Court documents shed new light on UK-Apple row over user data

The UK government may have wanted to force Apple to provide it with access to more customer data than previously thought, a court document has indicated.

A row erupted between the two after it emerged the Home Office asked the tech giant for the right access to highly encrypted user data stored via a service called Advanced Data Protection (ADP).

Now a court document suggests the request - made under legislation called the Investigatory Powers Act - could have also enabled the government to seek access to a wider range of Apple customer data.

It also suggests the government may still be seeking to access data of non-UK users, despite US officials saying last week it had dropped the demand.

The UK government and Apple have been approached for comment.

It is believed the UK government would only want to access this data if there was a risk to national security.

In February, it emerged the government had demanded to be able to access encrypted data stored by Apple users worldwide in its cloud service. It applied to all content stored using ADP service.

The tech uses end-to-end encryption, where only the account holder can access the data stored - even Apple itself cannot see it.

It was an opt-in service, and not all users choose to activate it.

While it makes your data more secure, it comes with a downside - it encrypts your data so heavily that it cannot be recovered if you lose access to your account.

It is unknown how many people choose to use ADP.

After US politicians and privacy campaigners outlined their anger at the move, Apple decided to pull ADP from customers in the UK.

Now, a new court document has emerged from the Investigatory Powers Tribunal (IPT), an independent judicial body.

The IPT hears complaints from anyone who feels they have been the victim of unlawful action by a public body using covert investigative techniques.

It could also relate to the conduct of UK intelligence services including MI5 and MI6.

In this latest court filing, first reported by the Financial Times, external, it states Apple was given a technical capability notice (TCN) by the UK government at some point between late 2024 and early 2025.

It states the notice "applies to (although is not limited to) data covered by" ADP - it was previously understood the government's demand was exclusively focused on data stored using the encryption technology.

The TCN to Apple also included "obligations to provide and maintain a capability to disclose categories of data stored within a cloud based backup service and to remove electronic protection which is applied to the data where that is reasonably practicable".

The filing adds: "The obligations included in the TCN are not limited to the UK or users of the service in the UK; they apply globally in respect of the relevant data categories of all iCloud users."

The new court document from the IPT is dated Wednesday, 27 August - eight days after Tulsi Gabbard, the US director of national intelligence, said the UK had withdrawn its controversial demand to access global Apple users' data if required.

Gabbard said at the time in a post on X, external the UK had agreed to drop its instruction for the tech giant to provide a "back door" which would have "enabled access to the protected encrypted data of American citizens and encroached on our civil liberties".

The BBC understood at the time Apple had not yet received any formal communication from either the US or UK governments.

It is not clear if this new court document simply refers to the UK government's initial intention, or if indicates that the UK government has not yet dropped its wish to be able to access the data of Apple users from around the world, including those from the US.

Apple declined to comment, but says on its website, external that it views privacy as a "fundamental human right".

Apple has previously said it would "never build a back door" in its products.

Cyber security experts agree that once such an entry point is in place, it is only a matter of time before bad actors also discover it.

No Western government has yet been successful in attempts to force big tech firms like Apple to break their encryption.

The US government has previously asked for this, but Apple has refused.

In 2016, Apple resisted a court order to write software which would allow US officials to access the iPhone of a gunman - though this was resolved after the FBI was able to successfully access the device.

Similar cases have followed, including in 2020, when Apple refused to unlock iPhones of a man who carried out a mass shooting at a US air base.

Sign up for our Tech Decoded newsletter to follow the world's top tech stories and trends. Outside the UK? Sign up here.