A controversial U.K. surveillance bill would seriously threaten privacy and security by forcing companies to compromise their products’ encryption, Apple warned Monday.
Section 189 of the Investigatory Powers Bill, currently under debate in the British Parliament, requires companies to comply with government demands for “the removal of electronic protection applied by a relevant operator to any communications or data.” Tech companies, security experts, and open-Internet groups argue that this amounts to a prohibition on end-to-end encryption, a form of protection so sophisticated that device manufacturers cannot break it.
In a letter filed with the U.K. parliament and shared with the Daily Dot, Apple said the bill would “hurt law-abiding citizens” and fail to stop “the few bad actors who have a variety of ways to carry out their attacks.”
“The creation of backdoors and intercept capabilities would weaken the protections built into Apple products and endanger all our customers,” the company said. “A key left under the doormat would not just be there for the good guys. The bad guys would find it too.”
Recent terrorist attacks have sparked fears that extremists are hiding their planning by encrypting their communications, and in many Western countries, including the United States and the United Kingdom, companies that offer end-to-end encryption are facing pressure to compromise it for government investigators. In the U.S., Obama administration officials and senior lawmakers have reignited this decades-old debate over encryption by demanding that companies install “backdoors” in their code.
Technical experts overwhelmingly condemn backdoors, arguing that they are technologically infeasible and would dramatically undermine security. Apple’s use of the phrase “a key left under the doormat” echoes the title of a landmark report on the need for strong encryption.
“The best minds in the world cannot rewrite the laws of mathematics,” Apple said in its letter. “Any process that weakens the mathematical models that protect user data will by extension weaken the protection. And recent history is littered with cases of attackers successfully implementing exploits that nearly all experts either remained unaware of or viewed as merely theoretical.”
Apple CEO Tim Cook, the tech industry’s loudest voice opposing backdoors, blasted the U.S. lawmakers currently considering a backdoor mandate, saying, “If you put a backdoor in, that backdoor’s for everybody, for good guys and bad guys.”
“We owe it to our customers to protect their personal data to the best of our ability,” Apple argued in its letter. “Increasingly stronger—not weaker—encryption is the best way to protect against these threats.”
Photo via Jason Ralston/Flickr (CC BY 2.0)