Apple recently announced they are no longer providing Advanced Data Protection (ADP) for UK based customers in response to a request by the UK government. ADP basically amounts to end to end encryption meaning only the user themselves can decrypt and access their data. The press is largely carrying headlines focused on the negative impact on user privacy of this decision, either deriding Apple for reversing their long established position in relation to the privacy of user data or deriding the UK government for pushing Apple into this position. And as always reporting tends to be very binary but the reality is things are a little more nuanced than that so I thought I would share my thoughts.
Removing ADP
So, what does this removal amount to? Basically, in my reading of it, it amounts to the removal of encryption of your data at rest. What this means is that your data continues to be encrypted in transit, so as it traverses the air, via 4G/5G or Wi-Fi, as it traverses the internet to its final destination being Apples servers. So, a criminal, or another unscrupulous threat actor, intercepting data in transit will only get your data in its encrypted form and therefore be unable access it in its raw form. The change comes at the point the data is stored on Apples servers. Here, without ADP, the data will be stored in its unencrypted form allowing for Apple to access the data, or for Apple to share the data with law enforcement or other government entities, or for criminals to access the data should they gain access to apples servers.
So what does this mean for privacy?
The fact that the data is now unencrypted at rest amounts to a reduction in privacy and an increase in risk for individuals. This is due to several reasons. Firstly, an unscrupulous Apple employee could access your data, or maybe an Apple employee might be able to blackmailed or social engineered to give away data. As Apple have the relevant encryption keys to decrypt your data, it may be that a criminal gains access to these and therefore is also able to decrypt your data having intercepted it in its encrypted form in transit. And there is also the issue of unscrupulous governments using the same methods as the UK government to force Apple to remove end of end encryption and then demanding access to data in order to target dissidents or those who are vocal about the government, all under the guise of national defence or anti-terrorism. Basically, your data without ADP is not as secure and private as it would be with ADP.
Why would anyone want to reduce privacy?
This all leads to the question of why the UK government would push Apple towards this decision. The answer is one of national security and public good largely. Privacy is a great thing however its benefits are felt by all and that includes terrorists, criminals, users sharing child sexual abuse materials (CSAM), etc. With end-to-end encryption there would be no method for police or security services to investigate content as they simply wouldn’t be able to access it. They would need to arrest the criminal end user and get them to unlock their device to be able to access content. This would limit the potential for investigation to be carried out quietly in the background, which might also limit the potential for preventative measures as opposed to reactive measures. And I note, when things do go wrong the press is quick to identify when people have been on watch lists, etc, but what use is a watch list if you have no way to actually see what users are actually doing? Hindsight is 20/20 but with ADP enabled foresight would be encrypted.
Balance
The challenge here is we are trying to balance the risks to individual privacy, as experienced by all users in the UK in this instance, with the need to identify those who may seek to cause harm, distress or even death. I don’t believe there is a perfect solution sadly. It is about risk-based decision making.
My belief is that the net impact of the removal of ADP is negative. It impacts and increases risk for all users while those who the UK government may seek to monitor or discover will simply shift to using non-Apple services and devices, thereby meaning the gain from the removal of end-to-end encryption will be minor if any gain exists at all. And additionally, the fact Apple have ceded to the request of the UK government will likely mean other governments will request the same, although for some the motivation may be more related to their own aims rather than anything related to public good or safety.
Conclusion
There is, in my view, an increasing level of friction between public good and personal privacy, with this particular issue related to Apples ADP service being the most recent and public example. We sadly cannot have privacy, but only for some or at certain times. Its privacy for all or for no-one, and where we opt for privacy for all we need to accept this will include those who seek to use privacy to cover illegal, immoral or unethical activities. This news story also highlights the challenges related to national legislation of international companies. In both cases, I think these are issues we should be discussing with our students as part of digital citizenship programmes, as these issues are only likely to grow in frequency.
Sadly the press pick a good news headline which is good for getting readership rather than conveying the more nuanced nature of the situation. Maybe this also highlights the need for critical thinking skills to, so we can see through the black and white headlines, into the various shades of grey which are more representative of the real world.
Technology and Learning