Apple’s ongoing legal fight with the UK government over encrypted iCloud data has entered the public spotlight. On April 7, the Investigatory Powers Tribunal (IPT), a first-instance tribunal and superior court of record in the United Kingdom, ruled against the Home Office’s attempt to conceal the very existence of the case, determining that national security concerns did not justify full secrecy. The Tribunal allowed the hearing to be publicly listed—without identifying the parties—concluding this disclosure would not risk national security.
The case, brought by Apple, challenges a confidential order believed to be a Technical Capability Notice (TCN) issued under the UK’s Investigatory Powers Act 2016. These notices allow the government to compel tech firms to redesign services to permit access to user data, including encrypted material. In the Tribunal’s public judgment in the Apple case, the judges wrote, “It would have been a truly extraordinary step to conduct a hearing entirely in secret without any public revelation of the fact that a hearing was taking place.”
Government lawyers had requested a private hearing with no public listing and argued that even naming the parties would be damaging. But the judges found that the risks were unsubstantiated. As they put it in their ruling, “For the reasons that are set out in our private judgment, we do not accept that the revelation of the bare details of the case would be damaging to the public interest or prejudicial to national security.”
Apple’s Legal Pushback Against a Global Encryption Mandate
The TCN was issued in January 2025 and demands Apple build a blanket mechanism to decrypt iCloud data, including that of non-UK users. The order would compel Apple to bypass end-to-end encryption by creating a backdoor, undermining a feature Apple describes as core to its security model. Apple warned Parliament in 2024 that such a move would likely force it to withdraw privacy protections from the UK market.
That concern materialized when Apple disabled its Advanced Data Protection (ADP) feature for UK users in February 2025. Introduced in 2022, ADP offers end-to-end encryption for iCloud backups, meaning only the user has the key. Apple stated that withdrawing ADP was necessary under legal pressure, though it called the decision regrettable. Apple has since confirmed its refusal to comply with broader backdoor demands and is challenging the directive in court.
In Apple’s earlier submission to UK lawmakers, the company warned, “These provisions could be used to force a company like Apple, that would never build a back door into its products, to publicly withdraw critical security features from the UK market, depriving UK users of these protections.”
A Tribunal Challenge Wrapped in National Security Claims
When the case was first brought before the IPT, the Home Office argued that national security would be compromised by any disclosure. Lucy Montgomery-Pott, Head of the Investigatory Powers Unit, submitted evidence asserting that even listing the hearing or naming the parties could endanger intelligence work. The Tribunal initially issued a temporary order granting privacy but then scheduled a private hearing for March 14 to assess whether such secrecy was necessary.
That hearing followed a public listing issued by the Tribunal on March 10, which noted that a closed hearing would be held without naming the parties. Media organizations including the BBC and PA Media, along with rights groups such as Liberty and Privacy International, submitted written arguments opposing full secrecy. A group of U.S. lawmakers also weighed in with a joint letter urging the Tribunal to uphold transparency.
During the private hearing, Paul Skinner, Counsel to the Tribunal, was asked to present arguments from the perspective of these third-party interveners. The judges ultimately agreed with their position, concluding that the Home Office had not offered a “compelling justification” for extraordinary secrecy. In their judgment, they emphasized that public awareness of legal proceedings involving government surveillance demands is critical to democratic oversight.
International Blowback and Pressure From Washington
The implications of Apple’s case have drawn attention far beyond the UK. The Financial Times reports that the U.S. government is reviewing whether the UK’s demand violates the terms of the CLOUD Act—a U.S. law governing cross-border data sharing between companies and foreign governments.
Five members of the U.S. Congress—including Senator Ron Wyden and Congresswoman Zoe Lofgren—sent a letter to the IPT warning of the global ramifications of such an order. Tulsi Gabbard, the U.S. Director of National Intelligence, said she had been unaware of the case until media reporting emerged, but agreed with lawmakers’ concerns. She wrote that the directive would be “a clear and egregious violation of Americans’ privacy and civil liberties, and open up a serious vulnerability for cyber exploitation by adversarial actors.”
The issue became a point of discussion between U.S. and UK leaders. In an interview with The Spectator following a February 27 summit, former President Donald Trump commented on the case, saying, “We told them you can’t do this… That’s something, you know, that you hear about with China.”
Meredith Whittaker, president of Signal, publicly condemned the UK’s use of TCNs. In her words, “Using Technical Capability Notices to weaken encryption around the globe is a shocking move that will position the UK as a tech pariah, rather than a tech leader.”
Digital rights groups such as the Electronic Frontier Foundation have also warned that any weakening of encryption—even under government supervision—creates vulnerabilities that could be exploited by malicious actors or repressive regimes.
Next Steps and a Parallel Civil Liberties Complaint
Apple’s legal initiative is not the only challenge facing the UK government over its use of TCNs. On March 13, just one day before the IPT hearing, Liberty and Privacy International filed a separate complaint—alongside two individual complainants—also contesting the government’s authority to issue such orders. The Tribunal has acknowledged potential overlap between the cases and will coordinate them going forward.
While the April 7 ruling only addresses the government’s attempt to keep the case hidden, it clears the way for more substantive proceedings. Apple’s appeal against the validity of the TCN remains ongoing. The case could set a precedent for whether a single government can compel global access to encrypted data, or whether such demands must face greater scrutiny and resistance from both courts and technology providers.
The stakes are high. If Apple is forced to comply, other governments may see this as a green light to impose similar obligations. For now, the Tribunal’s ruling affirms the importance of transparency in surveillance disputes—and marks a rare opportunity for public debate over the legal mechanics that underpin digital privacy worldwide.
