Hacker News: US asked to kick UK out of Five Eyes

Feb 25, 2025

—

Source URL: https://www.computerweekly.com/news/366619170/UK-accused-of-political-foreign-cyberattack-on-US-after-serving-secret-snooping-order-on-Apple
Source: Hacker News
Title: US asked to kick UK out of Five Eyes

Feedly Summary: Comments

AI Summary and Description: Yes

Summary: The letter from US Congress highlights concerns over the UK’s push for Apple to compromise its Advanced Data Protection system, threatening US-UK intelligence sharing and raising alarms about potential exploitation by other nations. This situation underlines the delicate balance between national security and user privacy.

Detailed Description: The recent letter from US Congress members Ron Wyden and Andy Biggs accuses the UK government of attempting to compromise the security of Apple’s cloud system for data access. This situation raises significant implications for cybersecurity, user privacy, and international relations, particularly regarding the Five Eyes intelligence sharing alliance.

* Major Points:
– Allegation against the UK: Congress accuses the UK of a “foreign cyber attack” through political means, particularly related to their request for Apple to bypass its security measures.
– Call to Action: The letter urges a reevaluation of US-UK cybersecurity arrangements if the UK does not retract its request.
– Historical Context: The ultimatum comes in light of recent cooperation gains, including the 2022 Data Access Agreement, which allowed for lawful data sharing between the US and UK while respecting privacy concerns.
– Legal and Technical Scrutiny: Concerns arise regarding the UK’s procedures for issuing access notices, suggesting a lack of due process and oversight by relevant technical advisory boards.
– Potential Risks: Experts warn that such backdoor access could be exploited by malicious actors, particularly foreign adversaries like Beijing.
– Legislative Implications: Calls for the US to legislate against foreign requests for encryption backdoors, to protect user data and maintain security standards.

This incident is critical for professionals in cybersecurity and compliance, as it underscores the ongoing tension between governmental data access demands, corporate privacy commitments, and the protection of citizens’ rights in a digital age. The scenario serves as a case study for evaluating the safeguards necessary to prevent security erosions while balancing the essential needs of law enforcement and intelligence operations.

1 2 3 7 a access Act Advanced Data Protection advisory after AI Alliance and Apple ARM art as attack backdoor backdoor access backdoors board by bypass C CERN Cloud compliance compute computer concerns Context cooperation core critical cyber cyber attack cyberattack cybersecurit Cybersecurity D data data access Data Protection data sharing de digital digital age due process e encryption encryption backdoor encryption backdoors enforcement evaluation event exp expert Experts exploit Exploitation Five Eyes for foreign adversaries foreign cyber attack g Gen GIS git Go government gs hack hacker Hacker News high Highlight HR http HTTPS implications in incident Intel intelligence intelligence operations intelligence sharing inter intern international relations ite J k l law Law Enforcement led Legal legislative low malicious actors man nation national security news no o oE of on operation ory out over oversight point potential potential risks pre privacy privacy commitments privacy concerns procedures process professionals R raising rate RCE right Risk risks Ro RoT RSA s safe safeguards sec security security and compliance security measure security measures security standards SHA sharing Sig source SSE standards study system T tech text the threat to Tor TP UI UK UK government US use user user data user privacy V val Valuation x Zen