← Back to context

Comment by bArray

4 months ago

> No, it's much broader than that. The UK is asking for a backdoor to your data and backups in the cloud, not on your device. Why bother with searching physical devices when they can just issue a secret subpoena to any account they want?

My point was that there was already a clear chain in place that would give them access to the data of foreign nationals. It's not just a "UK problem", but actually the ramifications are further reaching.

Another thing to consider is that these cookie alerts on sites were for EU countries only, but ended up everywhere. If Apple were to comply, this cloud backdoor could end up in other countries too, with the keys sitting there ready for collection.

To make things more complex still, they would need to support dual/multi nationality. It probably ends up looking like a dual key E2E system where there is a unique key for the end-user and then a third party. Key revocation would likely be difficult, so it would likely be the cloud provided decrypting and re-encrypting the files per request, throwing E2E out the window entirely.