Bipartisan Members of Congress to UK Spy Court: UK Gag Orders for Surveillance Backdoors Threaten Americans’ Security and Privacy, Impede Congressional Oversight
Wyden, Biggs, Padilla, Davidson and Lofgren Urge UK’s Investigatory Powers Tribunal to Lift Secrecy Around Reported UK Government Order to Weaken Encryption and Threaten the Security and Privacy of Americans’ Information
Washington, D.C. – U.S. Senator Ron Wyden, D-Ore., Rep. Andy Biggs, R-Ariz., Sen. Alex Padilla, D-Calif., Rep. Warren Davidson, R-Ohio, and Rep. Zoe Lofgren, D-Calif., today called for transparency from the U.K.’s top surveillance court about the UK government’s reported order to Apple to build a backdoor into encrypted iCloud backups to enable government surveillance of messages, photos and other files. Under U.K. law, Apple is barred from confirming the backdoor order to the public or even members of Congress.
According to reports, Apple is challenging the order at the U.K.’s Investigatory Powers Tribunal in a closed-door hearing on March 14. The bipartisan group of members urged the court to “remove the cloak of secrecy” surrounding the order, and to make this hearing and any further proceedings in the case public. They noted that secrecy in this case is pointless, given that the order has now been widely reported and commented on, and that Apple withdrew its encryption service for U.K. users last month.
“Given the significant technical complexity of this issue, as well as the important national security harms that will result from weakening cybersecurity defenses, it is imperative that the U.K.’s technical demands of Apple— and of any other U.S. companies — be subjected to robust, public analysis and debate by cybersecurity experts,” the members wrote. “Secret court hearings featuring intelligence agencies and a handful of individuals approved by them do not enable robust challenges on highly technical matters.”
The U.S. government has recommended that officials only communicate using secure, encrypted services, following multiple damaging hacks of sensitive government data from insecure third-party systems in recent years. The Chinese government’s “Salt Typhoon” hack of American phone systems, the “Snowflake” data breach of “nearly all” AT&T customers’ data, including government officials, and the Chinese government’s hack of Microsoft-hosted U.S. government email accounts, all involved data held by third party companies on insecure systems that were subsequently accessed by hackers.
The members wrote that secrecy required of backdoor orders impedes Congress’s power to conduct oversight, including by barring U.S. companies from disclosing foreign orders that threaten Americans’ privacy and cybersecurity.
“Apple has informed Congress that had it received a technical capabilities notice, it would be barred by U.K. law from telling Congress whether or not it received such a notice from the U.K., as the press has reported,” they wrote. “Google also recently told Senator Wyden’s office that, if it had received a technical capabilities notice, it would be prohibited from disclosing that fact.”
The letter text is available here.
Director of National Intelligence Tulsi Gabbard and President Donald Trump raised concerns about the reported U.K. order following a letter from Wyden and Biggs last month. DNI Gabbard stated in her response that the U.K.’s reported demand would be “a clear and egregious violation of Americans’ privacy and civil liberties, and open up a serious vulnerability for cyber exploitation by adversarial actors.” President Trump also said that he raised the issue during Prime Minister Starmer’s recent visit to Washington, comparing the U.K.’s actions to the conduct of China.
###
Previous Article
