A bipartisan group of five US Members of Congress and Senators has called for full transparency in the ongoing legal battle between Apple and the UK government over law enforcement access to encrypted data. In a 13 March 2025 letter, the group requested the Investigatory Powers Tribunal (IPT), part of the UK’s Home Office, to “remove the cloak of secrecy related to notices given to American technology companies by the UK.” Specifically, the five US legislators referred to a reported technical capability notice the UK Home Secretary sent to Apple in February 2025. [1]
The notice requested the American company grant the British government access to end-to-end encrypted (E2EE) data stored in its iCloud service. The Home Office demand, which cannot be publicized by law, is most likely made under the Investigatory Powers Act (IPA) of 2016. This controversial law allows the government to force tech firms to unmask users suspected of serious crimes. Apple has reportedly appealed, and the company faced an initial IPT hearing behind closed doors on 14 March 2025.
The group of US legislators said the request directs Apple “to weaken the security of its iCloud backup service to facilitate spying by the UK government.” The authors added that such requests “infringe on free speech and privacy, undermine important US Congress and UK parliamentary oversight, harm national security, and ultimately undermine the special relationship between the US and the UK.” Given several recent high-profile hacks, the letter also highlighted the importance of congressional oversight of the security of US technology companies' products against foreign surveillance.
These include the 2024 Salt Typhoon incident, where China reportedly tapped the phone calls of senior officials, the April 2024 Snowflake incident involving a massive data breach at AT&T, and a summer 2023 hack by China that compromised US government email accounts and stole thousands of emails.
The legislators reported that Tulsi Gabbard, the US Director of National Intelligence, had stated that the UK's alleged demand would constitute “a clear and egregious violation of Americans’ privacy and civil liberties” and “create a serious vulnerability for cyber exploitation by adversarial actors.” They also noted that President Trump had publicly confirmed raising the issue with Prime Minister Starmer during his recent visit to Washington, comparing the UK's actions to China's conduct.
The five US legislators requested that the IPT open the 14 March 2025 session and all subsequent Apple hearings to the public. “The existence of the technical capabilities notice has been widely reported and commented on, making any argument for a closed hearing on this very existence unsustainable,” the authors wrote.
The legislators believe more transparency in this legal case is necessary for the following reasons:
- Public hearings would enable the IPT to better assess the issue by considering expert evidence from a range of stakeholders, including cybersecurity specialists, civil society representatives, and experts on US-UK data flows
- Greater transparency would serve the public interest by revealing the extent to which important communications services may have been deliberately compromised, potentially making them less secure.
- Open proceedings would also enhance public trust in the process and outcome of the case.
The signatories of the letter included Sen. Ron Wyden (D-OR), Sen. Alex Padilla (D-CA), Rep. Zoe Lofgren (D-CA), Rep. Andy Biggs (R-AZ) and Rep. Warren Davidson (R-OH). A group of digital advocacy NGOs, including Open Rights Group, Big Brother Watch, and Index on Censorship, published an open letter with a similar request on 13 March 2025. Meanwhile, similar debates are unfolding in France and Sweden as legislators consider bills that could impose government backdoor requirements on tech companies, further intensifying the widespread tension between technological privacy and national security.
This article is shared at no charge and is for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.infosecurity-magazine.com/news/us-legislators-transparency-apple/
© 2025 Red Sky Alliance Corporation. All rights reserved.
Comments