Office said its joint security and intelligence arrangements with the US to tackle the most serious threats, such as terrorism and child sexual abuse, “have long contained safeguards to protect privacy and sovereignty”.
The Home Office pointed to the US-UK Data Access Agreement, which allows UK and US law enforcement to request data from telecommunications companies when investigating serious crimes, and “includes critical safeguards to prevent the UK and US from targeting the data of each other’s citizens”.
“We will continue to build on those arrangements and we will also continue to maintain a strong security framework to ensure that we can continue to pursue terrorists and serious criminals operating in the UK,” a spokesman said. “We will always take all actions necessary at the domestic level to keep UK citizens safe.”
The Home Office said that it did not comment on operational matters including confirming or denying the existence of orders made under the Investigatory Powers Act.
Timeline of UK government’s order for a back door into Apple’s encrypted iCloud service
- 23 July: WhatsApp is refused right to intervene in Apple legal action on encryption ‘back doors’ – Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud.
- 21 July: UK may be seeking to pull back from Apple encryption row with US – UK government officials say that attempts by the Home Office to require Apple to introduce ‘back doors’ to its secure encrypted storage service will cross US red lines.
- 12 June: Apple encryption row: Does law enforcement need to use Technical Capability Notices? History shows that law enforcement can bring successful prosecutions without the need for the Home Office to introduce ‘back doors’ into end-to-end encryption.
- 11 June: WhatsApp seeks to join Apple in legal challenge against Home Office encryption orders – WhatsApp today applied to intervene in an Investigatory Powers Tribunal case that is considering the UK’s ability to issue a technical capability notice on Apple to ‘weaken encryption’.
- 11 June: Government using national security as ‘smokescreen’ in Apple encryption row – Senior conservative MP David Davis says the Home Office should disclose how many secret orders it has issued against telecoms and internet companies to Parliament.
- 5 June: US politicians are calling for Congress to rewrite the US Cloud Act to prevent the UK issuing orders to require US tech companies to introduce ‘back doors’ in end-to-end encrypted messaging and storage.
- 15 April: The Investigatory Powers Tribunal is a semi-secret judicial body that has made significant legal rulings on privacy, surveillance and the use of investigatory powers. What does it do and why is it important?
- 7 April: Investigatory Powers Tribunal rejects Home Office arguments that identifying the ‘bare details’ of legal action by Apple would damage national security, leaving open possibility of future open court hearings.
- 02 April: Apple has appealed to the Investigatory Powers Tribunal over an order by home secretary Yvette Cooper to give the UK access to customers’ data protected by Advanced Data Protection encryption. What happens next?
- 7 February: Tech companies brace after UK demands back door access to Apple cloud – The UK has served a notice on Apple demanding back door access to encrypted data stored by users anywhere in the world on Apple’s cloud service.
- 10 February: Apple: British techies to advise on ‘devastating’ UK global crypto power grab – A hitherto unknown British organisation, which even the government may have forgotten about, is about to be drawn into a global technical and financial battle, facing threats from Apple to pull out of the UK.
- 13 February: UK accused of political ‘foreign cyber attack’ on US after serving secret snooping order on Apple – US administration asked to kick UK out of 65-year-old UK-US Five Eyes intelligence sharing agreement after secret order to access encrypted data of Apple users.
- 14 February: Top cryptography experts join calls for UK to drop plans to snoop on Apple’s encrypted data – Some of the world’s leading computer science experts have signed an open letter calling for home secretary Yvette Cooper to drop a controversial secret order to require Apple to provide access to users’ encrypted data.
- 21 February: Apple withdraws encrypted iCloud storage from UK after government demands ‘back door’ access – After the Home Office issued a secret order for Apple to open up a back door in its encrypted storage, the tech company has instead chosen to withdraw the service from the UK.
- 26 February: US intelligence chief Tulsi Gabbard probes UK demand for Apple’s encrypted data – A secret order issued by the UK against Apple would be a ‘clear and egregious violation’ if it provides back door access to Americans’ encrypted data, says US director of national intelligence.
- 5 March: Apple IPT appeal against back door encryption order is test case for bigger targets – The Home Office decision to target Apple with an order requiring access to users’ encrypted data is widely seen as a ‘stalking horse’ for attacks against encrypted messaging services WhatsApp, Telegram and Signal.
- 11 March: Secret London tribunal to hear appeal in Apple vs government battle over encryption – A secret tribunal is due to meet at the High Court in London to hear tech giant Apple appeal against a Home Office order to compromise the encryption of data stored by its customers on the iCloud service worldwide.
- 13 March: US Congress demands UK lifts gag on Apple encryption order – Apple and Google have told US lawmakers that they cannot tell Congress whether they have received technical capability notices from the UK.
- 14 March: The Investigatory Powers Tribunal holds a day-long secret hearing into an appeal brought by Apple against a government notice requiring it to provide law enforcement access to data encrypted by its Advanced Data Protection service on the iCloud, despite calls for the hearing to be opened to the public.
- 24 March: Gus Hosein, executive director of Privacy International – Why I am challenging Yvette Cooper’s ‘secret back door’ order against Apple’s encryption.
- 31 March: Apple devices are at ‘most risk’ in UK following government ‘back door’ order, Lord Strasburger tells the House of Lords as a Home Office minister declines to give answers.
Read more on Privacy and data protection
-
![]()
Senator warns of new UK surveillance risks to US citizens following Apple ‘backdoor’ row
By: Bill Goodwin
-
![]()
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’
By: Bill Goodwin
-
![]()
UK may be seeking to pull back from Apple encryption row with US
By: Bill Goodwin
-
![]()
Apple encryption row: Does law enforcement need to use Technical Capability Notices?
