Apple hints it’s handed over metadata on UK terror suspects

Apple CEO Tim Cook has revealed the company has been co-operating with the UK government in handing over metadata in the wake of a series of terror attacks in the country — which he described as “horrendous”.

Cook was speaking in an interview with Bloomberg following the first day of Apple’s WWDC developer event yesterday.

Responding to a question about Apple’s stance over privacy and security in the face of ongoing terror attacks around the world, he said: “We’ve been co-operating with the UK government — not only in law enforcement matters but in some of the attacks and I can’t speak in detail about that, but in cases where we have information and they’ve gone through the lawful process we not just give it but we do it very, very promptly.”

On Saturday a group of terrorists attacked people in London Bridge, using a van and knives. It’s the third attack in the UK since March, when a lone attacker struck in Westminster, also using knives and a car to mow down pedestrians. While, last month, a suicide bomber detonated a bomb vest in Manchester as people were leaving a pop concert — killing more than twenty people.

Little detail has emerged as yet about the kinds of communication technology the terrorists might have used to help plan and carry out their attacks, although early reports have suggested some of the perpetrators may have viewed extremist content via YouTube.

“I would hope that they [the UK authorities] would say we’ve been co-operating well,” said Cook, of the terror investigation, adding that he thought Apple had provided “some valuable information”.

Encryption doesn’t mean there’s no information. Because likely metadata exists and metadata, if you’re putting together a profile, is very important.

“Encryption doesn’t mean there’s no information,” he added. “Because likely metadata exists and metadata, if you’re putting together a profile, is very important.”

In February 2016 Apple was drawn into a public spat in the US with the FBI over access to a locked iPhone that had been used in another terrorist incident after the agency tried to use the courts to force Apple to make changes to the device’s security system in order to make its passcode crackable.

Apple refused to do so, couching this as a request for a backdoor, and in the end the FBI managed to break into the device by purchasing an exploit from a third party company.

So the key portions of Cook’s response on how it’s co-operating with UK counterterrorism efforts are: A) “in cases where we have information”; and B) “they’ve gone through the lawful process”.

Whereas, in the earlier instance with the FBI, Apple had argued the agency was requesting extraordinary assistance by demanding it deliberately weaken iOS security — and that such a step posed a threat to the security of all iOS users.

That said, there’s some grey area here too being as the UK legislated at the back end of last year for a new investigatory powers framework that has been widely interpreted as an attack on encryption, by giving authorities the legal authority to demand the removal of electronic protection and be given data in a readable form.

Indeed, in the wake of the latest attack in London the UK Home Secretary said on Sunday that the government wants tech firms to work with it to limit their use of end-to-end encryption.

And while there may be pressure in the US from some quarters for a decrypt law, no such law exists currently.

Asked by Bloomberg whether Apple is continually working to make encryption “even stronger”, Cook made his response into a warning about the wider societal threats posed by cyber attacks to “your safety, your security”. Apple, for example, uses e2e encryption for its iMessage messaging app on iOS.

“It’s not privacy vs security, it’s privacy and security vs security,” he said. “And so we’re always working to try to stay one step ahead of these hackers that, frankly speaking, have gone from the guy in the basement that’s a kind of hobbyist to a sophisticated enterprise — and it takes all that we can do to do it.

“We don’t think our users should have to think through all this stuff. It’s not practical for people. And so we try to stand up for users and stay one step ahead of these guys.”

Another area the UK government has been applying pressure to in the wake of the terror attacks is the spread of extremist content via online platforms. And social media firms have repeatedly found themselves in the firing line for not doing enough to promptly remove terrorist propaganda from their platforms.

On this Cook noted that Apple already does “curate” the App Store — adding: “We don’t want hate speech on there. We don’t want these kind of recruiting things on there. We’ve tried to be very careful from the beginning about not having that stuff on there.”