UK law that could ban Apple security updates worldwide is an unprecedented overreach::Proposed amendments to the UK’s Investigatory Powers Act (IPA) which could ban Apple security updates worldwide are an “unprecedented overreach,”…
Remember, the government are doing this for your benefit.
There’s definitely no other reason behind it. No sir.
The UK government have already shown they are categorically incapable of enacting any of their tech laws. The flaw is always in the premise and when you trace it back to the source you’ll find only incredulous luddites and Teresa May bulk buying chastity belts.
The headline is a gross overstatement. Sure, a UK law could stop Apple from leasing security updates in the UK, but not worldwide. That’s bullshit. Apple would very likely just tell the UK to fuck off.
As far as I can see, this law only requires Apple to inform the government of upcoming updates that might interfere with government tracking/5-eyes bs.
Certainly still an utterly shit rule that should 100% be ignored, but nothing about banning security patches worldwide.
That’s how the UK is framing it, “oh, it doesn’t give us the power to block anything, Apple is just over reacting”.
They already have the power to block things from the Investigatory Powers Act 2016: https://en.wikipedia.org/wiki/Investigatory_Powers_Act_2016
From the OP’s article:
The Investigatory Powers Act 2016 (IPA) actually implemented many of the proposed powers, including granting the government the power to issue orders to tech companies to break encryption by building backdoors into their products. Apple strongly objected to this at the time.
So with this, they would now have the advance notice needed to actually block updates where before Apple could just release an update and by then it was too late for the UK to do anything about.
If it were me, I would just send them an all release notes for every product all the time. I’m sure that it shouldn’t be up to Apple to decide what does and doesn’t count as interference.
Yeah, like is Apple even supposed to know what bugs etc government agencies are using?
No there’s teeth to this law. They have to wait for the government to “review” the change before it can be deployed. And the government can order them not to make the change.
The guardrails are basically “if it might hamper intelligence or police work, we can reject it”.
As an example Apple has been doing foundation work that will likely lead to photos having similar protection to passwords. Photos are obviously incredibly valuable for spooks and cops since most photos have location metadata and face recognition.
They could easily reject that change.
How to unbrexit?
This doesn’t have anything to do with Brexit.
As the article says, it was first put forward in 2006 and parts of it became law in 2016.
I’m afraid Unbrexiting would just make this a whole lot worse. In a Brexit environment at least everyone can eventually agree to just ignore the UK’s outlandish laws. If they were still in the EU that would be almost impossible. Plus they would likely try to push this bullshit into EU policies as well (not like parts of the rest of the EU aren’t doing that already)
Can’t Apple just say “No” like they did with end to end encryption ban? How is this enforceable at all?
Pretty much at that point it comes down to a couple options
- The British government fines them or seizes assets in the UK
- Apple withdraws from their market and takes the revenue hit there
Applexit if you will…
That’s what you get for having tories in government
This is why I only use FOSS shit.
Genuine question: What’s stopping them from using these same powers on FOSS software providers that may be located in the UK?
If they forced the maintainer of some FOSS software to merge in some code, even if the maintainer isn’t even allowed to speak about it eventually someone would notice (since open source), fork the project and just cherry pick out their crap. Then it’s whack-a-mole of trying to keep people from multiplying it.
Or they could claim the software is illegal and have no way to enforce that either.
So basically as long as said software is useful for more than a handful of people, it’s infeasible to try to enforce it (e.g. see how it goes every time some software gets a cease and desist, they end up even more popular than before)
