Technology Industry Groups Call on Governments Worldwide to Protect Encryption

The letter was signed by the Business Software Alliance, the App Association, the Information Technology Industry Council, the Center for Democracy & Technology, and the Internet Society, among others.

“Weakening encryption introduces systemic vulnerabilities that criminals and hostile actors can exploit, erodes consumer confidence, and drives users and businesses toward unsecured platforms,” the letter said. “Further, inconsistent national approaches to encryption risk fragmenting the global digital economy, creating barriers to trade and interoperability across borders.”

The letter comes in the wake of Apple’s legal battle with British government over the U.K.’s demand that Apple create a backdoor into its iCloud storage system to allow surveillance of users’ data by law enforcement and national security agencies. Although the letter does not mention the Apple case specifically, it alludes generally to the tension between governments and encrypted communications platforms.

“We recognize the legitimate needs of law enforcement and national security agencies to access evidence and combat crime. However, these goals must be pursued through lawful, proportionate, and technologically sound means that do not compromise the safety and privacy of billions of consumer and enterprise users,” the letter said. “Policymakers should strengthen, not weaken, the tools that protect our shared digital infrastructure.”

Related: Encrypted Messaging in the Crosshairs: Compliance, Legal Risks, and Global Perspectives

Policymakers in the U.S. and other democratic countries have debated the question of “lawful access” to encrypted data and communications for years. Law enforcement and national security authorities have also long sought to gain access, albeit often secretly or without public acknowledgment.

But the issue flared into the open this year with the dispute between Apple and the U.K. Home Office. The Office issued a secret Technical Capability Notice (TCN) to Apple demanding backdoor access to its Advanced Data Protection (ADP) platform to collect data from users’ worldwide. Rather than comply, Apple said it would remove users’ access to the end-to-end encryption system in Great Britain, forcing the order into the public realm.

The TCN touched off a diplomatic row with the U.S., which has pressured other countries over what the Trump administration views as over regulation of U.S. technology companies. In August, the Director of National Intelligence claimed to have convince U.K. officials to drop the demand, but Apple stuck to its plan to prevent ADP access in Britain.

The Home Office then issued a scaled back version of the TCN in September seeking access only to British citizens’ data. Apple subsequently dropped its appeal of the original TCN, which some observers in the U.K. saw as indicating the company had reached an agreement with the government.

“If reports that the TCN has been limited to UK users are accurate, then the government will have maintained the capability to intercept communications sent or stored via encrypted Apple services in the UK,” University College London law lecturer Bernard Keenan told Computer Weekly. “Apple may have decided that they are unlikely to win an appeal against an order in those terms in court.”