Apples stance on E2EE is off by default. UK stance is no E2EE at all.
If Apple wasn't a walled garden neither opinions would matter since the user could just decide for themselves without Apple or the government having power over it.
I dislike how removing a optional feature is being equated to a backdoor since unlike this situation it would effect everyone without there knowledge. If no E2EE is a backdoor then Apple by default is backdoored (which it is but people here like to pretend otherwise).
> without Apple or the government having power over it
As we are talking about E2EE for cloud storage, governments have very much control over it as in banning the use certain software by law and applying it through ISPs and other means. Not saying I wouldn't prefer a scenario where there was indeed some degree of such choice, but that would not change anything if a government decides it does not want E2EE.
> Apples stance on E2EE is off by default
True E2EE in the context of cloud storage has also certain downsides that one should acknowledge, notably if you lose access to your keys your data is effectively gone. When we talk about a large userbase that includes people who do not have a good understanding of this fact (prob most people) and this choice is not made by themselves in a more conscious manner, this could be a headache for a company (and customer service). Go to subreddits of E2EE encrypted services and notice how often people come up with having forgotten their passwords thus effectively their keys and their data (and that's an audience making a more conscious choice) and not actually understanding that forgetting password + losing any recovery keys = loss of data and that proton cannot give them access back (if they could, there could not be much privacy there). I am not saying that E2EE is bad, but that it is not necessarily the best choice for everybody, and thus I have no issue with apple's opt-in approach.
>governments have very much control over it as in banning the use certain software by law and applying it through ISPs and other means.
They ofc can however it would take a new even more tyrannical law that applies to each citizen which would impact all encrption software not just apple. The Cryptowars have also shown that such laws are not only technical unenforcable but also economical disadvantageous.
> new even more tyrannical law that applies to each citizen which would impact all encrption software not just apple.
The current law does impact all encryption, not just Apple. It gives the government the right to force any provider to backdoor their encryption, and gags those providers in the process. There's nothing in the law that restricts it to Apple, or to cloud providers, or to large companies, or to it being blanket applied to all providers of encryption operating in the UK.
The only reason why we're talking about it with regards to Apple, is because Apple is the first confirmed case of a provider being instructed to backdoor their crypto, and we only know about it because the order leaked, and Apple coincidently took public action that unambiguously confirmed the leaked info.
Apple’s stance is not all E2EE is off by default… Instead there are a set of things which are E2EE when you are using Standard Data Protection and a wider set of things become E2EE when you opt-in to Advanced Data Protection.
What’s changing is the UK government is apparently serving a Technical Capability Notice compelling Apple to provide access to their customers data, and the only reasonable way for Apple to comply is to remove ADP as an option in the United Kingdom.
If Apple wasn't a walled garden neither opinions would matter since the user could just decide for themselves without Apple or the government having power over it.
I dislike how removing a optional feature is being equated to a backdoor since unlike this situation it would effect everyone without there knowledge. If no E2EE is a backdoor then Apple by default is backdoored (which it is but people here like to pretend otherwise).