InfoSecBulletin Cybersecurity for mankind
Apple opposes the UK government’s idea to pre-approve new security features from tech companies. If the UK Home Office rejects an update, it cannot be released in any other country, and the public will not be informed.
The government is seeking to update the Investigatory Powers Act (IPA) 2016. The Home Office said it supported privacy-focused tech but added that it also had to keep the country safe.
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
A government spokesperson said: “We have always been clear that we support technological innovation and private and secure communications technologies, including end-to-end encryption, but this cannot come at a cost to public safety.”
The House of Lords will discuss the proposed changes tomorrow. Apple says the UK government’s actions are unprecedented and too much.
“We’re deeply concerned the proposed amendments to the Investigatory Powers Act (IPA) now before Parliament place users’ privacy and security at risk,” said Apple in a statement.
“It’s an unprecedented overreach by the government and, if enacted, the UK could attempt to secretly veto new user protections globally preventing us from ever offering them to customers.”
BBC report said, “It is critical that decisions about lawful access, which protect the country from child sexual abusers and terrorists, are taken by those who are democratically accountable and approved by Parliament.”
Critics have called the current Act a “snoopers charter”. Apple has previously criticized similar proposals to expand its scope. Apple announced in July 2023 that it might remove services like FaceTime and iMessage from the UK if it had to compromise on future security.
The proposed UK law would cover all Apple products, not just FaceTime and iMessage.
In January, civil liberties groups such as Big Brother Watch, Liberty, Open Rights Group, and Privacy International issued a joint statement opposing certain parts of the bill.
The groups are worried that the proposed changes would make technology companies, even those outside the country, have to tell the government about any plans to enhance security or privacy on their platforms so the government can stop these changes.
“They claimed this would lead to private companies becoming extensions of the surveillance state and undermining the security of devices and the internet.”
The proposed changes are based on a review of current laws. They include updates regarding how intelligence agencies collect data and use internet connection records.
