(Preview) Apple’s Answer to the UK, Encryption History and Privacy’s Future, Waiting for Drone Delivery in the U.S.
Sharp Tech with Ben Thompson
Deep Dive
Shownotes Transcript
Hello, and welcome to a free preview of Sharp Tech. One related question and something that has perplexed me this entire time, why does the UK government think it's entitled to have backdoor access to advanced data protection users all over the world? Like, is there some aspect of...
advanced data protection that means any backdoor would have to be implemented globally because like on its face it seems insane for the uk government to demand access to encrypted data of american users or australian users or japanese users like that's the piece where it's hard to be all that sympathetic to the uk here yeah well that's also why this story isn't over
So, so, so, I mean, it's a very good question. I think just to, you know, when you think about this changing of the balance by Apple, there is a bit where people are like, why are you upset, Ben? We're just going back. The UK just wants to go back to where we were. And I think the problem is it's a real problem to introduce the norm of building back doors into in
And so in some ways, that's why I added that extra update. We're saying, look, Apple's a little bit to blame here as well because they shifted us to a place where the only answer is a backdoor if you're going to satisfy law enforcement. And that's bad. And so why everywhere? I don't know. I mean, I think the UK has a hard time
I mean, it's hard to like do this without psychoanalyzing the UK and their previous sort of ruling the world mindset and the fact that they don't anymore. There's some speculation the US national security apparatus is
Is on board with them doing that because we can't do it. So can they do it on our behalf? You know, the so I don't I mean, there are there's also the fact that, you know, data is inherently international. Like what do what do borders mean in a world like if the point of this is international terror networks? Like, yeah, what's the point of a border situation? This is where but this gets at why it's not resolved yet. Yeah.
Apple's response, which again, I think was perfectly predictable and understandable. And I think it behooves everyone to stop right here is basically turning off advanced data protection in the UK, which is we're not going to put a back door. We'll just remove this feature. And I think that is a justifiable place. It basically reverts. This is a better way to get back to the uneasy compromise that
than to institute a norm of putting backdoors into data and to introduce the blindness of a CALEA-type solution where you're putting in a backdoor and someone might break through and you have no idea. Exactly. It puts all of that data at risk. That's right. It's better to know. Data all over the world. It's better to know my data is insecure than to think it's secure and it's actually not, right? Exactly.
So I think this is a good place. Let's stop here. It makes sense. It seems like the only way Apple could have responded to this when you really sort of game out the possibilities. I don't understand why it's stunning. It's not that stunning. I mean, the three options Apple had was one, you can provide the UK authorities with access to or backdoor access to worldwide user data, which potentially puts all of that at risk.
That's untenable for Apple. You could pull advanced data protection from the UK, which is what they did, which does ultimately make it easier for the UK government to access data.
Well, it also sort of makes your phone unusable. I mean, it's
So many apps and things rely on iCloud. I mean, the problem is that they are not satisfying the UK's demand for worldwide. This technical directive, again, applies so that they have worldwide access.
And Apple is not satisfying that. I don't see how they could satisfy that. I think the UK should be satisfied with what Apple gave them. And if they keep pursuing this saying, that's nice. You turn it off for the UK. No, we want it for the world.
I don't think they're going to like how that story ends. I don't see any world in which Apple, again, I've had lots of critiques about Apple's framing of privacy and the way I think they've used it in an anti-competitive way against entities like Facebook. But I don't, that is, that doesn't mean I dismiss it or not think it's a real commitment. And Apple's not going to do this for worldwide privacy.
just to stay in the UK market, right? Like I just don't like that was the next step. My first step was Apple's going to pull ADP in the UK. The next question is if the UK says, sorry, not good enough. We asked for worldwide access. Like I see it. I have a hard time seeing it playing out any other way. So I also want to read just a sampling of the pushback while we're here before we shift gears. Tim Sweeney writes, uh,
Crazy Apple PR spin being parroted here through different partisan channels. Apple just compromised all UK users by removing iCloud encryption and are having reporters say it was a brave act of rebellion. They think we're all idiots. Apple customers and Apple employees alike. And then he adds,
Folks, Apple just opened the front door.
Do you have takes on that particular line of attack? Yeah, it's really stupid. And it honestly delegitimizes a lot of Tim Sweeney's Apple critiques. I mean, like, like this is a problem. Partisans fall into like Sweeney has been fighting Apple for years and years and years. And so the immediate interpretation is the worst possible one that seems to lack any sort of understanding or context. But,
Like large companies have to follow the laws. That's why Tim Sweeney has been trying to get the law changed, like in the EU, and then is trying to hold Apple's feet to the fire to follow the law. Totally legitimate. In this case, what does he expect Apple to do? Right. Like to defy the UK's law? Then what?
I mean, it's it's asinine. That's the piece of it that's honestly confusing to me as a media consumer, because Tim Sweeney also surfaced this tweet from Aaron Wolfe and said Apple could easily have built their products in such a way that their answer to the UK government would be we just sell computers to our customers and then they decide to use encryption. You have to coerce them, not us.
Instead, they built an entire ecosystem in which Apple maintains complete control over how their computers are used. Now governments are coercing Apple. This was very predictable. I mean...
What's the alternate scenario in which Apple isn't vulnerable to this kind of pressure? Like what's the world they want to see? No, it's very easy. You don't set up iCloud on your computer, which you can do with... Which you can do. I mean, I don't know if you could do it on an iPhone. You can certainly do it on a Mac. Like it's what I talked about before. You set up your own backup server. You set up... Or you don't backup. You don't worry about it. You... Like the reality is, is Apple has...
done what I think needs to be done and appropriately so, which is the one thing you are incapable of doing as a consumer is having on-device encryption that is like encryption. You have to have a seed. You have to have something at the core that to sort of
build the whole encryption on top of that is in Apple's chips. That's in the secure enclave. If you're just building on software, anyone who gets basically anyone who gets root to a system has access to everything it's in. So unless you're out there building your own chips and building your own computer, at some point you have to trust someone who
If you're going to have viable encryption. And frankly, I just would expect these people to understand how this stuff works. And I think they do, which makes me frustrated about this discussion because it's kind of fundamentally dishonest in that regard. I think my...
I've been very clear in my criticism of Apple, especially on some of these privacy points about going over the top. But you have to be honest about the reality in the water you're swimming in and what Apple provides. And I thank them for it.
is they give the root level security and belief that you can have fully encrypted data on your device. And if you take the necessary, does Apple make it super easy and obvious to link your device to their cloud services? Yes, they do. And they do that because they're trying to build products that people like. And people like having backups. They like being able to go to the website and access their photos. They like knowing if their device drops in the ocean, they're
They're not going to lose pictures of Charles hitting Rose. There's this delusion that people live in that's not the real world. If you want to go the Richard Stallman route and try to build all your own pieces, go ahead. It's going to suck to use. And also, you're still dependent on the root provider of security, whoever that might be. It's not you because you can't build your own chip.
And wouldn't it be less secure in that scenario once you start introducing... No, it's not. Intel has a similar concept with their chips, or chip makers do, but you're depending on them that there's not some sort of backdoor. This is just the reality. And this is why Apple would not and should not give in to the UK, because this is the real thing. I need Apple to be trustworthy for me to believe that my device is trustworthy.
because at the end of the day, I can't build that.
I can take care of my own backups. I can take care of lots of things, but I need to depend on the root provider to be trustworthy. And Apple, say whatever you want, and I've said plenty criticizing them about these issues. I do trust them that the core device is secure, and that's why I salute them for standing up for the San Bernardino case, and that's why I salute them for backing out of the UK here. I don't want...
company that I provide on to provide a level of security that I cannot provide on myself to get into the backdoor building habit. And it's insane to, to, to, to say otherwise. And so the reality is if you want Aaron Wolf's world, number one, you're going to have to depend on someone at the root to
And after that, you can do it all yourself. You can build a fully open source stack. You can have your own device, but someone has to provide that chip. Someone has to provide that core. That's what I was asking. If you're building your own stack, it's probably going to be less secure than what Apple has. Probably.
established over the last 30 years. Apple hasn't been hacked. And that's part of the appeal and part of what they're selling. Yeah, if you want to be like out there sort of like conspiracy theory saying that Apple, you know, the NSA has a backdoor, whatever. That's fine. Maybe they do. Maybe they don't. I...
I can't afford to live my life worrying about that. And so it sort of is what it is. I'm not sort of, I mean, just you're not, you're not committing crime at like a worldwide scale either. I don't really worry about this stuff very much. Some critics might not just kidding. So you have the, so just the, this is just a fundamental reality is whoever controls root controls everything. And so,
None of us have the capability of controlling root when it comes to computing. So we have to choose someone to trust. And that's why it's essential. Apple do number one, do exactly what they did, which is not build a back door. And number two, why, if you want to critique Apple, it's actually the exact opposite. It's they should have never pushed it so far. They should have been okay with the uneasy compromise and introducing advanced data protection, uh,
In the short term, yes, we're making it more secure, but you didn't think through the second and third order effects, which is you're inviting this sort of confrontation, which potentially compromises the entire stack. Interesting. Yeah. Well, we'll see what the UK pushes for going forward. It hadn't occurred to me that the UK could continue this fight as we move forward. I thought things were pretty much resolved on Friday. They should be resolved if they're not dumb.
All right, and that is the end of the free preview. If you'd like to hear more from Ben and I, there are links to subscribe in the show notes, or you can also go to sharptech.fm. Either option will get you access to a personalized feed that has all the shows we do every week, plus lots more great content from Stratechery and the Stratechery Plus bundle. Check it out, and if you've got feedback, please email us at email at sharptech.fm.