Oh, say maybe the UK having a law that lets it demand that a cloud provider actively modify its systems to defeat any cryptography, or other technical measures, if those measures prevent any data the UK may choose to demand from being delivered in an easily readable format?

And say applying that to any data the provider may be holding for anybody in the world, regardless of whether that person is in the UK, has ever been in the UK, or is actually implicated in any crime involving the UK?

Without requiring any explanation of the reason? Or even allowing the fact of the demand to be disclosed to anybody, including, say, the US Government?

And actually issuing such crypto-neutering orders to companies operating in, say, the US?

So that the UK can get data about US citizens in ways the US itself isn't legally allowed to do?

That kind of bypassing?

At that point, maybe Apple ends up having to choose between operating in the UK and operating in the US. Or if not the US, other countries that might be seized with attacks of sanity.

The company in question has some hard choices to make about whether they want to keep operating in the UK. There is no principle here that companies have to be multinational giants; it might be better if they start operating locally.

I'm generally extremely free market, but there is a good argument to ban Facebook/Google/AWS/& friends for national security reasons. They are almost certainly tools of the US intelligence apparatus. Looking at basic questions of capability and incentive there must be some massive scandals brewing this century over their ability to interfere in foreign elections.

Wouldn't that hard choice be between not operating in that country (and losing a lot of money) versus selling out their customers? Is that a good position to put them in?

It's the same question foreign companies wanting to serve the US, Russia, or China already have the answer. It's not a difficult position: the money almost always wins.

For instance, Apple has modified its Chinese iMessage software so that all data is always stored on Chinese servers (though it's technically still end-to-end encrypted, they're the only permitted e2ee encrypted app, so I assume something shady is going on there). Apple also added RCS to their iPhones because China demanded support for it (RCS isn't e2ee of course). When big governments demand changes, even the least evil big tech companies are willing to bend the knee as long as their business model doesn't break.

I wish those companies could be banned inside the US as well!

> they do need to be responsive to local laws

I agree that you follow local laws when you operate on other nation's soil.

In this case, the UK is seeking to modify what is allowable on an international basis, not just on their local soil.

Kind of.

Imagine it was a physical good instead. Tax havens might not be a bad example. The UK can absolutely demand that a UK citizen or corporation bring something or another back to the country, and if the laws of that other nation conflicted then it'd be "messy" but not the UK seeking to modify what is allowable on an international basis. Regardless of what happened to the item in question, the offender would be in hot water somewhere.

Extending that ever so slightly to data, Apple and friends are definitely technologically capable of moving the data from one side of the pond to the other, and they're definitely operating in both the UK and the US. Does the speed at which data travels make that more like a cyber attack from the UK on the US (infiltrating a weak link to gain unauthorized access), or is it still more like the physical good countries seem to want to regulate it as (where Apple would have to violate one or more laws)?

What I really don't like about the matter is that if you simply split Apple into two legal entities, one for the US and one for the UK, the capability of moving the data nearly for free will still exist, but that will likely thwart the backdoor in the law. That suggests something fishy going on in our definitions and intuition, and it makes me more inclined to agree with your side of things. I'm not totally sold though; I could easily have just missed the obvious paradoxes from the side I'm partially defending.