Tuesday, December 22, 2015

Apple raises concerns over UK's draft surveillance bill


The proposed law aims to overhaul rules governing the way the authorities can access people's communications.The US-based firm has passed on its thoughts to a parliamentary committee scrutinising the legislation.It focuses on three issues: encryption, the possibility of having to hack its own products, and the precedent it would set by agreeing to comply with UK-issued warrants.

The Home Secretary Theresa May said last month that the proposed powers were needed to fight crime and terror.Monday was the final deadline for written evidence to be received by the committee scrutinising the draft legislation. It is expected to report in February 2016.Apple designs some of its products - including iMessage - using a technique called end-to-end encryption.This means only the sender and recipient of a message can see it in an unscrambled form. The company itself cannot decrypt the contents.This is something that law enforcement agencies have complained about.Apple says that ensuring the security and privacy of customer's information against a range of malicious actors - such as criminals and hackers - is a priority.

Current legislation demands that companies take reasonable steps to provide the contents of communications on production of a warrant, but that has not been interpreted as requiring firms to redesign their systems to make it possible.The government had briefed at the time that the bill was published that the legislation did not constitute any change to existing legislation.

But Apple appears to be concerned that the bill's language could still be interpreted more expansively and force the creation of a so-called "backdoor" to provide the authorities with access.
Apple argues that the existence of such a backdoor would risk creating a weakness that others then might exploit, making users' data less secure."A key left under the doormat would not just be there for the good guys. The bad guys would find it too," the company says.It notes it still provides metadata - data about a communication - when requested, but not the actual content.

No comments:

Post a Comment