Bipartisan Members of Congress to UK Spy Court: UK Gag Orders for Surveillance Backdoors Threaten Americans’ Security and Privacy, Impede Congressional Oversight

Washington, D.C.– U.S. Senator Ron Wyden, D-Ore., Rep. Andy Biggs, R-Ariz., Sen. Alex Padilla, D-Calif., Rep. Warren Davidson, R-Ohio, and Rep. Zoe Lofgren, D-Calif., today called for transparency from the U.K.’s top surveillance court about the UK government’sreported orderto Apple to build a backdoor into encrypted iCloud backupsto enable government surveillance of messages, photos and other files. Under U.K. law, Apple is barred from confirming the backdoor order to the public or even members of Congress.
According to reports, Apple is challenging the order at the U.K.’s Investigatory Powers Tribunal in a closed-door hearing on March 14. The bipartisan group of members urged the court to “remove the cloak of secrecy” surrounding the order, and to make this hearing and any further proceedings in the case public. They noted that secrecy in this case is pointless, given that the order has now been widely reported and commented on, and that Apple withdrew its encryption service for U.K. users last month.
“Given the significant technical complexity of this issue, as well as the important national security harms that will result from weakening cybersecurity defenses, it is imperative that the U.K.’s technical demands of Apple— and of any other U.S. companies — be subjected to robust, public analysis and debate by cybersecurity experts,”the members wrote. “Secret court hearings featuring intelligence agencies and a handful of individuals approved by them do not enable robust challenges on highly technical matters.”
The U.S. government hasrecommendedthat officials only communicate using secure, encrypted services, following multiple damaging hacks of sensitive government data from insecure third-party systems in recent years. The Chinese government’s “Salt Typhoon” hack of American phone systems, the “Snowflake” data breach of “nearly all” AT&T customers’ data,including government officials, and the Chinese government’shack of Microsoft-hosted U.S. government email accounts, all involved data held by third party companies on insecure systems that were subsequently accessed by hackers.
The members wrote that secrecy required of backdoor orders impedes Congress’s power to conduct oversight, including by barring U.S. companies from disclosing foreign orders that threaten Americans’ privacy and cybersecurity.
“Apple has informed Congress that had it received a technical capabilities notice, it would be barred by U.K. law from telling Congress whether or not it received such a notice from the U.K., as the press has reported,”they wrote.“Google also recently told Senator Wyden’s office that, if it had received a technical capabilities notice, it would be prohibited from disclosing that fact.”
The letter text is availablehere.
Director of National Intelligence Tulsi Gabbard and President Donald Trump raised concerns about the reported U.K. order followinga letter from Wyden and Biggslast month. DNI Gabbard stated inher responsethat the U.K.’s reported demand would be “a clear and egregious violation of Americans’ privacy and civil liberties, and open up a serious vulnerability for cyber exploitation by adversarial actors.” President Trump alsosaid that he raised the issueduring Prime Minister Starmer’s recent visit to Washington, comparing the U.K.’s actions to the conduct of China.
###