Encryption Fight : WhatsApp Backs Apple

It’s been reported that Meta-owned WhatsApp has formally backed Apple in its legal challenge against the UK government over secret demands to weaken end-to-end encryption, in a case that could have global repercussions for user privacy and national security policy.

Secret UK Orders to Access Encrypted Data

The dispute stems from a Technical Capability Notice (TCN) reportedly issued to Apple by the UK Home Office under the Investigatory Powers Act 2016, i.e., legislation that allows UK authorities to compel technology firms to provide access to communications and stored data where necessary for law enforcement and national security.

This particular TCN is believed to have required Apple to create a way for UK authorities to access encrypted content held in users’ iCloud accounts, including personal files, messages, and notes. Apple’s Advanced Data Protection (ADP) system, introduced globally in late 2022, uses end-to-end encryption (E2EE) to protect this data, meaning only the user, not even Apple, has access to it.

When Apple received the notice, it pulled the ADP feature from the UK in February 2025 and launched a legal appeal through the Investigatory Powers Tribunal, the specialist court that handles intelligence and surveillance disputes. The case was initially held behind closed doors, but following pressure from media organisations, a judge ruled in April that certain details should be made public due to the significance of the case.

WhatsApp Warns of Global Implications if Encryption Is Weakened

Now, WhatsApp has reportedly stepped in to support Apple, applying to submit evidence in the case and voicing serious concerns about the precedent such government powers could set. According to a recent report from the BBC, WhatsApp head Will Cathcart said the platform “would challenge any law or government request that seeks to weaken the encryption of our services and will continue to stand up for people’s right to a private conversation online.”

Cathcart added that if the UK’s approach were allowed to stand, it could “embolden other nations” to demand similar access, undermining encryption standards and threatening users’ privacy worldwide.

WhatsApp, which provides E2EE by default for all messages and calls, has long warned that creating any “backdoor” access mechanism, even for a single government, would jeopardise the security of all users. For example, back in 2023, the platform said it would rather be banned in the UK than comply with demands to compromise its encryption under the Online Safety Act.

A Broader Tech Industry Pushback

Apple itself has said little publicly beyond its legal filings but has previously stated that building such backdoors would expose users to risks from “bad actors” and hostile states. “There is no way to provide access to encrypted data for some without making it vulnerable to others,” Apple argued in a 2024 statement responding to proposed changes in UK surveillance law.

The wider tech industry has reacted with unease. Civil liberties campaigners, including Open Rights Group and Liberty, have welcomed WhatsApp’s intervention. “It’s important that the court hears from as many companies and organisations as possible,” said Jim Killock, executive director of Open Rights Group. “The Home Office is trying to establish powers that would affect the safety and privacy of billions of people.”

What the UK Government Says

The Home Office has declined to comment on the ongoing legal case. However, in a broader statement reported recently by the BBC, it said the UK has “a longstanding position of protecting our citizens from the very worst crimes, such as child sex abuse and terrorism, at the same time as protecting people’s privacy.”

The government maintains that such powers are only used “on an exceptional basis” and subject to independent oversight, but critics argue that the secrecy surrounding TCNs makes scrutiny difficult. Under UK law, recipients of TCNs are not allowed to confirm they’ve received one, adding to the opacity of the process.

What Happens if Apple Loses?

If Apple’s legal challenge fails, it could be forced to re-engineer iCloud systems to allow for selective access to encrypted user data. Privacy advocates warn that even if intended for legitimate UK investigations, the mere existence of such a capability could be exploited by other governments, including authoritarian regimes.

That would represent a major change in the international norms around encryption, long considered a vital defence against cybercrime, identity theft, and state surveillance. Tech companies may also face rising pressure to comply with similar orders from other jurisdictions, effectively weakening global data security.

Apple, whose products are used by millions of businesses worldwide, including SMEs and regulated sectors such as law and healthcare, could face reputational and operational risks if seen to compromise its security guarantees. Likewise, any weakening of encryption on WhatsApp would create immediate concerns for its 2 billion users, many of whom rely on it for confidential client communications.

Concerns for Business and International Relations

The political and diplomatic fallout has already begun. For example, in the US, two members of Congress wrote to Director of National Intelligence Tulsi Gabbard demanding the UK order be retracted, citing it as a “dangerous attack on US cybersecurity.” Gabbard later confirmed the order had not been disclosed in advance and is now being investigated by US intelligence agencies.

Some US officials have also reportedly warned that if the UK proceeds with such unilateral data access powers, it could damage intelligence-sharing arrangements within the Five Eyes alliance, a cornerstone of post-war Western security cooperation between the UK, US, Canada, Australia, and New Zealand.

For UK businesses, especially those handling sensitive data or operating internationally, any weakening of encryption by major providers could raise compliance questions, particularly under GDPR and other global privacy regimes.

A Fight Over Principles, Technology, and Power

At the heart of the legal fight is a clash between national security objectives and digital privacy rights, one that is shaping the future of how encrypted technologies are governed. While the UK government argues it needs the tools to investigate the most serious crimes, tech firms warn that any mechanism to bypass encryption inherently undermines its effectiveness.

The case also illustrates how laws written in 2016 are now being applied in a more technologically advanced and politically volatile world, where global tech platforms often sit at odds with national authorities. As WhatsApp’s Cathcart noted (as reported by the BBC), what happens in this case “will set the tone for the future of privacy and encryption around the world.”

What Does This Mean For Your Business?

If the tribunal ultimately sides with the UK government, the immediate consequence would be the normalisation of secret orders compelling companies to undermine their own security architecture. This would not only damage the trust users place in services like iCloud and WhatsApp, but could expose everyday business communications, customer records, and proprietary information to new vulnerabilities. For UK businesses, especially those in sectors such as finance, law, and healthcare where confidentiality is critical, the legal uncertainty and technical risk of weakened encryption could prove costly. Questions around compliance with global data protection rules would also increase, with firms forced to consider whether UK-hosted services still meet international privacy standards.

For tech companies, the case highlights an escalating pattern of legislative tension between national governments and global platforms. A ruling in favour of the Home Office could embolden other countries to issue similar demands, gradually eroding the integrity of end-to-end encryption across borders. Smaller or newer service providers without the legal resources of Apple or Meta may find it harder to resist such pressures, creating an uneven playing field and amplifying risks for users across the board.

On the other hand, for law enforcement and intelligence services, the case reflects long-standing frustrations with encrypted platforms that make it harder to investigate serious crimes. The Home Office maintains that the powers in question are only used where strictly necessary, and subject to independent oversight. However, the lack of transparency, particularly around the existence and use of Technical Capability Notices, remains a sticking point for civil liberties groups and privacy advocates.

Ultimately, the outcome of Apple’s legal challenge will shape more than just the UK’s approach to digital surveillance. It will set a precedent for how democratic societies balance the competing demands of public safety, privacy, and technological progress. With major platforms now formally aligning against the government’s position, the case has become a defining test of both legal authority and digital ethics. Whatever the ruling, its impact is likely to resonate well beyond the UK courtroom.