ARTICLE AD BOX
By Zoe Kleinman
Technology editor
Apple says it will remove services such as FaceTime and iMessage from the UK rather than weaken security if new proposals are made law and acted upon.
The government is seeking to update the Investigatory Powers Act (IPA) 2016.
It wants messaging services to clear security features with the Home Office before releasing them to customers.
The act lets the Home Office demand security features are disabled, without telling the public. Under the update, this would have to be immediate.
Currently, there has to be a review, there can be an independent oversight process and a technology company can appeal before taking any action.
Because of the secrecy surrounding these demands, little is known about how many have been issued and whether they have been complied with.
But many messaging services currently offer end-to-end encryption - so messages can be unscrambled by only the devices sending and receiving them.
'Snooper's charter'
WhatsApp and Signal are among the platforms to have opposed a clause in the Online Safety Bill allowing the communications regulator to require companies to install technology to scan for child-abuse material in encrypted messaging apps and other services.
They will not comply with it, they say, with Signal threatening to "walk" from the UK.
Apple has also opposed the plan.
The government has opened an eight-week consultation on the proposed amendments to the IPA., which already enables the storage of internet browsing records for 12 months and authorises the bulk collection of personal data.
They are "not about the creation of new powers" but making the act more relevant to current technology, it says.
Apple has consistently opposed the act, originally dubbed a "snooper's charter" by critics. Its submission to the current consultation is nine pages long, opposing:
- having to tell the Home Office of any changes to product security features before they are released
- the requirement for non-UK-based companies to comply with changes that would affect their product globally - such as providing a backdoor to end-to-end encryption
- having to take action immediately if a notice to disable or block a feature is received from the Home Office, rather than waiting until after the demand has been reviewed or appealed against
- It would not make changes to security features specifically for one country that would weaken a product for all users.
- Some changes would require issuing a software update so could not be made secretly
- The proposals "constitute a serious and direct threat to data security and information privacy" that would affect people outside the UK
Cyber-security expert Prof Alan Woodward, from Surrey University, said technology companies were unlikely to accept the proposals.
"There is a degree of arrogance and ignorance from the government if they believe some of the larger tech companies will comply with the new requirements without a major fight," he added.
BBC News has contacted the Home Office for comment.
Follow Zoe Kleinman on Twitter @zsk.