Comment by bilekas
15 days ago
> prevent the UK authorities from interfering with their activities
I'm still missing how this could be enforced ? To my layman understanding, this reads the same as if China said : "Meta, Tesla, Valve etc has entities in China therefore we get to see all data they store in the EU and the US.
The UK has Zero jurisdiction in Ireland for example where a lot of EU data may be stored.
I have lived to the day that we give an example on china not doing something stupid a western democracy does about rights and freedom. Wild times to be alive. I am also surprised that they demand worldwide access and not just UK users data or all the data stored in UK jurisdiction. But this is going too far.
China has forced Apple to outsource iCloud in China to a state run company, so all data is just directly controlled by the government there. It’s an even worse situation.
https://support.apple.com/en-us/111754
That is just China's general rules around tech. Awful? Yes. But not a global issue. Most non-chinese companies are forced to have their chinese properties ran by a chinese company. This is shown by companies like VW having cars made in china with effectively a license model, these cars are designed and built by a third party with a few interesting exceptions (VW actually licensed a design, the Taos, back and shipped it worldwide)
The insane overreach was the UK wanting data on people not in the UK
How is this worse? This only affects users in China.
2 replies →
We literally tried to do this with TikTok. We can't exactly stand on a high-horse when the highest level of government in the US was totally fine with it.
Our noble "we can't have American data in the hands of our enemies," their savage "forcing American companies to turn over user data."
4 replies →
[flagged]
At least the CIA doesn't get it… dunno which is worse.
It is worse than that, I never expected that most democracies would go back to foregone days, because people get sold out on populism and decided to ignore history lessons.
As a child of Portuguese revolution, I am aware of plenty of stories, apparently many folks nowadays think those are stories to scare misbehaved kids.
And if you think China and the USA and Russia wouldn't want it... hey I've got this bridge for sale.
There are tensions in the US.
Those who are charged with stopping cyber crime are very must against this. End to End encryption is one of the better protections they can give you against foreign hackers and they want you to use it.
Meanwhile down the hall are people who are charged with investigating crimes someone in the country commits and they are want this. It is a lot easier to prove someone is involved in some crime if a warrant can get their data, but end to end encryption means they can only get random bytes. (of course they don't want warrants either, but that is a different issue not relevant here so they will specify warrants in this debate)
The difference is that China and Russia have the sense to spy on foreign citizens with hackers, trackers, and other covert means. Somehow the UK feels entitled to Apple doing their espionage for them, and has the gall to ask publicly.
Note that this is not China apologia: they do the same brazen shit locally, but they're an authoritarian regime. I have lower expectations for human rights there.
If you, like me, didn't know where the idiom "I've got a bridge to sell you" comes from, here you go: https://en.wikipedia.org/wiki/George_C._Parker
George C. Parker was a conman in NYC who multiples times sold the ownership of the Brooklyn Bridge to his victims. Among other cons.
3 replies →
It can be enforced in this way: police raids the local headquarters and jail a bunch of people because their company didn't comply with the law.
The only way to prevent that is not having any local office, no employees, nothing. Sell physical objects only by the means of local 3rd party resellers which will import goods. Same thing for services. Of course they can ban imports and services or go after those 3rd parties. It depends how nasty they want to be.
I suspect the UK government would back down way before Apple. People aren’t politically active as those of years pass, but brick their iPhones you’d have a riot.
> I'm still missing how this could be enforced ?
By banning Apple from doing business in the UK.
The US used a similar strategy decades ago to break Swiss Bank Secrecy laws (either Swiss banks had to give up the info or they were going to be kicked out of the US).
> By banning Apple from doing business in the UK.
As someone else here said, Apple would 100% call this bluff. And you can be certain the UK won't have the US to put pressure on Apple for them. All the would happen is the UK Apple users would be with an expensive paperweight.
UK can just start fining apple billions of dollars if they dont want to fully kick them out of the country.
1 reply →
That assumes that Apple's shareholders believe that Apple's privacy reputation (relative to other companies) is more valuable than access to the UK market.
All evidence that I have seen suggests that consumers by and large do not care about this kind of privacy. They do not buy iPhones instead of other phones due to the privacy properties.
Therefore Apple's shareholders could order Apple to stay in the UK market.
And if not, then Apple's customers could be compensated with money and other UK-held assets that the government could confiscate.
3 replies →
Swiss banks didn't care - they didn't have a large Us presence anyway. Until the US started enforcing this by proxy, other banks couldn't do business with you and the US and overall the US is more important to the world than Swiss banks.
Not so sure. Yeah, they didn't have a large US presence but they did a lot of business with US banks and securities markets -- that's what was threatened. It's wasn't the ability to have branches in the US but the ability to conduct business in US markets.
Yep, and the US had a lot more leverage; out of the US translates into no access to US dollars either directly or via a correspondent bank, which essentially means bankruptcy.
> By banning Apple from doing business in the UK.
To use poker terminology: I think that if the UK made this bet that Apple would call.
I really hope so. I would love to see that showdown. Hopefully, "can't buy an iPhone in the UK and everyone knows why" makes the Snooper's Charter a radioactive mess that legislators fall all over themselves to repeal.
3 replies →
Apple stockholders would never allow that.
6 replies →
They ban Apple from doing business and watch as the uk stock market goes into the toilet as companies scramble to get out.
Sadly jurisdiction has nothing to do with it.
https://www.irishtimes.com/business/technology/uk-spy-base-g...
This is not just a case of the British intelligence services secretly “tapping into” Irish telephonic and internet traffic via land and maritime cables. Rather in most cases they are being provided free (or commercial) access to the information by companies associated with the use, ownership or maintenance of these cables.
Post-Snowden the Irish government retroactively legalised it...
> I'm still missing how this could be enforced ?
Basically by saying that if they don't comply, they can't do business in the UK.
There are lots of different ways to do business. UK is unlikely to be able to ban the iphone, and I doubt Apple has much business in the UK. As such they can lay off all workers in the UK "because of legal issues" and the workers feel the pain. They can still sell in the UK through third parties, and go to the EU if you need warranty work
The phone itself is only a piece. Apple sells multiple services, without them the phone is useless. If you can't access the appstore, the backups, etc. what good is an iPhone? Now, the UK can say that UK citizens' data can't travel outside of the UK without the UK government permission.
So it's still a problem. This seems like a looming PR battle.
2 replies →
Except perhaps for people living near the border in Northern Ireland, "going to the EU" for warranty work is a completely unfeasible suggestion. It's not exactly a short or cheap journey for most of us!
8 replies →
It is a relatively small market, and if Apple decides to shut down while flooding the streets of London with posters saying “We are forced by your government to shut down in order to uphold your privacy”, the UK Government would take a massive blow.
Imagine Russian Oligarchs on android devices! Polonium will roll, I tell you!
So if British voters get to chose between having access to iPhones or voting for a government that wants to spy on them at whatever the cost surely the choice must be clear?
The US CLOUD act says something similar to your straw man (though it doesn't ban E2E encryption like the UK is attempting to do):
https://en.wikipedia.org/wiki/CLOUD_Act
Note that it the bar is having the ability to access the server, so this law is completely incompatible with most GPDR solutions: It's illegal to store European user data and then refuse to hand it over to US law enforcement, regardless of whether the data is stored in Europe or the request breaks European law.
I imagine they would fine apple a large sum of money. If apple refuse to pay they send high court sheriffs to confiscate any property they have in the UK to pay the debt.
The opposite is happening all the time - i.e. US demanding access to European data from Facebook and Google et al. It is not one-sided.
It would be enforced by fining the UK legal entities (or worse, like charging their legal representatives) if they don't comply. If the UK is serious about this, the only alternative for Apple would eventually be to completely cease operations in the UK.
By the way, this is similar to why for true GDPR compliance, data centers should be operated by EU companies that aren't subsidiaries of US companies, because even if the latter operate data centers located in the EU, they would still be bound to secret orders by the US government.
The most horrible part of the discussion we're making is that we're arguing that UK intelligence should be able to access only UK related data, and not that UK intelligence should not undermine privacy of people
The Overton Window has shifted.
4 replies →
What we're discussing here is whether a private company should obey laws of the country they operate in or not.
2 replies →
Surely if the current government were dumb enough to try and ban Apple from the UK over something like this it would it would make even Truss look competent in comparison.
Not so much because British people love their iPhones to such a extreme degree but because they willing to waste money and resources over something this stupid.
IMHO Apple could bring down the government that tried this if they really wanted to.
That's actually the only thing that would keep Apple services usable to everyone else around the world.
> By the way, this is similar to why for true GDPR compliance, data centers should be operated by EU companies that aren't subsidiaries of US companies, because even if the latter operate data centers located in the EU, they would still be bound to secret orders by the US government.
This is interesting, I know GDPR does not mandate data localization but I was under the impression that the requirements are a bit more difficult/stringent for transferring data out of the EU region ? While not perfect, it's a bit less 'open door' than it would be if it was hosted in the US.
The EU has a law saying "don't transfer data out of the EU without the right paperwork, but of course if your American sysadmins have SSH access to servers in the EU to do maintenance that's no problem, just tell them not to copy the data off it"
The US has a law saying "If our spies tell American sysadmins to SSH into a server in the EU and copy data off it, they must do it and they must keep it secret"
4 replies →